From afe72167fb4f74021a5b47b05626d38404989fe4 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 3 Jun 2021 19:10:55 +0200 Subject: [PATCH 0001/1248] fix(argo-workflows): Observe 'controller.serviceAccount.create' (#787) * fix(argo-workflows): Observe 'controller.serviceAccount.create' Signed-off-by: Marco Kilchhofer * chore: Ignore ci/ directory in final package Signed-off-by: Marco Kilchhofer --- charts/argo-workflows/.helmignore | 1 + charts/argo-workflows/Chart.yaml | 2 +- .../templates/controller/workflow-controller-sa.yaml | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/charts/argo-workflows/.helmignore b/charts/argo-workflows/.helmignore index f0c13194..b4af6c20 100644 --- a/charts/argo-workflows/.helmignore +++ b/charts/argo-workflows/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +ci/ diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index cc7f7c86..078b42b2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.3 +version: 0.2.4 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index e917bb41..f5e10857 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -1,3 +1,4 @@ +{{- if .Values.controller.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount metadata: @@ -6,3 +7,4 @@ metadata: annotations: {{- toYaml .| nindent 4 }} {{- end }} +{{- end }} From be8f33c8722c512d438d61166f6ee73213415240 Mon Sep 17 00:00:00 2001 From: Josh Hudson <382062+itmustbejj@users.noreply.github.com> Date: Thu, 3 Jun 2021 10:50:20 -0700 Subject: [PATCH 0002/1248] feat(argocd-applicationset): Add priorityClass for argocd-applicationset (#788) Signed-off-by: Josh Hudson <382062+itmustbejj@users.noreply.github.com> --- charts/argocd-applicationset/Chart.yaml | 2 +- charts/argocd-applicationset/templates/deployment.yaml | 3 +++ charts/argocd-applicationset/values.yaml | 2 ++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 936734b0..2596addb 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.5 +version: 0.1.6 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index d2cd345c..4840bd65 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -98,3 +98,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index f7be897d..1be0c0ff 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -71,6 +71,8 @@ tolerations: [] affinity: {} +priorityClassName: "" + mountSSHKnownHostsVolume: true mountTLSCertsVolume: true mountGPGKeysVolume: false From 01c78a82b5cc3d65feaa9be2e4cbd0c6652bde57 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 7 Jun 2021 10:35:39 +0200 Subject: [PATCH 0003/1248] chore(argo-events): Cleanup old CRD hooks (#778) * Drop old CRDs with hooks containing helm hooks Signed-off-by: Marco Kilchhofer * Bump chart version Signed-off-by: Marco Kilchhofer * Drop empty newlines inside manifests Signed-off-by: Marco Kilchhofer * chore: trigger CI Signed-off-by: Marco Kilchhofer * chore: Ignore 'ci/' directory in final package Signed-off-by: Marco Kilchhofer * Apply changes from code review Signed-off-by: Marco Kilchhofer --- charts/argo-events/.helmignore | 1 + charts/argo-events/Chart.yaml | 2 +- charts/argo-events/README.md | 2 +- .../templates/argo-events-cluster-roles.yaml | 7 ++- .../templates/argo-events-roles.yaml | 5 +-- .../argo-events/templates/eventbus-crd.yaml | 44 ------------------ .../templates/eventsource-crd.yaml | 44 ------------------ charts/argo-events/templates/sensor-crd.yaml | 45 ------------------- charts/argo-events/values.yaml | 3 -- 9 files changed, 8 insertions(+), 145 deletions(-) delete mode 100644 charts/argo-events/templates/eventbus-crd.yaml delete mode 100644 charts/argo-events/templates/eventsource-crd.yaml delete mode 100644 charts/argo-events/templates/sensor-crd.yaml diff --git a/charts/argo-events/.helmignore b/charts/argo-events/.helmignore index f0c13194..b4af6c20 100644 --- a/charts/argo-events/.helmignore +++ b/charts/argo-events/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +ci/ diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 6a7b1b7e..2df3b1c7 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.1 +version: 1.6.2 keywords: - argo-events - sensor-controller diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 3c375c3a..2bece9b9 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -15,6 +15,6 @@ This is a **community maintained** chart. It installs the [argo-events](https:// ## Notes on CRD Installation -Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart. +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. You can install the CRDs manually from `crds` folder. \ No newline at end of file diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index bfd2d021..c3904980 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -1,5 +1,4 @@ {{- if not .Values.singleNamespace }} - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -26,9 +25,9 @@ kind: ClusterRole metadata: name: argo-events-role rules: -{{- if .Values.additionalServiceAccountRules }} -{{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} -{{- end }} + {{- with .Values.additionalServiceAccountRules }} + {{- toYaml . | nindent 2 }} + {{- end }} - apiGroups: - argoproj.io verbs: diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml index 56721159..1371f6a6 100644 --- a/charts/argo-events/templates/argo-events-roles.yaml +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -1,5 +1,4 @@ {{- if .Values.singleNamespace }} - apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: @@ -28,8 +27,8 @@ metadata: name: argo-events-role namespace: {{ .Release.Namespace }} rules: - {{- if .Values.additionalServiceAccountRules }} - {{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} + {{- with .Values.additionalServiceAccountRules }} + {{- toYaml . | nindent 2 }} {{- end }} - apiGroups: - argoproj.io diff --git a/charts/argo-events/templates/eventbus-crd.yaml b/charts/argo-events/templates/eventbus-crd.yaml deleted file mode 100644 index 4a67294e..00000000 --- a/charts/argo-events/templates/eventbus-crd.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventbus.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: EventBus - listKind: EventBusList - plural: eventbus - shortNames: - - eb - singular: eventbus - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} -{{- end }} diff --git a/charts/argo-events/templates/eventsource-crd.yaml b/charts/argo-events/templates/eventsource-crd.yaml deleted file mode 100644 index 5c6a0b6b..00000000 --- a/charts/argo-events/templates/eventsource-crd.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.installCRD }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventsources.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - scope: Namespaced - names: - kind: EventSource - plural: eventsources - singular: eventsource - listKind: EventSourceList - shortNames: - - es - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} -{{- end }} diff --git a/charts/argo-events/templates/sensor-crd.yaml b/charts/argo-events/templates/sensor-crd.yaml deleted file mode 100644 index d121019e..00000000 --- a/charts/argo-events/templates/sensor-crd.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{- if .Values.installCRD }} -# Define a "sensor" custom resource definition -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sensors.argoproj.io - annotations: - helm.sh/hook: crd-install - helm.sh/hook-delete-policy: before-hook-creation -spec: - group: argoproj.io - names: - kind: Sensor - listKind: SensorList - plural: sensors - singular: sensor - shortNames: - - sn - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} -{{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 55dd6643..11827406 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -8,9 +8,6 @@ imagePullPolicy: Always imagePullSecrets: [] # - name: argo-pull-secret -# If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation. -installCRD: true - # ServiceAccount to use for running controller. serviceAccount: argo-events-sa From 99ae115455fe1595a8260bf7ebdc697041f40486 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 7 Jun 2021 10:51:52 +0200 Subject: [PATCH 0004/1248] chore(argo-cd): Cleanup old CRD hooks (#777) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore: Cleanup old CRD hooks Signed-off-by: Marco Kilchhofer * Bump chart version Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 8 +------- charts/argo-cd/crds/crd-application.yaml | 2 -- charts/argo-cd/crds/crd-project.yaml | 2 -- charts/argo-cd/templates/crds.yaml | 6 ------ charts/argo-cd/values.yaml | 3 --- 6 files changed, 2 insertions(+), 21 deletions(-) delete mode 100644 charts/argo-cd/templates/crds.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 465ad6e0..68a2ed62 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.6 +version: 3.6.7 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1c5f8c17..f17addb7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -83,6 +83,7 @@ server: ## Prerequisites - Kubernetes 1.7+ +- Helm v3.0.0+ ## Installing the Chart @@ -97,12 +98,6 @@ NAME: my-release ... ``` -### Helm v3 Compatibility - -Requires chart version 1.5.2 or newer. - -Helm v3 has removed the `install-crds` hook so CRDs are now populated by files in the [crds](./crds) directory. Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks. - ## Chart Values | Parameter | Description | Default | @@ -116,7 +111,6 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | -| installCRDs | Install CRDs if you are using Helm2. | `true` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index c62189e8..74364ae4 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -5,8 +5,6 @@ metadata: app.kubernetes.io/name: applications.argoproj.io app.kubernetes.io/part-of: argocd name: applications.argoproj.io - annotations: - helm.sh/hook: crd-install spec: group: argoproj.io names: diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 40182848..7bb09652 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -5,8 +5,6 @@ metadata: app.kubernetes.io/name: appprojects.argoproj.io app.kubernetes.io/part-of: argocd name: appprojects.argoproj.io - annotations: - helm.sh/hook: crd-install spec: group: argoproj.io names: diff --git a/charts/argo-cd/templates/crds.yaml b/charts/argo-cd/templates/crds.yaml deleted file mode 100644 index 45ab72d4..00000000 --- a/charts/argo-cd/templates/crds.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if .Values.installCRDs }} -{{- range $path, $_ := .Files.Glob "crds/*.yaml" }} -{{ $.Files.Get $path }} ---- -{{- end }} -{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fdd50b36..df964dee 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -5,9 +5,6 @@ nameOverride: argocd fullnameOverride: "" kubeVersionOverride: "" -# Optional CRD installation for those without Helm hooks -installCRDs: true - global: image: repository: quay.io/argoproj/argocd From 87af20fd06f87b8a05b14ad33738244067102d21 Mon Sep 17 00:00:00 2001 From: Rich Date: Mon, 7 Jun 2021 10:39:41 +0100 Subject: [PATCH 0005/1248] fix(argo-cd): Server cert-manager certificate secretName to match documentation (#793) * fix(argo-cd): Set ArgoCD server certificate manager certificate secret name to match the documentation by default. Signed-off-by: Rich * fix(argo-cd): Add server certificate issuer subvalues to values.yaml and a relevant comment. Signed-off-by: Rich * Bump chart version again Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/certificate.yaml | 2 +- charts/argo-cd/values.yaml | 5 ++++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 68a2ed62..9bb09636 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.7 +version: 3.6.8 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index edaea3b5..753dc8bc 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -23,5 +23,5 @@ spec: issuerRef: kind: {{ .Values.server.certificate.issuer.kind | quote }} name: {{ .Values.server.certificate.issuer.name | quote }} - secretName: argocd-tls-certificate + secretName: {{ .Values.server.certificate.secretName | quote }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index df964dee..466fc7c3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -495,8 +495,11 @@ server: certificate: enabled: false domain: argocd.example.com - issuer: {} + issuer: + kind: # ClusterIssuer + name: # letsencrypt additionalHosts: [] + secretName: argocd-server-tls ## Server service configuration service: From eecc88fbd7147cd540440ca9d8e0c43db6a919bc Mon Sep 17 00:00:00 2001 From: Sevan Date: Tue, 8 Jun 2021 15:14:55 +0200 Subject: [PATCH 0006/1248] fix(argo-workflows): use template for ingress .Capabilities (#795) * fix(argo-workflows): use argo-workflows.ingress.apiVersion for ingress (#794) Signed-off-by: Sevan Murriguian-Watrin * feat(argo-workflows): Add option to override kubeVersion Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 2 +- charts/argo-workflows/templates/_helpers.tpl | 11 +++++++++-- .../templates/server/server-ingress.yaml | 10 +++++----- charts/argo-workflows/values.yaml | 4 ++++ 4 files changed, 19 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 078b42b2..fb23a3a8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.4 +version: 0.2.5 appVersion: "v3.0.2" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index a72c148f..18eae994 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -94,11 +94,18 @@ Create the name of the controller service account to use Return the appropriate apiVersion for ingress */}} {{- define "argo-workflows.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.Version -}} +{{- if semverCompare "<1.14-0" (include "argo-workflows.kubeVersion" $) -}} {{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.Version -}} +{{- else if semverCompare "<1.19-0" (include "argo-workflows.kubeVersion" $) -}} {{- print "networking.k8s.io/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1" -}} {{- end -}} {{- end -}} + +{{/* +Return the target Kubernetes version +*/}} +{{- define "argo-workflows.kubeVersion" -}} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index f0488031..6072c9d7 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -19,7 +19,7 @@ metadata: {{- toYaml .Values.server.ingress.labels | nindent 4 }} {{- end }} spec: - {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} @@ -35,11 +35,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: Prefix {{- end }} backend: - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: @@ -62,11 +62,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: Prefix {{- end }} backend: - {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }} + {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 7de0dfea..c6af6902 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -20,6 +20,10 @@ nameOverride: ## fullnameOverride: +## Override the Kubernetes version, which is used to evaluate certain manifests +## +kubeVersionOverride: "" + # Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents, # and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. singleNamespace: false From ca0a53d6ebd86bfe46ba5018410b2be08dce2bb3 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 10 Jun 2021 10:30:57 +0200 Subject: [PATCH 0007/1248] chore: Relax 'Semantic Pull Requests' check (#796) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- .github/semantic.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .github/semantic.yml diff --git a/.github/semantic.yml b/.github/semantic.yml new file mode 100644 index 00000000..d93cf9cc --- /dev/null +++ b/.github/semantic.yml @@ -0,0 +1,3 @@ +## Reference: https://github.com/zeke/semantic-pull-requests +# Always validate the PR title, and ignore the commits +titleOnly: true From 7e381436f98fdad7b21b607193f8bb8d27c74776 Mon Sep 17 00:00:00 2001 From: Alex Andrews Date: Fri, 25 Jun 2021 07:06:59 +0100 Subject: [PATCH 0008/1248] fix(argo-cd): fix missing colon in example service definitions (#810) * fix(argo-cd): fix missing colon in example service definitions Signed-off-by: Alex Andrews * build(argo-cd): Bump chart patch version Signed-off-by: Alex Andrews --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9bb09636..ac5ca980 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.8 +version: 3.6.9 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 466fc7c3..ad6d1b23 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -567,7 +567,7 @@ server: # - path: /* # pathType: Prefix # backend: - # service + # service: # name: ssl-redirect # port: # name: use-annotation @@ -604,7 +604,7 @@ server: # - path: /* # pathType: Prefix # backend: - # service + # service: # name: ssl-redirect # port: # name: use-annotation From 0180e943ff1a9b676893eeac40d306a71c8e2967 Mon Sep 17 00:00:00 2001 From: Alex Sears Date: Fri, 25 Jun 2021 02:15:43 -0400 Subject: [PATCH 0009/1248] chore(argo-workflows): update workflows version to most 3.0.7 (#811) * chore(argo-workflows): update workflows version to most 3.0.7 Signed-off-by: Alex Sears * chore(argo-worflows): update controller liveness probe Signed-off-by: Alex Sears * chore(argo-workflows): templatize controller liveness probe Signed-off-by: Alex Sears Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-deployment.yaml | 8 ++------ charts/argo-workflows/values.yaml | 9 +++++++++ 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index fb23a3a8..f3dd5219 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.5 -appVersion: "v3.0.2" +version: 0.2.6 +appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 9f80ea7f..e085b899 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -77,12 +77,8 @@ spec: ports: - name: metrics containerPort: {{ .Values.controller.metricsConfig.port }} - livenessProbe: - httpGet: - port: metrics - path: {{ .Values.controller.metricsConfig.path }} - initialDelaySeconds: 30 - periodSeconds: 30 + - containerPort: 6060 + livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index c6af6902..864c9931 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -132,6 +132,15 @@ controller: # service type `LoadBalancer` loadBalancerSourceRanges: [] resources: {} + livenessProbe: + httpGet: + port: 6060 + path: /healthz + # Require three failures to tolerate transient errors. + failureThreshold: 3 + initialDelaySeconds: 90 + periodSeconds: 60 + timeoutSeconds: 30 ## Extra environment variables to provide to the controller container ## extraEnv: From f17cc62250bd5e049e86aeb3c1308e3b635da355 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81ngel=20Cabrera=20Mi=C3=B1agorri?= Date: Sat, 26 Jun 2021 17:04:59 +0200 Subject: [PATCH 0010/1248] fix(argo-cd): Typo in repo server service monitor (#815) --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac5ca980..63d5fbd1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.9 +version: 3.6.10 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 05b38acc..027cdb5f 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -17,7 +17,7 @@ metadata: spec: endpoints: - port: metrics - {{- with .Values.controller.metrics.serviceMonitor.interval }} + {{- with .Values.repoServer.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} path: /metrics From 34e606f012ee81034037ce321dbba989c9c06b16 Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Mon, 28 Jun 2021 11:32:54 +0100 Subject: [PATCH 0011/1248] chore: Fix CODEOWNERS syntax (#817) Signed-off-by: Marko Bevc --- CODEOWNERS | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 016e7842..012ac7f7 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,13 +7,13 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler # Argo CD -/charts/argo-cd @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 +/charts/argo-cd/ @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 # Argo Events -/charts/argo-events @jbehling @VaibhavPage @oliverbaehler +/charts/argo-events/ @jbehling @VaibhavPage @oliverbaehler # Argo Rollouts -/charts/argo-rollouts @oliverbaehler +/charts/argo-rollouts/ @oliverbaehler # Argo CD Notifications -/charts/argocd-notifications @alexmt @andyfeller @oliverbaehler @mbevc1 +/charts/argocd-notifications/ @alexmt @andyfeller @oliverbaehler @mbevc1 From 7f16fc4213a45bf2df1cb8366ba397a97fe920c5 Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Tue, 29 Jun 2021 09:48:48 +0100 Subject: [PATCH 0012/1248] feat(argo-cd): Bump default version to v2.0.4 (#816) * feat(argo-cd): Bump default version to v2.0.4 Signed-off-by: Marko Bevc * Update README Signed-off-by: Marko Bevc * Bump Chart version Signed-off-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 63d5fbd1..9062f659 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.3 +appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.10 +version: 3.6.11 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f17addb7..b8159f89 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -104,7 +104,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.8.4"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.4"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ad6d1b23..ac96ad11 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.0.3 + tag: v2.0.4 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 From 8a39a9d1ba1c067068e8062804c8a4c0a9ee509f Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 5 Jul 2021 11:35:51 +0200 Subject: [PATCH 0013/1248] chore(chart-testing-action): Update components (#823) Signed-off-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 1056a239..2de22a8b 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -21,7 +21,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.0.1 + uses: helm/chart-testing-action@v2.1.0 - name: List changed charts id: list-changed @@ -37,7 +37,7 @@ jobs: run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml - name: Create kind cluster - uses: helm/kind-action@v1.1.0 + uses: helm/kind-action@v1.2.0 if: steps.list-changed.outputs.changed == 'true' - name: Run chart-testing (install) From d860a04452bb09e1ebfea4388b79e22bb4f0b672 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 5 Jul 2021 11:41:55 +0200 Subject: [PATCH 0014/1248] feat(argo-cd): Add ability to manage gpgKeys (#797) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 2 ++ .../argocd-configs/argocd-gpg-keys-cm.yaml | 16 ++++++++++++++ .../argocd-repo-server/deployment.yaml | 9 ++++++-- .../templates/argocd-server/deployment.yaml | 4 ++++ charts/argo-cd/values.yaml | 21 +++++++++++++++++++ 6 files changed, 51 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9062f659..61179742 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.6.11 +version: 3.7.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b8159f89..c0322bad 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -112,6 +112,8 @@ NAME: my-release | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | +| configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` | +| configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) | | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | | configs.secret.annotations | Annotations for argocd-secret | `{}` | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml new file mode 100644 index 00000000..e96ef9aa --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + {{- if .Values.configs.gpgKeysAnnotations }} + annotations: + {{- range $key, $value := .Values.configs.gpgKeysAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} + name: argocd-gpg-keys-cm +{{- with .Values.configs.gpgKeys }} +data: + {{- toYaml . | nindent 2 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index bd924d4b..30082b2d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -72,8 +72,10 @@ spec: {{- end }} volumeMounts: {{- if .Values.repoServer.volumeMounts }} -{{- toYaml .Values.repoServer.volumeMounts | nindent 8}} + {{- toYaml .Values.repoServer.volumeMounts | nindent 8 }} {{- end }} + - mountPath: /app/config/gpg/source + name: gpg-keys - mountPath: /app/config/gpg/keys name: gpg-keyring {{- if .Values.configs.knownHosts }} @@ -134,8 +136,11 @@ spec: {{- end }} volumes: {{- if .Values.repoServer.volumes }} -{{- toYaml .Values.repoServer.volumes | nindent 6}} + {{- toYaml .Values.repoServer.volumes | nindent 6 }} {{- end }} + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm - emptyDir: {} name: gpg-keyring {{- if .Values.configs.knownHosts }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 44b89c0e..68c98845 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -90,6 +90,8 @@ spec: subPath: "custom.styles.css" name: custom-styles {{- end }} + - mountPath: /tmp + name: tmp-dir ports: - name: {{ .Values.server.name }} containerPort: {{ .Values.server.containerPort }} @@ -149,6 +151,8 @@ spec: {{- end }} - emptyDir: {} name: static-files + - emptyDir: {} + name: tmp-dir {{- if .Values.configs.styles }} - configMap: name: argocd-custom-styles diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ac96ad11..9f81bbe4 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -977,6 +977,27 @@ configs: # insecure: false # caData: "" + gpgKeysAnnotations: {} + gpgKeys: {} + # 4AEE18F83AFDEB23: | + # -----BEGIN PGP PUBLIC KEY BLOCK----- + # + # mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta + # x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT + # SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ + # 7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa + # buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v + # yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs + # b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW + # BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf + # DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6 + # 9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws + # +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5 + # 4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O + # j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48= + # =Bvzs + # -----END PGP PUBLIC KEY BLOCK----- + knownHostsAnnotations: {} knownHosts: data: From b78109c4f3d5990e1805cf61a32a2571264c9697 Mon Sep 17 00:00:00 2001 From: Mouhsen Ibrahim <78358035+mouhsen-ibrahim@users.noreply.github.com> Date: Mon, 5 Jul 2021 11:52:59 +0200 Subject: [PATCH 0015/1248] feat(argo-cd): Add pathType value to ingress (#822) Modern GKE versions only accept ImplementationSpecific as pathType for the ingress resource, so here we added a new value for the pathType which can be used to set pathType on demand, the default value is still Prefix for backward compatability Signed-off-by: Mouhsen Ibrahim --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 5 +++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 5 +++-- charts/argo-cd/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 61179742..77b0fc3d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.7.0 +version: 3.7.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 1f5fc4ea..1fb89979 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -3,6 +3,7 @@ {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} +{{- $pathType := .Values.server.ingressGrpc.pathType -}} apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} kind: Ingress metadata: @@ -36,7 +37,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} @@ -63,7 +64,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 1bd2c53c..aa7d49dc 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -3,6 +3,7 @@ {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} +{{- $pathType := .Values.server.ingress.pathType -}} apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} kind: Ingress metadata: @@ -36,7 +37,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} @@ -63,7 +64,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9f81bbe4..087a091d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -557,6 +557,7 @@ server: # - argocd.example.com paths: - / + pathType: Prefix extraPaths: [] # - path: /* @@ -594,6 +595,7 @@ server: # - argocd.example.com paths: - / + pathType: Prefix extraPaths: [] # - path: /* From a807d24c3b5c313c5e6adaad5c629fbdc6538fc7 Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Wed, 7 Jul 2021 17:17:35 +0200 Subject: [PATCH 0016/1248] fix(argo-rollouts): Add ConfigMap read access to support notification-engine (#812) * Add configmap read access Signed-off-by: Aditya Menon * Retrigger CI pipeline Signed-off-by: Aditya Menon * Match upstream manifest definition Follow the same pattern on argo-rollouts repo Signed-off-by: Aditya Menon --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml | 2 ++ charts/argo-rollouts/templates/argo-rollouts-role.yaml | 2 ++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index d053ac6e..f058d566 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "v1.0.1" +appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.1 +version: 1.0.2 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml index 5872d59d..fdd0f2b0 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml @@ -77,10 +77,12 @@ rules: - watch - patch # secret read access to run analysis templates which reference secrets +# configmap access to read notification-engine configuration - apiGroups: - "" resources: - secrets + - configmaps verbs: - get - list diff --git a/charts/argo-rollouts/templates/argo-rollouts-role.yaml b/charts/argo-rollouts/templates/argo-rollouts-role.yaml index a981d95d..23794c34 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-role.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-role.yaml @@ -67,10 +67,12 @@ rules: - watch - patch # secret read access to run analysis templates which reference secrets +# configmap access to read notification-engine configuration - apiGroups: - "" resources: - secrets + - configmaps verbs: - get - list From a70d156217f701350920abbf639b953c5c5d66c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Fri, 9 Jul 2021 13:08:43 +0200 Subject: [PATCH 0017/1248] feat!: Improve Pull Request Template & Contributing Guidelines (#750) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: improve documentation and require changelog Signed-off-by: Oliver Bähler * Bump Versions Signed-off-by: Oliver Bähler * Bump argo-rollouts Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Reword Artifacthub -> Artifact Hub Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- .github/pull_request_template.md | 4 +- CONTRIBUTING.md | 50 ++++++++++++++++++++++++- README.md | 5 +++ charts/argo-cd/Chart.yaml | 2 +- charts/argo-events/Chart.yaml | 5 ++- charts/argo-rollouts/Chart.yaml | 5 ++- charts/argo-workflows/Chart.yaml | 5 ++- charts/argocd-applicationset/Chart.yaml | 5 ++- charts/argocd-notifications/Chart.yaml | 5 ++- 9 files changed, 77 insertions(+), 9 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 67fe55f4..f614c199 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -4,9 +4,9 @@ If the DCO action in the integration test fails, one or more of your commits are Checklist: -* [ ] I have updated the chart version in `Chart.yaml` following Semantic Versioning. +* [ ] I have bumped the chart version according to [versioning](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#versioning) +* [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#changelog). * [ ] Any new values are backwards compatible and/or have sensible default. -* [ ] I have followed the testing instructions in the [contributing guide](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md). * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/tree/master/community#contributing-to-argo). * [ ] My build is green ([troubleshooting builds](https://argoproj.github.io/argo-cd/developer-guide/ci/)). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a4ad43dd..070b0981 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,6 +2,54 @@ Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently. + +# Pull Requests + +All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project. + +## Versioning + +Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease). + +Any breaking changes to a chart (backwards incompatible) require: + + * Bump of the current Major version of the chart + * State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades)) + +### Immutability + +Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error. + + +### Artifact Hub Annotations + +Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub. + + * [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/) + +#### Changelog + +We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release. + +Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: + +``` +name: argo-cd +version: 3.4.1 +... +annotations: + artifacthub.io/changes: | + - "[Added]: Something New was added" + - "[Changed]: Changed Something within this chart" + - "[Changed]: Changed Something else within this chart" + - "[Deprecated]: Something deprecated" + - "[Removed]: Something was removed" + - "[Fixed]: Something was fixed" + - "[Security]": Some Security Patch was included" +``` + +# Testing + ## Testing Argo Workflows Changes Minimally: @@ -96,4 +144,4 @@ The linting can be invoked manually with the following command: ## Publishing Changes -Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`). \ No newline at end of file +Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`). diff --git a/README.md b/README.md index 2db0e70a..6e1aaf2c 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ # Argo Helm Charts +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=master)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. The charts can be added using following command: @@ -7,3 +8,7 @@ Argo Helm is a collection of **community maintained** charts for http://argoproj ``` helm repo add argo https://argoproj.github.io/argo-helm ``` + +## Contributing + +We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details. \ No newline at end of file diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 77b0fc3d..9ea33e54 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.7.1 +version: 3.7.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 2df3b1c7..835705bf 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.2 +version: 1.6.4 keywords: - argo-events - sensor-controller @@ -15,3 +15,6 @@ maintainers: appVersion: 1.3.1 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index f058d566..6f904714 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,10 +2,13 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.2 +version: 1.0.3 icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png home: https://github.com/argoproj/argo-helm maintainers: - name: alexmt - name: dthomson25 - name: jessesuen +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f3dd5219..d966c9f8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.6 +version: 0.2.7 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -13,3 +13,6 @@ maintainers: - name: alexmt - name: jessesuen - name: benjaminws +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 2596addb..2facbad1 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.6 +version: 0.1.7 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png @@ -12,3 +12,6 @@ keywords: - gitops maintainers: - name: maruina +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index cf33a5d9..81fc8e5c 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.0 +version: 1.4.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -13,3 +13,6 @@ keywords: maintainers: - name: alexmt - name: andyfeller +annotations: + artifacthub.io/changes: | + - "[Added]: Initialize Changelog" From 783cb3e0290b1f8b5934f1dfb212dd1fbe16df02 Mon Sep 17 00:00:00 2001 From: Atze de Vries Date: Fri, 9 Jul 2021 14:34:09 +0200 Subject: [PATCH 0018/1248] feat(argo-cd): Add ability to override API versions (#760) * feat: Add ability to override api versions for argocd Signed-off-by: Atze de Vries * fix linting Signed-off-by: Atze de Vries * reimplement a bit and update chart version Signed-off-by: Atze de Vries * update to new minor Signed-off-by: Atze de Vries * fix spaces in comments Signed-off-by: Atze de Vries * Updated flow control and add documentation on apiVersionOverrides Signed-off-by: Atze de Vries * Add changelog annotation Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++++- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/_helpers.tpl | 4 +++- charts/argo-cd/templates/argocd-server/certificate.yaml | 4 +++- charts/argo-cd/values.yaml | 7 +++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9ea33e54..6be2a125 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.7.2 +version: 3.8.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -19,3 +19,6 @@ dependencies: version: 4.12.14 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled +annotations: + artifacthub.io/changes: | + - "[Added]: Ability to override API versions" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c0322bad..219e76ab 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -111,6 +111,8 @@ NAME: my-release | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | +| apiVersionOverrides.certmanager | String to override apiVersion of certmanager resources rendered by this helm chart | `""` | +| apiVersionOverrides.ingress | String to override apiVersion of ingresses rendered by this helm chart | `""` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` | | configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 65081951..177d1db8 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -144,7 +144,9 @@ app.kubernetes.io/component: {{ .component }} Return the appropriate apiVersion for ingress */}} {{- define "argo-cd.ingress.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}} +{{- if .Values.apiVersionOverrides.ingress -}} +{{- print .Values.apiVersionOverrides.ingress -}} +{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}} {{- print "extensions/v1beta1" -}} {{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" $) -}} {{- print "networking.k8s.io/v1beta1" -}} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 753dc8bc..64241bfe 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,5 +1,7 @@ {{- if .Values.server.certificate.enabled -}} -{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1" }} +{{- if .Values.apiVersionOverrides.certmanager -}} +apiVersion: {{ .Values.apiVersionOverrides.certmanager }} +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" }} apiVersion: cert-manager.io/v1 {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }} apiVersion: cert-manager.io/v1alpha3 diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 087a091d..6edc3e29 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,6 +20,13 @@ global: # hostnames: # - git.myhostname +# Override APIVersions +# If you want to template helm charts but cannot access k8s API server +# you can set api versions here +apiVersionOverrides: + certmanager: "" # cert-manager.io/v1 + ingress: "" # networking.k8s.io/v1beta1 + ## Controller controller: name: application-controller From 1416d5e082b97878ab9c8cbe99e299669ee747d9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 12 Jul 2021 12:54:17 +0200 Subject: [PATCH 0019/1248] fix(argocd-applicationset): Cleanup old CRD installation method (#827) Signed-off-by: Marco Kilchhofer --- charts/argocd-applicationset/.helmignore | 1 + charts/argocd-applicationset/Chart.yaml | 8 ++++--- charts/argocd-applicationset/README.md | 23 +++++++++++++++---- .../ci/default-values.yaml | 2 -- .../ci/leader-election-values.yaml | 2 -- .../argocd-applicationset/templates/crds.yaml | 6 ----- charts/argocd-applicationset/values.yaml | 2 -- 7 files changed, 24 insertions(+), 20 deletions(-) delete mode 100644 charts/argocd-applicationset/templates/crds.yaml diff --git a/charts/argocd-applicationset/.helmignore b/charts/argocd-applicationset/.helmignore index 0e8a0eb3..5bdaa3eb 100644 --- a/charts/argocd-applicationset/.helmignore +++ b/charts/argocd-applicationset/.helmignore @@ -21,3 +21,4 @@ .idea/ *.tmproj .vscode/ +ci/ diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 2facbad1..b91b1441 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,10 +2,10 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 0.1.7 +version: 1.0.0 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png keywords: - argoproj - appset @@ -14,4 +14,6 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Removed]: CRD installation via templates folder. CRDs are now only handled via the '/crds' folder in the same way like the ArgoCD chart." + - "[Removed]: Exclude '/ci' folder from being packaged into the final chart archive." + - "[Changed]: Fix icon url" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index b200d9cf..0b59414b 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -10,6 +10,11 @@ This is a **community maintained** chart. This chart installs the [applicationse This chart currently installs the non-HA version of Argo CD ApplicationSet. +## Prerequisites + +- Helm v3.0.0+ +- The ApplicationSet controller **must** be installed into the same namespace as the Argo CD it is targetting. + ## Installing the Chart To install the chart with the release name `my-release`: @@ -23,10 +28,6 @@ NAME: my-release ... ``` -### Helm v3 Compatibility - -Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistent webhooks. - ### Testing Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing). @@ -38,6 +39,19 @@ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/st ct install --namespace argocd ``` +## Notes on CRD Installation + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. + +You then can install the CRDs manually from `crds` folder or via the manifests from the upstream project repo: + +```console +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref= + +# Eg. version v0.1.0 +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=v0.1.0 +``` + ## Values | Key | Type | Default | Description | @@ -56,7 +70,6 @@ ct install --namespace argocd | image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | -| installCRDs | bool | `true` | Install Custom Resource Definition | | mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume | | mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume | | mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | diff --git a/charts/argocd-applicationset/ci/default-values.yaml b/charts/argocd-applicationset/ci/default-values.yaml index eb1b7aae..233dd8e2 100644 --- a/charts/argocd-applicationset/ci/default-values.yaml +++ b/charts/argocd-applicationset/ci/default-values.yaml @@ -4,8 +4,6 @@ replicaCount: 1 -installCRDs: false # this needs to be false with ct - image: # The image repository repository: quay.io/argocdapplicationset/argocd-applicationset diff --git a/charts/argocd-applicationset/ci/leader-election-values.yaml b/charts/argocd-applicationset/ci/leader-election-values.yaml index e7201ac1..39ec3078 100644 --- a/charts/argocd-applicationset/ci/leader-election-values.yaml +++ b/charts/argocd-applicationset/ci/leader-election-values.yaml @@ -2,5 +2,3 @@ args: enableLeaderElection: true replicaCount: 3 - -installCRDs: false diff --git a/charts/argocd-applicationset/templates/crds.yaml b/charts/argocd-applicationset/templates/crds.yaml deleted file mode 100644 index 45ab72d4..00000000 --- a/charts/argocd-applicationset/templates/crds.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{- if .Values.installCRDs }} -{{- range $path, $_ := .Files.Glob "crds/*.yaml" }} -{{ $.Files.Get $path }} ---- -{{- end }} -{{- end }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index 1be0c0ff..ac4b3bd9 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -4,8 +4,6 @@ replicaCount: 1 -installCRDs: true - image: # The image repository repository: quay.io/argocdapplicationset/argocd-applicationset From 62699ffc827757b5ed5842c593e9e4bd19120226 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 12 Jul 2021 13:06:50 +0200 Subject: [PATCH 0020/1248] fix(argo-cd): Add ServiceAccount for redis (#828) * Add ability to create ServiceAccount for redis Signed-off-by: Marco Kilchhofer * Use correct default for ServiceAccounts in _helpers.tpl Signed-off-by: Marco Kilchhofer * Bump version and update changelog Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 19 +++++++++++++++---- .../argo-cd/templates/redis/deployment.yaml | 3 ++- .../templates/redis/serviceaccount.yaml | 15 +++++++++++++++ charts/argo-cd/values.yaml | 8 ++++++++ 5 files changed, 42 insertions(+), 7 deletions(-) create mode 100644 charts/argo-cd/templates/redis/serviceaccount.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6be2a125..3a503aca 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.8.0 +version: 3.8.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to override API versions" + - "[Fixed]: Cannot create a service account for redis" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 177d1db8..c5d2adab 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -71,7 +71,7 @@ Create the name of the controller service account to use */}} {{- define "argo-cd.controllerServiceAccountName" -}} {{- if .Values.controller.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }} + {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} {{- else -}} {{ default "default" .Values.controller.serviceAccount.name }} {{- end -}} @@ -82,18 +82,29 @@ Create the name of the dex service account to use */}} {{- define "argo-cd.dexServiceAccountName" -}} {{- if .Values.dex.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }} + {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} {{- else -}} {{ default "default" .Values.dex.serviceAccount.name }} {{- end -}} {{- end -}} +{{/* +Create the name of the redis service account to use +*/}} +{{- define "argo-cd.redisServiceAccountName" -}} +{{- if .Values.redis.serviceAccount.create -}} + {{ default (include "argo-cd.redis.fullname" .) .Values.redis.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.redis.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create the name of the ArgoCD server service account to use */}} {{- define "argo-cd.serverServiceAccountName" -}} {{- if .Values.server.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }} + {{ default (include "argo-cd.server.fullname" .) .Values.server.serviceAccount.name }} {{- else -}} {{ default "default" .Values.server.serviceAccount.name }} {{- end -}} @@ -104,7 +115,7 @@ Create the name of the repo-server service account to use */}} {{- define "argo-cd.repoServerServiceAccountName" -}} {{- if .Values.repoServer.serviceAccount.create -}} - {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }} + {{ default (include "argo-cd.repoServer.fullname" .) .Values.repoServer.serviceAccount.name }} {{- else -}} {{ default "default" .Values.repoServer.serviceAccount.name }} {{- end -}} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index a6f0c46a..05500337 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -30,7 +30,8 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - automountServiceAccountToken: false + automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} + serviceAccountName: {{ template "argo-cd.redisServiceAccountName" . }} {{- if .Values.redis.securityContext }} securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/serviceaccount.yaml b/charts/argo-cd/templates/redis/serviceaccount.yaml new file mode 100644 index 00000000..ae67d3b2 --- /dev/null +++ b/charts/argo-cd/templates/redis/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.redis.enabled .Values.redis.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "argo-cd.redisServiceAccountName" . }} +{{- if .Values.redis.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.redis.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6edc3e29..3ecfd228 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -365,6 +365,14 @@ redis: fsGroup: 1000 runAsNonRoot: true + serviceAccount: + create: false + name: "" + ## Annotations applied to created service account + annotations: {} + ## Automount API credentials for the Service Account + automountServiceAccountToken: false + resources: {} # limits: # cpu: 200m From 9c69a87f6719446cde3e1f6cec10c8bd6f4c61a3 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 13 Jul 2021 08:25:41 +0200 Subject: [PATCH 0021/1248] docs(argo-cd): Upgrading notes for ServiceAccount change in 3.8.1 (#830) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 28 ++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3a503aca..ea3fbc45 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.8.1 +version: 3.8.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Cannot create a service account for redis" + - "[Changed]: Add important upgrading notes to README concerning potential ServiceAccount renamings introduced in chart version 3.8.1+." diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 219e76ab..1c12a617 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -34,6 +34,34 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 3.8.1 + +This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization: + +```yaml +# Case 1) - only happens when you do not specify a custom name (repoServer.serviceAccount.name) +repoServer: + serviceAccount: + create: true + +# Case 2) +controller: + serviceAccount: + name: "" # or + +# Case 3) +dex: + serviceAccount: + name: "" # or + +# Case 4) +server: + serviceAccount: + name: "" # or +``` + +Please check if you are affected by one of these cases **before you upgrade**, especially when you use **cloud IAM roles for service accounts.** (eg. IRSA on AWS or Workload Identity for GKE) + ### 3.2.* With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). From 922799081d6037d71971baf3fecf3519c35326e9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 13 Jul 2021 08:35:25 +0200 Subject: [PATCH 0022/1248] feat(argo-cd): Add ability to create network policies (#800) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +++-- charts/argo-cd/README.md | 2 ++ .../networkpolicy.yaml | 19 ++++++++++++ .../argocd-repo-server/networkpolicy.yaml | 31 +++++++++++++++++++ .../argocd-server/networkpolicy.yaml | 16 ++++++++++ .../argo-cd/templates/dex/networkpolicy.yaml | 31 +++++++++++++++++++ .../templates/networkpolicy-default-deny.yaml | 12 +++++++ .../argo-cd/templates/redis/deployment.yaml | 2 +- .../templates/redis/networkpolicy.yaml | 29 +++++++++++++++++ charts/argo-cd/values.yaml | 4 +++ 10 files changed, 149 insertions(+), 4 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/argocd-server/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/dex/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/networkpolicy-default-deny.yaml create mode 100644 charts/argo-cd/templates/redis/networkpolicy.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ea3fbc45..60ff890e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.8.2 +version: 3.9.0 home: https://github.com/argoproj/argo-helm -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: - argoproj - argocd @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Add important upgrading notes to README concerning potential ServiceAccount renamings introduced in chart version 3.8.1+." + - "[Added]: Ability to create network policies" + - "[Changed]: Fix icon url" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1c12a617..bb929e93 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -136,6 +136,8 @@ NAME: my-release | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | +| global.networkPolicy.create | Create NetworkPolicy objects for all components | `false` | +| global.networkPolicy.defaultDenyIngress | Default deny all ingress traffic | `false` | | kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | | nameOverride | Provide a name in place of `argocd` | `"argocd"` | | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | diff --git a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml new file mode 100644 index 00000000..9116fbcf --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml @@ -0,0 +1,19 @@ +{{- if .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + name: {{ template "argo-cd.controller.fullname" . }} +spec: + ingress: + - from: + - namespaceSelector: {} + ports: + - port: controller + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml new file mode 100644 index 00000000..0d9274ed --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -0,0 +1,31 @@ +{{- if .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} + name: {{ template "argo-cd.repoServer.fullname" . }} +spec: + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }} + ports: + - port: repo-server + protocol: TCP + {{- if .Values.repoServer.metrics.enabled }} + - from: + - namespaceSelector: {} + ports: + - port: metrics + {{- end }} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml new file mode 100644 index 00000000..8300d696 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml @@ -0,0 +1,16 @@ +{{- if .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + name: {{ template "argo-cd.server.fullname" . }} +spec: + ingress: + - {} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/dex/networkpolicy.yaml b/charts/argo-cd/templates/dex/networkpolicy.yaml new file mode 100644 index 00000000..e79a2e3e --- /dev/null +++ b/charts/argo-cd/templates/dex/networkpolicy.yaml @@ -0,0 +1,31 @@ +{{- if and .Values.global.networkPolicy.create .Values.dex.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} + name: {{ template "argo-cd.dex.fullname" . }} +spec: + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }} + ports: + - port: http + protocol: TCP + - port: grpc + protocol: TCP + {{- if .Values.dex.metrics.enabled }} + - from: + - namespaceSelector: {} + ports: + - port: metrics + protocol: TCP + {{- end }} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/networkpolicy-default-deny.yaml b/charts/argo-cd/templates/networkpolicy-default-deny.yaml new file mode 100644 index 00000000..3d47a397 --- /dev/null +++ b/charts/argo-cd/templates/networkpolicy-default-deny.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.global.networkPolicy.create .Values.global.networkPolicy.defaultDenyIngress }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} + name: {{ template "argo-cd.fullname" . }}-default-deny +spec: + podSelector: {} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 05500337..5b5879a3 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -59,8 +59,8 @@ spec: {{- end }} ports: - containerPort: {{ .Values.redis.containerPort }} + name: redis {{- if .Values.redis.volumeMounts }} - volumeMounts: {{- toYaml .Values.redis.volumeMounts | nindent 10 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/networkpolicy.yaml b/charts/argo-cd/templates/redis/networkpolicy.yaml new file mode 100644 index 00000000..881e257c --- /dev/null +++ b/charts/argo-cd/templates/redis/networkpolicy.yaml @@ -0,0 +1,29 @@ +{{- $redisHa := (index .Values "redis-ha") -}} +{{- if and .Values.global.networkPolicy.create .Values.redis.enabled (not $redisHa.enabled) }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} + name: {{ template "argo-cd.redis.fullname" . }} +spec: + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 10 }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }} + ports: + - port: redis + protocol: TCP + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3ecfd228..452aba69 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,6 +20,10 @@ global: # hostnames: # - git.myhostname + networkPolicy: + create: false + defaultDenyIngress: false + # Override APIVersions # If you want to template helm charts but cannot access k8s API server # you can set api versions here From 1e3a4afd0583a4c35dba2b8783f9fded82667dfc Mon Sep 17 00:00:00 2001 From: Thomas O'Neill Date: Tue, 20 Jul 2021 07:40:54 -0400 Subject: [PATCH 0023/1248] feat(argo-cd): Support AWS ALB Ingress with gRPC (#806) * Support AWS ALB Ingress with GRPC Signed-off-by: Thomas O'Neill Signed-off-by: Thomas O'Neill * Bump chart version Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Use single if statement Signed-off-by: Thomas O'Neill * Append -grpc to the service labels for ALB GRPC service Signed-off-by: Thomas O'Neill Co-authored-by: Thomas O'Neill Co-authored-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++-- charts/argo-cd/README.md | 21 ++++++++++++++++ .../argocd-server/alb-grpc-service.yaml | 24 +++++++++++++++++++ .../templates/argocd-server/ingress-grpc.yaml | 2 +- .../templates/argocd-server/ingress.yaml | 24 +++++++++++++++++++ charts/argo-cd/values.yaml | 1 + 6 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 60ff890e..71320643 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.9.0 +version: 3.10.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to create network policies" - - "[Changed]: Fix icon url" + - "[Added]: Support AWS ALB Ingress with gRPC" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bb929e93..05623c59 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -305,6 +305,7 @@ NAME: my-release | server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` | | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` | | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | +| server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.lifecycle | PostStart and PreStop hooks configuration | `{}` | @@ -429,3 +430,23 @@ through `xxx.extraArgs` | redis-ha.image.tag | Redis tag | `"6.2.1-alpine"` | [gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ + + +### Using AWS ALB Ingress Controller With GRPC +If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. + +Example: +```yaml +server: + ingress: + enabled: true + annotations: + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + alb.ingress.kubernetes.io/scheme: internal + alb.ingress.kubernetes.io/target-type: ip + ingressGrpc: + enabled: true + isAWSALB: true + +``` \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml new file mode 100644 index 00000000..018bca3e --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.server.ingressGrpc.enabled .Values.server.ingressGrpc.isAWSALB -}} +apiVersion: v1 +kind: Service +metadata: + annotations: + alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + labels: + {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} + name: {{ template "argo-cd.server.fullname" . }}-grpc +spec: + ports: + - name: {{ .Values.server.service.servicePortHttpName }} + protocol: TCP + port: {{ .Values.server.service.servicePortHttp }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + - name: {{ .Values.server.service.servicePortHttpsName }} + protocol: TCP + port: {{ .Values.server.service.servicePortHttps }} + targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} + sessionAffinity: None + type: ClusterIP +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 1fb89979..6a90445e 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.ingressGrpc.enabled -}} +{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}} {{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index aa7d49dc..576b94df 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -12,6 +12,10 @@ metadata: {{- range $key, $value := .Values.server.ingress.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} + {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} + alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | + [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] + {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} labels: @@ -35,6 +39,26 @@ spec: {{- toYaml $extraPaths | nindent 10 }} {{- end }} {{- range $p := $paths }} + {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} + - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: Prefix + {{- end }} + backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ template "argo-cd.server.fullname" $ }}-grpc + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc + servicePort: {{ $servicePort }} + {{- end }} + {{- end }} - path: {{ $p }} {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 452aba69..b4d5a954 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -601,6 +601,7 @@ server: # https://argoproj.github.io/argo-cd/operator-manual/ingress/ ingressGrpc: enabled: false + isAWSALB: false annotations: {} labels: {} ingressClassName: "" From 186fe34b872813cf290209fb093ba7b211c64173 Mon Sep 17 00:00:00 2001 From: Jakub Bielawski <60479855+kobejn-jb@users.noreply.github.com> Date: Tue, 20 Jul 2021 20:10:29 +0200 Subject: [PATCH 0024/1248] Fix controller Role/ClusterRole to work with InstanceID (#833) Bumped Chart version Add indednt in controller ConfigMap flow control Signed-off-by: Jakub Bielawski --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-cluster-roles.yaml | 10 ++++++++++ .../controller/workflow-controller-config-map.yaml | 6 +++--- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index d966c9f8..736b131d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.7 +version: 0.2.8 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Fixed]: Controller Role/ClusterRole to work with InstanceID" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 34340d14..72e97f45 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -121,8 +121,18 @@ rules: resources: - leases resourceNames: + {{- if .Values.controller.instanceID.enabled }} + {{- if .Values.controller.instanceID.useReleaseName }} + - workflow-controller-{{ .Release.Name }} + - workflow-controller-lease-{{ .Release.Name }} + {{- else }} + - workflow-controller-{{ .Values.controller.instanceID.explicitID }} + - workflow-controller-lease-{{ .Values.controller.instanceID.explicitID }} + {{- end }} + {{- else }} - workflow-controller - workflow-controller-lease + {{- end }} verbs: - get - watch diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index afddb194..dd2af42e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -7,11 +7,11 @@ metadata: data: config: | {{- if .Values.controller.instanceID.enabled }} - {{- if .Values.controller.instanceID.useReleaseName }} + {{- if .Values.controller.instanceID.useReleaseName }} instanceID: {{ .Release.Name }} - {{- else }} + {{- else }} instanceID: {{ .Values.controller.instanceID.explicitID }} - {{- end }} + {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} {{- if .Values.controller.parallelism }} From 37277315ce669a12e9a5a66ce03ab2a6e08eb184 Mon Sep 17 00:00:00 2001 From: Rein van 't Veer Date: Tue, 20 Jul 2021 20:18:26 +0200 Subject: [PATCH 0025/1248] feat(argo-workflows): Multiple workflow namespaces (#824) * allow workflow to be run in multiple namespaces, bump chart version Signed-off-by: reinvantveer * update helm install instructions Signed-off-by: reinvantveer * fix indents Signed-off-by: reinvantveer * add newlines Signed-off-by: reinvantveer * bump chart version Signed-off-by: reinvantveer * default to "argo" namespace for workflow service account Signed-off-by: reinvantveer * simplify setting service account, fix syntactical error in defaulting to "argo" namespace Signed-off-by: reinvantveer * Bump only the chart version, revert bumping the controller version: 3.0.8 does not exist yet as a workflow-controller image version Signed-off-by: reinvantveer * don't set a namespace if there isn't one provided Signed-off-by: reinvantveer * bump version Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces Signed-off-by: reinvantveer * re-use controller.workflowNamespaces instead of introducing workflow.namespaces, add additional inline comments on rbac.create effect Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * compress namespaces from controller.workflowNamespaces and workflow.namespace into single loop iteration Signed-off-by: reinvantveer * dro now-redundant branch for controller.workflowNamespaces Signed-off-by: reinvantveer * use template helper "argo-workflows.fullname" instead of release name in order to be able to override the service account name Signed-off-by: reinvantveer * add missing "template" keyword Signed-off-by: reinvantveer * drop redundant $namespace assignment that was already moved inside the "range" function Signed-off-by: reinvantveer * replace "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * drop redundant $namespace assignment that was already moved inside the "range" function Signed-off-by: reinvantveer * inline "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * inline "define" templates with simple values now that controller.workflowNamespaces and workflow.namespace are unified into a single "range" iteration Signed-off-by: reinvantveer * add missing "$" to denote target for templating the workflows fullname helper Signed-off-by: reinvantveer * restore `with` blocks for service account name and service account annotations Signed-off-by: reinvantveer * drop validations: considering cases of `workflowNamespaces`, `namespace` and `singleNamespace` Signed-off-by: reinvantveer * include case for single namespaces with default ("") namespace, otherwise (ternary) combine the workflow namespace and workflowNamespaces from the controller settings into a list to iterate over Signed-off-by: reinvantveer * wrap namespace configuration in `with` block to prevent setting it to "" Signed-off-by: reinvantveer * fix append vs. concat bug: append workflowNamespace to (possibly 0-lenght) list of controller.workflowNamespaces Signed-off-by: reinvantveer * fix namespace range with additional check for either single namespace being false, or append to the workflow namespaces: the first non-null (coalesce) from the workflow namespace or the namespace Argo is being deployed to. Signed-off-by: reinvantveer * add changelog entries Signed-off-by: reinvantveer * unwrap (inline) with-block for service account name Signed-off-by: reinvantveer Co-authored-by: Vlad Losev --- CONTRIBUTING.md | 2 +- charts/argo-workflows/Chart.yaml | 6 ++- .../templates/controller/workflow-rb.yaml | 19 ++++----- .../templates/controller/workflow-role.yaml | 40 ++++++++++--------- .../templates/controller/workflow-sa.yaml | 13 +++--- charts/argo-workflows/values.yaml | 8 +++- 6 files changed, 51 insertions(+), 37 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 070b0981..3d6e1782 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -55,7 +55,7 @@ annotations: Minimally: ``` -helm install charts/argo -n argo +helm install charts/argo-workflows -n argo argo version ``` diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 736b131d..70b9bf10 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.8 +version: 0.2.9 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,6 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Controller Role/ClusterRole to work with InstanceID" + - "[Changed]: Service accounts, roles and role bindings can now be auto-created for each workflow controller namespace" + - "[Fixed]: The contributer testing guidelines were updated to reflect the chart name change from 'argo' to + 'argo-workflows'" diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 9b27c045..004d40d0 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,19 +1,20 @@ {{- if .Values.workflow.rbac.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-workflows.fullname" . }}-workflow - {{- with .Values.workflow.namespace }} - namespace: {{ . }} - {{- end }} + name: {{ template "argo-workflows.fullname" $ }}-workflow + namespace: {{ $namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-workflows.fullname" . }}-workflow + name: {{ template "argo-workflows.fullname" $ }}-workflow subjects: -- kind: ServiceAccount - name: {{ .Values.workflow.serviceAccount.name }} - {{- with .Values.workflow.namespace }} - namespace: {{ . }} + - kind: ServiceAccount + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index bf8b3cff..4ca10e8e 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,25 +1,29 @@ {{- if .Values.workflow.rbac.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ template "argo-workflows.fullname" . }}-workflow - {{- with .Values.workflow.namespace }} + name: {{ template "argo-workflows.fullname" $ }}-workflow + {{- with $namespace }} namespace: {{ . }} - {{- end }} + {{- end }} rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - watch - - patch -- apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - patch + - apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - watch + {{- end }} + {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index dc84f2b1..2ea64771 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,13 +1,16 @@ {{- if .Values.workflow.serviceAccount.create -}} + {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} +--- apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.workflow.serviceAccount.name }} - {{- with .Values.workflow.namespace }} + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} namespace: {{ . }} - {{- end }} - {{- with .Values.workflow.serviceAccount.annotations }} + {{- end }} + {{- with $.Values.workflow.serviceAccount.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 864c9931..ebd7fc92 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -29,13 +29,15 @@ kubeVersionOverride: "" singleNamespace: false workflow: - namespace: "" # Specify namespace if workflows run in another namespace than argo. This controls where the service account and RBAC resources will be created. + namespace: # Deprecated, for backwards compatibility: specify a single namespace to run workflows in serviceAccount: create: false # Specifies whether a service account should be created annotations: {} name: "argo-workflow" # Service account which is used to run workflows rbac: - create: false # adds Role and RoleBinding for the above specified service account to be able to run workflows + # Adds Role and RoleBinding for the above specified service account to be able to run workflows + # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) + create: true controller: image: @@ -109,6 +111,8 @@ controller: # Annotations applied to created service account annotations: {} name: workflow-controller + # Specify all namespaces to run worksflows need to be able to run in. This controls where the service + # account and RBAC resources will be created. If unspecified, will run in the default namespace. workflowNamespaces: - default containerRuntimeExecutor: docker From e393ef1ba2017973fc52208abcc5243e52b2443d Mon Sep 17 00:00:00 2001 From: Zadkiel Date: Tue, 20 Jul 2021 20:24:41 +0200 Subject: [PATCH 0026/1248] fix(argo-workflows): remove old default init service account (#834) * fix(argo-workflows): remove old default init service account Signed-off-by: GitHub * fix(argo-workflows): remove init.serviceAccount from README Signed-off-by: GitHub * chore(argo-workflows): update changelog Signed-off-by: GitHub * chore(argo-workflows): bump chart to 0.2.8 Signed-off-by: GitHub Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 6 ++---- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 5 ----- 3 files changed, 3 insertions(+), 10 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 70b9bf10..a342b248 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.9 +version: 0.2.10 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,6 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Service accounts, roles and role bindings can now be auto-created for each workflow controller namespace" - - "[Fixed]: The contributer testing guidelines were updated to reflect the chart name change from 'argo' to - 'argo-workflows'" + - "[Fixed]: Removed init.serviceAccount unused fields" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 7e1c9dd7..e25a3840 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -10,7 +10,7 @@ This chart uses an install hook to configure the CRD definition. Installation of A few options are: -- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute +- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions ## Usage Notes diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index ebd7fc92..68f6f459 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -5,11 +5,6 @@ images: pullSecrets: [] # - name: argo-pull-secret -init: - # By default the installation will not set an explicit one, which will mean it uses `default` for the namespace the chart is - # being deployed to. In RBAC clusters, that will almost certainly fail. See the NOTES: section of the readme for more info. - serviceAccount: "" - createAggregateRoles: true ## String to partially override "argo-workflows.fullname" template From 4e739561c0e2e9807e297905313710f95790522a Mon Sep 17 00:00:00 2001 From: kostas-theo <43744618+kostas-theo@users.noreply.github.com> Date: Tue, 20 Jul 2021 23:51:02 +0200 Subject: [PATCH 0027/1248] fix: pod status pending issue (#837) Signed-off-by: kostas-theo Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/crds/argoproj.io_workflows.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a342b248..60d4305d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.10 +version: 0.2.11 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Removed init.serviceAccount unused fields" + - "[Fixed]: Pods stuck in pending phase due to workflow update timeouts." diff --git a/charts/argo-workflows/crds/argoproj.io_workflows.yaml b/charts/argo-workflows/crds/argoproj.io_workflows.yaml index f3751e18..59d2fc3b 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflows.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workflows.yaml @@ -36,9 +36,11 @@ spec: spec: type: object x-kubernetes-preserve-unknown-fields: true + x-kubernetes-map-type: atomic status: type: object x-kubernetes-preserve-unknown-fields: true + x-kubernetes-map-type: atomic required: - metadata - spec From 3ca4a4eca08b7a35aa1e9ce9ad92dcb8cdf76fa3 Mon Sep 17 00:00:00 2001 From: Niels ten Boom Date: Wed, 21 Jul 2021 18:02:03 +0200 Subject: [PATCH 0028/1248] docs: Rename argocd references to argoworkflows in workflow chart (#842) * rename argocd to argoworkflows Signed-off-by: Niels ten Boom * bump patch version Signed-off-by: Niels ten Boom * bump patch version Signed-off-by: Niels ten Boom Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/values.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 60d4305d..768d2266 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.11 +version: 0.2.12 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Pods stuck in pending phase due to workflow update timeouts." + - "[Changed]: Argo workflows values file no longer has examples referencing ArgoCD" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 68f6f459..50085773 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -278,7 +278,7 @@ server: ## hosts: [] - # - argocd.example.com + # - argoworkflows.example.com paths: - / extraPaths: @@ -297,9 +297,9 @@ server: # name: use-annotation tls: [] - # - secretName: argocd-example-tls + # - secretName: argoworkflows-example-tls # hosts: - # - argocd.example.com + # - argoworkflows.example.com https: false clusterWorkflowTemplates: From 2358b152f9af125fcb608ead2d76fb81d18342fd Mon Sep 17 00:00:00 2001 From: smcavallo Date: Mon, 26 Jul 2021 21:32:56 -0400 Subject: [PATCH 0029/1248] feat(argo-cd): Bump default version to v2.0.5 (#844) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 71320643..60bc092a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.4 +appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.10.0 +version: 3.10.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 05623c59..4cd712b5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -132,7 +132,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.4"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b4d5a954..c6795bbc 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.0.4 + tag: v2.0.5 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 From 3374813feb15674af4430c3ba33f58244fda6c4d Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Tue, 27 Jul 2021 13:07:07 +0200 Subject: [PATCH 0030/1248] fix(argo-cd): Deprecate the static assets flag passed to argocd-server (#846) Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 3 ++- charts/argo-cd/README.md | 8 +++++++- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 60bc092a..b58fd1c2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.10.1 +version: 3.10.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -22,3 +22,4 @@ dependencies: annotations: artifacthub.io/changes: | - "[Added]: Support AWS ALB Ingress with gRPC" + - "[Deprecated]: Deprecate static assets flag passed to argocd-server" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4cd712b5..08025c94 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -34,6 +34,11 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 3.10.2 + +ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default +It can be re-enabled by setting `server.staticAssets.enabled` to true + ### 3.8.1 This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization: @@ -287,6 +292,7 @@ NAME: my-release | server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | +| server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` | | server.env | Environment variables for the server. | `[]` | | server.envFrom | `envFrom` to pass to the server. | `[]` (See [values.yaml](values.yaml)) | | server.image.repository | Repository to use for the server | `global.image.repository` | @@ -449,4 +455,4 @@ server: enabled: true isAWSALB: true -``` \ No newline at end of file +``` diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 68c98845..ff86f5ec 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -42,8 +42,10 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server + {{ if .Values.server.staticAssets.enabled }} - --staticassets - /shared/app + {{ end }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- if .Values.dex.enabled }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c6795bbc..d930fcd8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -431,6 +431,10 @@ server: extraArgs: [] # - --insecure + # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app + staticAssets: + enabled: false + ## Environment variables to pass to argocd-server ## env: [] From 5ed8dccc99f9a84e3f40458df79d7c4eba81b371 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Wed, 28 Jul 2021 10:36:56 -0400 Subject: [PATCH 0031/1248] argocd - update misc dependencies (#847) Signed-off-by: smcavallo --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 9 +++++---- charts/argo-cd/values.yaml | 6 +++--- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 52941728..fe323d72 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.12.14 -digest: sha256:34275a4f4df92c570d07b0553da5d1fa200b6f057f7091746c853fd7399ee30a -generated: "2021-05-03T16:02:41.4356045-04:00" + version: 4.12.17 +digest: sha256:ad1833436031e3578165d48646c90323040fa1bc00d9235fe7ba7c67b20094ec +generated: "2021-07-27T16:35:27.2509236-04:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b58fd1c2..dd68aab2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.10.2 +version: 3.11.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -16,10 +16,11 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.12.14 + version: 4.12.17 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support AWS ALB Ingress with gRPC" - - "[Deprecated]: Deprecate static assets flag passed to argocd-server" + - "[Updated]: Updated redis-ha chart dependency 4.12.14 -> 4.12.17" + - "[Updated]: Updated dex image 2.27.0 -> 2.28.1" + - "[Updated]: Updated redis alpine image 6.2.2 -> 6.2.4" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d930fcd8..8d5a092c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -229,7 +229,7 @@ dex: image: repository: ghcr.io/dexidp/dex - tag: v2.27.0 + tag: v2.28.1 imagePullPolicy: IfNotPresent initImage: repository: @@ -313,7 +313,7 @@ redis: image: repository: redis - tag: 6.2.2-alpine + tag: 6.2.4-alpine imagePullPolicy: IfNotPresent ## Additional command line arguments to pass to redis-server @@ -406,7 +406,7 @@ redis-ha: metrics: enabled: true image: - tag: 6.2.2-alpine + tag: 6.2.4-alpine ## Server server: From f20e070de1b1570987bc265de3a07c81d5156c49 Mon Sep 17 00:00:00 2001 From: Lucas Bickel Date: Wed, 28 Jul 2021 17:42:12 +0200 Subject: [PATCH 0032/1248] fix(argo-cd): re-enable not yet deprecated staticassets flag (#849) Signed-off-by: Lucas Bickel --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dd68aab2..87e252a8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.0 +version: 3.11.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,6 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Updated]: Updated redis-ha chart dependency 4.12.14 -> 4.12.17" - - "[Updated]: Updated dex image 2.27.0 -> 2.28.1" - - "[Updated]: Updated redis alpine image 6.2.2 -> 6.2.4" + - "[Changed]: Set server.staticAssets.enabled=true since Argo CD 2.0.5 still needs it" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8d5a092c..06232342 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -433,7 +433,7 @@ server: # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app staticAssets: - enabled: false + enabled: true ## Environment variables to pass to argocd-server ## From c043eb2d292d49a0b1403a2539a846354bcca7d0 Mon Sep 17 00:00:00 2001 From: Rafael Tovar Date: Sat, 7 Aug 2021 15:07:41 +0200 Subject: [PATCH 0033/1248] feat(argo-cd): Add sessionAffinity to server service (#859) * feat(argo-cd):Add sessionAffinity to server Signed-off-by: Rafael Tovar * feat(argo-cd): update changelog new chart Signed-off-by: Rafael Tovar --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/service.yaml | 3 +++ charts/argo-cd/values.yaml | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 87e252a8..a1d6cd5e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.1 +version: 3.11.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Set server.staticAssets.enabled=true since Argo CD 2.0.5 still needs it" + - "[Added]: Add server.service.sessionAffinity setting of the Service into account when deciding which backend Pod to use" diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 87877d92..1dc04116 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -47,3 +47,6 @@ spec: {{- with .Values.server.service.externalTrafficPolicy }} externalTrafficPolicy: {{ . }} {{- end }} +{{- with .Values.server.service.sessionAffinity }} + sessionAffinity: {{ . }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 06232342..8ffcdaea 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -541,6 +541,7 @@ server: loadBalancerSourceRanges: [] externalIPs: [] externalTrafficPolicy: "" + sessionAffinity: "" ## Server metrics service configuration metrics: From b862c6239fa9a6df2f67cdd6a8162001fda42b79 Mon Sep 17 00:00:00 2001 From: Calum MacRae Date: Sat, 7 Aug 2021 23:43:28 +0100 Subject: [PATCH 0034/1248] feat(argo-events): Ability to specify custom env variables (#516) * feat(argo-events): Add debugLogging value for controller components Signed-off-by: Calum MacRae * fix: quote strings Signed-off-by: Marco Kilchhofer * Rework to generic extraEnv Signed-off-by: Marco Kilchhofer * Fix chart icon url Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 7 ++++--- .../templates/eventbus-controller-deployment.yaml | 3 +++ .../templates/eventsource-controller-deployment.yaml | 3 +++ .../templates/sensor-controller-deployment.yaml | 3 +++ charts/argo-events/values.yaml | 9 +++++++++ 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 835705bf..c29777c7 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.6.4 +version: 1.7.0 keywords: - argo-events - sensor-controller @@ -13,8 +13,9 @@ maintainers: - name: VaibhavPage - name: whynowy appVersion: 1.3.1 -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Added]: Ability to specify additional/custom environment variables" + - "[Fixed]: Charts icon url" diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index 591d8da3..747bfc11 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -36,6 +36,9 @@ spec: - --namespaced {{- end }} env: + {{- with .Values.eventbusController.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 62fe150e..651ff39b 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -36,6 +36,9 @@ spec: - --namespaced {{- end }} env: + {{- with .Values.eventsourceController.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 0b51d1de..6c2f6a04 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -36,6 +36,9 @@ spec: - --namespaced {{- end }} env: + {{- with .Values.sensorController.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} - name: NAMESPACE valueFrom: fieldRef: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 11827406..db6f679d 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -47,6 +47,9 @@ sensorController: image: argoproj/sensor-controller tag: v1.3.1 replicaCount: 1 + extraEnv: [] + # - name: DEBUG_LOG + # value: "true" sensorImage: argoproj/sensor podAnnotations: {} nodeSelector: {} @@ -61,6 +64,9 @@ eventsourceController: image: argoproj/eventsource-controller tag: v1.3.1 replicaCount: 1 + extraEnv: [] + # - name: DEBUG_LOG + # value: "true" eventsourceImage: argoproj/eventsource podAnnotations: {} nodeSelector: {} @@ -75,6 +81,9 @@ eventbusController: image: argoproj/eventbus-controller tag: v1.3.1 replicaCount: 1 + extraEnv: [] + # - name: DEBUG_LOG + # value: "true" podAnnotations: {} nodeSelector: {} podLabels: {} From 6bbcd833d4398745b3bd133cea233ebda40e4c98 Mon Sep 17 00:00:00 2001 From: Emanuel Oliveira Date: Mon, 9 Aug 2021 05:58:02 -0300 Subject: [PATCH 0035/1248] fix(argo-cd): Set type of service for gRPC as NodePort. (#861) * fix: set service-grpc type as NodePort Signed-off-by: Emanuel Oliveira Signed-off-by: Emanuel Oliveira * docs: Adds changelog Signed-off-by: Emanuel Oliveira Signed-off-by: Emanuel Oliveira * chore: remove old changelog comment Signed-off-by: Emanuel Oliveira Signed-off-by: Emanuel Oliveira --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a1d6cd5e..2859057a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.2 +version: 3.11.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add server.service.sessionAffinity setting of the Service into account when deciding which backend Pod to use" + - "[Fix]: Set type of service for grpc as NodePort because this is the default of ALB ingress Controller" diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml index 018bca3e..acc9dd60 100644 --- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -20,5 +20,5 @@ spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None - type: ClusterIP + type: NodePort {{- end -}} From 046635d69b140ec075731a196d9864caf9484232 Mon Sep 17 00:00:00 2001 From: cskh Date: Tue, 10 Aug 2021 02:39:38 -0400 Subject: [PATCH 0036/1248] fix(argo-rollouts): Add missing liveness and readiness probe (#860) * fix(argo-rollouts): missing liveness and readiness probe Signed-off-by: Hui Kang * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Update changelog annotation Signed-off-by: Marco Kilchhofer * Fix icon url Signed-off-by: Marco Kilchhofer Co-authored-by: Hui Kang Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 7 ++++--- .../templates/argo-rollouts-deployment.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 20 +++++++++++++++++++ 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6f904714..c92e4c62 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.3 -icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png +version: 1.0.4 +icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: - name: alexmt @@ -11,4 +11,5 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Fixed]: Add missing liveness and readiness probes" + - "[Changed]: Fix icon url" diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index fb632312..4acb0cee 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -39,6 +39,10 @@ spec: ports: - containerPort: 8090 name: metrics + livenessProbe: + {{- toYaml .Values.controller.livenessProbe | nindent 10 }} + readinessProbe: + {{- toYaml .Values.controller.readinessProbe | nindent 10 }} securityContext: {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e778377f..e52e8902 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -31,6 +31,26 @@ controller: additionalLabels: {} additionalAnnotations: {} + ## Readiness and liveness probes for rollouts controller + livenessProbe: + httpGet: + path: /metrics + port: 8090 + initialDelaySeconds: 30 + periodSeconds: 20 + failureThreshold: 3 + successThreshold: 1 + timeoutSeconds: 10 + readinessProbe: + httpGet: + path: /metrics + port: 8090 + initialDelaySeconds: 15 + periodSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + timeoutSeconds: 4 + serviceAccount: # Specifies whether a service account should be created create: true From 8125f928ea00cef542f0e5b482aedec2c0d46043 Mon Sep 17 00:00:00 2001 From: Thom Date: Tue, 10 Aug 2021 15:45:09 +0200 Subject: [PATCH 0037/1248] feat(argo-workflow): Add pathType value to ingress (#854) Signed-off-by: thomascjohnson --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/server/server-ingress.yaml | 5 +++-- charts/argo-workflows/values.yaml | 1 + 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 768d2266..df0aea74 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.12 +version: 0.2.13 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Argo workflows values file no longer has examples referencing ArgoCD" + - "[Added]: pathType variable now available for ingress template" diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index 6072c9d7..969676e1 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -3,6 +3,7 @@ {{- $servicePort := .Values.server.servicePort -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} +{{- $pathType := .Values.server.ingress.pathType -}} apiVersion: {{ include "argo-workflows.ingress.apiVersion" . }} kind: Ingress metadata: @@ -36,7 +37,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} @@ -63,7 +64,7 @@ spec: {{- range $p := $paths }} - path: {{ $p }} {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: Prefix + pathType: {{ $pathType }} {{- end }} backend: {{- if eq (include "argo-workflows.ingress.apiVersion" $) "networking.k8s.io/v1" }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 50085773..76ed9479 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -281,6 +281,7 @@ server: # - argoworkflows.example.com paths: - / + pathType: Prefix extraPaths: [] # - path: /* From 4e4c28a4dcec2cac7eefadc8518ce83404b0246b Mon Sep 17 00:00:00 2001 From: c1_zh <5362164+cezhang@users.noreply.github.com> Date: Wed, 11 Aug 2021 15:14:27 +0800 Subject: [PATCH 0038/1248] fix(argo-cd): Respect timezone during password mtime generation (#864) Signed-off-by: cezhang --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2859057a..6ce42aec 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.3 +version: 3.11.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fix]: Set type of service for grpc as NodePort because this is the default of ALB ingress Controller" + - "[Fixed]: Can't login when using configs.secret.argocdServerAdminPassword" diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index d84d2649..62cf6be4 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -36,7 +36,7 @@ data: {{- end }} {{- if .Values.configs.secret.argocdServerAdminPassword }} admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }} - admin.passwordMtime: {{ default (date "2006-01-02T15:04:05Z" now) .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }} + admin.passwordMtime: {{ default (dateInZone "2006-01-02T15:04:05Z" (now) "UTC") .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }} {{- end }} {{- range $key, $value := .Values.configs.secret.extra }} {{ $key }}: {{ $value | b64enc }} From 07c1cf092c0f267ceb548512132e55fe75548207 Mon Sep 17 00:00:00 2001 From: Mike Bryant Date: Wed, 11 Aug 2021 08:32:11 +0100 Subject: [PATCH 0039/1248] feat(argo-workflows): Add support for extra containers in server & controller deployment (#841) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: Add support for extra containers in server & controller deployment Signed-off-by: Mike Bryant * Update charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: Mike Bryant * Update charts/argo-workflows/templates/server/server-deployment.yaml Co-authored-by: Oliver Bähler Signed-off-by: Mike Bryant Co-authored-by: Oliver Bähler --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-deployment.yaml | 3 +++ charts/argo-workflows/templates/server/server-deployment.yaml | 3 +++ charts/argo-workflows/values.yaml | 4 ++++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index df0aea74..6534fbe8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.2.13 +version: 0.3.0 appVersion: "v3.0.7" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: pathType variable now available for ingress template" + - "[Added]: Support for extraContainers in controller/server" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index e085b899..7dee67e5 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -79,6 +79,9 @@ spec: containerPort: {{ .Values.controller.metricsConfig.port }} - containerPort: 6060 livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }} + {{- with .Values.controller.extraContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 5effabf6..21917c43 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -80,6 +80,9 @@ spec: {{- with .Values.server.volumeMounts }} {{- toYaml . | nindent 10}} {{- end }} + {{- with .Values.server.extraContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 76ed9479..c19562d0 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -170,6 +170,8 @@ controller: clusterWorkflowTemplates: # Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. enabled: true + # Extra containers to be added to the controller deployment + extraContainers: [] # executor controls how the init and wait container should be customized executor: @@ -337,6 +339,8 @@ server: ## decisions. # scopes: # - groups + # Extra containers to be added to the server deployment + extraContainers: [] # Influences the creation of the ConfigMap for the workflow-controller itself. useDefaultArtifactRepo: false From 607caac246b772e59a90ea69fb508d3fedd6b885 Mon Sep 17 00:00:00 2001 From: Thomas O'Neill Date: Wed, 11 Aug 2021 11:44:18 -0400 Subject: [PATCH 0040/1248] Fix service type for AWS GRPC (#862) Signed-off-by: Thomas O'Neill Co-authored-by: Thomas O'Neill --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 3 +++ .../templates/argocd-server/alb-grpc-service.yaml | 2 +- charts/argo-cd/values.yaml | 9 +++++++++ 4 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6ce42aec..90cde221 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.4 +version: 3.11.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 08025c94..5672d677 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -312,6 +312,7 @@ NAME: my-release | server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` | | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | | server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | +| server.ingressGrpc.awsALB.serviceType | Service type for the AWS ALB GRPC service | `NodePort` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.lifecycle | PostStart and PreStop hooks configuration | `{}` | @@ -454,5 +455,7 @@ server: ingressGrpc: enabled: true isAWSALB: true + awsALB: + serviceType: ClusterIP ``` diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml index acc9dd60..dd725fef 100644 --- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -20,5 +20,5 @@ spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None - type: NodePort + type: {{ .Values.server.ingressGrpc.awsALB.serviceType }} {{- end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8ffcdaea..6edc9201 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -611,6 +611,15 @@ server: labels: {} ingressClassName: "" + ## Service Type if isAWSALB is set to true + ## Can be of type NodePort or ClusterIP depending on which mode you are + ## are running. Instance mode needs type NodePort, IP mode needs type + ## ClusterIP + ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic + ## + awsALB: + serviceType: NodePort + ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace From 1dad68d4f433ba73f518b6a3b7c8f883970d1b1f Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 13 Aug 2021 18:37:06 +0200 Subject: [PATCH 0041/1248] Mount emptDir for /tmp and add extraVolumes support (#866) Signed-off-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 7 +++---- charts/argocd-applicationset/README.md | 2 ++ charts/argocd-applicationset/templates/deployment.yaml | 10 ++++++++++ charts/argocd-applicationset/values.yaml | 9 +++++++++ 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index b91b1441..c93d4cef 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.0.0 +version: 1.1.0 appVersion: "v0.1.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,6 +14,5 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Removed]: CRD installation via templates folder. CRDs are now only handled via the '/crds' folder in the same way like the ArgoCD chart." - - "[Removed]: Exclude '/ci' folder from being packaged into the final chart archive." - - "[Changed]: Fix icon url" + - "[Added]: /tmp is an emptyDir now (enables users to use readOnlyRootFilesystem)" + - "[Added]: Ability to add extraVolumes and extraVolumeMounts" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index 0b59414b..0996b234 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -65,6 +65,8 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | args.policy | string | `sync` | How application is synced between the generator and the cluster | | args.debug | bool | `false` | Print debug logs | | args.dryRun | bool | `false` | Enable dry run mode | +| extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | +| extraVolumes | list | `[]` | List of extra volumes to add | | fullnameOverride | string | `""` | Override the default fully qualified app name | | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. | diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index 4840bd65..beb34680 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -50,6 +50,8 @@ spec: resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: + - mountPath: /tmp + name: tmp-dir {{- if .Values.mountSSHKnownHostsVolume }} - mountPath: /app/config/ssh name: ssh-known-hosts @@ -66,7 +68,12 @@ spec: - mountPath: /app/config/gpg/keys name: gpg-keyring {{- end }} + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} volumes: + - emptyDir: {} + name: tmp-dir {{- if .Values.mountSSHKnownHostsVolume }} - configMap: name: argocd-ssh-known-hosts-cm @@ -86,6 +93,9 @@ spec: - emptyDir: {} name: gpg-keyring {{- end }} + {{- with .Values.extraVolumes }} + {{- toYaml . | nindent 6 }} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index ac4b3bd9..e5b12272 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -75,3 +75,12 @@ mountSSHKnownHostsVolume: true mountTLSCertsVolume: true mountGPGKeysVolume: false mountGPGKeyringVolume: true + +# -- List of extra mounts to add (normally used with extraVolumes) +extraVolumeMounts: [] + # - mountPath: /tmp/foobar + # name: foobar +# -- List of extra volumes to add +extraVolumes: [] + # - name: foobar + # emptyDir: {} From a795074dd1e25a4b8c666e5579344b04620d5314 Mon Sep 17 00:00:00 2001 From: Christian Strack Date: Fri, 13 Aug 2021 22:15:02 +0200 Subject: [PATCH 0042/1248] feat(argo-cd): Add support for aggregation clusterroles (#865) * feat(argo-cd): Add support for aggregation clusterroles * feat: Add support for aggregation clusterroles Signed-off-by: Christian Strack * fix(argo-cd): Remove redundant whitespace from README.md Signed-off-by: Christian Strack Co-authored-by: Marko Bevc * fix(argo-cd): Remove component labels from aggregation roles Signed-off-by: Christian Strack Co-authored-by: Marco Kilchhofer * fix(argo-cd): Use value `createAggregateRoles` to control role creation * fix: Use value `createAggregateRoles` to control role creation * bump version to 3.12.0 * update chart README.md accordingly Signed-off-by: Christian Strack Co-authored-by: Marko Bevc Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 1 + .../templates/argocd-aggregate-roles.yaml | 67 +++++++++++++++++++ charts/argo-cd/values.yaml | 4 ++ 4 files changed, 74 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-aggregate-roles.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 90cde221..2def2ed8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.11.5 +version: 3.12.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Can't login when using configs.secret.argocdServerAdminPassword" + - "[Added]: Support for aggregation clusterroles" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5672d677..c73299f9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -148,6 +148,7 @@ NAME: my-release | fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | | apiVersionOverrides.certmanager | String to override apiVersion of certmanager resources rendered by this helm chart | `""` | | apiVersionOverrides.ingress | String to override apiVersion of ingresses rendered by this helm chart | `""` | +| createAggregateRoles | Create clusterroles that extend aggregated roles to use argo-cd crds | `false` | | configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | | configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` | | configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) | diff --git a/charts/argo-cd/templates/argocd-aggregate-roles.yaml b/charts/argo-cd/templates/argocd-aggregate-roles.yaml new file mode 100644 index 00000000..d11329a3 --- /dev/null +++ b/charts/argo-cd/templates/argocd-aggregate-roles.yaml @@ -0,0 +1,67 @@ +{{- if .Values.createAggregateRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.fullname" . }}-aggregate-to-view + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +rules: +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - get + - list + - watch + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.fullname" . }}-aggregate-to-edit + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +rules: +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.fullname" . }}-aggregate-to-admin + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +rules: +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6edc9201..4a6172ef 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -31,6 +31,10 @@ apiVersionOverrides: certmanager: "" # cert-manager.io/v1 ingress: "" # networking.k8s.io/v1beta1 +## Create clusterroles that extend existing clusterroles to interact with argo-cd crds +## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles +createAggregateRoles: false + ## Controller controller: name: application-controller From d0efbc458a65bc56b432b989d03090e01096216f Mon Sep 17 00:00:00 2001 From: Thomas Petit Date: Sat, 14 Aug 2021 13:03:26 +0200 Subject: [PATCH 0043/1248] fix(argo-cd): Fix (full)nameOverride redis-ha sub-chart (#725) Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2def2ed8..322cd0c0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.0.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.12.0 +version: 3.12.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support for aggregation clusterroles" + - "[Fixed]: redis-ha.nameOverride / redis-ha.fullnameOverride breaks the ArgoCD helm chart" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index c5d2adab..be2927c2 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -42,10 +42,11 @@ Create dex name and version as used by the chart label. Create redis name and version as used by the chart label. */}} {{- define "argo-cd.redis.fullname" -}} -{{ $redisHa := (index .Values "redis-ha") }} +{{- $redisHa := (index .Values "redis-ha") -}} +{{- $redisHaContext := dict "Chart" (dict "Name" "redis-ha") "Release" .Release "Values" $redisHa -}} {{- if $redisHa.enabled -}} {{- if $redisHa.haproxy.enabled -}} - {{- printf "%s-redis-ha-haproxy" .Release.Name | trunc 63 | trimSuffix "-" -}} + {{- printf "%s-haproxy" (include "redis-ha.fullname" $redisHaContext) | trunc 63 | trimSuffix "-" -}} {{- end -}} {{- else -}} {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.redis.name | trunc 63 | trimSuffix "-" -}} From 879453808c9ada59d758200fe2bf2170dde1804d Mon Sep 17 00:00:00 2001 From: Wylie Hobbs Date: Mon, 16 Aug 2021 09:23:02 -0600 Subject: [PATCH 0044/1248] feat(argo-cd): Add argocd image updater (#477) * Add argocd-image-updater chart Signed-off-by: Wylie Hobbs * Add maintainers Signed-off-by: Wylie Hobbs * update rbac and chart metadata Signed-off-by: Wylie Hobbs * fix chompstyle Signed-off-by: Wylie Hobbs * add README/template with helm-docs Signed-off-by: Wylie Hobbs * Use correct icon url and use a generic maintainer section Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/.helmignore | 23 ++++ charts/argocd-image-updater/Chart.yaml | 18 ++++ charts/argocd-image-updater/README.md | 86 +++++++++++++++ charts/argocd-image-updater/README.md.gotmpl | 58 ++++++++++ .../templates/_helpers.tpl | 63 +++++++++++ .../templates/configmap.yaml | 13 +++ .../templates/deployment.yaml | 95 ++++++++++++++++ .../argocd-image-updater/templates/rbac.yaml | 48 +++++++++ .../templates/serviceaccount.yaml | 12 +++ charts/argocd-image-updater/values.yaml | 102 ++++++++++++++++++ 10 files changed, 518 insertions(+) create mode 100644 charts/argocd-image-updater/.helmignore create mode 100644 charts/argocd-image-updater/Chart.yaml create mode 100644 charts/argocd-image-updater/README.md create mode 100644 charts/argocd-image-updater/README.md.gotmpl create mode 100644 charts/argocd-image-updater/templates/_helpers.tpl create mode 100644 charts/argocd-image-updater/templates/configmap.yaml create mode 100644 charts/argocd-image-updater/templates/deployment.yaml create mode 100644 charts/argocd-image-updater/templates/rbac.yaml create mode 100644 charts/argocd-image-updater/templates/serviceaccount.yaml create mode 100644 charts/argocd-image-updater/values.yaml diff --git a/charts/argocd-image-updater/.helmignore b/charts/argocd-image-updater/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/argocd-image-updater/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml new file mode 100644 index 00000000..1ace2616 --- /dev/null +++ b/charts/argocd-image-updater/Chart.yaml @@ -0,0 +1,18 @@ +apiVersion: v2 +name: argocd-image-updater +description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD +type: application +version: 0.1.0 +appVersion: v0.10.1 +home: https://github.com/argoproj-labs/argocd-image-updater +icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png +keywords: + - argoproj + - argocd + - gitops +maintainers: + - name: argoproj + url: https://argoproj.github.io/ +annotations: + artifacthub.io/changes: | + - "[Added]: First chart release" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md new file mode 100644 index 00000000..d3440dd6 --- /dev/null +++ b/charts/argocd-image-updater/README.md @@ -0,0 +1,86 @@ +# argocd-image-updater + +A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD + +To regenerate this document, from the root of this chart directory run: +```shell +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + +## Installation + +```console +helm repo add argo https://argoproj.github.io/argo-helm +helm install argocd-image-updater argo/argocd-image-updater +``` + +You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). + +## TODO + +- Automate setting up the ArgoCD API Authentication user/secret using a Helm Hook or something. + +## Prerequisites + +* Helm v3.0.0+ + +## Configuration options + +In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags). + +All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your ArgoCD instance is setup, are set in the `config.argocd` values block. For instance: + +```yaml +config: + argocd: + grpcWeb: false + serverAddress: "http://argocd.argo" + insecure: true + plaintext: true +``` + +Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. + +### Registries + +ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): + +- Docker Hub +- Google Container Registry +- RedHat Quay +- GitHub Container Registry +- GitHub Docker Packages + +If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. + +The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | Kubernetes affinity settings for the deployment | +| config.argocd.grpcWeb | bool | `true` | Use the gRPC-web protocol to connect to the Argo CD API | +| config.argocd.insecure | bool | `false` | If specified, the certificate of the Argo CD API server is not verified. | +| config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. | +| config.argocd.serverAddress | string | `""` | Connect to the Argo CD API server at server address | +| config.logLevel | string | `"info"` | ArgoCD Image Update log level | +| config.registries | list | `[]` | ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | +| extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in config.argocd | +| fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | +| image.pullPolicy | string | `"Always"` | Default image pull policy | +| image.repository | string | `"argoprojlabs/argocd-image-updater"` | Default image repository | +| image.tag | string | `"v0.10.1"` | Default image tag | +| imagePullSecrets | list | `[]` | ImagePullSecrets for the image updater deployment | +| nameOverride | string | `""` | Global name (argocd-image-updater.name in _helpers.tpl) override | +| nodeSelector | object | `{}` | Kubernetes nodeSelector settings for the deployment | +| podAnnotations | object | `{}` | Pod Annotations for the deployment | +| podSecurityContext | object | `{}` | Pod security context settings for the deployment | +| rbac.enabled | bool | `true` | Enable RBAC creation | +| replicaCount | int | `1` | Replica count for the deployment. It is not advised to run more than one replica. | +| resources | object | `{}` | Pod memory and cpu resource settings for the deployment | +| securityContext | object | `{}` | Security context settings for the deployment | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| tolerations | list | `[]` | Kubernetes toleration settings for the deployment | diff --git a/charts/argocd-image-updater/README.md.gotmpl b/charts/argocd-image-updater/README.md.gotmpl new file mode 100644 index 00000000..eab46779 --- /dev/null +++ b/charts/argocd-image-updater/README.md.gotmpl @@ -0,0 +1,58 @@ +{{ template "chart.header" . }} + +{{ template "chart.description" . }} + +To regenerate this document, from the root of this chart directory run: +```shell +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + +## Installation + +```console +helm repo add argo https://argoproj.github.io/argo-helm +helm install argocd-image-updater argo/argocd-image-updater +``` + +You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). + +## TODO + +- Automate setting up the ArgoCD API Authentication user/secret using a Helm Hook or something. + +## Prerequisites + +* Helm v3.0.0+ + +## Configuration options + +In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags). + +All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your ArgoCD instance is setup, are set in the `config.argocd` values block. For instance: + +```yaml +config: + argocd: + grpcWeb: false + serverAddress: "http://argocd.argo" + insecure: true + plaintext: true +``` + +Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. + +### Registries + +ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): + +- Docker Hub +- Google Container Registry +- RedHat Quay +- GitHub Container Registry +- GitHub Docker Packages + +If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. + +The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. + +{{ template "chart.valuesSection" . }} diff --git a/charts/argocd-image-updater/templates/_helpers.tpl b/charts/argocd-image-updater/templates/_helpers.tpl new file mode 100644 index 00000000..5c0be1da --- /dev/null +++ b/charts/argocd-image-updater/templates/_helpers.tpl @@ -0,0 +1,63 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "argocd-image-updater.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "argocd-image-updater.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "argocd-image-updater.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "argocd-image-updater.labels" -}} +helm.sh/chart: {{ include "argocd-image-updater.chart" . }} +{{ include "argocd-image-updater.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "argocd-image-updater.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argocd-image-updater.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "argocd-image-updater.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "argocd-image-updater.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml new file mode 100644 index 00000000..dab468a2 --- /dev/null +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + name: argocd-image-updater-config +data: + registries.conf: | + {{- with .Values.config.registries }} + registries: + {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml new file mode 100644 index 00000000..cfc350ec --- /dev/null +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -0,0 +1,95 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "argocd-image-updater.fullname" . }} + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "argocd-image-updater.selectorLabels" . | nindent 6 }} + template: + metadata: + annotations: + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + {{- include "argocd-image-updater.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argocd-image-updater.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + command: + - /usr/local/bin/argocd-image-updater + - run + {{- with .Values.extraArgs }} + {{- toYaml . | nindent 12 }} + {{- end }} + env: + - name: ARGOCD_GRPC_WEB + value: {{ .Values.config.argocd.grpcWeb | quote }} + - name: ARGOCD_SERVER + value: {{ .Values.config.argocd.serverAddress }} + - name: ARGOCD_INSECURE + value: {{ .Values.config.argocd.insecure | quote }} + - name: ARGOCD_PLAINTEXT + value: {{ .Values.config.argocd.plaintext | quote }} + - name: ARGOCD_TOKEN + valueFrom: + secretKeyRef: + key: argocd.token + name: argocd-image-updater-secret + optional: true + - name: IMAGE_UPDATER_LOGLEVEL + value: {{ .Values.config.logLevel }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: 8080 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 3 + periodSeconds: 30 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 3 + periodSeconds: 30 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - mountPath: /app/config + name: registries-conf + volumes: + - configMap: + items: + - key: registries.conf + path: registries.conf + name: argocd-image-updater-config + name: registries-conf + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argocd-image-updater/templates/rbac.yaml b/charts/argocd-image-updater/templates/rbac.yaml new file mode 100644 index 00000000..cb508a43 --- /dev/null +++ b/charts/argocd-image-updater/templates/rbac.yaml @@ -0,0 +1,48 @@ +{{- if .Values.rbac.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + {{ include "argocd-image-updater.labels" . | nindent 4 }} + name: {{ include "argocd-image-updater.fullname" . }} +rules: + - apiGroups: + - '' + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - argoproj.io + resources: + - applications + verbs: + - get + - list + - update + - patch + - apiGroups: + - "" + resources: + - events + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + {{ include "argocd-image-updater.labels" . | nindent 4 }} + name: {{ include "argocd-image-updater.fullname" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "argocd-image-updater.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "argocd-image-updater.serviceAccountName" . }} +{{- end }} diff --git a/charts/argocd-image-updater/templates/serviceaccount.yaml b/charts/argocd-image-updater/templates/serviceaccount.yaml new file mode 100644 index 00000000..c208ee69 --- /dev/null +++ b/charts/argocd-image-updater/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "argocd-image-updater.serviceAccountName" . }} + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml new file mode 100644 index 00000000..f939137c --- /dev/null +++ b/charts/argocd-image-updater/values.yaml @@ -0,0 +1,102 @@ +# -- Replica count for the deployment. It is not advised to run more than one replica. +replicaCount: 1 +image: + # -- Default image repository + repository: argoprojlabs/argocd-image-updater + # -- Default image pull policy + pullPolicy: Always + # -- Default image tag + tag: v0.10.1 + +# -- ImagePullSecrets for the image updater deployment +imagePullSecrets: [] +# -- Global name (argocd-image-updater.name in _helpers.tpl) override +nameOverride: "" +# -- Global fullname (argocd-image-updater.fullname in _helpers.tpl) override +fullnameOverride: "" + +# -- Extra arguments for argocd-image-updater not defined in config.argocd +extraArgs: [] + # - --disable-kubernetes + # - --dry-run + # - --health-port 8080 + # - --interval 2m + # - --kubeconfig ~/.kube/config + # - --match-application-name staging-* + # - --max-concurrency 5 + # - --once + # - --registries-conf-path /app/config/registries.conf + +config: + # Described in detail here https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags + argocd: + # -- Use the gRPC-web protocol to connect to the Argo CD API + grpcWeb: true + # -- Connect to the Argo CD API server at server address + serverAddress: "" + # -- If specified, the certificate of the Argo CD API server is not verified. + insecure: false + # -- If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. + plaintext: false + + # -- ArgoCD Image Update log level + logLevel: "info" + + # -- ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) + registries: [] + # - name: Docker Hub + # api_url: https://registry-1.docker.io + # ping: yes + # credentials: secret:foo/bar#creds + # defaultns: library + # - name: Google Container Registry + # api_url: https://gcr.io + # prefix: gcr.io + # ping: no + # credentials: pullsecret:foo/bar + # - name: RedHat Quay + # api_url: https://quay.io + # ping: no + # prefix: quay.io + # credentials: env:REGISTRY_SECRET + +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +# -- Pod Annotations for the deployment +podAnnotations: {} + +# -- Pod security context settings for the deployment +podSecurityContext: {} + # fsGroup: 2000 + +# -- Security context settings for the deployment +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +rbac: + # -- Enable RBAC creation + enabled: true + +# -- Pod memory and cpu resource settings for the deployment +resources: {} + +# -- Kubernetes nodeSelector settings for the deployment +nodeSelector: {} + +# -- Kubernetes toleration settings for the deployment +tolerations: [] + +# -- Kubernetes affinity settings for the deployment +affinity: {} From 3053af0500b942df4f0759ad29553b2938882c86 Mon Sep 17 00:00:00 2001 From: cskh Date: Mon, 16 Aug 2021 11:27:24 -0400 Subject: [PATCH 0045/1248] feat(argo-rollouts): add dashboard (#798) * feat(argo-rollouts): add dashboard deployment and service credit: the implemention is inspired by the work from Andrii Perenesenko . Signed-off-by: Hui Kang * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Add components to selectlabels Signed-off-by: Hui Kang * Bump major version and add upgrading note Signed-off-by: Hui Kang * fix: Documentation on dashboard values, change annotations Signed-off-by: Hui Kang * feat: Enable dashboard during chart testing Signed-off-by: Marco Kilchhofer Co-authored-by: Hui Kang Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/.helmignore | 1 + charts/argo-rollouts/Chart.yaml | 5 +- charts/argo-rollouts/README.md | 24 ++++++++ charts/argo-rollouts/ci/test-values.yaml | 2 + .../templates/argo-rollouts-deployment.yaml | 2 + .../argo-rollouts-metrics-service.yaml | 5 +- .../templates/dashboard/clusterrole.yaml | 58 ++++++++++++++++++ .../dashboard/clusterrolebinding.yaml | 17 ++++++ .../templates/dashboard/deployment.yaml | 59 +++++++++++++++++++ .../argo-rollouts/templates/dashboard/sa.yaml | 13 ++++ .../templates/dashboard/service.yaml | 22 +++++++ charts/argo-rollouts/values.yaml | 25 ++++++++ 12 files changed, 228 insertions(+), 5 deletions(-) create mode 100644 charts/argo-rollouts/ci/test-values.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/clusterrole.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/deployment.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/sa.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/service.yaml diff --git a/charts/argo-rollouts/.helmignore b/charts/argo-rollouts/.helmignore index f0c13194..b4af6c20 100644 --- a/charts/argo-rollouts/.helmignore +++ b/charts/argo-rollouts/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +ci/ diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c92e4c62..7bdb6ea9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.4 +version: 2.0.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,5 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing liveness and readiness probes" - - "[Changed]: Fix icon url" + - "[Added]: Dashboard manifests" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 8916a86c..9fcd862a 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -25,6 +25,9 @@ $ helm repo add argo https://argoproj.github.io/argo-helm $ helm install my-release argo/argo-rollouts ``` +If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-rollouts dashboard by +`kubectl port-forward service/argo-rollouts-dashboard 31000:3100` and pointing the browser to `localhost:31000` + ## Chart Values | Key | Type | Default | Description | @@ -53,9 +56,30 @@ $ helm install my-release argo/argo-rollouts | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | | containerSecurityContext | object | `{}` | Security Context to set on container level | +| dashboard.enabled | bool | `false` | Deploy dashboard server | +| dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` | +| dashboard.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| dashboard.image.registry | string | `quay.io` | Registry to use | +| dashboard.image.repository | string | `"argoproj/kubectl-argo-rollouts"` | Repository to use | +| dashboard.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | +| dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | +| dashboard.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | +| dashboard.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | +| dashboard.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | +| dashboard.podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | +| dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | +| dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | +| dashboard.serviceAccount.annotations | object | `{}` | Annotations to add to the dashboard service account | +| dashboard.serviceAccount.name | string | `""` | The name of the dashboard service account to use. If not set and create is true, a name is generated using the fullname template | ## Upgrading +### To 2.0.0 + +* The argo-rollouts dashboard is added to the template and can be enabled by setting `dashboard.enabled=true`. +* There is a breaking change where the selector label `app.kubernetes.io/component: {{ .Values.controller.component }}` is added to rollout's deployment and service in order to distinguish between the controller and the dashboard component. + To upgrade an existing installation, please **add the `--force` parameter** to the `helm upgrade` command or **delete the Deployment and Service resource** before you upgrade. This is necessary because Deployment's label selector is immutable. + ### To 1.0.0 * This is a breaking change which only supports Helm v3.0.0+ now. If you still use Helm v2, please consider upgrading because v2 is EOL since November 2020. diff --git a/charts/argo-rollouts/ci/test-values.yaml b/charts/argo-rollouts/ci/test-values.yaml new file mode 100644 index 00000000..7ea0c4c8 --- /dev/null +++ b/charts/argo-rollouts/ci/test-values.yaml @@ -0,0 +1,2 @@ +dashboard: + enabled: true diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index 4acb0cee..71d73352 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -8,6 +8,7 @@ metadata: spec: selector: matchLabels: + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} strategy: type: Recreate @@ -19,6 +20,7 @@ spec: {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ .Values.controller.component }} {{- range $key, $value := .Values.podLabels }} {{ $key }}: {{ $value | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index 6f2c975f..5e380347 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -4,7 +4,7 @@ kind: Service metadata: name: {{ include "argo-rollouts.fullname" . }}-metrics labels: - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} {{- with .Values.serviceAnnotations }} annotations: @@ -17,5 +17,6 @@ spec: port: 8090 targetPort: 8090 selector: - {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml new file mode 100644 index 00000000..071ba962 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -0,0 +1,58 @@ +{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +rules: + - apiGroups: + - argoproj.io + resources: + - rollouts + - rollouts/status + - rollouts/finalizers + verbs: + - get + - list + - watch + - update + - patch + - apiGroups: + - argoproj.io + resources: + - analysisruns + - analysisruns/finalizers + - experiments + - experiments/finalizers + verbs: + - create + - get + - list + - watch + - apiGroups: + - argoproj.io + resources: + - analysistemplates + - clusteranalysistemplates + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - replicasets + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - watch +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml new file mode 100644 index 00000000..331fbe4e --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "argo-rollouts.fullname" . }}-dashboard +subjects: +- kind: ServiceAccount + name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml new file mode 100644 index 00000000..48364587 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -0,0 +1,59 @@ +{{- if .Values.dashboard.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ .Values.dashboard.component }} + strategy: + type: Recreate + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- range $key, $value := .Values.podLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + containers: + - image: "{{ .Values.dashboard.image.registry }}/{{ .Values.dashboard.image.repository }}:{{ default .Chart.AppVersion .Values.dashboard.image.tag }}" + imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }} + name: argo-rollouts-dashboard + ports: + - containerPort: 3100 + name: dashboard + securityContext: + {{- toYaml .Values.dashboard.containerSecurityContext | nindent 10 }} + resources: + {{- toYaml .Values.dashboard.resources | nindent 10 }} + {{- if .Values.dashboard.nodeSelector }} + nodeSelector: + {{- toYaml .Values.dashboard.nodeSelector | nindent 8 }} + {{- end }} + securityContext: + {{- toYaml .Values.dashboard.podSecurityContext | nindent 8 }} + {{- if .Values.dashboard.tolerations }} + tolerations: + {{- toYaml .Values.dashboard.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.dashboard.affinity }} + affinity: + {{- toYaml .Values.dashboard.affinity | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-rollouts/templates/dashboard/sa.yaml b/charts/argo-rollouts/templates/dashboard/sa.yaml new file mode 100644 index 00000000..ff0c7300 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/sa.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.dashboard.enabled .Values.dashboard.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.dashboard.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml new file mode 100644 index 00000000..d2bd432b --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -0,0 +1,22 @@ +{{- if .Values.dashboard.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.serviceAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ports: + - name: dashboard + protocol: TCP + port: 3100 + targetPort: 3100 + selector: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e52e8902..4c288b98 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -94,3 +94,28 @@ podLabels: {} # Secrets with credentials to pull images from a private registry imagePullSecrets: [] # - name: argo-pull-secret + +dashboard: + enabled: false + component: rollouts-dashboard + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + image: + registry: quay.io + repository: argoproj/kubectl-argo-rollouts + tag: "" + pullPolicy: IfNotPresent + resources: {} + podSecurityContext: + runAsNonRoot: true + containerSecurityContext: {} + serviceAccount: + create: true + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" From 04cbf217aebe9ce3e847b277ecb4c25eb95fbf2d Mon Sep 17 00:00:00 2001 From: Matt Carr <39928231+matt-carr@users.noreply.github.com> Date: Tue, 17 Aug 2021 03:30:43 -0400 Subject: [PATCH 0046/1248] feat(argo-workflows): Bump appVersion to 3.1.5 (#831) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Bump appVersion to 3.1.0 Signed-off-by: Matt Carr * Update charts/argo-workflows/Chart.yaml Co-authored-by: Oliver Bähler Signed-off-by: Matt Carr * Fix conflicts with upstream Signed-off-by: Matt Carr * Update changelog annotations and bump minor version Signed-off-by: Marco Kilchhofer Co-authored-by: Oliver Bähler Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 6 +++--- scripts/lint.sh | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6534fbe8..8f02996f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.3.0 -appVersion: "v3.0.7" +version: 0.4.0 +appVersion: "v3.1.5" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Support for extraContainers in controller/server" + - "[Changed]: Bump appVersion to 3.1.5" diff --git a/scripts/lint.sh b/scripts/lint.sh index 1f0e9104..2a4e8c9f 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -10,7 +10,7 @@ docker run \ -v "$SRCROOT:/workdir" \ --entrypoint /bin/sh \ quay.io/helmpack/chart-testing:v3.3.1 \ - -c cd /workdir \ + -c cd /workdir \ ct lint \ --config .github/configs/ct-lint.yaml \ --lint-conf .github/configs/lintconf.yaml \ From 1b64b58062374ccbd83fedca10d919b555db1039 Mon Sep 17 00:00:00 2001 From: shortsn Date: Tue, 17 Aug 2021 11:12:51 +0200 Subject: [PATCH 0047/1248] feat(argocd-notifications): Add example for defaultTriggers (#871) * extending chart by optional defaultTriggers Signed-off-by: shortsn * #871 adjustments according review comments Signed-off-by: shortsn * #871 rework using existing field Signed-off-by: shortsn * #871 fixing linebreaks Signed-off-by: shortsn * #871 adjusting version Signed-off-by: shortsn --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/values.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 81fc8e5c..0c17c3d6 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.1 +version: 1.4.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Added]: Initialize Changelog" + - "[Added]: Example for 'defaultTriggers'" diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index ff5ca14d..fe6857b7 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -346,6 +346,10 @@ triggers: # send: # - app-sync-succeeded # when: app.status.operationState.phase in ['Succeeded'] + # + # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers + # defaultTriggers: | + # - on-sync-status-unknown bots: # For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ From de3cbd960eb72b677f751d49dee370e7c0d0e476 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 18 Aug 2021 11:31:24 +0200 Subject: [PATCH 0048/1248] chore: Convert issue templates to issue forms (#875) Signed-off-by: Marco Kilchhofer --- .github/ISSUE_TEMPLATE/bug_report.md | 27 ------------- .github/ISSUE_TEMPLATE/bug_report.yaml | 45 +++++++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 20 --------- .github/ISSUE_TEMPLATE/feature_request.yaml | 35 ++++++++++++++++ 4 files changed, 80 insertions(+), 47 deletions(-) delete mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yaml delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yaml diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md deleted file mode 100644 index 816593c4..00000000 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -name: Bug report -about: Create a report to help us improve -title: '' -labels: 'bug' -assignees: '' - ---- - -**Describe the bug** -A clear and concise description of what the bug is. - -**To Reproduce** -Steps to reproduce the behavior: -1. Go to '...' -2. Click on '....' -3. Scroll down to '....' -4. See error - -**Expected behavior** -A clear and concise description of what you expected to happen. - -**Screenshots** -If applicable, add screenshots to help explain your problem. - -**Additional context** -Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml new file mode 100644 index 00000000..5db1fbc3 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yaml @@ -0,0 +1,45 @@ +--- +name: Bug report +description: Create a report to help us improve +labels: +- bug +body: +- type: textarea + attributes: + label: Describe the bug + description: A clear and concise description of what the bug is. + validations: + required: true + +- type: textarea + attributes: + label: To Reproduce + description: Steps to reproduce the behavior + placeholder: | + 1. Go to '...' + 2. Click on '....' + 3. Scroll down to '....' + 4. See error + validations: + required: true + +- type: textarea + attributes: + label: Expected behavior + description: A clear and concise description of what you expected to happen. + validations: + required: true + +- type: textarea + attributes: + label: Screenshots + description: If applicable, add screenshots to help explain your problem. + validations: + required: false + +- type: textarea + attributes: + label: Additional context + description: Add any other context about the problem here. + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md deleted file mode 100644 index 36014cde..00000000 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: Feature request -about: Suggest an idea for this project -title: '' -labels: 'enhancement' -assignees: '' - ---- - -**Is your feature request related to a problem? Please describe.** -A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] - -**Describe the solution you'd like** -A clear and concise description of what you want to happen. - -**Describe alternatives you've considered** -A clear and concise description of any alternative solutions or features you've considered. - -**Additional context** -Add any other context or screenshots about the feature request here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml new file mode 100644 index 00000000..2ff5ab68 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yaml @@ -0,0 +1,35 @@ +--- +name: Feature request +description: Suggest an idea for this project +labels: +- enhancement +body: +- type: textarea + attributes: + label: Is your feature request related to a problem? + description: A clear and concise description of what the problem is. Please describe. + placeholder: | + Ex. I'm always frustrated when [...] + validations: + required: false + +- type: textarea + attributes: + label: Describe the solution you'd like + description: A clear and concise description of what you want to happen. + validations: + required: true + +- type: textarea + attributes: + label: Describe alternatives you've considered + description: A clear and concise description of any alternative solutions or features you've considered. + validations: + required: false + +- type: textarea + attributes: + label: Additional context + description: Add any other context or screenshots about the feature request here. + validations: + required: false From bc16a275c4f8adc8894a480bb6962d4898ded467 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 18 Aug 2021 12:01:51 +0200 Subject: [PATCH 0049/1248] fix(argocd-notifications): Use correct chart icon url (#872) Signed-off-by: Marco Kilchhofer Co-authored-by: David J. M. Karlsen --- charts/argocd-notifications/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 0c17c3d6..0ae4fff0 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,9 +3,9 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.2 +version: 1.4.3 home: https://github.com/argoproj/argo-helm -icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png +icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: - argoproj - argocd @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Added]: Example for 'defaultTriggers'" + - "[Fixed]: Use correct chart icon url" From b73566058d4f2d4e6e4503c879c7138b57255ce6 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 18 Aug 2021 14:09:29 +0200 Subject: [PATCH 0050/1248] chore: Migrate old probot stale config to github actions (#877) Signed-off-by: Marco Kilchhofer --- .github/stale.yaml | 17 ----------------- .github/workflows/stale.yml | 20 ++++++++++++++++++-- 2 files changed, 18 insertions(+), 19 deletions(-) delete mode 100644 .github/stale.yaml diff --git a/.github/stale.yaml b/.github/stale.yaml deleted file mode 100644 index d9f65632..00000000 --- a/.github/stale.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Number of days of inactivity before an issue becomes stale -daysUntilStale: 60 -# Number of days of inactivity before a stale issue is closed -daysUntilClose: 7 -# Issues with these labels will never be considered stale -exemptLabels: - - pinned - - security -# Label to use when marking an issue as stale -staleLabel: wontfix -# Comment to post when marking an issue as stale. Set to `false` to disable -markComment: > - This issue has been automatically marked as stale because it has not had - recent activity. It will be closed if no further activity occurs. Thank you - for your contributions. -# Comment to post when closing a stale issue. Set to `false` to disable -closeComment: false \ No newline at end of file diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 8b16dff4..03965cc5 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -1,3 +1,4 @@ +## Reference: https://github.com/actions/stale name: Mark stale issues and pull requests on: schedule: @@ -9,7 +10,22 @@ jobs: - uses: actions/stale@v3 with: repo-token: ${{ secrets.GITHUB_TOKEN }} - stale-issue-message: 'Stale issue message' - stale-pr-message: 'Stale pull request message' + # Number of days of inactivity before an issue becomes stale + days-before-stale: 60 + # Number of days of inactivity before a stale issue is closed + days-before-close: 7 + # Issues with these labels will never be considered stale + exempt-issue-labels: "on-hold,pinned,security" + exempt-pr-labels: "on-hold,pinned,security" + # Comment to post when marking an issue as stale. + stale-issue-message: > + This issue has been automatically marked as stale because it has not had + recent activity. It will be closed if no further activity occurs. Thank you + for your contributions. + stale-pr-message: > + This pull request has been automatically marked as stale because it has not had + recent activity. It will be closed if no further activity occurs. Thank you + for your contributions. + # Label to use when marking an issue as stale stale-issue-label: 'no-issue-activity' stale-pr-label: 'no-pr-activity' From fa7ba522e0c4ed17e1a114cdc3e02e3471c11015 Mon Sep 17 00:00:00 2001 From: Rein van 't Veer Date: Fri, 20 Aug 2021 18:24:23 +0200 Subject: [PATCH 0051/1248] fix(argo-workflows): Fix typo reported in #876 (#881) * fix typo. Fixes #876 Signed-off-by: reinvantveer * change notes and version bump Signed-off-by: reinvantveer * fix typos in role and service account Signed-off-by: reinvantveer * update change notes Signed-off-by: reinvantveer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/controller/workflow-rb.yaml | 2 +- charts/argo-workflows/templates/controller/workflow-role.yaml | 2 +- charts/argo-workflows/templates/controller/workflow-sa.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8f02996f..7198f79c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.4.0 +version: 0.4.1 appVersion: "v3.1.5" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Bump appVersion to 3.1.5" + - "[Fixed]: Fix typos in Workflows RBAC settings" diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 004d40d0..67f22504 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 4ca10e8e..66ad9328 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 2ea64771..7c76585a 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.serviceAccount.create -}} - {{- range $namespace := or .Values.singeNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} --- apiVersion: v1 kind: ServiceAccount From 11ec82596b5a62ba9d7c974c1a25aede739437b2 Mon Sep 17 00:00:00 2001 From: Peter Smit Date: Mon, 23 Aug 2021 14:13:15 +0300 Subject: [PATCH 0052/1248] feat(argo-workflows): Bump appVersion to 3.1.8 (#879) Co-authored-by: David J. M. Karlsen --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 7198f79c..6a8e00b8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.4.1 -appVersion: "v3.1.5" +version: 0.4.2 +appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Fix typos in Workflows RBAC settings" + - "[Changed]: Bump appVersion to 3.1.8" From 9b6802b3c93885b1905ec222ede64700cf875bef Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Mon, 23 Aug 2021 14:13:41 +0200 Subject: [PATCH 0053/1248] fix(argo-cd): Remove ArgoCD repo server entrypoint script from command block and drop --staticassets field (#886) --- charts/argo-cd/Chart.yaml | 7 ++++--- charts/argo-cd/README.md | 4 ++++ .../argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +-- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ---- charts/argo-cd/values.yaml | 6 +----- 5 files changed, 10 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 322cd0c0..0b4ec162 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.0.5 +appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.12.1 +version: 3.13.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: redis-ha.nameOverride / redis-ha.fullnameOverride breaks the ArgoCD helm chart" + - "[Fixed]: Remove ArgoCD Repo Server entrypoint file from command block. Defers to entrypoint defined in the Dockerfile" + - "[Fixed]: Remove deprecated static assets flag" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c73299f9..e9c661bf 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -34,6 +34,10 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 3.13.0 + +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `extraArgs` field + ### 3.10.2 ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 30082b2d..d89440a2 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -40,8 +40,7 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - command: - - uid_entrypoint.sh + args: - argocd-repo-server {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ff86f5ec..3ef5bb62 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -42,10 +42,6 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server - {{ if .Values.server.staticAssets.enabled }} - - --staticassets - - /shared/app - {{ end }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- if .Values.dex.enabled }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4a6172ef..8e637966 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.0.5 + tag: v2.1.0 imagePullPolicy: IfNotPresent securityContext: {} # runAsUser: 999 @@ -435,10 +435,6 @@ server: extraArgs: [] # - --insecure - # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app - staticAssets: - enabled: true - ## Environment variables to pass to argocd-server ## env: [] From 4e8715d527629c7700b762aff8d5462e5af2f976 Mon Sep 17 00:00:00 2001 From: Edward Nys <36994826+enys@users.noreply.github.com> Date: Mon, 23 Aug 2021 14:23:21 +0200 Subject: [PATCH 0054/1248] feat(argocd-applicationset): Bump appVersion to 0.2.0 (#885) Co-authored-by: David J. M. Karlsen --- charts/argocd-applicationset/Chart.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index c93d4cef..f9f599c7 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.1.0 -appVersion: "v0.1.0" +version: 1.2.0 +appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,5 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: /tmp is an emptyDir now (enables users to use readOnlyRootFilesystem)" - - "[Added]: Ability to add extraVolumes and extraVolumeMounts" + - "[Changed]: Bumped argocd-applicationset to 0.2.0" From 3440961aa91f94cf74df9188aabbe92ee6470404 Mon Sep 17 00:00:00 2001 From: Aditya Menon Date: Mon, 23 Aug 2021 15:01:26 +0200 Subject: [PATCH 0055/1248] fix(argo-cd): Update README.md for ArgoCD (#888) --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0b4ec162..90543f56 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.13.0 +version: 3.13.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Remove ArgoCD Repo Server entrypoint file from command block. Defers to entrypoint defined in the Dockerfile" - - "[Fixed]: Remove deprecated static assets flag" + - "[Fixed]: Updated README.md for ArgoCD" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e9c661bf..48676ca7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -36,7 +36,7 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ### 3.13.0 -This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `extraArgs` field +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field ### 3.10.2 From 573a7494d442eca8fea26e3ac3476a7181cf84c9 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 23 Aug 2021 15:05:09 +0200 Subject: [PATCH 0056/1248] Upgrade application-set to version 0.2.0 (#887) Signed-off-by: Petr Drastil --- charts/argocd-applicationset/Chart.yaml | 5 +- .../crds/crd-applicationset.yaml | 5240 ++++++++++++++++- charts/argocd-applicationset/values.yaml | 2 +- 3 files changed, 4942 insertions(+), 305 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index f9f599c7..0796bbef 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.2.0 +version: 1.3.0 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,5 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Changed]: Bumped argocd-applicationset to 0.2.0" + - "[Fixed]: Use new image repository" + - "[Changed]: Updated ApplicationSet CRD" diff --git a/charts/argocd-applicationset/crds/crd-applicationset.yaml b/charts/argocd-applicationset/crds/crd-applicationset.yaml index 734ce34a..9132148a 100644 --- a/charts/argocd-applicationset/crds/crd-applicationset.yaml +++ b/charts/argocd-applicationset/crds/crd-applicationset.yaml @@ -1,8 +1,10 @@ +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.3.0 + creationTimestamp: null name: applicationsets.argoproj.io spec: group: argoproj.io @@ -10,6 +12,9 @@ spec: kind: ApplicationSet listKind: ApplicationSetList plural: applicationsets + shortNames: + - appset + - appsets singular: applicationset scope: Namespaced versions: @@ -38,6 +43,538 @@ spec: items: description: ApplicationSetGenerator include list item info properties: + clusterDecisionResource: + description: DuckType defines a generator to match against clusters + registered with ArgoCD. + properties: + configMapRef: + description: ConfigMapRef is a ConfigMap with the duck type + definitions needed to retreive the data this + includes apiVersion(group/version), kind, matchKey and + validation settings Name is the resource name of the kind, + group and version, defined in the ConfigMapRef RequeueAfterSeconds + is how long before the duckType will be rechecked for + a change + type: string + labelSelector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination is a reference to the target + Kubernetes server and namespace + properties: + name: + description: Name is an alternate way of specifying + the target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' + project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + of the application's manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter that's passed to helm template + during manifest generation + properties: + name: + description: Name is the name of the + Helm parameter + type: string + path: + description: Path is the path to the + file containing the values for the + Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during + manifest generation + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + Helm parameter + type: string + value: + description: Value is the value for + the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values + to be passed to helm template, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize + image override specifications + items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within + the Git repository, and is only valid for + applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + description: Env is a list of environment + variable entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the + variable, usually expressed in uppercase + type: string + value: + description: Value is the value of + the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when and how a + sync will be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff controls how to backoff + on subsequent retries of failed syncs + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + description: Values contains key/value pairs which are passed + directly as parameters to the template + type: object + required: + - configMapRef + type: object clusters: description: ClusterGenerator defines a generator to match against clusters registered with ArgoCD. @@ -102,6 +639,10 @@ spec: additionalProperties: type: string type: object + finalizers: + items: + type: string + type: array labels: additionalProperties: type: string @@ -118,27 +659,29 @@ spec: revision. properties: destination: - description: Destination overrides the kubernetes - server and namespace defined in the environment - ksonnet app.yaml + description: Destination is a reference to the target + Kubernetes server and namespace properties: name: - description: Name of the destination cluster - which can be used instead of server (url) - field + description: Name is an alternate way of specifying + the target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment - namespace value in the ksonnet app.yaml + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace type: string server: - description: Server overrides the environment - server value in the ksonnet app.yaml + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources - fields which should be ignored during comparison + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison items: description: ResourceIgnoreDifferences contains resource filter and list of json paths which @@ -147,6 +690,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -158,12 +705,11 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array info: - description: Infos contains a list of useful information + description: Info contains a list of information (URLs, email addresses, and plain text) that relates to the application items: @@ -178,43 +724,58 @@ spec: type: object type: array project: - description: Project is a application project name. - Empty name means that application belongs to 'default' + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept - in the apps revision history. This should only - be changed in exceptional circumstances. Setting - to zero will store no history. This will reduce - storage used. Increasing will increase the space - used to store the history, so we do not recommend - increasing it. Default is 10. + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. format: int64 type: integer source: description: Source is a reference to the location - ksonnet application definition + of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds - jsonnet specific options + description: Jsonnet holds options specific + to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -237,8 +798,9 @@ spec: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -253,6 +815,8 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests type: boolean type: object helm: @@ -263,24 +827,28 @@ spec: to the helm template items: description: HelmFileParameter is a file - parameter to a helm template + parameter that's passed to helm template + during manifest generation properties: name: description: Name is the name of the - helm parameter + Helm parameter type: string path: - description: Path is the path value - for the helm parameter + description: Path is the path to the + file containing the values for the + Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to - the helm template + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation items: description: HelmParameter is a parameter - to a helm template + that's passed to helm template during + manifest generation properties: forceString: description: ForceString determines @@ -289,17 +857,18 @@ spec: type: boolean name: description: Name is the name of the - helm parameter + Helm parameter type: string value: description: Value is the value for - the helm parameter + the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted - it will use the application name + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name type: string valueFiles: description: ValuesFiles is a list of Helm @@ -308,12 +877,13 @@ spec: type: string type: array values: - description: Values is Helm values, typically + description: Values specifies Helm values + to be passed to helm template, typically defined as a block type: string version: description: Version is the Helm version - to use for templating with + to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -350,50 +920,71 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional - kustomize commonAnnotations + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional - kustomize commonLabels + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean images: - description: Images are kustomize image - overrides + description: Images is a list of Kustomize + image override specifications items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: type: string type: array namePrefix: description: NamePrefix is a prefix appended - to resources for kustomize apps + to resources for Kustomize apps type: string nameSuffix: description: NameSuffix is a suffix appended - to resources for kustomize apps + to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize - version + description: Version controls which version + of Kustomize to use for rendering manifests type: string type: object path: description: Path is a directory path within - the Git repository + the Git repository, and is only valid for + applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment + variable entries items: + description: EnvEntry represents an entry + in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the + variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of + the variable type: string required: - name @@ -404,20 +995,24 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of - the application manifests + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests type: string targetRevision: - description: TargetRevision defines the commit, - tag, or branch in which to sync the application - to. If omitted, will sync to HEAD + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when a sync will - be performed + description: SyncPolicy controls when and how a + sync will be performed properties: automated: description: Automated will keep an application @@ -428,13 +1023,16 @@ spec: zero live resources (default: false)' type: boolean prune: - description: 'Prune will prune resources - automatically as part of automated sync - (default: false)' + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal enables auto-syncing - if (default: false)' + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' type: boolean type: object retry: @@ -442,7 +1040,8 @@ spec: behavior properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff + on subsequent retries of failed syncs properties: duration: description: Duration is the amount @@ -464,7 +1063,8 @@ spec: type: object limit: description: Limit is the maximum number - of attempts when retrying a container + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. format: int64 type: integer type: object @@ -496,6 +1096,8 @@ spec: directories: items: properties: + exclude: + type: boolean path: type: string required: @@ -530,6 +1132,10 @@ spec: additionalProperties: type: string type: object + finalizers: + items: + type: string + type: array labels: additionalProperties: type: string @@ -546,27 +1152,29 @@ spec: revision. properties: destination: - description: Destination overrides the kubernetes - server and namespace defined in the environment - ksonnet app.yaml + description: Destination is a reference to the target + Kubernetes server and namespace properties: name: - description: Name of the destination cluster - which can be used instead of server (url) - field + description: Name is an alternate way of specifying + the target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment - namespace value in the ksonnet app.yaml + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace type: string server: - description: Server overrides the environment - server value in the ksonnet app.yaml + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources - fields which should be ignored during comparison + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison items: description: ResourceIgnoreDifferences contains resource filter and list of json paths which @@ -575,6 +1183,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -586,12 +1198,11 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array info: - description: Infos contains a list of useful information + description: Info contains a list of information (URLs, email addresses, and plain text) that relates to the application items: @@ -606,43 +1217,58 @@ spec: type: object type: array project: - description: Project is a application project name. - Empty name means that application belongs to 'default' + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept - in the apps revision history. This should only - be changed in exceptional circumstances. Setting - to zero will store no history. This will reduce - storage used. Increasing will increase the space - used to store the history, so we do not recommend - increasing it. Default is 10. + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. format: int64 type: integer source: description: Source is a reference to the location - ksonnet application definition + of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds - jsonnet specific options + description: Jsonnet holds options specific + to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -665,8 +1291,9 @@ spec: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -681,6 +1308,8 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests type: boolean type: object helm: @@ -691,24 +1320,28 @@ spec: to the helm template items: description: HelmFileParameter is a file - parameter to a helm template + parameter that's passed to helm template + during manifest generation properties: name: description: Name is the name of the - helm parameter + Helm parameter type: string path: - description: Path is the path value - for the helm parameter + description: Path is the path to the + file containing the values for the + Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to - the helm template + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation items: description: HelmParameter is a parameter - to a helm template + that's passed to helm template during + manifest generation properties: forceString: description: ForceString determines @@ -717,17 +1350,18 @@ spec: type: boolean name: description: Name is the name of the - helm parameter + Helm parameter type: string value: description: Value is the value for - the helm parameter + the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted - it will use the application name + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name type: string valueFiles: description: ValuesFiles is a list of Helm @@ -736,12 +1370,13 @@ spec: type: string type: array values: - description: Values is Helm values, typically + description: Values specifies Helm values + to be passed to helm template, typically defined as a block type: string version: description: Version is the Helm version - to use for templating with + to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -778,50 +1413,71 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional - kustomize commonAnnotations + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional - kustomize commonLabels + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean images: - description: Images are kustomize image - overrides + description: Images is a list of Kustomize + image override specifications items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: type: string type: array namePrefix: description: NamePrefix is a prefix appended - to resources for kustomize apps + to resources for Kustomize apps type: string nameSuffix: description: NameSuffix is a suffix appended - to resources for kustomize apps + to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize - version + description: Version controls which version + of Kustomize to use for rendering manifests type: string type: object path: description: Path is a directory path within - the Git repository + the Git repository, and is only valid for + applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment + variable entries items: + description: EnvEntry represents an entry + in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the + variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of + the variable type: string required: - name @@ -832,20 +1488,24 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of - the application manifests + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests type: string targetRevision: - description: TargetRevision defines the commit, - tag, or branch in which to sync the application - to. If omitted, will sync to HEAD + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when a sync will - be performed + description: SyncPolicy controls when and how a + sync will be performed properties: automated: description: Automated will keep an application @@ -856,13 +1516,16 @@ spec: zero live resources (default: false)' type: boolean prune: - description: 'Prune will prune resources - automatically as part of automated sync - (default: false)' + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal enables auto-syncing - if (default: false)' + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' type: boolean type: object retry: @@ -870,7 +1533,8 @@ spec: behavior properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff + on subsequent retries of failed syncs properties: duration: description: Duration is the amount @@ -892,7 +1556,8 @@ spec: type: object limit: description: Limit is the maximum number - of attempts when retrying a container + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. format: int64 type: integer type: object @@ -921,23 +1586,7 @@ spec: properties: elements: items: - description: ListGeneratorElement include cluster and - url info - properties: - cluster: - type: string - url: - type: string - values: - additionalProperties: - type: string - description: Values contains key/value pairs which - are passed directly as parameters to the template - type: object - required: - - cluster - - url - type: object + x-kubernetes-preserve-unknown-fields: true type: array template: description: ApplicationSetTemplate represents argocd ApplicationSpec @@ -951,6 +1600,10 @@ spec: additionalProperties: type: string type: object + finalizers: + items: + type: string + type: array labels: additionalProperties: type: string @@ -967,27 +1620,29 @@ spec: revision. properties: destination: - description: Destination overrides the kubernetes - server and namespace defined in the environment - ksonnet app.yaml + description: Destination is a reference to the target + Kubernetes server and namespace properties: name: - description: Name of the destination cluster - which can be used instead of server (url) - field + description: Name is an alternate way of specifying + the target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment - namespace value in the ksonnet app.yaml + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace type: string server: - description: Server overrides the environment - server value in the ksonnet app.yaml + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources - fields which should be ignored during comparison + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison items: description: ResourceIgnoreDifferences contains resource filter and list of json paths which @@ -996,6 +1651,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -1007,12 +1666,11 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array info: - description: Infos contains a list of useful information + description: Info contains a list of information (URLs, email addresses, and plain text) that relates to the application items: @@ -1027,43 +1685,58 @@ spec: type: object type: array project: - description: Project is a application project name. - Empty name means that application belongs to 'default' + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept - in the apps revision history. This should only - be changed in exceptional circumstances. Setting - to zero will store no history. This will reduce - storage used. Increasing will increase the space - used to store the history, so we do not recommend - increasing it. Default is 10. + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. format: int64 type: integer source: description: Source is a reference to the location - ksonnet application definition + of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds - jsonnet specific options + description: Jsonnet holds options specific + to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -1086,8 +1759,9 @@ spec: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet - variable + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation properties: code: type: boolean @@ -1102,6 +1776,8 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests type: boolean type: object helm: @@ -1112,24 +1788,28 @@ spec: to the helm template items: description: HelmFileParameter is a file - parameter to a helm template + parameter that's passed to helm template + during manifest generation properties: name: description: Name is the name of the - helm parameter + Helm parameter type: string path: - description: Path is the path value - for the helm parameter + description: Path is the path to the + file containing the values for the + Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to - the helm template + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation items: description: HelmParameter is a parameter - to a helm template + that's passed to helm template during + manifest generation properties: forceString: description: ForceString determines @@ -1138,17 +1818,18 @@ spec: type: boolean name: description: Name is the name of the - helm parameter + Helm parameter type: string value: description: Value is the value for - the helm parameter + the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted - it will use the application name + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name type: string valueFiles: description: ValuesFiles is a list of Helm @@ -1157,12 +1838,13 @@ spec: type: string type: array values: - description: Values is Helm values, typically + description: Values specifies Helm values + to be passed to helm template, typically defined as a block type: string version: description: Version is the Helm version - to use for templating with + to use for templating (either "2" or "3") type: string type: object ksonnet: @@ -1199,50 +1881,71 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional - kustomize commonAnnotations + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional - kustomize commonLabels + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean images: - description: Images are kustomize image - overrides + description: Images is a list of Kustomize + image override specifications items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: type: string type: array namePrefix: description: NamePrefix is a prefix appended - to resources for kustomize apps + to resources for Kustomize apps type: string nameSuffix: description: NameSuffix is a suffix appended - to resources for kustomize apps + to resources for Kustomize apps type: string version: - description: Version contains optional Kustomize - version + description: Version controls which version + of Kustomize to use for rendering manifests type: string type: object path: description: Path is a directory path within - the Git repository + the Git repository, and is only valid for + applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment + variable entries items: + description: EnvEntry represents an entry + in the application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the + variable, usually expressed in uppercase type: string value: - description: the value + description: Value is the value of + the variable type: string required: - name @@ -1253,20 +1956,24 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of - the application manifests + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests type: string targetRevision: - description: TargetRevision defines the commit, - tag, or branch in which to sync the application - to. If omitted, will sync to HEAD + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when a sync will - be performed + description: SyncPolicy controls when and how a + sync will be performed properties: automated: description: Automated will keep an application @@ -1277,13 +1984,16 @@ spec: zero live resources (default: false)' type: boolean prune: - description: 'Prune will prune resources - automatically as part of automated sync - (default: false)' + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal enables auto-syncing - if (default: false)' + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' type: boolean type: object retry: @@ -1291,7 +2001,8 @@ spec: behavior properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff + on subsequent retries of failed syncs properties: duration: description: Duration is the amount @@ -1313,7 +2024,8 @@ spec: type: object limit: description: Limit is the maximum number - of attempts when retrying a container + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. format: int64 type: integer type: object @@ -1336,18 +2048,3889 @@ spec: required: - elements type: object + matrix: + description: MatrixGenerator include Other generators + properties: + generators: + items: + description: ApplicationSetBaseGenerator include list + item info CRD dosn't support recursive types so we need + a different type for the matrix generator https://github.com/kubernetes-sigs/controller-tools/issues/477 + properties: + clusterDecisionResource: + description: DuckType defines a generator to match + against clusters registered with ArgoCD. + properties: + configMapRef: + description: ConfigMapRef is a ConfigMap with + the duck type definitions needed to retreive + the data this includes apiVersion(group/version), + kind, matchKey and validation settings Name + is the resource name of the kind, group and + version, defined in the ConfigMapRef RequeueAfterSeconds + is how long before the duckType will be rechecked + for a change + type: string + labelSelector: + description: A label selector is a label query + over a set of resources. The result of matchLabels + and matchExpressions are ANDed. An empty label + selector matches all objects. A null label selector + matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + description: Values contains key/value pairs which + are passed directly as parameters to the template + type: object + required: + - configMapRef + type: object + clusters: + description: ClusterGenerator defines a generator + to match against clusters registered with ArgoCD. + properties: + selector: + description: Selector defines a label selector + to match against all clusters registered with + ArgoCD. Clusters today are stored as Kubernetes + Secrets, thus the Secret labels will be used + for matching the selector. + properties: + matchExpressions: + description: matchExpressions is a list of + label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, a + key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + description: Values contains key/value pairs which + are passed directly as parameters to the template + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + description: ListGenerator include items info + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + scmProvider: + description: SCMProviderGenerator defines a generator + that scrapes a SCMaaS API to find candidate repos. + properties: + cloneProtocol: + description: Which protocol to use for the SCM + URL. Default is provider-specific but ssh if + possible. Not all providers necessarily support + all protocols. + type: string + filters: + description: Filters for which repos should be + considered. + items: + description: SCMProviderGeneratorFilter is a + single repository filter. If multiple filter + types are set on a single struct, they will + be AND'd together. All filters must pass for + a repo to be included. + properties: + branchMatch: + description: A regex which must match the + branch name. + type: string + labelMatch: + description: A regex which must match at + least one label. + type: string + pathsExist: + description: An array of paths, all of which + must exist. + items: + type: string + type: array + repositoryMatch: + description: A regex for repo names. + type: string + type: object + type: array + github: + description: Which provider to use and config + for it. + properties: + allBranches: + description: Scan all branches instead of + just the default branch. + type: boolean + api: + description: The GitHub API URL to talk to. + If blank, use https://api.github.com/. + type: string + organization: + description: GitHub org to scan. Required. + type: string + tokenRef: + description: Authentication token reference. + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + description: SCMProviderGeneratorGitlab defines + a connection info specific to Gitlab. + properties: + allBranches: + description: Scan all branches instead of + just the default branch. + type: boolean + api: + description: The Gitlab API URL to talk to. + type: string + group: + description: Gitlab group to scan. Required. You + can use either the project id (recommended) + or the full namespaced path. + type: string + includeSubgroups: + description: Recurse through subgroups (true) + or scan only the base group (false). Defaults + to "false" + type: boolean + tokenRef: + description: Authentication token reference. + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + description: Standard parameters. + format: int64 + type: integer + template: + description: ApplicationSetTemplate represents + argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents + the Argo CD application fields that may + be used for Applications generated from + the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired + application state. Contains link to repository + with application definition and additional + parameters link definition revision. + properties: + destination: + description: Destination is a reference + to the target Kubernetes server and + namespace + properties: + name: + description: Name is an alternate + way of specifying the target cluster + by its symbolic name + type: string + namespace: + description: Namespace specifies the + target namespace for the application's + resources. The namespace will only + be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the + URL of the target cluster and must + be set to the Kubernetes control + plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list + of resources and their fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences + contains resource filter and list + of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) + that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to + the project this application belongs + to. The empty string means that application + belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits + the number of items kept in the application's + revision history, which is used for + informational purposes as well as for + rollbacks to previous versions. This + should only be changed in exceptional + circumstances. Setting to zero will + store no history. This will reduce storage + used. Increasing will increase the space + used to store the history, so we do + not recommend increasing it. Default + is 10. + format: int64 + type: integer + source: + description: Source is a reference to + the location of the application's manifests + or chart + properties: + chart: + description: Chart is a Helm chart + name, and must be specified for + applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains + a glob pattern to match paths + against that should be explicitly + excluded from being used during + manifest generation + type: string + include: + description: Include contains + a glob pattern to match paths + against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options + specific to Jsonnet + properties: + extVars: + description: ExtVars is a + list of Jsonnet External + Variables + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library + search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list + of Jsonnet Top-level Arguments + items: + description: JsonnetVar + represents a variable + to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies + whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific + options + properties: + fileParameters: + description: FileParameters are + file parameters to the helm + template + items: + description: HelmFileParameter + is a file parameter that's + passed to helm template during + manifest generation + properties: + name: + description: Name is the + name of the Helm parameter + type: string + path: + description: Path is the + path to the file containing + the values for the Helm + parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list + of Helm parameters which are + passed to the helm template + command upon manifest generation + items: + description: HelmParameter is + a parameter that's passed + to helm template during manifest + generation + properties: + forceString: + description: ForceString + determines whether to + tell Helm to interpret + booleans and numbers as + strings + type: boolean + name: + description: Name is the + name of the Helm parameter + type: string + value: + description: Value is the + value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the + Helm release name to use. If + omitted it will use the application + name + type: string + valueFiles: + description: ValuesFiles is a + list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies + Helm values to be passed to + helm template, typically defined + as a block + type: string + version: + description: Version is the Helm + version to use for templating + (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet + specific options + properties: + environment: + description: Environment is a + ksonnet application environment + name + type: string + parameters: + description: Parameters are a + list of ksonnet component parameter + override values + items: + description: KsonnetParameter + is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize + specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations + is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a + list of additional labels to + add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations + specifies whether to force applying + common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels + specifies whether to force applying + common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list + of Kustomize image override + specifications + items: + description: KustomizeImage + represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix + appended to resources for Kustomize + apps + type: string + nameSuffix: + description: NameSuffix is a suffix + appended to resources for Kustomize + apps + type: string + version: + description: Version controls + which version of Kustomize to + use for rendering manifests + type: string + type: object + path: + description: Path is a directory path + within the Git repository, and is + only valid for applications sourced + from Git. + type: string + plugin: + description: ConfigManagementPlugin + holds config management plugin specific + options + properties: + env: + description: Env is a list of + environment variable entries + items: + description: EnvEntry represents + an entry in the application's + environment + properties: + name: + description: Name is the + name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the + value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to + the repository (Git or Helm) that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines + the revision of the source to sync + the application to. In case of Git, + this can be commit, tag, or branch. + If omitted, will equal to HEAD. + In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when + and how a sync will be performed + properties: + automated: + description: Automated will keep an + application synced to the target + revision + properties: + allowEmpty: + description: 'AllowEmpty allows + apps have zero live resources + (default: false)' + type: boolean + prune: + description: 'Prune specifies + whether to delete resources + from the cluster that are not + found in the sources anymore + as part of automated sync (default: + false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes + whether to revert resources + back to their desired state + upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed + sync retry behavior + properties: + backoff: + description: Backoff controls + how to backoff on subsequent + retries of failed syncs + properties: + duration: + description: Duration is the + amount to back off. Default + unit is seconds, but could + also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor + to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is + the maximum amount of time + allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum + number of attempts for retrying + a failed sync. If set to 0, + no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to + specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + type: object + type: array + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination is a reference to the target + Kubernetes server and namespace + properties: + name: + description: Name is an alternate way of specifying + the target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' + project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + of the application's manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter that's passed to helm template + during manifest generation + properties: + name: + description: Name is the name of the + Helm parameter + type: string + path: + description: Path is the path to the + file containing the values for the + Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during + manifest generation + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + Helm parameter + type: string + value: + description: Value is the value for + the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values + to be passed to helm template, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize + image override specifications + items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within + the Git repository, and is only valid for + applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + description: Env is a list of environment + variable entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the + variable, usually expressed in uppercase + type: string + value: + description: Value is the value of + the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when and how a + sync will be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff controls how to backoff + on subsequent retries of failed syncs + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + scmProvider: + description: SCMProviderGenerator defines a generator that scrapes + a SCMaaS API to find candidate repos. + properties: + cloneProtocol: + description: Which protocol to use for the SCM URL. Default + is provider-specific but ssh if possible. Not all providers + necessarily support all protocols. + type: string + filters: + description: Filters for which repos should be considered. + items: + description: SCMProviderGeneratorFilter is a single repository + filter. If multiple filter types are set on a single + struct, they will be AND'd together. All filters must + pass for a repo to be included. + properties: + branchMatch: + description: A regex which must match the branch name. + type: string + labelMatch: + description: A regex which must match at least one + label. + type: string + pathsExist: + description: An array of paths, all of which must + exist. + items: + type: string + type: array + repositoryMatch: + description: A regex for repo names. + type: string + type: object + type: array + github: + description: Which provider to use and config for it. + properties: + allBranches: + description: Scan all branches instead of just the default + branch. + type: boolean + api: + description: The GitHub API URL to talk to. If blank, + use https://api.github.com/. + type: string + organization: + description: GitHub org to scan. Required. + type: string + tokenRef: + description: Authentication token reference. + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + description: SCMProviderGeneratorGitlab defines a connection + info specific to Gitlab. + properties: + allBranches: + description: Scan all branches instead of just the default + branch. + type: boolean + api: + description: The Gitlab API URL to talk to. + type: string + group: + description: Gitlab group to scan. Required. You can + use either the project id (recommended) or the full + namespaced path. + type: string + includeSubgroups: + description: Recurse through subgroups (true) or scan + only the base group (false). Defaults to "false" + type: boolean + tokenRef: + description: Authentication token reference. + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + description: Standard parameters. + format: int64 + type: integer + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination is a reference to the target + Kubernetes server and namespace + properties: + name: + description: Name is an alternate way of specifying + the target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target + namespace for the application's resources. + The namespace will only be set for namespace-scoped + resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the + target cluster and must be set to the Kubernetes + control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources + and their fields which should be ignored during + comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project + this application belongs to. The empty string + means that application belongs to the 'default' + project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number + of items kept in the application's revision history, + which is used for informational purposes as well + as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. + Setting to zero will store no history. This will + reduce storage used. Increasing will increase + the space used to store the history, so we do + not recommend increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + of the application's manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and + must be specified for applications sourced + from a Helm repo. + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be + explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be + explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar represents + a variable to be passed to jsonnet + during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to + scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter that's passed to helm template + during manifest generation + properties: + name: + description: Name is the name of the + Helm parameter + type: string + path: + description: Path is the path to the + file containing the values for the + Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm + parameters which are passed to the helm + template command upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during + manifest generation + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + Helm parameter + type: string + value: + description: Value is the value for + the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the + application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values + to be passed to helm template, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list + of additional annotations to add to rendered + manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies + whether to force applying common labels + to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize + image override specifications + items: + description: KustomizeImage represents + a Kustomize image definition in the + format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within + the Git repository, and is only valid for + applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + description: Env is a list of environment + variable entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the + variable, usually expressed in uppercase + type: string + value: + description: Value is the value of + the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application + manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. In + case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when and how a + sync will be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune specifies whether to + delete resources from the cluster that + are not found in the sources anymore as + part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes whether + to revert resources back to their desired + state upon modification in the cluster + (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff controls how to backoff + on subsequent retries of failed syncs + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts for retrying a failed sync. + If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object type: object type: array syncPolicy: description: ApplicationSetSyncPolicy configures how generated Applications will relate to their ApplicationSet. properties: - skipPrune: - description: SkipPrune will disable the default behavior which - will delete Applications that are no longer being generated - for the ApplicationSet which created them, or the ApplicationSet - itself is deleted. If SkipPrune is set to true, these Applications - will be orphaned but continue to exist. + preserveResourcesOnDeletion: + description: PreserveResourcesOnDeletion will preserve resources + on deletion. If PreserveResourcesOnDeletion is set to true, + these Applications will not be deleted. type: boolean type: object template: @@ -1362,6 +5945,10 @@ spec: additionalProperties: type: string type: object + finalizers: + items: + type: string + type: array labels: additionalProperties: type: string @@ -1377,25 +5964,27 @@ spec: additional parameters link definition revision. properties: destination: - description: Destination overrides the kubernetes server and - namespace defined in the environment ksonnet app.yaml + description: Destination is a reference to the target Kubernetes + server and namespace properties: name: - description: Name of the destination cluster which can - be used instead of server (url) field + description: Name is an alternate way of specifying the + target cluster by its symbolic name type: string namespace: - description: Namespace overrides the environment namespace - value in the ksonnet app.yaml + description: Namespace specifies the target namespace + for the application's resources. The namespace will + only be set for namespace-scoped resources that have + not set a value for .metadata.namespace type: string server: - description: Server overrides the environment server value - in the ksonnet app.yaml + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences controls resources fields which - should be ignored during comparison + description: IgnoreDifferences is a list of resources and + their fields which should be ignored during comparison items: description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored @@ -1403,6 +5992,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -1414,13 +6007,12 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array info: - description: Infos contains a list of useful information (URLs, - email addresses, and plain text) that relates to the application + description: Info contains a list of information (URLs, email + addresses, and plain text) that relates to the application items: properties: name: @@ -1433,39 +6025,51 @@ spec: type: object type: array project: - description: Project is a application project name. Empty - name means that application belongs to 'default' project. + description: Project is a reference to the project this application + belongs to. The empty string means that application belongs + to the 'default' project. type: string revisionHistoryLimit: - description: This limits this number of items kept in the - apps revision history. This should only be changed in exceptional - circumstances. Setting to zero will store no history. This - will reduce storage used. Increasing will increase the space - used to store the history, so we do not recommend increasing - it. Default is 10. + description: RevisionHistoryLimit limits the number of items + kept in the application's revision history, which is used + for informational purposes as well as for rollbacks to previous + versions. This should only be changed in exceptional circumstances. + Setting to zero will store no history. This will reduce + storage used. Increasing will increase the space used to + store the history, so we do not recommend increasing it. + Default is 10. format: int64 type: integer source: - description: Source is a reference to the location ksonnet - application definition + description: Source is a reference to the location of the + application's manifests or chart properties: chart: - description: Chart is a Helm chart name + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation type: string jsonnet: - description: ApplicationSourceJsonnet holds jsonnet - specific options + description: Jsonnet holds options specific to Jsonnet properties: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1487,7 +6091,8 @@ spec: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar is a jsonnet variable + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1502,6 +6107,8 @@ spec: type: array type: object recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests type: boolean type: object helm: @@ -1512,23 +6119,25 @@ spec: the helm template items: description: HelmFileParameter is a file parameter - to a helm template + that's passed to helm template during manifest + generation properties: name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string path: - description: Path is the path value for the - helm parameter + description: Path is the path to the file containing + the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters are parameters to the helm - template + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation items: - description: HelmParameter is a parameter to a helm - template + description: HelmParameter is a parameter that's + passed to helm template during manifest generation properties: forceString: description: ForceString determines whether @@ -1536,17 +6145,17 @@ spec: as strings type: boolean name: - description: Name is the name of the helm parameter + description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the helm + description: Value is the value for the Helm parameter type: string type: object type: array releaseName: - description: The Helm release name. If omitted it - will use the application name + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name type: string valueFiles: description: ValuesFiles is a list of Helm value files @@ -1555,12 +6164,12 @@ spec: type: string type: array values: - description: Values is Helm values, typically defined - as a block + description: Values specifies Helm values to be passed + to helm template, typically defined as a block type: string version: description: Version is the Helm version to use for - templating with + templating (either "2" or "3") type: string type: object ksonnet: @@ -1595,47 +6204,67 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations adds additional kustomize - commonAnnotations + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels adds additional kustomize - commonLabels + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean images: - description: Images are kustomize image overrides + description: Images is a list of Kustomize image override + specifications items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: type: string type: array namePrefix: description: NamePrefix is a prefix appended to resources - for kustomize apps + for Kustomize apps type: string nameSuffix: description: NameSuffix is a suffix appended to resources - for kustomize apps + for Kustomize apps type: string version: - description: Version contains optional Kustomize version + description: Version controls which version of Kustomize + to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. type: string plugin: description: ConfigManagementPlugin holds config management plugin specific options properties: env: + description: Env is a list of environment variable + entries items: + description: EnvEntry represents an entry in the + application's environment properties: name: - description: the name, usually uppercase + description: Name is the name of the variable, + usually expressed in uppercase type: string value: - description: the value + description: Value is the value of the variable type: string required: - name @@ -1646,19 +6275,22 @@ spec: type: string type: object repoURL: - description: RepoURL is the repository URL of the application - manifests + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the commit, tag, or - branch in which to sync the application to. If omitted, - will sync to HEAD + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when a sync will be performed + description: SyncPolicy controls when and how a sync will + be performed properties: automated: description: Automated will keep an application synced @@ -1669,19 +6301,22 @@ spec: resources (default: false)' type: boolean prune: - description: 'Prune will prune resources automatically - as part of automated sync (default: false)' + description: 'Prune specifies whether to delete resources + from the cluster that are not found in the sources + anymore as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal enables auto-syncing if (default: - false)' + description: 'SelfHeal specifes whether to revert + resources back to their desired state upon modification + in the cluster (default: false)' type: boolean type: object retry: description: Retry controls failed sync retry behavior properties: backoff: - description: Backoff is a backoff strategy + description: Backoff controls how to backoff on subsequent + retries of failed syncs properties: duration: description: Duration is the amount to back off. @@ -1700,7 +6335,8 @@ spec: type: object limit: description: Limit is the maximum number of attempts - when retrying a container + for retrying a failed sync. If set to 0, no retries + will be performed. format: int64 type: integer type: object diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index e5b12272..ac9ba29c 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -6,7 +6,7 @@ replicaCount: 1 image: # The image repository - repository: quay.io/argocdapplicationset/argocd-applicationset + repository: quay.io/argoproj/argocd-applicationset # Image pull policy pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. From 3a4baae95d4df8e35aecc1a5079637651b486bdb Mon Sep 17 00:00:00 2001 From: Piotr Kowalczyk Date: Mon, 23 Aug 2021 19:23:07 +0200 Subject: [PATCH 0057/1248] feat(argo-cd): Parameterizing dex ports names due to istio 403 errors (#889) * refactor: Parameterizing dex ports names due to istio 403 errors Signed-off-by: Piotr Kowalczyk * fix: updating default http port name to http Signed-off-by: Piotr Kowalczyk --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/dex/service.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 90543f56..72f417a7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.13.1 +version: 3.13.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Updated README.md for ArgoCD" + - "[Changed]: Parameterized dex service port names for istio-ingress 403 error" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 48676ca7..151285c1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -397,7 +397,9 @@ NAME: my-release | dex.serviceAccount.create | Create dex service account | `true` | | dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` | | dex.servicePortGrpc | Server GRPC port | `5557` | +| dex.servicePortGrpcName | Server GRPC port name | `grpc` | | dex.servicePortHttp | Server HTTP port | `5556` | +| dex.servicePortHttpName | Server GRPC port name | `http` | | dex.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | dex.volumeMounts | Dex volume mounts | `"/shared"` | | dex.volumes | Dex volumes | `{}` | diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index 6fa77c4e..c93b085e 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -16,11 +16,11 @@ metadata: {{- end }} spec: ports: - - name: http + - name: {{ .Values.dex.servicePortHttpName }} protocol: TCP port: {{ .Values.dex.servicePortHttp }} targetPort: http - - name: grpc + - name: {{ .Values.dex.servicePortGrpcName }} protocol: TCP port: {{ .Values.dex.servicePortGrpc }} targetPort: grpc diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8e637966..e1d67d71 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -280,8 +280,10 @@ dex: ## Dex deployment container ports containerPortHttp: 5556 servicePortHttp: 5556 + servicePortHttpName: http containerPortGrpc: 5557 servicePortGrpc: 5557 + servicePortGrpcName: grpc containerPortMetrics: 5558 servicePortMetrics: 5558 From da73ab6a69f8c777a4f90ed8ba0bd3ee5f19f372 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 24 Aug 2021 14:37:34 +0200 Subject: [PATCH 0058/1248] feat(argo-cd): Add probes for Dex server (#890) * Add probes for Dex server >= 2.28.0 Signed-off-by: Petr Drastil * Enable metrics port and allow user to configure only retries Signed-off-by: Petr Drastil * Update README Signed-off-by: Petr Drastil * Place probe configuration on top-level Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 24 +++++++++++++++----- charts/argo-cd/templates/dex/deployment.yaml | 18 ++++++++++++++- charts/argo-cd/values.yaml | 17 ++++++++++++++ 4 files changed, 54 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72f417a7..15fa92f4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.13.2 +version: 3.14.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Parameterized dex service port names for istio-ingress 403 error" + - "[Added]: Probe configuration for Dex server" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 151285c1..3f58dbb3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -36,7 +36,7 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ### 3.13.0 -This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field ### 3.10.2 @@ -71,7 +71,7 @@ server: Please check if you are affected by one of these cases **before you upgrade**, especially when you use **cloud IAM roles for service accounts.** (eg. IRSA on AWS or Workload Identity for GKE) -### 3.2.* +### 3.2.* With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). [Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an ArgoCD instance**, @@ -81,7 +81,7 @@ If you are running a cluster version prior to `1.19` you can avoid this issue by ```yaml kubeVersionOverride: "1.18.0" -``` +``` Then you should no longer encounter this issue. @@ -391,6 +391,18 @@ NAME: my-release | dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | dex.podAnnotations | Annotations for the Dex server pods | `{}` | | dex.podLabels | Labels for the Dex server pods | `{}` | +| dex.livenessProbe.enabled | Enable Kubernetes liveness probe for Dex >= 2.28.0 | `false` | +| dex.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | +| dex.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` | +| dex.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | +| dex.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | +| dex.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | +| dex.readinessProbe.enabled | Enable Kubernetes readiness probe for Dex >= 2.28.0 | `false` | +| dex.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | +| dex.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` | +| dex.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | +| dex.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | +| dex.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | | dex.priorityClassName | Priority class for dex | `""` | | dex.resources | Resource limits and requests for dex | `{}` | | dex.serviceAccount.automountServiceAccountToken | Automount API credentials for the Service Account | `true` | @@ -447,14 +459,14 @@ through `xxx.extraArgs` ### Using AWS ALB Ingress Controller With GRPC -If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. +If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. Example: ```yaml server: ingress: enabled: true - annotations: + annotations: alb.ingress.kubernetes.io/backend-protocol: HTTPS alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' alb.ingress.kubernetes.io/scheme: internal @@ -464,5 +476,5 @@ server: isAWSALB: true awsALB: serviceType: ClusterIP - + ``` diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 557140ce..5063ebfe 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -73,10 +73,26 @@ spec: - name: grpc containerPort: {{ .Values.dex.containerPortGrpc }} protocol: TCP - {{- if .Values.dex.metrics.enabled }} - name: metrics containerPort: {{ .Values.dex.containerPortMetrics }} protocol: TCP + {{- if .Values.dex.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /healthz/live + port: metrics + {{- with .Values.dex.livenessProbe }} + {{- omit . "enabled" | toYaml | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.dex.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /healthz/ready + port: metrics + {{- with .Values.dex.readinessProbe }} + {{- omit . "enabled" | toYaml | nindent 10 }} + {{- end }} {{- end }} volumeMounts: - mountPath: /tmp diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e1d67d71..5f5a7bf1 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -259,6 +259,23 @@ dex: ## podLabels: {} + ## Probes for Dex server + ## Supported from Dex >= 2.28.0 + livenessProbe: + enabled: false + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + readinessProbe: + enabled: false + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + serviceAccount: create: true name: argocd-dex-server From 536e98b72b0a6e53e7ae6ed8618a737969b57520 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 24 Aug 2021 14:48:03 +0200 Subject: [PATCH 0059/1248] feat(argo-cd): Allow global configuration for pod annotations and labels (#894) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ .../argocd-application-controller/deployment.yaml | 10 ++++------ .../templates/argocd-repo-server/deployment.yaml | 10 ++++------ charts/argo-cd/templates/argocd-server/deployment.yaml | 10 ++++------ charts/argo-cd/templates/dex/deployment.yaml | 10 ++++------ charts/argo-cd/templates/redis/deployment.yaml | 10 ++++------ charts/argo-cd/values.yaml | 4 ++++ 8 files changed, 28 insertions(+), 32 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 15fa92f4..7686f02e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.14.0 +version: 3.15.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Probe configuration for Dex server" + - "[Added]: Global configuration for pod annotations and labels" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3f58dbb3..c3dabc56 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -142,6 +142,8 @@ NAME: my-release | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | | global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` | +| global.podAnnotations | Annotations for the all deployed pods | +| global.podLabels | Labels for the all deployed pods | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | | global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 7902be76..fac40ab7 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -17,17 +17,15 @@ spec: replicas: {{ .Values.controller.replicas }} template: metadata: - {{- if .Values.controller.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.controller.podAnnotations) }} annotations: - {{- range $key, $value := .Values.controller.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }} - {{- if .Values.controller.podLabels }} -{{- toYaml .Values.controller.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.controller.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index d89440a2..9b4c3400 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -16,17 +16,15 @@ spec: {{- end }} template: metadata: - {{- if .Values.repoServer.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.repoServer.podAnnotations) }} annotations: - {{- range $key, $value := .Values.repoServer.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }} app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }} - {{- if .Values.repoServer.podLabels }} -{{- toYaml .Values.repoServer.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.repoServer.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 3ef5bb62..9f941c96 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -16,17 +16,15 @@ spec: {{- end }} template: metadata: - {{- if .Values.server.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.server.podAnnotations) }} annotations: - {{- range $key, $value := .Values.server.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }} - {{- if .Values.server.podLabels }} -{{- toYaml .Values.server.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.server.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5063ebfe..97951d01 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -12,17 +12,15 @@ spec: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }} template: metadata: - {{- if .Values.dex.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.dex.podAnnotations) }} annotations: - {{- range $key, $value := .Values.dex.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 8 }} app.kubernetes.io/version: {{ .Values.dex.image.tag | quote }} - {{- if .Values.dex.podLabels }} -{{- toYaml .Values.dex.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.dex.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 5b5879a3..05d9f43d 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -13,17 +13,15 @@ spec: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} template: metadata: - {{- if .Values.redis.podAnnotations }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.redis.podAnnotations) }} annotations: - {{- range $key, $value := .Values.redis.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 8 }} app.kubernetes.io/version: {{ .Values.redis.image.tag | quote }} - {{- if .Values.redis.podLabels }} -{{- toYaml .Values.redis.podLabels | nindent 8 }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.redis.podLabels) }} + {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5f5a7bf1..bc807eb1 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -10,6 +10,10 @@ global: repository: quay.io/argoproj/argocd tag: v2.1.0 imagePullPolicy: IfNotPresent + ## Annotations applied to all pods + podAnnotations: {} + ## Labels applied to all pods + podLabels: {} securityContext: {} # runAsUser: 999 # runAsGroup: 999 From 561c5332bbee2c63cd6f8a4fed85b89049eb7867 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 25 Aug 2021 09:05:16 +0200 Subject: [PATCH 0060/1248] docs(argocd-applicationset): Update README and convert it to helm-docs (#896) Signed-off-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 5 +- charts/argocd-applicationset/README.md | 24 ++++---- charts/argocd-applicationset/README.md.gotmpl | 57 +++++++++++++++++++ charts/argocd-applicationset/values.yaml | 38 +++++++++++-- 4 files changed, 105 insertions(+), 19 deletions(-) create mode 100644 charts/argocd-applicationset/README.md.gotmpl diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 0796bbef..ebe52679 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.3.0 +version: 1.3.1 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,5 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Fixed]: Use new image repository" - - "[Changed]: Updated ApplicationSet CRD" + - "[Changed]: Update README and convert it to helm-docs" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index 0996b234..35c57240 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -57,34 +57,38 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | Key | Type | Default | Description | |-----|------|---------|-------------| | affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | -| args.metricsAddr | int | `8080` | The default metric address | -| args.probeBindAddr | int | `8081` | The default health check port | -| args.enableLeaderElection | bool | `false` | The default leader election setting | -| args.namespace | string | `argocd` | The default Argo CD repo namespace | -| args.argocdRepoServer | string | `argocd-repo-server:8081` | The default Argo CD repo server address | -| args.policy | string | `sync` | How application is synced between the generator and the cluster | +| args.argocdRepoServer | string | `"argocd-repo-server:8081"` | The default Argo CD repo server address | | args.debug | bool | `false` | Print debug logs | | args.dryRun | bool | `false` | Enable dry run mode | +| args.enableLeaderElection | bool | `false` | The default leader election setting | +| args.metricsAddr | string | `":8080"` | The default metric address | +| args.namespace | string | `"argocd"` | The default Argo CD repo namespace | +| args.policy | string | `"sync"` | How application is synced between the generator and the cluster | +| args.probeBindAddr | string | `":8081"` | The default health check port | | extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | extraVolumes | list | `[]` | List of extra volumes to add | | fullnameOverride | string | `""` | Override the default fully qualified app name | | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | -| image.repository | string | `"quay.io/argocdapplicationset/argocd-applicationset"` | If defined, a repository applied to the ApplicationSet deployment. | +| image.repository | string | `"quay.io/argoproj/argocd-applicationset"` | The image repository | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` | +| mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | | mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume | | mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume | -| mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | -| mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` | | nameOverride | string | `""` | Provide a name in place of `argocd-applicationset` | | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | | podAnnotations | object | `{}` | Annotations for the controller pods | | podSecurityContext | object | `{}` | Pod Security Context | +| priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | | rbac.pspEnabled | bool | `true` | Enable Pod Security Policy | | replicaCount | int | `1` | The number of controller pods to run | | resources | object | `{}` | Resource limits and requests for the controller pods. | | securityContext | object | `{}` | Security Context | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) diff --git a/charts/argocd-applicationset/README.md.gotmpl b/charts/argocd-applicationset/README.md.gotmpl new file mode 100644 index 00000000..62f1145e --- /dev/null +++ b/charts/argocd-applicationset/README.md.gotmpl @@ -0,0 +1,57 @@ +# Argo CD ApplicationSet Chart + +A Helm chart for Argo CD ApplicationSet, a controller to programmatically generate Argo CD Application. + +Source code can be found [here](https://github.com/argoproj-labs/applicationset/) + +## Additional Information + +This is a **community maintained** chart. This chart installs the [applicationset](https://github.com/argoproj-labs/applicationset) controller. + +This chart currently installs the non-HA version of Argo CD ApplicationSet. + +## Prerequisites + +- Helm v3.0.0+ +- The ApplicationSet controller **must** be installed into the same namespace as the Argo CD it is targetting. + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install --name my-release argo/argocd-applicationset +NAME: my-release +... +``` + +### Testing + +Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing). + +```console +kind create cluster +kubectl create namespace argocd +kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml +ct install --namespace argocd +``` + +## Notes on CRD Installation + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. + +You then can install the CRDs manually from `crds` folder or via the manifests from the upstream project repo: + +```console +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref= + +# Eg. version v0.1.0 +kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=v0.1.0 +``` + +{{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index ac9ba29c..b0820368 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -2,47 +2,63 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. +# -- The number of controller pods to run replicaCount: 1 image: - # The image repository + # -- The image repository repository: quay.io/argoproj/argocd-applicationset - # Image pull policy + # -- Image pull policy pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. + # -- Overrides the image tag whose default is the chart appVersion. tag: "" args: + # -- The default metric address metricsAddr: :8080 + # -- The default health check port probeBindAddr: :8081 + # -- The default leader election setting enableLeaderElection: false + # -- The default Argo CD repo namespace namespace: argocd + # -- The default Argo CD repo server address argocdRepoServer: argocd-repo-server:8081 + # -- How application is synced between the generator and the cluster policy: sync + # -- Print debug logs debug: false + # -- Enable dry run mode dryRun: false +# -- If defined, uses a Secret to pull an image from a private Docker registry or repository. imagePullSecrets: [] +# -- Provide a name in place of `argocd-applicationset` nameOverride: "" +# -- Override the default fully qualified app name fullnameOverride: "" serviceAccount: - # Specifies whether a service account should be created + # -- Specifies whether a service account should be created create: true - # Annotations to add to the service account + # -- Annotations to add to the service account annotations: {} - # The name of the service account to use. + # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" +# -- Annotations for the controller pods podAnnotations: {} rbac: + # -- Enable Pod Security Policy pspEnabled: true +# -- Pod Security Context podSecurityContext: {} # fsGroup: 2000 +# -- Security Context securityContext: {} # capabilities: # drop: @@ -51,6 +67,7 @@ securityContext: {} # runAsNonRoot: true # runAsUser: 1000 +# -- Resource limits and requests for the controller pods. resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -63,23 +80,32 @@ resources: {} # cpu: 100m # memory: 128Mi +# -- [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) nodeSelector: {} +# -- [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) tolerations: [] +# -- [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) affinity: {} +# -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. priorityClassName: "" +# -- Mount the `argocd-ssh-known-hosts-cm` volume mountSSHKnownHostsVolume: true +# -- Mount the `argocd-tls-certs-cm` volume mountTLSCertsVolume: true +# -- Mount the `argocd-gpg-keys-cm` volume mountGPGKeysVolume: false +# -- Mount an emptyDir volume for `gpg-keyring` mountGPGKeyringVolume: true # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] # - mountPath: /tmp/foobar # name: foobar + # -- List of extra volumes to add extraVolumes: [] # - name: foobar From 91e6e0749a24dbf453fce0f51faea39c4501d9e7 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 25 Aug 2021 14:14:13 +0200 Subject: [PATCH 0061/1248] fix(argocd-notifications): Use correct names for ConfigMap and Secret (#898) Signed-off-by: Petr Drastil --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/templates/configmap.yaml | 2 +- charts/argocd-notifications/templates/secret.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 0ae4fff0..26d37b85 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.3 +version: 1.4.4 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Fixed]: Use correct chart icon url" + - "[Fixed]: Use correct names for ConfigMap and Secret" diff --git a/charts/argocd-notifications/templates/configmap.yaml b/charts/argocd-notifications/templates/configmap.yaml index 37f95b53..7b5186c0 100644 --- a/charts/argocd-notifications/templates/configmap.yaml +++ b/charts/argocd-notifications/templates/configmap.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "argocd-notifications.name" . }}-cm + name: argocd-notifications-cm labels: {{- include "argocd-notifications.labels" . | nindent 4 }} data: diff --git a/charts/argocd-notifications/templates/secret.yaml b/charts/argocd-notifications/templates/secret.yaml index 11cf4c78..e912eef7 100644 --- a/charts/argocd-notifications/templates/secret.yaml +++ b/charts/argocd-notifications/templates/secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "argocd-notifications.name" . }}-secret + name: argocd-notifications-secret labels: {{- include "argocd-notifications.labels" . | nindent 4 }} type: Opaque From 8e11387e7d250adc7d80e711ceae58d0d7966f4f Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 25 Aug 2021 17:04:29 +0200 Subject: [PATCH 0062/1248] feat(argo-cd): Allow service monitor relabeling configs (#897) * Allow service monitor relabeling configs Signed-off-by: Petr Drastil * Revert scrape interval to optional field Signed-off-by: Petr Drastil * Revert path to original place Signed-off-by: Petr Drastil * Fix trailing character on README Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++-- charts/argo-cd/README.md | 8 +++++++ .../servicemonitor.yaml | 21 ++++++++++------ .../argocd-repo-server/servicemonitor.yaml | 21 ++++++++++------ .../argocd-server/servicemonitor.yaml | 19 ++++++++++----- .../argo-cd/templates/dex/servicemonitor.yaml | 24 ++++++++++++------- charts/argo-cd/values.yaml | 8 +++++++ 7 files changed, 76 insertions(+), 30 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7686f02e..ea642649 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.15.0 +version: 3.16.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Global configuration for pod annotations and labels" + - "[Added]: Service monitor relabelings and metricsRelabelings" + - "[Fixed]: Service monitor interval configuration for all components" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c3dabc56..57399e5e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -203,6 +203,8 @@ NAME: my-release | controller.metrics.service.servicePort | Metrics service port | `8082` | | controller.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | | controller.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| controller.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | +| controller.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | | controller.name | Controller name string. | `"application-controller"` | | controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | controller.podAnnotations | Annotations for the controller pods | `{}` | @@ -255,6 +257,8 @@ NAME: my-release | repoServer.metrics.service.servicePort | Metrics service port | `8082` | | repoServer.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | | repoServer.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| repoServer.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | +| repoServer.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | | repoServer.name | Repo server name | `"repo-server"` | | repoServer.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | repoServer.podAnnotations | Annotations for the repo server pods | `{}` | @@ -335,6 +339,8 @@ NAME: my-release | server.metrics.service.servicePort | Metrics service port | `8082` | | server.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | | server.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| server.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | +| server.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | | server.name | Argo CD server name | `"server"` | | server.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | | server.podAnnotations | Annotations for the server pods | `{}` | @@ -387,6 +393,8 @@ NAME: my-release | dex.metrics.service.labels | Metrics service labels | `{}` | | dex.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | | dex.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | +| dex.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | +| dex.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | | dex.name | Dex name | `"dex-server"` | | dex.env | Environment variables for the Dex server. | `[]` | | dex.envFrom | `envFrom` to pass to the Dex server. | `[]` (See [values.yaml](values.yaml)) | diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 0b943982..249d4e38 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -3,16 +3,16 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.controller.fullname" . }} - {{- if .Values.controller.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }} + {{- with .Values.controller.metrics.serviceMonitor.namespace }} + namespace: {{ . }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - {{- if .Values.controller.metrics.serviceMonitor.selector }} -{{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }} + {{- with .Values.controller.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} -{{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- with .Values.controller.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: @@ -21,6 +21,14 @@ spec: interval: {{ . }} {{- end }} path: /metrics + {{- with .Values.controller.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} @@ -28,4 +36,3 @@ spec: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 6 }} {{- end }} - diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 027cdb5f..2c353479 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -3,16 +3,16 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.repoServer.fullname" . }} - {{- if .Values.repoServer.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.repoServer.metrics.serviceMonitor.namespace }} + {{- with .Values.repoServer.metrics.serviceMonitor.namespace }} + namespace: {{ . }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} - {{- if .Values.repoServer.metrics.serviceMonitor.selector }} -{{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }} + {{- with .Values.repoServer.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }} -{{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- with .Values.repoServer.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: @@ -21,6 +21,14 @@ spec: interval: {{ . }} {{- end }} path: /metrics + {{- with .Values.repoServer.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.repoServer.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} @@ -28,4 +36,3 @@ spec: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-metrics" .Values.repoServer.name)) | nindent 6 }} {{- end }} - diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 00002faa..ab97acc2 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -8,19 +8,27 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- if .Values.server.metrics.serviceMonitor.selector }} -{{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }} + {{- with .Values.server.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.server.metrics.serviceMonitor.additionalLabels }} -{{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- with .Values.server.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: - port: metrics - {{- with .Values.controller.metrics.serviceMonitor.interval }} + {{- with .Values.server.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} path: /metrics + {{- with .Values.server.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.server.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} @@ -28,4 +36,3 @@ spec: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.server.name "name" (printf "%s-metrics" .Values.server.name)) | nindent 6 }} {{- end }} - diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 58bae6e2..ca1d54b0 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -3,28 +3,36 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.dex.fullname" . }} - {{- if .Values.dex.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.dex.metrics.serviceMonitor.namespace }} + {{- with .Values.dex.metrics.serviceMonitor.namespace }} + namespace: {{ . }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} - {{- if .Values.dex.metrics.serviceMonitor.selector }} -{{- toYaml .Values.dex.metrics.serviceMonitor.selector | nindent 4 }} + {{- with .Values.dex.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.dex.metrics.serviceMonitor.additionalLabels }} -{{- toYaml .Values.dex.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- with .Values.dex.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: - port: metrics - {{- with .Values.controller.metrics.serviceMonitor.interval }} + {{- with .Values.dex.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} path: /metrics + {{- with .Values.dex.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.dex.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . |nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 6 }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index bc807eb1..ff23a597 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -169,6 +169,8 @@ controller: serviceMonitor: enabled: false interval: 30s + relabelings: [] + metricRelabelings: [] # selector: # prometheus: kube-prometheus # namespace: monitoring @@ -230,6 +232,8 @@ dex: serviceMonitor: enabled: false interval: 30s + relabelings: [] + metricRelabelings: [] # selector: # prometheus: kube-prometheus # namespace: monitoring @@ -576,6 +580,8 @@ server: serviceMonitor: enabled: false interval: 30s + relabelings: [] + metricRelabelings: [] # selector: # prometheus: kube-prometheus # namespace: monitoring @@ -961,6 +967,8 @@ repoServer: serviceMonitor: enabled: false interval: 30s + relabelings: [] + metricRelabelings: [] # selector: # prometheus: kube-prometheus # namespace: monitoring From 31803c05d66b91b0581ffc9e413e2e56c09cb124 Mon Sep 17 00:00:00 2001 From: Emanuel Oliveira Date: Thu, 26 Aug 2021 10:42:47 -0300 Subject: [PATCH 0063/1248] feat(argo-cd): Finalize update to argocd 2.1.0 (#884) Signed-off-by: Emanuel Oliveira Co-authored-by: Mateus Miranda Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +- charts/argo-cd/README.md | 4 ++ charts/argo-cd/crds/crd-application.yaml | 41 ++++++++++- charts/argo-cd/templates/NOTES.txt | 6 ++ .../deployment.yaml | 7 ++ ...repository-credentials-secret-legacy.yaml} | 2 +- .../repository-credentials-secret.yaml | 14 ++++ .../argocd-configs/repository-secret.yaml | 14 ++++ charts/argo-cd/values.yaml | 70 +++++++++++++------ 9 files changed, 138 insertions(+), 27 deletions(-) rename charts/argo-cd/templates/{argocd-repo-server/repository-credentials-secret.yaml => argocd-configs/repository-credentials-secret-legacy.yaml} (97%) create mode 100644 charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml create mode 100644 charts/argo-cd/templates/argocd-configs/repository-secret.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ea642649..4392cbe8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.16.0 +version: 3.17.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Service monitor relabelings and metricsRelabelings" - - "[Fixed]: Service monitor interval configuration for all components" + - "[Changed]: Sync CRDs of ArgoCD v2.1.0" + - "[Added]: Enable use of separated secret just for repositories" + - "[Deprecated]: configs.repositoryCredentials is deprecated now. Instead, use configs.credentialTemplates and/or configs.repositories" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 57399e5e..d75802b3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -167,6 +167,9 @@ NAME: my-release | configs.secret.createSecret | Create the argocd-secret. | `true` | | configs.secret.githubSecret | GitHub incoming webhook secret | `""` | | configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` | +| configs.repositoryCredentials | DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories. | `{}` | +| configs.credentialTemplates | Repository credentials to be used as Templates for other repos. | `{}` | +| configs.repositories | Repositories list to be used by applications. | `{}` | | configs.tlsCertsAnnotations | TLS certificate configmap annotations | `{}` | | configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) | | configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` | @@ -301,6 +304,7 @@ NAME: my-release | server.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | | server.configAnnotations | ArgoCD configuration configmap annotations | `{}` | | server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) | +| server.config.repositories | [DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories.](https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | | server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` | diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index 74364ae4..714b363e 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -267,6 +267,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -365,6 +371,10 @@ spec: properties: group: type: string + jqPathExpressions: + items: + type: string + type: array jsonPointers: items: type: string @@ -376,7 +386,6 @@ spec: namespace: type: string required: - - jsonPointers - kind type: object type: array @@ -543,6 +552,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -838,6 +853,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether toforce applying common labels to resources for Kustomizeapps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -1134,6 +1155,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -1412,6 +1439,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: @@ -1687,6 +1720,12 @@ spec: type: string description: CommonLabels is a list of additional labels to add to rendered manifests type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + type: boolean images: description: Images is a list of Kustomize image override specifications items: diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index a5f59108..34cdaaca 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -1,3 +1,9 @@ +{{- if or .Values.configs.repositoryCredentials .Values.server.config.repositories }} +WARNING: You are using configs.repositoryCredentials and/or server.config.repositories parameter that are DEPRECATED +Instead, use configs.repositoryTemplates and/or configs.repositories parameters +Read More about here: https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour + +{{- end}} In order to access the server UI you have the following options: 1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443 diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index fac40ab7..a75c1af1 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -48,6 +48,8 @@ spec: - {{ .Values.controller.args.selfHealTimeout | quote }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --repo-server-timeout-seconds + - {{ .Values.controller.args.repoServerTimeoutSeconds | quote }} - --logformat - {{ .Values.controller.logFormat }} - --loglevel @@ -93,7 +95,10 @@ spec: timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} + workingDir: /home/argocd volumeMounts: + - name: argocd-home + mountPath: /home/argocd - mountPath: /app/config/controller/tls name: argocd-repo-server-tls {{- with .Values.controller.volumeMounts }} @@ -119,6 +124,8 @@ spec: {{ toYaml . | indent 6 }} {{- end }} volumes: + - emptyDir: {} + name: argocd-home - name: argocd-repo-server-tls secret: items: diff --git a/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret-legacy.yaml similarity index 97% rename from charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml rename to charts/argo-cd/templates/argocd-configs/repository-credentials-secret-legacy.yaml index 354e2ca9..a89bedcb 100644 --- a/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret-legacy.yaml @@ -10,4 +10,4 @@ data: {{- range $key, $value := .Values.configs.repositoryCredentials }} {{ $key }}: {{ $value | b64enc }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml new file mode 100644 index 00000000..fe21917c --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -0,0 +1,14 @@ +{{- range $repo_cred_key, $repo_cred_value := .Values.configs.credentialTemplates }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: argocd-repo-creds-{{ $repo_cred_key }} + labels: + argocd.argoproj.io/secret-type: repo-creds + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +data: + {{- range $key, $value := $repo_cred_value }} + {{ $key }}: {{ $value | toString | b64enc }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml new file mode 100644 index 00000000..b42eaefc --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -0,0 +1,14 @@ +{{- range $repo_key, $repo_value := .Values.configs.repositories }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: argocd-repo-{{ $repo_key }} + labels: + argocd.argoproj.io/secret-type: repository + {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} +data: + {{- range $key, $value := $repo_value }} + {{ $key }}: {{ $value | b64enc }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ff23a597..930827d8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -61,6 +61,7 @@ controller: operationProcessors: "10" appResyncPeriod: "180" selfHealTimeout: "5" + repoServerTimeoutSeconds: "60" ## Argo controller log format: text|json logFormat: text @@ -101,6 +102,7 @@ controller: # drop: # - all # readOnlyRootFilesystem: true + # runAsNonRoot: true ## Configures the controller port containerPort: 8082 @@ -395,10 +397,8 @@ redis: ## Redis Pod specific security context securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 runAsNonRoot: true + runAsUser: 999 serviceAccount: create: false @@ -696,6 +696,8 @@ server: url: https://argocd.example.com # Argo CD instance label key application.instanceLabelKey: argocd.argoproj.io/instance + + # DEPRECATED: Please instead use configs.credentialTemplates and configs.repositories # repositories: | # - url: git@github.com:group/repo.git # sshPrivateKeySecret: @@ -707,6 +709,7 @@ server: # - type: helm # url: https://argoproj.github.io/argo-helm # name: argo + # oidc.config: | # name: AzureAD # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 @@ -1115,25 +1118,48 @@ configs: # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK # XWyb96wrUlv+E8I= # -----END CERTIFICATE----- - # Creates a secret with optional repository credentials - repositoryCredentials: - {} - # sample-ssh-key: | - # -----BEGIN RSA PRIVATE KEY----- - # MIICXAIBAAKBgQCcmiVJXGUvL8zqWmRRETbCKgFadtjJ9WDQpSwiZzMiktpYBo0N - # z0cThzGQfWqvdiJYEy72MrKCaSYssV3eHP5zTffk4VBDktNfdl1kgkOpqnh7tQO4 - # nBONRLzcK6KEbKUsmiTbW8Jb4UFYDhyyyveby7y3vYePmaRQIrlEenVfKwIDAQAB - # AoGAbbg+WZjnt9jYzHWKhZX29LDzg8ty9oT6URT4yB3gIOAdJMFqQHuyg8cb/e0x - # O0AcrfK623oHwgEj4vpeFwnfaBdtM5GfH9zaj6pnXV7VZc3oBHrBnHUgFT3NEYUe - # tt6rtatIguBH61Aj/pyij9sOfF0xDj0s1nwFTbdHtZR/31kCQQDIwcVTqhKkDNW6 - # cvdz+Wt3v9x1wNg+VhZhyA/pKILz3+qtn3GogLrQqhpVi+Y7tdvEv9FvgKaCjUp8 - # 6Lfp6dDFAkEAx7HpQbXFdrtcveOi9kosKRDX1PT4zdhB08jAXGlV8jr0jkrZazVM - # hV5rVCuu35Vh6x1fiyGwwiVsqhgWE+KPLwJAWrDemasM/LsnmjDxhJy6ZcBwsWlK - # xu5Q8h9UwLmiXtVayNBsofh1bGpLtzWZ7oN7ImidDkgJ8JQvgDoJS0xrGQJBALPJ - # FkMFnrjtqGqBVkc8shNqyZY90v6oM2OzupO4dht2PpUZCDPAMZtlTWXjSjabbCPc - # NxexBk1UmkdtFftjHxsCQGjG+nhRYH92MsmrbvZyFzgxg9SIOu6xel7D3Dq9l5Le - # XG+bpHPF4SiCpAxthP5WNa17zuvk+CDsMZgZNuhYNMo= - # -----END RSA PRIVATE KEY----- +## # Creates a secret with optional repository credentials +## DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories + repositoryCredentials: {} + +## Creates a secret for each key/value specified below to create repository credentials + credentialTemplates: {} + # github-enterprise-creds-1: + # url: https://github.com/argoproj + # githubAppID: 1 + # githubAppInstallationID: 2 + # githubAppEnterpriseBaseUrl: https://ghe.example.com/api/v3 + # githubAppPrivateKey: | + # -----BEGIN OPENSSH PRIVATE KEY----- + # ... + # -----END OPENSSH PRIVATE KEY----- + # https-creds: + # url: https://github.com/argoproj + # password: my-password + # username: my-username + # ssh-creds: + # url: git@github.com:argoproj-labs + # sshPrivateKey: | + # -----BEGIN OPENSSH PRIVATE KEY----- + # ... + # -----END OPENSSH PRIVATE KEY----- + +## Creates a secret for each key/value specified below to create repositories +## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". + repositories: {} + # istio-helm-repo: + # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts + # name: istio.io + # type: helm + # private-helm-repo: + # url: https://my-private-chart-repo.internal + # name: private-repo + # type: helm + # password: my-password + # username: my-username + # private-repo: + # url: https://github.com/argoproj/private-repo + secret: createSecret: true ## Annotations to be added to argocd-secret From e099ab38b4bb926bd39c1a28310b73265cd58eee Mon Sep 17 00:00:00 2001 From: Takumi Sue <23391543+mikutas@users.noreply.github.com> Date: Thu, 26 Aug 2021 22:55:06 +0900 Subject: [PATCH 0064/1248] fix(argo-cd): Add missing parameter 'server.extraContainers' to README.md (#902) Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 1 + 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4392cbe8..868480bd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.0 +version: 3.17.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,6 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Sync CRDs of ArgoCD v2.1.0" - - "[Added]: Enable use of separated secret just for repositories" - - "[Deprecated]: configs.repositoryCredentials is deprecated now. Instead, use configs.credentialTemplates and/or configs.repositories" + - "[Fixed]: Add missing parameter 'server.extraContainers' to README.md" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d75802b3..062265e8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -307,6 +307,7 @@ NAME: my-release | server.config.repositories | [DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories.](https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour) | See [values.yaml](values.yaml) | | server.containerPort | Server container port. | `8080` | | server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | +| server.extraContainers | Additional containers for the server. A list of containers. | `[]` | | server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` | | server.env | Environment variables for the server. | `[]` | | server.envFrom | `envFrom` to pass to the server. | `[]` (See [values.yaml](values.yaml)) | From 1b7d63fde9e5f6c68ed659ad9a5285f495be6e83 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 26 Aug 2021 16:21:58 +0200 Subject: [PATCH 0065/1248] feat(argo-cd): Upgrade argo-cd image to 2.1.1 (#903) * reenable static assets for argo-cd server Signed-off-by: Geisler, James D * add fix to changelog Signed-off-by: Geisler, James D * feat(argo-cd): Upgrade argo-cd image to 2.1.1 Signed-off-by: Petr Drastil * Bump chart version Signed-off-by: Petr Drastil * Bump fix version Signed-off-by: Petr Drastil Co-authored-by: Geisler, James D --- charts/argo-cd/Chart.yaml | 7 ++++--- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ++++ charts/argo-cd/values.yaml | 6 +++++- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 868480bd..4f6a944b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.1.0 +appVersion: 2.1.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.1 +version: 3.17.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing parameter 'server.extraContainers' to README.md" + - "[Changed]: Upgrade argo-cd image to 2.1.1" + - "[Fixed]: Reenabling static assets for the argo-cd server" diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 9f941c96..05d1a5ae 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -40,6 +40,10 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server + {{ if .Values.server.staticAssets.enabled }} + - --staticassets + - /shared/app + {{ end }} - --repo-server - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- if .Values.dex.enabled }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 930827d8..d6ebddbe 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.1.0 + tag: v2.1.1 imagePullPolicy: IfNotPresent ## Annotations applied to all pods podAnnotations: {} @@ -462,6 +462,10 @@ server: extraArgs: [] # - --insecure + # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app + staticAssets: + enabled: true + ## Environment variables to pass to argocd-server ## env: [] From 93a74912dc6dcbfbc84264272931cd565119afb1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Pinson?= Date: Thu, 26 Aug 2021 17:10:49 +0200 Subject: [PATCH 0066/1248] fix(argo-cd): use $ as context for repository secret labels (#904) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Raphaël Pinson --- charts/argo-cd/Chart.yaml | 5 ++--- .../argocd-configs/repository-credentials-secret.yaml | 2 +- .../argo-cd/templates/argocd-configs/repository-secret.yaml | 2 +- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4f6a944b..d5e17438 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.2 +version: 3.17.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade argo-cd image to 2.1.1" - - "[Fixed]: Reenabling static assets for the argo-cd server" + - "[Fixed]: use $ as context for repository secret labels" diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index fe21917c..f9165d5d 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -6,7 +6,7 @@ metadata: name: argocd-repo-creds-{{ $repo_cred_key }} labels: argocd.argoproj.io/secret-type: repo-creds - {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} + {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} data: {{- range $key, $value := $repo_cred_value }} {{ $key }}: {{ $value | toString | b64enc }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index b42eaefc..2c0d4f08 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -6,7 +6,7 @@ metadata: name: argocd-repo-{{ $repo_key }} labels: argocd.argoproj.io/secret-type: repository - {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} + {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} data: {{- range $key, $value := $repo_value }} {{ $key }}: {{ $value | b64enc }} From 81ec515e54d03d798c9ab198688b0c77ca59f1e4 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 27 Aug 2021 12:05:55 +0200 Subject: [PATCH 0067/1248] chore(argo-cd): Upgrade dex server to 2.30.0 (#905) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d5e17438..debedb0b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.3 +version: 3.17.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: use $ as context for repository secret labels" + - "[Changed]: Upgrade dex server to 2.30.0" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d6ebddbe..d87db087 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -243,7 +243,7 @@ dex: image: repository: ghcr.io/dexidp/dex - tag: v2.28.1 + tag: v2.30.0 imagePullPolicy: IfNotPresent initImage: repository: From 91d2a56ca80a24be083b224f2dfdc742dcb21dfe Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 27 Aug 2021 14:33:17 +0200 Subject: [PATCH 0068/1248] Add Pod label configuration for argocd-applicationset (#906) Signed-off-by: Petr Drastil --- charts/argocd-applicationset/Chart.yaml | 4 ++-- charts/argocd-applicationset/README.md | 1 + charts/argocd-applicationset/templates/deployment.yaml | 3 +++ charts/argocd-applicationset/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index ebe52679..ba9b62cd 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.3.1 +version: 1.4.0 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Changed]: Update README and convert it to helm-docs" + - "[Added]: Configuration for Pod labels" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index 35c57240..1683c33b 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -79,6 +79,7 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | nameOverride | string | `""` | Provide a name in place of `argocd-applicationset` | | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | | podAnnotations | object | `{}` | Annotations for the controller pods | +| podLabels | object | `{}` | Labels for the controller pods | | podSecurityContext | object | `{}` | Pod Security Context | | priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | | rbac.pspEnabled | bool | `true` | Enable Pod Security Policy | diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index beb34680..a577854b 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -17,6 +17,9 @@ spec: {{- end }} labels: {{- include "argo-applicationset.selectorLabels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index b0820368..5c9f8225 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -50,6 +50,9 @@ serviceAccount: # -- Annotations for the controller pods podAnnotations: {} +# -- Labels for the controller pods +podLabels: {} + rbac: # -- Enable Pod Security Policy pspEnabled: true From 2beca15feb709e16f01e415ee2030bf18e48ed35 Mon Sep 17 00:00:00 2001 From: Karsten Siemer Date: Fri, 27 Aug 2021 14:59:29 +0200 Subject: [PATCH 0069/1248] feat(argo-workflows): Add controller namespaceParallelism param to configmap (#908) Signed-off-by: Karsten Siemer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 2 ++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6a8e00b8..57659f23 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.4.2 +version: 0.5.0 appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Bump appVersion to 3.1.8" + - "[Added]: Add controller namespaceParallelism param to configmap" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index dd2af42e..ce6f166b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -17,6 +17,9 @@ data: {{- if .Values.controller.parallelism }} parallelism: {{ .Values.controller.parallelism }} {{- end }} + {{- with .Values.controller.namespaceParallelism }} + namespaceParallelism: {{ . }} + {{- end }} {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: {{- with .Values.executor.resources }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index c19562d0..cbbe9491 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -42,6 +42,8 @@ controller: tag: "" # parallelism dictates how many workflows can be running at the same time parallelism: + # Limits the maximum number of incomplete workflows in a namespace + namespaceParallelism: # podAnnotations is an optional map of annotations to be applied to the controller Pods podAnnotations: {} # Optional labels to add to the controller pods From 2fd39754de4e5a7e89afc669d2cb99a029600e6d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 27 Aug 2021 15:12:29 +0200 Subject: [PATCH 0070/1248] Add Pod label configuration for argocd-notifications (#907) Signed-off-by: Petr Drastil Co-authored-by: Marco Kilchhofer --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/templates/deployment.yaml | 3 +++ charts/argocd-notifications/values.yaml | 2 ++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 26d37b85..fe9b6f45 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.4.4 +version: 1.5.0 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Fixed]: Use correct names for ConfigMap and Secret" + - "[Added]: Configuration for Pod labels" diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml index 0e18f698..f1d9ab5e 100644 --- a/charts/argocd-notifications/templates/deployment.yaml +++ b/charts/argocd-notifications/templates/deployment.yaml @@ -20,6 +20,9 @@ spec: {{- end }} labels: {{- include "argocd-notifications.selectorLabels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index fe6857b7..6eeb97a0 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -73,6 +73,8 @@ notifiers: podAnnotations: {} +podLabels: {} + ## Pod Security Context securityContext: runAsNonRoot: true From 5c03c916be16f3228ad1745410fb82e9b75a2822 Mon Sep 17 00:00:00 2001 From: Sander van Schie Date: Fri, 27 Aug 2021 15:47:01 +0200 Subject: [PATCH 0071/1248] feat(argo-cd): Make AWS ALB GRPC backend protocol version configurable (#909) Signed-off-by: Sander van Schie --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + .../templates/argocd-server/alb-grpc-service.yaml | 2 +- charts/argo-cd/values.yaml | 13 +++++++------ 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index debedb0b..4efb92dd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.4 +version: 3.17.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade dex server to 2.30.0" + - "[Changed]: Make AWS ALB GRPC backend protocol version configurable" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 062265e8..8679a009 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -329,6 +329,7 @@ NAME: my-release | server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | | server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | | server.ingressGrpc.awsALB.serviceType | Service type for the AWS ALB GRPC service | `NodePort` | +| server.ingressGrpc.awsALB.backendProtocolVersion | Backend protocol version for the AWS ALB GRPC service | `HTTP2` | | server.route.enabled | Enable a OpenShift route for the server | `false` | | server.route.hostname | Hostname of OpenShift route | `""` | | server.lifecycle | PostStart and PreStop hooks configuration | `{}` | diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml index dd725fef..4adcd82d 100644 --- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml +++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: annotations: - alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + alb.ingress.kubernetes.io/backend-protocol-version: {{ .Values.server.ingressGrpc.awsALB.backendProtocolVersion }} labels: {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-grpc diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d87db087..8bf991c6 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -644,14 +644,15 @@ server: labels: {} ingressClassName: "" - ## Service Type if isAWSALB is set to true - ## Can be of type NodePort or ClusterIP depending on which mode you are - ## are running. Instance mode needs type NodePort, IP mode needs type - ## ClusterIP - ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic - ## awsALB: + ## Service Type if isAWSALB is set to true + ## Can be of type NodePort or ClusterIP depending on which mode you are + ## are running. Instance mode needs type NodePort, IP mode needs type + ## ClusterIP + ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic serviceType: NodePort + # This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + backendProtocolVersion: HTTP2 ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. From 32a6aa70ed65d4ef2108ea55d0bf214a4852de03 Mon Sep 17 00:00:00 2001 From: Donovan Muller Date: Mon, 30 Aug 2021 08:46:26 +0200 Subject: [PATCH 0072/1248] fix(argo-rollouts): Also use 'controller.component' parameter in ServiceMonitor (#912) * fix(argo-rollouts): Use 'controller.component' parameter consistently Signed-off-by: Donovan Muller * Fix second occurrence of controller.component Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- .../templates/argo-rollouts-service-monitor.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 7bdb6ea9..74431538 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.0.0 +version: 2.0.1 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Dashboard manifests" + - "[Fixed]: ServiceMonitor selector labels match metrics Service" diff --git a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml index f94a25b8..72d9a691 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml @@ -4,7 +4,7 @@ kind: ServiceMonitor metadata: name: {{ include "argo-rollouts.fullname" . }} labels: - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} {{- range $key, $value := .Values.controller.metrics.serviceMonitor.additionalLabels }} {{ $key }}: {{ $value | quote }} @@ -21,6 +21,6 @@ spec: - {{ .Release.Namespace }} selector: matchLabels: - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} {{- end }} From 372fc24e5e3fd989b2ddacc79fdcc3fe66ad9114 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Thu, 2 Sep 2021 17:58:50 -0400 Subject: [PATCH 0073/1248] feat(argo-cd): Upgrade argocd to v2.1.2 (#921) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4efb92dd..58cd634e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.1.1 +appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.5 +version: 3.17.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Make AWS ALB GRPC backend protocol version configurable" + - "[Changed]: Upgrade argocd to 2.1.2" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 8679a009..99114a91 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -141,7 +141,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.0.5"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.1.2"` | | global.podAnnotations | Annotations for the all deployed pods | | global.podLabels | Labels for the all deployed pods | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8bf991c6..022ecfb2 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.1.1 + tag: v2.1.2 imagePullPolicy: IfNotPresent ## Annotations applied to all pods podAnnotations: {} From 44acc3cde7d04bc2bfa8b8613defcff49bbd32f4 Mon Sep 17 00:00:00 2001 From: Elliot Maincourt Date: Mon, 13 Sep 2021 18:21:04 +0200 Subject: [PATCH 0074/1248] feat(argo-workflows): Add controller containerRuntimeExecutors param to configmap (#924) * feat(argo-workflows): Add controller containerRuntimeExecutors param to configmap Signed-off-by: Elliot Maincourt * fix(chart): changes are not cumulative Signed-off-by: Elliot Maincourt --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 4 ++++ charts/argo-workflows/values.yaml | 5 +++++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 57659f23..cb5f3fe9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.5.0 +version: 0.5.1 appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add controller namespaceParallelism param to configmap" + - "[Added]: Add controller containerRuntimeExecutors param to configmap" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index ce6f166b..36ecf638 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -14,6 +14,10 @@ data: {{- end }} {{- end }} containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} + {{- with .Values.controller.containerRuntimeExecutors }} + containerRuntimeExecutors: + {{- toYaml . | nindent 6 }} + {{- end }} {{- if .Values.controller.parallelism }} parallelism: {{ .Values.controller.parallelism }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cbbe9491..8e195b47 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -113,6 +113,11 @@ controller: workflowNamespaces: - default containerRuntimeExecutor: docker + # containerRuntimeExecutors: + # - name: emissary + # selector: + # matchLabels: + # workflows.argoproj.io/container-runtime-executor: emissary instanceID: # `instanceID.enabled` configures the controller to filter workflow submissions # to only those which have a matching instanceID attribute. From a801d55710a704b1c155f4c146e6ead6a546d8e7 Mon Sep 17 00:00:00 2001 From: keiSunagawa Date: Wed, 15 Sep 2021 19:30:54 +0900 Subject: [PATCH 0075/1248] fix(argo-cd): global podLabels/podAnnotations object unexpected merge (#930) * fix(argo-cd): global podLabels/podAnnotations object unexpected merge Signed-off-by: keiSunagawa * fix change log typo Signed-off-by: keiSunagawa --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-application-controller/deployment.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 4 ++-- charts/argo-cd/templates/redis/deployment.yaml | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 58cd634e..d52a3863 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.6 +version: 3.17.7 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade argocd to 2.1.2" + - "[Fixed]: global podLabels/podAnnotations object unexpected merge" diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index a75c1af1..b188892b 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -17,14 +17,14 @@ spec: replicas: {{ .Values.controller.replicas }} template: metadata: - {{- with (mergeOverwrite .Values.global.podAnnotations .Values.controller.podAnnotations) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.controller.podAnnotations) }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }} - {{- with (mergeOverwrite .Values.global.podLabels .Values.controller.podLabels) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.controller.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} spec: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 9b4c3400..07553973 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -16,14 +16,14 @@ spec: {{- end }} template: metadata: - {{- with (mergeOverwrite .Values.global.podAnnotations .Values.repoServer.podAnnotations) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }} app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }} - {{- with (mergeOverwrite .Values.global.podLabels .Values.repoServer.podLabels) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.repoServer.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} spec: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 05d1a5ae..cbb31207 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -16,14 +16,14 @@ spec: {{- end }} template: metadata: - {{- with (mergeOverwrite .Values.global.podAnnotations .Values.server.podAnnotations) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.server.podAnnotations) }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }} - {{- with (mergeOverwrite .Values.global.podLabels .Values.server.podLabels) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.server.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} spec: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 97951d01..6eb0281b 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -12,14 +12,14 @@ spec: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }} template: metadata: - {{- with (mergeOverwrite .Values.global.podAnnotations .Values.dex.podAnnotations) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.dex.podAnnotations) }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 8 }} app.kubernetes.io/version: {{ .Values.dex.image.tag | quote }} - {{- with (mergeOverwrite .Values.global.podLabels .Values.dex.podLabels) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.dex.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} spec: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 05d9f43d..9ad7d662 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -13,14 +13,14 @@ spec: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} template: metadata: - {{- with (mergeOverwrite .Values.global.podAnnotations .Values.redis.podAnnotations) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.redis.podAnnotations) }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 8 }} app.kubernetes.io/version: {{ .Values.redis.image.tag | quote }} - {{- with (mergeOverwrite .Values.global.podLabels .Values.redis.podLabels) }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.redis.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} spec: From 7274e3a094efe9d8ea3a97cde26fe331354b10d2 Mon Sep 17 00:00:00 2001 From: bderdiarian Date: Wed, 15 Sep 2021 15:27:03 -0700 Subject: [PATCH 0076/1248] feat(argo-workflows): Adding initialDelay param to controller configmap (#926) * Adding initialDelay param to controller configmap Signed-off-by: Brian Derdiarian * Fixing change log Signed-off-by: Brian Derdiarian * Ticking up chart version Signed-off-by: Brian Derdiarian Signed-off-by: brianderdiarian Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 2 ++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index cb5f3fe9..f05be3e9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.5.1 +version: 0.5.2 appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add controller containerRuntimeExecutors param to configmap" + - "[Added]: Add controller initialDelay param to configmap" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 36ecf638..86c7b709 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -24,6 +24,9 @@ data: {{- with .Values.controller.namespaceParallelism }} namespaceParallelism: {{ . }} {{- end }} + {{- with .Values.controller.initialDelay }} + initialDelay: {{ . }} + {{- end }} {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: {{- with .Values.executor.resources }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8e195b47..f87b3364 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -44,6 +44,8 @@ controller: parallelism: # Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: + # Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 + initialDelay: # podAnnotations is an optional map of annotations to be applied to the controller Pods podAnnotations: {} # Optional labels to add to the controller pods From d96cb02a432a9c9d88bdbb2b6ebfc536a57974a7 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 16 Sep 2021 19:30:36 +0200 Subject: [PATCH 0077/1248] fix(argocd-image-updater): Add scratch space for /tmp (#933) Signed-off-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/templates/deployment.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 1ace2616..aecbdb89 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.1.0 +version: 0.1.1 appVersion: v0.10.1 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: First chart release" + - "[Fixed]: Add scratch space (emptyDir) for /tmp" diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index cfc350ec..515de34b 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -74,6 +74,8 @@ spec: volumeMounts: - mountPath: /app/config name: registries-conf + - mountPath: /tmp + name: tmp-dir volumes: - configMap: items: @@ -81,6 +83,8 @@ spec: path: registries.conf name: argocd-image-updater-config name: registries-conf + - emptyDir: {} + name: tmp-dir {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} From f10234f340d4f7e2858efbc9bd7b95453c931d0e Mon Sep 17 00:00:00 2001 From: Takumi Sue <23391543+mikutas@users.noreply.github.com> Date: Fri, 17 Sep 2021 02:59:20 +0900 Subject: [PATCH 0078/1248] feat(argo-cd): add extraContainers to pods besides server (#927) * feat(argo-cd): add extraContainers to pods besides server Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++++ .../argocd-application-controller/deployment.yaml | 5 ++++- .../templates/argocd-repo-server/deployment.yaml | 5 ++++- .../argo-cd/templates/argocd-server/deployment.yaml | 12 ++++++------ charts/argo-cd/templates/dex/deployment.yaml | 5 ++++- charts/argo-cd/templates/redis/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 11 +++++++++++ 8 files changed, 38 insertions(+), 11 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d52a3863..f37108cf 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.17.7 +version: 3.18.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: global podLabels/podAnnotations object unexpected merge" + - "[Added]: extraContainers values were added to pods besides server" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 99114a91..0a9f5cad 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -188,6 +188,7 @@ NAME: my-release | controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | | controller.containerPort | Controller listening port. | `8082` | | controller.extraArgs | Additional arguments for the controller. A list of flags | `[]` | +| controller.extraContainers | Additional containers for the controller. A list of containers. | `[]` | | controller.enableStatefulSet | Enable deploying the controller as a StatefulSet instead of a Deployment. Used for HA installations. | `false` | | controller.env | Environment variables for the controller. | `[]` | | controller.envFrom | `envFrom` to pass to the controller. | `[]` (See [values.yaml](values.yaml)) | @@ -243,6 +244,7 @@ NAME: my-release | repoServer.autoscaling.targetMemoryUtilizationPercentage | Average memory utilization percentage for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` | | repoServer.containerPort | Repo server port | `8081` | | repoServer.extraArgs | Additional arguments for the repo server. A list of flags. | `[]` | +| repoServer.extraContainers | Additional containers for the repo server. A list of containers. | `[]` | | repoServer.env | Environment variables for the repo server. | `[]` | | repoServer.envFrom | `envFrom` to pass to the repo server. | `[]` (See [values.yaml](values.yaml)) | | repoServer.image.repository | Repository to use for the repo server | `global.image.repository` | @@ -402,6 +404,7 @@ NAME: my-release | dex.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | | dex.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | | dex.name | Dex name | `"dex-server"` | +| dex.extraContainers | Additional containers for the Dex server. A list of containers. | `[]` | | dex.env | Environment variables for the Dex server. | `[]` | | dex.envFrom | `envFrom` to pass to the Dex server. | `[]` (See [values.yaml](values.yaml)) | | dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | @@ -449,6 +452,7 @@ through `xxx.extraArgs` | redis.image.repository | Redis repository | `"redis"` | | redis.image.tag | Redis tag | `"6.2.1-alpine"` | | redis.extraArgs | Additional arguments for the `redis-server`. A list of flags. | `[]` | +| redis.extraContainers | Additional containers for the redis. A list of containers. | `[]` | | redis.name | Redis name | `"redis"` | | redis.env | Environment variables for the Redis server. | `[]` | | redis.envFrom | `envFrom` to pass to the Redis server. | `[]` (See [values.yaml](values.yaml)) | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index b188892b..f0ab071f 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -105,7 +105,10 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} resources: -{{- toYaml .Values.controller.resources | nindent 10 }} + {{- toYaml .Values.controller.resources | nindent 10 }} + {{- with .Values.controller.extraContainers }} + {{- toYaml . | nindent 6 }} + {{- end }} {{- if .Values.controller.nodeSelector }} nodeSelector: {{- toYaml .Values.controller.nodeSelector | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 07553973..38cbfcb0 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -113,7 +113,10 @@ spec: successThreshold: {{ .Values.repoServer.readinessProbe.successThreshold }} failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }} resources: -{{- toYaml .Values.repoServer.resources | nindent 10 }} + {{- toYaml .Values.repoServer.resources | nindent 10 }} + {{- with .Values.controller.extraContainers }} + {{- toYaml . | nindent 6 }} + {{- end }} {{- if .Values.repoServer.nodeSelector }} nodeSelector: {{- toYaml .Values.repoServer.nodeSelector | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index cbb31207..771e7c3b 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -120,14 +120,14 @@ spec: successThreshold: {{ .Values.server.readinessProbe.successThreshold }} failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }} resources: -{{- toYaml .Values.server.resources | nindent 10 }} - {{- if .Values.server.lifecycle }} + {{- toYaml .Values.server.resources | nindent 10 }} + {{- if .Values.server.lifecycle }} lifecycle: -{{- toYaml .Values.server.lifecycle | nindent 10 }} + {{- toYaml .Values.server.lifecycle | nindent 10 }} + {{- end }} + {{- with .Values.server.extraContainers }} + {{- toYaml . | nindent 6 }} {{- end }} - {{- if .Values.server.extraContainers }} -{{- toYaml .Values.server.extraContainers | nindent 6 }} - {{- end }} {{- if .Values.server.nodeSelector }} nodeSelector: {{- toYaml .Values.server.nodeSelector | nindent 8 }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 6eb0281b..9c409399 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -99,7 +99,10 @@ spec: {{- toYaml .Values.dex.volumeMounts | nindent 8 }} {{- end }} resources: -{{- toYaml .Values.dex.resources | nindent 10 }} + {{- toYaml .Values.dex.resources | nindent 10 }} + {{- with .Values.dex.extraContainers }} + {{- toYaml . | nindent 6 }} + {{- end }} {{- if .Values.dex.nodeSelector }} nodeSelector: {{- toYaml .Values.dex.nodeSelector | nindent 8 }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 9ad7d662..77169592 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -64,6 +64,9 @@ spec: {{- end }} resources: {{- toYaml .Values.redis.resources | nindent 10 }} + {{- with .Values.redis.extraContainers }} + {{- toYaml . | nindent 6 }} + {{- end }} {{- if .Values.redis.nodeSelector }} nodeSelector: {{- toYaml .Values.redis.nodeSelector | nindent 8 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 022ecfb2..38421dad 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -220,6 +220,8 @@ controller: enabled: false rules: [] + ## Additional containers to be added to the controller pod. + extraContainers: [] ## Dex dex: @@ -339,6 +341,9 @@ dex: # cpu: 10m # memory: 32Mi + ## Additional containers to be added to the dex pod. + extraContainers: [] + ## Redis redis: enabled: true @@ -419,6 +424,9 @@ redis: volumeMounts: [] volumes: [] + ## Additional containers to be added to the redis pod. + extraContainers: [] + # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted redis-ha: @@ -992,6 +1000,9 @@ repoServer: ## Automount API credentials for the Service Account automountServiceAccountToken: true + ## Additional containers to be added to the repo server pod. + extraContainers: [] + ## Repo server rbac rules # rbac: # - apiGroups: From 258ad7fa648c98d1165321129662940fba5ff52f Mon Sep 17 00:00:00 2001 From: sgavrylenko <13081190+sgavrylenko@users.noreply.github.com> Date: Thu, 16 Sep 2021 21:59:39 +0300 Subject: [PATCH 0079/1248] feat(argocd-image-updater): Add custom environment variables (#874) * feat(argocd-notifications): Add example for defaultTriggers (#871) * extending chart by optional defaultTriggers Signed-off-by: shortsn * #871 adjustments according review comments Signed-off-by: shortsn * #871 rework using existing field Signed-off-by: shortsn * #871 fixing linebreaks Signed-off-by: shortsn * #871 adjusting version Signed-off-by: shortsn Signed-off-by: Sergiy Gavrylenko * feat(argocd-image-updater): Add custom environment variable Signed-off-by: Sergiy Gavrylenko * feat(argocd-image-updater): Add custom environment variables Signed-off-by: Sergiy Gavrylenko * Revert "feat(argocd-image-updater): Add custom environment variable" This reverts commit c6146d942c97dc694aa7777ec73d649afba1b4ab. Signed-off-by: Sergiy Gavrylenko * feat(argocd-image-updater): Add custom environment variables into deployment Signed-off-by: Sergiy Gavrylenko * chore: Rework PR Signed-off-by: Marco Kilchhofer Co-authored-by: shortsn Co-authored-by: Sergiy Gavrylenko Co-authored-by: Marco Kilchhofer Co-authored-by: Marko Bevc --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 1 + charts/argocd-image-updater/templates/deployment.yaml | 3 +++ charts/argocd-image-updater/values.yaml | 5 +++++ 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index aecbdb89..bf652d50 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.1.1 +version: 0.2.0 appVersion: v0.10.1 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Add scratch space (emptyDir) for /tmp" + - "[Added]: Ability to provide custom environment variables" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index d3440dd6..a3c97ced 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -67,6 +67,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.logLevel | string | `"info"` | ArgoCD Image Update log level | | config.registries | list | `[]` | ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in config.argocd | +| extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | | image.pullPolicy | string | `"Always"` | Default image pull policy | | image.repository | string | `"argoprojlabs/argocd-image-updater"` | Default image repository | diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 515de34b..d19ecf4e 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -51,6 +51,9 @@ spec: optional: true - name: IMAGE_UPDATER_LOGLEVEL value: {{ .Values.config.logLevel }} + {{- with .Values.extraEnv }} + {{- toYaml . | nindent 10 }} + {{- end }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index f939137c..c6bbf4d4 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -27,6 +27,11 @@ extraArgs: [] # - --once # - --registries-conf-path /app/config/registries.conf +# -- Extra environment variables for argocd-image-updater +extraEnv: [] + # - name: AWS_REGION + # value: "us-west-1" + config: # Described in detail here https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags argocd: From 91aaaf066f1b756c20b27b9e1d464412e415ed7c Mon Sep 17 00:00:00 2001 From: siddharth Date: Fri, 17 Sep 2021 00:35:49 +0530 Subject: [PATCH 0080/1248] fix(argo-rollouts): use `image.tag` in labels if provided (#913) * argod-rollouts: fix app version label Signed-off-by: sedflix * bump chart and add changelog Signed-off-by: sedflix --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/_helpers.tpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 74431538..dccdbeeb 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.0.1 +version: 2.0.2 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Fixed]: ServiceMonitor selector labels match metrics Service" + - "[Fixed]: use image.tag in app labels if provided" diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 2e5153b5..f3611889 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -38,7 +38,7 @@ Common labels helm.sh/chart: {{ include "argo-rollouts.chart" . }} {{ include "argo-rollouts.selectorLabels" . }} {{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +app.kubernetes.io/version: {{ default .Chart.AppVersion $.Values.controller.image.tag | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argo-rollouts From 804cd4ec5479d7faa5757b4f7a82ebc3cb4ad3a6 Mon Sep 17 00:00:00 2001 From: Sander van Schie Date: Fri, 17 Sep 2021 15:57:26 +0200 Subject: [PATCH 0081/1248] feat(argo-cd): Add support for topologySpreadConstraints (#917) * feat(argo-cd): Add support for topologySpreadConstraints Signed-off-by: Sander van Schie * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 5 +++ .../deployment.yaml | 11 +++++ .../argocd-repo-server/deployment.yaml | 11 +++++ .../templates/argocd-server/deployment.yaml | 11 +++++ charts/argo-cd/templates/dex/deployment.yaml | 11 +++++ .../argo-cd/templates/redis/deployment.yaml | 11 +++++ charts/argo-cd/values.yaml | 40 +++++++++++++++++++ 8 files changed, 102 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f37108cf..30488923 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.18.0 +version: 3.19.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: extraContainers values were added to pods besides server" + - "[Added]: Add support for topologySpreadConstraints" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 0a9f5cad..5e1459a2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -181,6 +181,7 @@ NAME: my-release | Parameter | Description | Default | |-----|---------|-------------| | controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | +| controller.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | | controller.args.operationProcessors | define the controller `--operation-processors` | `"10"` | | controller.args.appResyncPeriod | define the controller `--app-resync` | `"180"` | | controller.args.selfHealTimeout | define the controller `--self-heal-timeout-seconds` | `"5"` | @@ -237,6 +238,7 @@ NAME: my-release | Property | Description | Default | |-----|---------|-------------| | repoServer.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | +| repoServer.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | | repoServer.autoscaling.enabled | Enable Horizontal Pod Autoscaler ([HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)) for the repo server | `false` | | repoServer.autoscaling.minReplicas | Minimum number of replicas for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `1` | | repoServer.autoscaling.maxReplicas | Maximum number of replicas for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `5` | @@ -292,6 +294,7 @@ NAME: my-release | Parameter | Description | Default | |-----|---------|-------------| | server.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | +| server.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | | server.autoscaling.enabled | Enable Horizontal Pod Autoscaler ([HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)) for the server | `false` | | server.autoscaling.minReplicas | Minimum number of replicas for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `1` | | server.autoscaling.maxReplicas | Maximum number of replicas for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `5` | @@ -387,6 +390,7 @@ NAME: my-release | Property | Description | Default | |-----|---------|-------------| | dex.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | +| dex.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | | dex.containerPortGrpc | GRPC container port | `5557` | | dex.containerPortHttp | HTTP container port | `5556` | | dex.enabled | Enable dex | `true` | @@ -446,6 +450,7 @@ through `xxx.extraArgs` | Parameter | Description | Default | |-----|---------|-------------| | redis.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | +| redis.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | | redis.containerPort | Redis container port | `6379` | | redis.enabled | Enable redis | `true` | | redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index f0ab071f..90963613 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -120,6 +120,17 @@ spec: {{- if .Values.controller.affinity }} affinity: {{- toYaml .Values.controller.affinity | nindent 8 }} + {{- end }} + {{- with .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.controller.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }} {{- with .Values.global.hostAliases }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 38cbfcb0..eabc1920 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -128,6 +128,17 @@ spec: {{- if .Values.repoServer.affinity }} affinity: {{- toYaml .Values.repoServer.affinity | nindent 8 }} + {{- end }} + {{- with .Values.repoServer.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.repoServer.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }} {{- with .Values.global.hostAliases }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 771e7c3b..c84d9d95 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -139,6 +139,17 @@ spec: {{- if .Values.server.affinity }} affinity: {{- toYaml .Values.server.affinity | nindent 8 }} + {{- end }} + {{- with .Values.server.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.server.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }} {{- with .Values.global.hostAliases }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 9c409399..5fe78628 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -114,6 +114,17 @@ spec: {{- if .Values.dex.affinity }} affinity: {{- toYaml .Values.dex.affinity | nindent 8 }} + {{- end }} + {{- with .Values.dex.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.dex.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} volumes: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 77169592..f5003466 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -79,6 +79,17 @@ spec: affinity: {{- toYaml .Values.redis.affinity | nindent 8 }} {{- end }} + {{- with .Values.redis.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" $ }}-{{ $.Values.redis.name }} + {{- end }} + {{- end }} + {{- end }} {{- if .Values.redis.volumes }} volumes: {{- toYaml .Values.redis.volumes | nindent 8}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 38421dad..526660ab 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -143,6 +143,14 @@ controller: tolerations: [] affinity: {} + # Pod Topology Spread Constraints + # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + priorityClassName: "" resources: {} @@ -323,6 +331,14 @@ dex: tolerations: [] affinity: {} + # Pod Topology Spread Constraints + # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + priorityClassName: "" ## Labels to set container specific security contexts @@ -390,6 +406,14 @@ redis: tolerations: [] affinity: {} + # Pod Topology Spread Constraints + # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + priorityClassName: "" ## Labels to set container specific security contexts @@ -535,6 +559,14 @@ server: tolerations: [] affinity: {} + # Pod Topology Spread Constraints + # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + priorityClassName: "" ## Labels to set container specific security contexts @@ -948,6 +980,14 @@ repoServer: tolerations: [] affinity: {} + # Pod Topology Spread Constraints + # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + priorityClassName: "" ## Labels to set container specific security contexts From 489443e3875f1c80f1819cfd7a608da94753f9d8 Mon Sep 17 00:00:00 2001 From: Artem Yakimenko Date: Sat, 18 Sep 2021 02:39:06 +1000 Subject: [PATCH 0082/1248] feat(argo-rollouts): Default to keeping CRD's on helm uninstall (#922) Signed-off-by: Artem --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/crds/analysis-run-crd.yaml | 3 +++ .../argo-rollouts/templates/crds/analysis-template-crd.yaml | 3 +++ .../templates/crds/cluster-analysis-template-crd.yaml | 3 +++ charts/argo-rollouts/templates/crds/experiment-crd.yaml | 3 +++ charts/argo-rollouts/templates/crds/rollout-crd.yaml | 3 +++ charts/argo-rollouts/values.yaml | 1 + 8 files changed, 19 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index dccdbeeb..e6634acb 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.0.2 +version: 2.1.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Fixed]: use image.tag in app labels if provided" + - "[Added]: Keep CRDs on Helm uninstall by default, add corresponding option" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 9fcd862a..52ced182 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -48,6 +48,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | imagePullSecrets | list | `[]` | Registry secret names as an array | | installCRDs | bool | `true` | Install and upgrade CRDs | +| keepCRDs | bool | `true` | Keep CRD's on helm uninstall | | crdAnnotations | object | `{}` | Annotations to be added to all CRDs | | podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 08786ca0..1ed7df98 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -4,6 +4,9 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.5.0 + {{- if .Values.keepCRDs }} + "helm.sh/resource-policy": keep + {{- end }} {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 12fc5340..85eafd38 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -4,6 +4,9 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.5.0 + {{- if .Values.keepCRDs }} + "helm.sh/resource-policy": keep + {{- end }} {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index e357b4d2..76866712 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -4,6 +4,9 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.5.0 + {{- if .Values.keepCRDs }} + "helm.sh/resource-policy": keep + {{- end }} {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 5f9f8cfc..7965030a 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -4,6 +4,9 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.5.0 + {{- if .Values.keepCRDs }} + "helm.sh/resource-policy": keep + {{- end }} {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 10d0a8e1..748d5897 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -4,6 +4,9 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.5.0 + {{- if .Values.keepCRDs }} + "helm.sh/resource-policy": keep + {{- end }} {{- if .Values.crdAnnotations }} {{- toYaml .Values.crdAnnotations | nindent 4 }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 4c288b98..f706f1e8 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -1,4 +1,5 @@ installCRDs: true +keepCRDs: true clusterInstall: true From 7477b33cba5961bea54eaf63eded687b64877fd3 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 17 Sep 2021 19:47:11 +0200 Subject: [PATCH 0083/1248] feat(argo-cd): Add ability to scrape redis metrics (#892) * feat(argo-cd): Add ability to scrape redis metrics Signed-off-by: Marco Kilchhofer * Bump chart version Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 19 +++++++++ .../argo-cd/templates/redis/deployment.yaml | 18 +++++++++ .../templates/redis/metrics-service.yaml | 28 +++++++++++++ .../templates/redis/networkpolicy.yaml | 7 ++++ .../templates/redis/servicemonitor.yaml | 39 +++++++++++++++++++ charts/argo-cd/values.yaml | 31 +++++++++++++++ 7 files changed, 144 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/templates/redis/metrics-service.yaml create mode 100644 charts/argo-cd/templates/redis/servicemonitor.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 30488923..9976c962 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.19.0 +version: 3.20.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add support for topologySpreadConstraints" + - "[Added]: Ability to scrape redis metrics" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5e1459a2..d9834553 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -469,6 +469,25 @@ through `xxx.extraArgs` | redis.securityContext | Redis Pod Security Context | See [values.yaml](values.yaml) | | redis.servicePort | Redis service port | `6379` | | redis.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | +| redis.metrics.enabled | Deploy metrics service and redis-exporter sidecar | `false` | +| redis.metrics.image.repository | redis-exporter image repository | `quay.io/bitnami/redis-exporter` | +| redis.metrics.image.tag | redis-exporter image tag | `1.26.0-debian-10-r2` | +| redis.metrics.image.imagePullPolicy | redis-exporter image PullPolicy | `IfNotPresent` | +| redis.metrics.containerPort | Port to use for redis-exporter sidecar | `9121` | +| redis.metrics.resources | Resource limits and requests for redis-exporter sidecar | `{}` | +| redis.metrics.service.type | Metrics service type | `ClusterIP` | +| redis.metrics.service.clusterIP | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | `None` | +| redis.metrics.service.annotations | Metrics service annotations | `{}` | +| redis.metrics.service.labels | Metrics service labels | `{}` | +| redis.metrics.service.servicePort | Metrics service port | `9121` | +| redis.metrics.service.portName | Metrics service port name | `http-metrics` | +| redis.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor | `false` | +| redis.metrics.serviceMonitor.interval | Interval at which metrics should be scraped | `30s` | +| redis.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | +| redis.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | +| redis.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector labels | `{}` | +| redis.metrics.serviceMonitor.namespace | Prometheus ServiceMonitor namespace | `` | +| redis.metrics.serviceMonitor.additionalLabels | Additional labels to add to the Prometheus ServiceMonitor | `{}` | | redis-ha | Configures [Redis HA subchart](https://github.com/DandyDeveloper/charts/tree/master/charts/redis-ha) The properties below have been changed from the subchart defaults | | | redis-ha.enabled | Enables the Redis HA subchart and disables the custom Redis single node deployment| `false` | | redis-ha.exporter.enabled | If `true`, the prometheus exporter sidecar is enabled | `true` | diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index f5003466..fa01c7b4 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -64,6 +64,24 @@ spec: {{- end }} resources: {{- toYaml .Values.redis.resources | nindent 10 }} + {{- if .Values.redis.metrics.enabled }} + - name: metrics + env: + - name: REDIS_ADDR + value: {{ printf "redis://localhost:%v" .Values.redis.containerPort }} + - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS + value: {{ printf "0.0.0.0:%v" .Values.redis.metrics.containerPort }} + image: {{ .Values.redis.metrics.image.repository }}:{{ .Values.redis.metrics.image.tag }} + imagePullPolicy: {{ .Values.redis.metrics.image.imagePullPolicy}} + ports: + - containerPort: {{ .Values.redis.metrics.containerPort }} + name: metrics + protocol: TCP + resources: {{- toYaml .Values.redis.metrics.resources | nindent 10 }} + {{- with .Values.redis.containerSecurityContext }} + securityContext: {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} {{- with .Values.redis.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/metrics-service.yaml b/charts/argo-cd/templates/redis/metrics-service.yaml new file mode 100644 index 00000000..e799b5ea --- /dev/null +++ b/charts/argo-cd/templates/redis/metrics-service.yaml @@ -0,0 +1,28 @@ +{{- $redisHa := (index .Values "redis-ha") -}} +{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "argo-cd.redis.fullname" . }}-metrics + {{- with .Values.redis.metrics.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} + {{- with .Values.redis.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.redis.metrics.service.clusterIP }} + clusterIP: {{ . }} + {{- end }} + ports: + - name: {{ .Values.redis.metrics.service.portName }} + protocol: TCP + port: {{ .Values.redis.metrics.service.servicePort }} + targetPort: metrics + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} + type: {{ .Values.redis.metrics.service.type }} +{{- end }} diff --git a/charts/argo-cd/templates/redis/networkpolicy.yaml b/charts/argo-cd/templates/redis/networkpolicy.yaml index 881e257c..8b564add 100644 --- a/charts/argo-cd/templates/redis/networkpolicy.yaml +++ b/charts/argo-cd/templates/redis/networkpolicy.yaml @@ -21,6 +21,13 @@ spec: ports: - port: redis protocol: TCP + {{- if .Values.redis.metrics.enabled }} + - from: + - namespaceSelector: {} + ports: + - port: metrics + protocol: TCP + {{- end }} podSelector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 6 }} diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml new file mode 100644 index 00000000..b7029b74 --- /dev/null +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -0,0 +1,39 @@ +{{- $redisHa := (index .Values "redis-ha") -}} +{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled .Values.redis.metrics.serviceMonitor.enabled -}} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.redis.fullname" . }} + {{- with .Values.redis.metrics.serviceMonitor.namespace }} + namespace: {{ . }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} + {{- with .Values.redis.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.redis.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: {{ .Values.redis.metrics.service.portName }} + {{- with .Values.redis.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + path: /metrics + {{- with .Values.redis.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.redis.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 526660ab..9f828c8e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -451,6 +451,37 @@ redis: ## Additional containers to be added to the redis pod. extraContainers: [] + metrics: + enabled: false + image: + repository: quay.io/bitnami/redis-exporter + tag: 1.26.0-debian-10-r2 + imagePullPolicy: IfNotPresent + containerPort: 9121 + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + service: + type: ClusterIP + clusterIP: None + annotations: {} + labels: {} + servicePort: 9121 + portName: http-metrics + serviceMonitor: + enabled: false + interval: 30s + relabelings: [] + metricRelabelings: [] + selector: {} + # prometheus: kube-prometheus + # namespace: monitoring + additionalLabels: {} + # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted redis-ha: From c7584ab51dbe1d7ef975a4938e0f130184a8dc76 Mon Sep 17 00:00:00 2001 From: Julien Duchesne Date: Fri, 17 Sep 2021 15:51:13 -0400 Subject: [PATCH 0084/1248] feat(argo-workflows): Allow setting the metrics port name (#934) * Allow setting the metrics port name Here, we scrape every pod that has a .*-metrics port here But the helm chart is locked to `metrics` which our Prometheus doesn't see This PR will make it configurable with a default value of `metrics` Signed-off-by: Julien Duchesne * Bump version Signed-off-by: Julien Duchesne * Bump minor version Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-deployment.yaml | 2 +- charts/argo-workflows/values.yaml | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f05be3e9..0c78db41 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.5.2 +version: 0.6.0 appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add controller initialDelay param to configmap" + - "[Added]: Add controller metricsConfig.portName parameter" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 7dee67e5..1cd28df2 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -75,7 +75,7 @@ spec: resources: {{- toYaml .Values.controller.resources | nindent 12 }} ports: - - name: metrics + - name: {{ .Values.controller.metricsConfig.portName }} containerPort: {{ .Values.controller.metricsConfig.port }} - containerPort: 6060 livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index f87b3364..735ecb44 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -57,6 +57,7 @@ controller: enabled: false path: /metrics port: 9090 + portName: metrics servicePort: 8080 servicePortName: metrics # the controller container's securityContext From 6452b6a2e984696a277918fbc7784cf9c22ea4e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=D0=BE=CC=81man?= <3798179+ahalay@users.noreply.github.com> Date: Fri, 17 Sep 2021 23:14:31 +0300 Subject: [PATCH 0085/1248] feat(argo-cd): Ability to provide cluster role to repo-server (#919) * feat(argo-cd): Ability to provide cluster role to repo-server Signed-off-by: Roman Rudenko <3kmnazapad@gmail.com> * custom clusterRoleRules Signed-off-by: Roman Rudenko <3kmnazapad@gmail.com> * chore: beautify indentation Signed-off-by: Marco Kilchhofer * fix: noeol in clusterrolebinding.yaml Signed-off-by: Marco Kilchhofer Co-authored-by: Roman Rudenko Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 5 ++++ .../clusterrole.yaml | 8 +++---- .../argocd-repo-server/clusterrole.yaml | 23 +++++++++++++++++++ .../clusterrolebinding.yaml | 16 +++++++++++++ charts/argo-cd/values.yaml | 11 +++++++++ 6 files changed, 61 insertions(+), 6 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9976c962..863d64d7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.20.0 +version: 3.21.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to scrape redis metrics" + - "[Added]: Ability to provide cluster role to repo-server" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d9834553..bb3e724d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -187,6 +187,8 @@ NAME: my-release | controller.args.selfHealTimeout | define the controller `--self-heal-timeout-seconds` | `"5"` | | controller.args.statusProcessors | define the controller `--status-processors` | `"20"` | | controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | +| controller.clusterRoleRules.enabled | Enable custom rules for the Application Controller's Cluster Role resource. | `false` | +| controller.clusterRoleRules.rules | List of custom rules for the Application Controller's Cluster Role resource. | `[]` | | controller.containerPort | Controller listening port. | `8082` | | controller.extraArgs | Additional arguments for the controller. A list of flags | `[]` | | controller.extraContainers | Additional containers for the controller. A list of containers. | `[]` | @@ -244,6 +246,9 @@ NAME: my-release | repoServer.autoscaling.maxReplicas | Maximum number of replicas for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `5` | | repoServer.autoscaling.targetCPUUtilizationPercentage | Average CPU utilization percentage for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` | | repoServer.autoscaling.targetMemoryUtilizationPercentage | Average memory utilization percentage for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` | +| repoServer.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `false` | +| repoServer.clusterRoleRules.enabled | Enable custom rules for the Repo server's Cluster Role resource. | `false` | +| repoServer.clusterRoleRules.rules | List of custom rules for the Repo server's Cluster Role resource. | `[]` | | repoServer.containerPort | Repo server port | `8081` | | repoServer.extraArgs | Additional arguments for the repo server. A list of flags. | `[]` | | repoServer.extraContainers | Additional containers for the repo server. A list of containers. | `[]` | diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml index bd6ff8aa..0aa82961 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml @@ -6,9 +6,9 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: -{{- if .Values.controller.clusterRoleRules.enabled }} -{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }} -{{ else }} + {{- if .Values.controller.clusterRoleRules.enabled }} + {{- toYaml .Values.controller.clusterRoleRules.rules | nindent 0 }} + {{- else }} - apiGroups: - '*' resources: @@ -19,5 +19,5 @@ rules: - '*' verbs: - '*' -{{- end }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml new file mode 100644 index 00000000..4ea41da3 --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml @@ -0,0 +1,23 @@ +{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "argo-cd.repoServer.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} +rules: + {{- if .Values.repoServer.clusterRoleRules.enabled }} + {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 0 }} + {{- else }} +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +- nonResourceURLs: + - '*' + verbs: + - '*' + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml new file mode 100644 index 00000000..9757912e --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "argo-cd.repoServer.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "argo-cd.repoServer.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "argo-cd.repoServerServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9f828c8e..17d95a80 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1061,6 +1061,17 @@ repoServer: # namespace: monitoring # additionalLabels: {} + ## Enable Admin ClusterRole resources. + ## Enable if you would like to grant cluster rights to ArgoCD repo-server. + clusterAdminAccess: + enabled: false + ## Enable Custom Rules for the Repo server's Cluster Role resource + ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. + ## Defaults to off + clusterRoleRules: + enabled: false + rules: [] + ## Repo server service account ## If create is set to true, make sure to uncomment the name and update the rbac section below serviceAccount: From 87a83c3aad65f0e8e59276a56909d666cd8cad99 Mon Sep 17 00:00:00 2001 From: Tuan Anh Tran Date: Mon, 20 Sep 2021 21:42:56 +0700 Subject: [PATCH 0086/1248] docs(argocd-image-updater): update values example for extraArgs (#939) * docs: update default values example for extraArgs Signed-off-by: Tuan Anh Tran * Fix noeol in Chart.yaml Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/values.yaml | 19 +++++++++++++------ 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index bf652d50..7ff1d925 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.2.0 +version: 0.2.1 appVersion: v0.10.1 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Ability to provide custom environment variables" + - "[Fixed]: Update default values example for extraArgs diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index c6bbf4d4..01f63fc7 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -16,16 +16,23 @@ nameOverride: "" fullnameOverride: "" # -- Extra arguments for argocd-image-updater not defined in config.argocd +# If a flag contains both key and value, they need to be split to a new entry extraArgs: [] # - --disable-kubernetes # - --dry-run - # - --health-port 8080 - # - --interval 2m - # - --kubeconfig ~/.kube/config - # - --match-application-name staging-* - # - --max-concurrency 5 + # - --health-port + # - 8080 + # - --interval + # - 2m + # - --kubeconfig + # - ~/.kube/config + # - --match-application-name + # - staging-* + # - --max-concurrency + # - 5 # - --once - # - --registries-conf-path /app/config/registries.conf + # - --registries-conf-path + # - /app/config/registries.conf # -- Extra environment variables for argocd-image-updater extraEnv: [] From 735f212f966726a487e0e9cf66b7537f97b504ac Mon Sep 17 00:00:00 2001 From: Peter O Date: Mon, 27 Sep 2021 09:14:34 +0200 Subject: [PATCH 0087/1248] feat(argo-workflows): Allow NodePort to be specified for server service (#938) * Allow NodePort to be specified for server service. Signed-off-by: Peter Oruba * Different version number and different condition in NodePort setting evaluation, both as per PR review suggested. Signed-off-by: Peter Oruba --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/server/server-service.yaml | 3 +++ charts/argo-workflows/values.yaml | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0c78db41..591b3aaf 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.6.0 +version: 0.7.0 appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add controller metricsConfig.portName parameter" + - "[Added]: Add server.serviceNodePort parameter" diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 5d161ee8..49314e6e 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -17,6 +17,9 @@ spec: name: {{ . }} {{- end }} targetPort: 2746 + {{- if and (eq .Values.server.serviceType "NodePort") .Values.server.serviceNodePort }} + nodePort: {{ .Values.server.serviceNodePort }} + {{- end }} selector: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 735ecb44..98a7fda6 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -223,6 +223,7 @@ server: name: server serviceType: ClusterIP servicePort: 2746 + # serviceNodePort: 32746 # servicePortName: http serviceAccount: create: true From 263919a8a8979f5b6c3a25f4c9a81b0da567d8df Mon Sep 17 00:00:00 2001 From: "Seo, Sinhyeok" <44961659+Sinhyeok@users.noreply.github.com> Date: Mon, 27 Sep 2021 19:04:14 +0900 Subject: [PATCH 0088/1248] fix(argo-cd): Also add hostAliases to dex deployment (#941) * feat: Add hostAliases to dex/deployment based on https://github.com/argoproj/argo-helm/pull/274 Signed-off-by: Sinhyeok * Bumped version number of argo-cd chart Signed-off-by: Sinhyeok * Beautify indentation Signed-off-by: Marco Kilchhofer * Beautify indentation of existing implementation Signed-off-by: Marco Kilchhofer * Update changelog Signed-off-by: Marco Kilchhofer Co-authored-by: attar.sh Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-application-controller/deployment.yaml | 6 +++--- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/deployment.yaml | 6 +++--- charts/argo-cd/templates/dex/deployment.yaml | 4 ++++ 5 files changed, 15 insertions(+), 11 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 863d64d7..bc547f09 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.21.0 +version: 3.21.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to provide cluster role to repo-server" + - "[Fixed]: Dex deployment now also supports hostAliases" diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 90963613..b924ea41 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -133,10 +133,10 @@ spec: {{- end }} {{- end }} serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }} -{{- with .Values.global.hostAliases }} + {{- with .Values.global.hostAliases }} hostAliases: -{{ toYaml . | indent 6 }} -{{- end }} + {{- toYaml . | nindent 6 }} + {{- end }} volumes: - emptyDir: {} name: argocd-home diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index eabc1920..7ebb8991 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -141,10 +141,10 @@ spec: {{- end }} {{- end }} serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }} -{{- with .Values.global.hostAliases }} + {{- with .Values.global.hostAliases }} hostAliases: -{{ toYaml . | indent 6 }} -{{- end }} + {{- toYaml . | nindent 6 }} + {{- end }} volumes: {{- if .Values.repoServer.volumes }} {{- toYaml .Values.repoServer.volumes | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index c84d9d95..38cd5cbf 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -152,10 +152,10 @@ spec: {{- end }} {{- end }} serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }} -{{- with .Values.global.hostAliases }} + {{- with .Values.global.hostAliases }} hostAliases: -{{ toYaml . | indent 6 }} -{{- end }} + {{- toYaml . | nindent 6 }} + {{- end }} volumes: {{- if .Values.server.volumes }} {{- toYaml .Values.server.volumes | nindent 6}} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5fe78628..17043a95 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -127,6 +127,10 @@ spec: {{- end }} {{- end }} serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 6 }} + {{- end }} volumes: - emptyDir: {} name: tmp-dir From 20a60648c3f487bc57d72cb453dcce3b2ae39783 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 27 Sep 2021 13:43:17 +0200 Subject: [PATCH 0089/1248] chore: Update to stale action v4 (#945) Signed-off-by: Marco Kilchhofer --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 03965cc5..5947dfc3 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -7,7 +7,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@v3 + - uses: actions/stale@v4 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From 9984a74eb29551ec02aaf71ef758ec1ad1ce312c Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 27 Sep 2021 13:44:37 +0200 Subject: [PATCH 0090/1248] chore: Require related chart name in issues (#942) Signed-off-by: Marco Kilchhofer Co-authored-by: Marko Bevc --- .github/ISSUE_TEMPLATE/bug_report.yaml | 17 +++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.yaml | 17 +++++++++++++++++ 2 files changed, 34 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml index 5db1fbc3..168f8edb 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yaml +++ b/.github/ISSUE_TEMPLATE/bug_report.yaml @@ -11,6 +11,23 @@ body: validations: required: true +- type: dropdown + attributes: + label: Related helm chart + description: You may select more than one. + multiple: true + options: + - argo-cd + - argo-events + - argo-rollouts + - argo-workflows + - argocd-applicationset + - argocd-image-updater + - argocd-notifications + - other + validations: + required: true + - type: textarea attributes: label: To Reproduce diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml index 2ff5ab68..2fa38441 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yaml +++ b/.github/ISSUE_TEMPLATE/feature_request.yaml @@ -13,6 +13,23 @@ body: validations: required: false +- type: dropdown + attributes: + label: Related helm chart + description: You may select more than one. + multiple: true + options: + - argo-cd + - argo-events + - argo-rollouts + - argo-workflows + - argocd-applicationset + - argocd-image-updater + - argocd-notifications + - other + validations: + required: true + - type: textarea attributes: label: Describe the solution you'd like From d4b603f4c8da99af32dd0b01ab3d9b06ad096a16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan-Otto=20Kr=C3=B6pke?= Date: Mon, 27 Sep 2021 14:06:24 +0200 Subject: [PATCH 0091/1248] feat(argocd-applicationset): Add extraArgs (#946) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argocd-applicationset): Add extraArgs Signed-off-by: Jan-Otto Kröpke * Align with existing code style Signed-off-by: Marco Kilchhofer * Fix linting error and update README Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 4 ++-- charts/argocd-applicationset/README.md | 1 + charts/argocd-applicationset/templates/deployment.yaml | 3 +++ charts/argocd-applicationset/values.yaml | 4 ++++ 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index ba9b62cd..5b02af5c 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.4.0 +version: 1.5.0 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: Configuration for Pod labels" + - "[Added]: Add extraArgs to define additional CLI parameters" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index 1683c33b..506880a6 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -65,6 +65,7 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | args.namespace | string | `"argocd"` | The default Argo CD repo namespace | | args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | args.probeBindAddr | string | `":8081"` | The default health check port | +| extraArgs | list | `[]` | List of extra cli args to add | | extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | extraVolumes | list | `[]` | List of extra volumes to add | | fullnameOverride | string | `""` | Override the default fully qualified app name | diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index a577854b..c0527562 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -44,6 +44,9 @@ spec: - --policy={{ .Values.args.policy }} - --debug={{ .Values.args.debug }} - --dry-run={{ .Values.args.dryRun }} + {{- with .Values.extraArgs }} + {{- toYaml . | nindent 12 }} + {{- end }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index 5c9f8225..fd5a50d5 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -113,3 +113,7 @@ extraVolumeMounts: [] extraVolumes: [] # - name: foobar # emptyDir: {} + +# -- List of extra cli args to add +extraArgs: [] + # - --loglevel=warn From ae3ad0e57b28c7e8df9999378e6b3f6187abe3c5 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 27 Sep 2021 15:57:43 +0200 Subject: [PATCH 0092/1248] chore(argocd-applicationset): Dedup default values for CI (#948) Signed-off-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 4 +- .../ci/default-values.yaml | 76 +------------------ 2 files changed, 3 insertions(+), 77 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 5b02af5c..652adaf4 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.5.0 +version: 1.5.1 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: Add extraArgs to define additional CLI parameters" + - "[Removed]: Duplicated default values during chart testing" diff --git a/charts/argocd-applicationset/ci/default-values.yaml b/charts/argocd-applicationset/ci/default-values.yaml index 233dd8e2..507f1e54 100644 --- a/charts/argocd-applicationset/ci/default-values.yaml +++ b/charts/argocd-applicationset/ci/default-values.yaml @@ -1,75 +1 @@ -# Default values for argo-applicationset. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - -image: - # The image repository - repository: quay.io/argocdapplicationset/argocd-applicationset - # Image pull policy - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "" - -args: - metricsAddr: :8080 - probeBindAddr: :8081 - enableLeaderElection: false - namespace: argocd - argocdRepoServer: argocd-repo-server:8081 - policy: sync - debug: false - dryRun: false - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -rbac: - pspEnabled: true - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -nodeSelector: {} - -tolerations: [] - -affinity: {} - -mountSSHKnownHostsVolume: true -mountTLSCertsVolume: true -mountGPGKeysVolume: false -mountGPGKeyringVolume: true +# Test with default values From 248d6d25550812557712be588c17eeb798eb6062 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 27 Sep 2021 17:09:43 +0200 Subject: [PATCH 0093/1248] chore(argo-rollouts): Define 2 separate tests (#949) Signed-off-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/ci/default-values.yaml | 1 + charts/argo-rollouts/ci/enable-dashboard-values.yaml | 6 ++++++ charts/argo-rollouts/ci/test-values.yaml | 2 -- 4 files changed, 9 insertions(+), 4 deletions(-) create mode 100644 charts/argo-rollouts/ci/default-values.yaml create mode 100644 charts/argo-rollouts/ci/enable-dashboard-values.yaml delete mode 100644 charts/argo-rollouts/ci/test-values.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index e6634acb..a71abd6b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.1.0 +version: 2.1.1 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Keep CRDs on Helm uninstall by default, add corresponding option" + - "[Added]: Two separate tests. One for default values and one for dashboard enabled." diff --git a/charts/argo-rollouts/ci/default-values.yaml b/charts/argo-rollouts/ci/default-values.yaml new file mode 100644 index 00000000..507f1e54 --- /dev/null +++ b/charts/argo-rollouts/ci/default-values.yaml @@ -0,0 +1 @@ +# Test with default values diff --git a/charts/argo-rollouts/ci/enable-dashboard-values.yaml b/charts/argo-rollouts/ci/enable-dashboard-values.yaml new file mode 100644 index 00000000..5c0a1c04 --- /dev/null +++ b/charts/argo-rollouts/ci/enable-dashboard-values.yaml @@ -0,0 +1,6 @@ +# Test with dashboard enabled +# Do not deploy the CRDs as they are already present from the previous test +installCRDs: false + +dashboard: + enabled: true diff --git a/charts/argo-rollouts/ci/test-values.yaml b/charts/argo-rollouts/ci/test-values.yaml deleted file mode 100644 index 7ea0c4c8..00000000 --- a/charts/argo-rollouts/ci/test-values.yaml +++ /dev/null @@ -1,2 +0,0 @@ -dashboard: - enabled: true From 098d59cbd797ee5f7211459f92738e0c1f02b4a6 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 27 Sep 2021 17:17:50 +0200 Subject: [PATCH 0094/1248] chore(argo-workflows): Also test with default values (#950) Signed-off-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/ci/default-values.yaml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 charts/argo-workflows/ci/default-values.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 591b3aaf..a36c9cb2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.7.0 +version: 0.7.1 appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add server.serviceNodePort parameter" + - "[Added]: Also test with default values" diff --git a/charts/argo-workflows/ci/default-values.yaml b/charts/argo-workflows/ci/default-values.yaml new file mode 100644 index 00000000..507f1e54 --- /dev/null +++ b/charts/argo-workflows/ci/default-values.yaml @@ -0,0 +1 @@ +# Test with default values From 0fe9ec1addd96ca4302bb410c998c383f9cc7364 Mon Sep 17 00:00:00 2001 From: Artem Kosenko Date: Mon, 27 Sep 2021 22:32:15 +0300 Subject: [PATCH 0095/1248] feat(argo-cd): Implement server.additionalApplications[].info (#944) * fix issue 943 Signed-off-by: Artem Kosenko * Apply changes from code review Changes in detail: - Add missing examples/documentation in values.yaml - Beautify indentation - Use 'with' instead of 'if' to don't repeat variable names - Fix changelog annotation - Bump minor chart version as this adds a feature Signed-off-by: Marco Kilchhofer * Update README Signed-off-by: Marco Kilchhofer Co-authored-by: Marko Bevc Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 2 + .../templates/argocd-server/applications.yaml | 38 ++++++++++--------- charts/argo-cd/values.yaml | 18 ++++++--- 4 files changed, 38 insertions(+), 24 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bc547f09..4e7c318f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.21.1 +version: 3.22.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Dex deployment now also supports hostAliases" + - "[Added]: Support for server.additionalApplications[].info" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bb3e724d..95a938dc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -175,6 +175,8 @@ NAME: my-release | configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` | | configs.styles | Define custom CSS styles for your argo instance ([Read More](https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/)). This Settings will automatically mount the provided css and reference it in the argo configuration. | `""` (See [values.yaml](values.yaml)) | | openshift.enabled | enables using arbitrary uid for argo repo server | `false` | +| server.additionalApplications | Deploy ArgoCD Applications within this helm release | `[]` (See [values.yaml](values.yaml)) | +| server.additionalProjects | Deploy ArgoCD Projects within this helm release | `[]` (See [values.yaml](values.yaml)) | ## ArgoCD Controller diff --git a/charts/argo-cd/templates/argocd-server/applications.yaml b/charts/argo-cd/templates/argocd-server/applications.yaml index 1b9d424a..d4d6171b 100644 --- a/charts/argo-cd/templates/argocd-server/applications.yaml +++ b/charts/argo-cd/templates/argocd-server/applications.yaml @@ -2,41 +2,45 @@ apiVersion: v1 kind: List items: -{{- range .Values.server.additionalApplications }} + {{- range .Values.server.additionalApplications }} - apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - {{- if .additionalAnnotations }} + {{- with .additionalAnnotations }} annotations: - {{- range $key, $value := .additionalAnnotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} - {{- end }} - {{- if .additionalLabels }} + {{- with .additionalLabels }} labels: -{{- toYaml .additionalLabels | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} name: {{ .name }} - {{- if .namespace }} - namespace: {{ .namespace }} + {{- with .namespace }} + namespace: {{ . }} {{- end }} - {{- if .finalizers }} + {{- with .finalizers }} finalizers: -{{- toYaml .finalizers | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} spec: project: {{ tpl .project $ }} source: -{{- toYaml .source | nindent 8 }} + {{- toYaml .source | nindent 8 }} destination: -{{- toYaml .destination | nindent 8 }} - {{- if .syncPolicy }} + {{- toYaml .destination | nindent 8 }} + {{- with .syncPolicy }} syncPolicy: -{{- toYaml .syncPolicy | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- if .ignoreDifferences }} + {{- with .ignoreDifferences }} ignoreDifferences: -{{- toYaml .ignoreDifferences | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} -{{- end }} + {{- with .info }} + info: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 17d95a80..d914eacf 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -847,13 +847,21 @@ server: # path: guestbook # directory: # recurse: true - # destination: + # destination: # server: https://kubernetes.default.svc # namespace: guestbook - # syncPolicy: - # automated: - # prune: false - # selfHeal: false + # syncPolicy: + # automated: + # prune: false + # selfHeal: false + # ignoreDifferences: + # - group: apps + # kind: Deployment + # jsonPointers: + # - /spec/replicas + # info: + # - name: url + # value: https://argoproj.github.io/ ## Projects ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ From 73d1aedaecca2f9c4f5b1adf3b7301c004fbe434 Mon Sep 17 00:00:00 2001 From: keiSunagawa Date: Wed, 29 Sep 2021 18:07:01 +0900 Subject: [PATCH 0096/1248] fix repo server extraContainers values unused (#953) Signed-off-by: keiSunagawa --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4e7c318f..a68ababd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.22.0 +version: 3.22.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support for server.additionalApplications[].info" + - "[Fixed]: repoServer.extraContainers unused" diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 7ebb8991..3c86cb8f 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -114,7 +114,7 @@ spec: failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.repoServer.resources | nindent 10 }} - {{- with .Values.controller.extraContainers }} + {{- with .Values.repoServer.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} {{- if .Values.repoServer.nodeSelector }} From e4f8dd58109eefe53c41acd98ab50fd443643b22 Mon Sep 17 00:00:00 2001 From: Marcial White Date: Wed, 29 Sep 2021 09:15:21 -0600 Subject: [PATCH 0097/1248] feat(argocd-notifications): support annotations on secret object (#952) * support annotations on secret objects Signed-off-by: Marcial White * true-up artifacthub changes Signed-off-by: Marcial White Co-authored-by: Marko Bevc --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/templates/secret.yaml | 6 ++++++ charts/argocd-notifications/values.yaml | 3 +++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index fe9b6f45..171a5dfa 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: 1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.5.0 +version: 1.5.1 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Added]: Configuration for Pod labels" + - "[Added]: Support annotations on secret objects" diff --git a/charts/argocd-notifications/templates/secret.yaml b/charts/argocd-notifications/templates/secret.yaml index e912eef7..ea1569c7 100644 --- a/charts/argocd-notifications/templates/secret.yaml +++ b/charts/argocd-notifications/templates/secret.yaml @@ -5,6 +5,12 @@ metadata: name: argocd-notifications-secret labels: {{- include "argocd-notifications.labels" . | nindent 4 }} + {{- if .Values.secret.annotations }} + annotations: + {{- range $key, $value := .Values.secret.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} type: Opaque stringData: {{- with .Values.secret.items }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index 6eeb97a0..554bedc1 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -28,6 +28,9 @@ secret: # Whether helm chart creates controller secret create: true + # key:value pairs to be added to the secret + annotations: {} + items: # Generic key:value pairs to be inserted into the secret # Can be used for templates, notification services etc. Some examples given below. From f3c2fa17842d6134c84c4027d90183e9014584f1 Mon Sep 17 00:00:00 2001 From: Arun Anandhan Date: Mon, 4 Oct 2021 16:19:30 -0600 Subject: [PATCH 0098/1248] feat(argo-cd): Create optional annotations and labels for redis service (#955) * Create optional serviceAnnotations value for redis in helm chart Signed-off-by: arunkumar.anandhan * Uncomment accidentally commented lines Signed-off-by: arunkumar.anandhan * update chart version Signed-off-by: arunkumar.anandhan * update service annotation key for redis Signed-off-by: arunkumar.anandhan * Update L24 with appropriate description Signed-off-by: arunkumar.anandhan * Move redis.service key occurence in values Signed-off-by: Marco Kilchhofer * Also implement additional labels Signed-off-by: Marco Kilchhofer * Add documentation - Changelog annotations - Add new values to README Signed-off-by: Marco Kilchhofer * fix: Use correct value for redis service targetPort Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/redis/service.yaml | 9 ++++++++- charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 18 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a68ababd..5ca4d16b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.22.1 +version: 3.23.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: repoServer.extraContainers unused" + - "[Added]: Ability to provide annotations on redis service" + - "[Added]: Ability to provide additional labels on redis service" + - "[Fixed]: Use correct value for redis service targetPort" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 95a938dc..81b8058a 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -475,6 +475,8 @@ through `xxx.extraArgs` | redis.resources | Resource limits and requests for redis | `{}` | | redis.securityContext | Redis Pod Security Context | See [values.yaml](values.yaml) | | redis.servicePort | Redis service port | `6379` | +| redis.service.annotations | Redis service annotations | `{}` | +| redis.service.labels | Additional redis service labels | `{}` | | redis.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | redis.metrics.enabled | Deploy metrics service and redis-exporter sidecar | `false` | | redis.metrics.image.repository | redis-exporter image repository | `quay.io/bitnami/redis-exporter` | diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index cf1f98bf..e02e33f2 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -6,10 +6,17 @@ metadata: name: {{ template "argo-cd.redis.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} + {{- with .Values.redis.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.redis.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: ports: - port: {{ .Values.redis.servicePort }} - targetPort: {{ .Values.redis.servicePort }} + targetPort: {{ .Values.redis.containerPort }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 4 }} {{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d914eacf..46ba167a 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -451,6 +451,10 @@ redis: ## Additional containers to be added to the redis pod. extraContainers: [] + service: + annotations: {} + labels: {} + metrics: enabled: false image: From c2f781a3777dbee186694aeb972d144bbd7bb136 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Wed, 6 Oct 2021 11:27:43 -0400 Subject: [PATCH 0099/1248] feat(argo-cd): Upgrade argocd to v2.1.3 (#957) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5ca4d16b..4a94e1d0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.1.2 +appVersion: 2.1.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.23.0 +version: 3.23.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,6 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to provide annotations on redis service" - - "[Added]: Ability to provide additional labels on redis service" - - "[Fixed]: Use correct value for redis service targetPort" + - "[Changed]: Upgrade argocd to v2.1.3" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 81b8058a..2b995432 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -141,7 +141,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.1.2"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.1.3"` | | global.podAnnotations | Annotations for the all deployed pods | | global.podLabels | Labels for the all deployed pods | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 46ba167a..45476497 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.1.2 + tag: v2.1.3 imagePullPolicy: IfNotPresent ## Annotations applied to all pods podAnnotations: {} From 1ceb47ff76984ac0504846a4c0c424cae272dde8 Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Thu, 7 Oct 2021 00:12:44 +0200 Subject: [PATCH 0100/1248] feat(argo-cd): Use Istio port name naming convention (#956) See https://istio.io/latest/docs/ops/configuration/traffic-management/protocol-selection/#explicit-protocol-selection Signed-off-by: Mathieu Parent Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/redis/service.yaml | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4a94e1d0..0bd13278 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.23.1 +version: 3.24.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade argocd to v2.1.3" + - "[Added]: Use Istio port name naming convention for redis" diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index e02e33f2..70b80c06 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -15,8 +15,9 @@ metadata: {{- end }} spec: ports: - - port: {{ .Values.redis.servicePort }} + - name: redis + port: {{ .Values.redis.servicePort }} targetPort: {{ .Values.redis.containerPort }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 4 }} -{{- end }} \ No newline at end of file +{{- end }} From 093a162ab821494c9c231f73ce0bb785bafa5665 Mon Sep 17 00:00:00 2001 From: Iago Santos Date: Tue, 12 Oct 2021 20:49:14 +0200 Subject: [PATCH 0101/1248] feat(argo-cd): Add extraVolumes Dex server (#961) Related to https://github.com/argoproj/argo-helm/issues/960 Add extraVolumes and extraVolumeMounts for dex server Signed-off-by: Iago Santos --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/dex/deployment.yaml | 6 ++++++ charts/argo-cd/values.yaml | 6 ++++++ 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0bd13278..4c4859b4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.24.0 +version: 3.25.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-cd/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Use Istio port name naming convention for redis" + - "[Added]: Uses extraVolumes and extraVolumeMounts for dex server" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2b995432..96633885 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -445,6 +445,8 @@ NAME: my-release | dex.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | | dex.volumeMounts | Dex volume mounts | `"/shared"` | | dex.volumes | Dex volumes | `{}` | +| dex.extraVolumeMounts | Extra dex volume mounts | `[]` | +| dex.extraVolumes | Extra dex volumes | `[]` | ## Redis diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 17043a95..9f289270 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -98,6 +98,9 @@ spec: {{- if .Values.dex.volumeMounts }} {{- toYaml .Values.dex.volumeMounts | nindent 8 }} {{- end }} + {{- if .Values.dex.extraVolumeMounts }} + {{- toYaml .Values.dex.extraVolumeMounts | nindent 8 }} + {{- end }} resources: {{- toYaml .Values.dex.resources | nindent 10 }} {{- with .Values.dex.extraContainers }} @@ -137,6 +140,9 @@ spec: {{- if .Values.dex.volumes }} {{- toYaml .Values.dex.volumes | nindent 6 }} {{- end }} + {{- if .Values.dex.extraVolumes }} + {{- toYaml .Values.dex.extraVolumes | nindent 6 }} + {{- end }} {{- if .Values.dex.priorityClassName }} priorityClassName: {{ .Values.dex.priorityClassName }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 45476497..c32f34bf 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -314,6 +314,12 @@ dex: - name: static-files emptyDir: {} + ## Extra volumes to the controller pod. + extraVolumes: [] + + ## Extra volumeMounts to the controller pod. + extraVolumeMounts: [] + ## Dex deployment container ports containerPortHttp: 5556 servicePortHttp: 5556 From 965dccf732d1e9855a5cbd94205baa39fd2a6a51 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 14 Oct 2021 14:40:10 +0200 Subject: [PATCH 0102/1248] fix(argo-cd): Use correct chart icon url (#964) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4c4859b4..f6e11c37 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 appVersion: 2.1.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.25.0 +version: 3.25.1 home: https://github.com/argoproj/argo-helm -icon: https://argoproj.github.io/argo-cd/assets/logo.png +icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: - argoproj - argocd @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Uses extraVolumes and extraVolumeMounts for dex server" + - "[Fixed]: Use correct chart icon url" From d6ec86fb65d48d04140282e2921b8ef5cb1a918e Mon Sep 17 00:00:00 2001 From: Amrit Gill Date: Thu, 14 Oct 2021 10:58:00 -0400 Subject: [PATCH 0103/1248] chore: update rollouts to v1.1.0 (#966) * chore: add changelog Signed-off-by: agill17 * fix(argo-cd): Use correct chart icon url (#964) Signed-off-by: Marco Kilchhofer Signed-off-by: agill17 Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 6 +- .../templates/crds/analysis-run-crd.yaml | 60 ++++++++++ .../templates/crds/analysis-template-crd.yaml | 60 ++++++++++ .../crds/cluster-analysis-template-crd.yaml | 60 ++++++++++ .../templates/crds/experiment-crd.yaml | 9 ++ .../templates/crds/rollout-crd.yaml | 110 +++++++++++++++++- 6 files changed, 299 insertions(+), 6 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a71abd6b..7304f35b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "v1.0.2" +appVersion: "v1.1.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.1.1 +version: 2.2.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Two separate tests. One for default values and one for dashboard enabled." + - "[Changed]: updated rollouts version to 1.1.0 and updated CRDs to reflect the version bump" diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 1ed7df98..42496b96 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -107,6 +107,59 @@ spec: type: string provider: properties: + cloudWatch: + properties: + interval: + type: string + metricDataQueries: + items: + properties: + expression: + type: string + id: + type: string + label: + type: string + metricStat: + properties: + metric: + properties: + dimensions: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + metricName: + type: string + namespace: + type: string + type: object + period: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + stat: + type: string + unit: + type: string + type: object + period: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + returnData: + type: boolean + type: object + type: array + required: + - metricDataQueries + type: object datadog: properties: interval: @@ -116,6 +169,13 @@ spec: required: - query type: object + graphite: + properties: + address: + type: string + query: + type: string + type: object job: properties: metadata: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 85eafd38..f81efd4d 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -102,6 +102,59 @@ spec: type: string provider: properties: + cloudWatch: + properties: + interval: + type: string + metricDataQueries: + items: + properties: + expression: + type: string + id: + type: string + label: + type: string + metricStat: + properties: + metric: + properties: + dimensions: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + metricName: + type: string + namespace: + type: string + type: object + period: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + stat: + type: string + unit: + type: string + type: object + period: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + returnData: + type: boolean + type: object + type: array + required: + - metricDataQueries + type: object datadog: properties: interval: @@ -111,6 +164,13 @@ spec: required: - query type: object + graphite: + properties: + address: + type: string + query: + type: string + type: object job: properties: metadata: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 76866712..d8435bda 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -102,6 +102,59 @@ spec: type: string provider: properties: + cloudWatch: + properties: + interval: + type: string + metricDataQueries: + items: + properties: + expression: + type: string + id: + type: string + label: + type: string + metricStat: + properties: + metric: + properties: + dimensions: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + metricName: + type: string + namespace: + type: string + type: object + period: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + stat: + type: string + unit: + type: string + type: object + period: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + returnData: + type: boolean + type: object + type: array + required: + - metricDataQueries + type: object datadog: properties: interval: @@ -111,6 +164,13 @@ spec: required: - query type: object + graphite: + properties: + address: + type: string + query: + type: string + type: object job: properties: metadata: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 7965030a..634b03f3 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -95,6 +95,9 @@ spec: progressDeadlineSeconds: format: int32 type: integer + scaleDownDelaySeconds: + format: int32 + type: integer templates: items: properties: @@ -129,6 +132,8 @@ spec: type: string type: object type: object + service: + type: object template: properties: metadata: @@ -2316,12 +2321,16 @@ spec: type: string name: type: string + podTemplateHash: + type: string readyReplicas: format: int32 type: integer replicas: format: int32 type: integer + serviceName: + type: string status: type: string updatedReplicas: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 748d5897..cbde1256 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -57,11 +57,22 @@ spec: type: object spec: properties: + analysis: + properties: + successfulRunHistoryLimit: + format: int32 + type: integer + unsuccessfulRunHistoryLimit: + format: int32 + type: integer + type: object minReadySeconds: format: int32 type: integer paused: type: boolean + progressDeadlineAbort: + type: boolean progressDeadlineSeconds: format: int32 type: integer @@ -101,6 +112,9 @@ spec: properties: blueGreen: properties: + abortScaleDownDelaySeconds: + format: int32 + type: integer activeMetadata: properties: annotations: @@ -234,6 +248,9 @@ spec: type: object canary: properties: + abortScaleDownDelaySeconds: + format: int32 + type: integer analysis: properties: args: @@ -298,6 +315,8 @@ spec: type: object canaryService: type: string + dynamicStableScale: + type: boolean maxSurge: anyOf: - type: integer @@ -452,6 +471,9 @@ spec: type: object specRef: type: string + weight: + format: int32 + type: integer required: - name - specRef @@ -533,12 +555,46 @@ spec: items: type: string type: array + tlsRoutes: + items: + properties: + port: + format: int64 + type: integer + sniHosts: + items: + type: string + type: array + type: object + type: array required: - name - - routes type: object - required: - - virtualService + virtualServices: + items: + properties: + name: + type: string + routes: + items: + type: string + type: array + tlsRoutes: + items: + properties: + port: + format: int64 + type: integer + sniHosts: + items: + type: string + type: array + type: object + type: array + required: + - name + type: object + type: array type: object nginx: properties: @@ -2755,6 +2811,52 @@ spec: - name - status type: object + weights: + properties: + additional: + items: + properties: + podTemplateHash: + type: string + serviceName: + type: string + weight: + format: int32 + type: integer + required: + - weight + type: object + type: array + canary: + properties: + podTemplateHash: + type: string + serviceName: + type: string + weight: + format: int32 + type: integer + required: + - weight + type: object + stable: + properties: + podTemplateHash: + type: string + serviceName: + type: string + weight: + format: int32 + type: integer + required: + - weight + type: object + verified: + type: boolean + required: + - canary + - stable + type: object type: object collisionCount: format: int32 @@ -2831,6 +2933,8 @@ spec: updatedReplicas: format: int32 type: integer + workloadObservedGeneration: + type: string type: object required: - spec From dbd8c20e1f3253b18333d79e91a43395a18fe02e Mon Sep 17 00:00:00 2001 From: Sanjay Tiwari <65133206+tiwarisanjay@users.noreply.github.com> Date: Fri, 15 Oct 2021 05:41:54 -0400 Subject: [PATCH 0104/1248] fix(argo-workflows): RBAC for namespaced workflows (#962) * Fix to add sa role and rolebinding in case of seperate workflow namespace * Update Chart version to 0.7.2 Signed-off-by: Sanjay Tiwari * Update Contribution file Signed-off-by: Sanjay Tiwari * ADO SignOff Signed-off-by: Sanjay Tiwari * ADO SignOff Signed-off-by: Sanjay Tiwari * Update Chart with change log Signed-off-by: Sanjay Tiwari * Restore Contribution.md Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/controller/workflow-rb.yaml | 2 +- charts/argo-workflows/templates/controller/workflow-role.yaml | 2 +- charts/argo-workflows/templates/controller/workflow-sa.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a36c9cb2..83a0202a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.7.1 +version: 0.7.2 appVersion: "v3.1.8" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Also test with default values" + - "[Fixed]: Additional service account, role and rolebinding which was not created for multiple namespaces in case of namespaced workflow." diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 67f22504..24223ce6 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) (list "") }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 66ad9328..7e826261 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) (list "") }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 7c76585a..952c2dc7 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.serviceAccount.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) (list "") }} --- apiVersion: v1 kind: ServiceAccount From 2671798e8261e7bfe0504b712da95953254ee58a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Louis=20Hau=C3=9Fknecht?= Date: Fri, 15 Oct 2021 12:21:48 +0200 Subject: [PATCH 0105/1248] feat(argo-workflows): Bump appVersion to 3.2.0 (#963) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-workflows): Bump appVersion to 3.2.0 Signed-off-by: Louis Haußknecht * feat(argo-workflows): Add WorkflowTaskSet to CRD Signed-off-by: Louis Haußknecht * feat(argo-workflows): Synced CRDs with https://github.com/argoproj/argo-workflows/tree/v3.2.0/manifests/base/crds/minimal. Signed-off-by: Louis Haußknecht * Bump Chart version Signed-off-by: Marko Bevc Co-authored-by: Marko Bevc --- charts/argo-workflows/Chart.yaml | 7 ++-- .../argoproj.io_clusterworkflowtemplates.yaml | 1 + .../crds/argoproj.io_cronworkflows.yaml | 2 + .../argoproj.io_workfloweventbindings.yaml | 1 + .../crds/argoproj.io_workflows.yaml | 4 +- .../crds/argoproj.io_workflowtasksets.yaml | 39 +++++++++++++++++++ .../crds/argoproj.io_workflowtemplates.yaml | 1 + 7 files changed, 50 insertions(+), 5 deletions(-) create mode 100644 charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 83a0202a..793bfc2b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.7.2 -appVersion: "v3.1.8" +version: 0.7.3 +appVersion: "v3.2.0" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,5 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Additional service account, role and rolebinding which was not created for multiple namespaces in case of namespaced workflow." + - "[Changed]: Bump appVersion to 3.2.0. Synced CRDs." + - "[Added]: WorkflowTaskSet CRD" diff --git a/charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml b/charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml index fa7da83a..889dfe2f 100644 --- a/charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml +++ b/charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml @@ -26,6 +26,7 @@ spec: type: object spec: type: object + x-kubernetes-map-type: atomic x-kubernetes-preserve-unknown-fields: true required: - metadata diff --git a/charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml b/charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml index 2878fe9b..812cf114 100644 --- a/charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml +++ b/charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml @@ -26,9 +26,11 @@ spec: type: object spec: type: object + x-kubernetes-map-type: atomic x-kubernetes-preserve-unknown-fields: true status: type: object + x-kubernetes-map-type: atomic x-kubernetes-preserve-unknown-fields: true required: - metadata diff --git a/charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml b/charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml index 9585686a..22e2ecf0 100644 --- a/charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml @@ -25,6 +25,7 @@ spec: type: object spec: type: object + x-kubernetes-map-type: atomic x-kubernetes-preserve-unknown-fields: true required: - metadata diff --git a/charts/argo-workflows/crds/argoproj.io_workflows.yaml b/charts/argo-workflows/crds/argoproj.io_workflows.yaml index 59d2fc3b..6e646adc 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflows.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workflows.yaml @@ -35,12 +35,12 @@ spec: type: object spec: type: object - x-kubernetes-preserve-unknown-fields: true x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true status: type: object - x-kubernetes-preserve-unknown-fields: true x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true required: - metadata - spec diff --git a/charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml b/charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml new file mode 100644 index 00000000..2d3c2dfa --- /dev/null +++ b/charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml @@ -0,0 +1,39 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workflowtasksets.argoproj.io +spec: + group: argoproj.io + names: + kind: WorkflowTaskSet + listKind: WorkflowTaskSetList + plural: workflowtasksets + shortNames: + - wfts + singular: workflowtaskset + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true diff --git a/charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml b/charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml index f6fa080a..8165ec25 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml @@ -25,6 +25,7 @@ spec: type: object spec: type: object + x-kubernetes-map-type: atomic x-kubernetes-preserve-unknown-fields: true required: - metadata From 8d6bf9b2d0901631c9ba0c865dbdafb466c3669c Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sun, 17 Oct 2021 12:32:53 +0200 Subject: [PATCH 0106/1248] chore: Move applications/projects to argocd-configs (#975) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../{argocd-server => argocd-configs}/applications.yaml | 0 .../templates/{argocd-server => argocd-configs}/projects.yaml | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename charts/argo-cd/templates/{argocd-server => argocd-configs}/applications.yaml (100%) rename charts/argo-cd/templates/{argocd-server => argocd-configs}/projects.yaml (100%) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f6e11c37..693a3e16 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.25.1 +version: 3.25.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Use correct chart icon url" + - "[Changed]: Reorganize some files in repo, move applications.yaml and projects.yaml into argocd-configs." diff --git a/charts/argo-cd/templates/argocd-server/applications.yaml b/charts/argo-cd/templates/argocd-configs/applications.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-server/applications.yaml rename to charts/argo-cd/templates/argocd-configs/applications.yaml diff --git a/charts/argo-cd/templates/argocd-server/projects.yaml b/charts/argo-cd/templates/argocd-configs/projects.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-server/projects.yaml rename to charts/argo-cd/templates/argocd-configs/projects.yaml From e2cb20df28b6b1fdd0a3ca130238c79d366483f1 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sun, 17 Oct 2021 14:08:28 +0200 Subject: [PATCH 0107/1248] chore(argo-rollouts): Reorganize files in repo (#976) Signed-off-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- ...rgo-rollouts-aggregate-roles.yaml => aggregate-roles.yaml} | 0 .../clusterrole.yaml} | 0 .../clusterrolebinding.yaml} | 0 .../deployment.yaml} | 0 .../metrics-service.yaml} | 0 .../{argo-rollouts-role.yaml => controller/role.yaml} | 0 .../rolebinding.yaml} | 0 .../{argo-rollouts-sa.yaml => controller/serviceaccount.yaml} | 0 .../servicemonitor.yaml} | 0 .../templates/dashboard/{sa.yaml => serviceaccount.yaml} | 0 11 files changed, 2 insertions(+), 2 deletions(-) rename charts/argo-rollouts/templates/{argo-rollouts-aggregate-roles.yaml => aggregate-roles.yaml} (100%) rename charts/argo-rollouts/templates/{argo-rollouts-clusterrole.yaml => controller/clusterrole.yaml} (100%) rename charts/argo-rollouts/templates/{argo-rollouts-clusterrolebinding.yaml => controller/clusterrolebinding.yaml} (100%) rename charts/argo-rollouts/templates/{argo-rollouts-deployment.yaml => controller/deployment.yaml} (100%) rename charts/argo-rollouts/templates/{argo-rollouts-metrics-service.yaml => controller/metrics-service.yaml} (100%) rename charts/argo-rollouts/templates/{argo-rollouts-role.yaml => controller/role.yaml} (100%) rename charts/argo-rollouts/templates/{argo-rollouts-rolebinding.yaml => controller/rolebinding.yaml} (100%) rename charts/argo-rollouts/templates/{argo-rollouts-sa.yaml => controller/serviceaccount.yaml} (100%) rename charts/argo-rollouts/templates/{argo-rollouts-service-monitor.yaml => controller/servicemonitor.yaml} (100%) rename charts/argo-rollouts/templates/dashboard/{sa.yaml => serviceaccount.yaml} (100%) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 7304f35b..dae0dcbd 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.2.0 +version: 2.2.1 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Changed]: updated rollouts version to 1.1.0 and updated CRDs to reflect the version bump" + - "[Changed]: Reorganize files in repo, move controller-specific things into subfolder." diff --git a/charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml b/charts/argo-rollouts/templates/aggregate-roles.yaml similarity index 100% rename from charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml rename to charts/argo-rollouts/templates/aggregate-roles.yaml diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml similarity index 100% rename from charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml rename to charts/argo-rollouts/templates/controller/clusterrole.yaml diff --git a/charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml similarity index 100% rename from charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml rename to charts/argo-rollouts/templates/controller/clusterrolebinding.yaml diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml similarity index 100% rename from charts/argo-rollouts/templates/argo-rollouts-deployment.yaml rename to charts/argo-rollouts/templates/controller/deployment.yaml diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml similarity index 100% rename from charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml rename to charts/argo-rollouts/templates/controller/metrics-service.yaml diff --git a/charts/argo-rollouts/templates/argo-rollouts-role.yaml b/charts/argo-rollouts/templates/controller/role.yaml similarity index 100% rename from charts/argo-rollouts/templates/argo-rollouts-role.yaml rename to charts/argo-rollouts/templates/controller/role.yaml diff --git a/charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml b/charts/argo-rollouts/templates/controller/rolebinding.yaml similarity index 100% rename from charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml rename to charts/argo-rollouts/templates/controller/rolebinding.yaml diff --git a/charts/argo-rollouts/templates/argo-rollouts-sa.yaml b/charts/argo-rollouts/templates/controller/serviceaccount.yaml similarity index 100% rename from charts/argo-rollouts/templates/argo-rollouts-sa.yaml rename to charts/argo-rollouts/templates/controller/serviceaccount.yaml diff --git a/charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml similarity index 100% rename from charts/argo-rollouts/templates/argo-rollouts-service-monitor.yaml rename to charts/argo-rollouts/templates/controller/servicemonitor.yaml diff --git a/charts/argo-rollouts/templates/dashboard/sa.yaml b/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml similarity index 100% rename from charts/argo-rollouts/templates/dashboard/sa.yaml rename to charts/argo-rollouts/templates/dashboard/serviceaccount.yaml From a992c96053a139775df5c5009756c39900484c01 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sun, 17 Oct 2021 20:30:37 +0200 Subject: [PATCH 0108/1248] chore(argocd-applicationset): Don't exclude chart anymore (#977) * chore(argocd-applicationset): Don't exclude chart anymore Signed-off-by: Marco Kilchhofer * Bump chart argocd-applicationset Signed-off-by: Marco Kilchhofer * Bump minor chart version Signed-off-by: Marco Kilchhofer --- .github/configs/ct-install.yaml | 3 +-- .github/workflows/lint-and-test.yml | 8 ++++++++ charts/argocd-applicationset/Chart.yaml | 5 +++-- charts/argocd-applicationset/README.md | 2 +- charts/argocd-applicationset/ci/default-values.yaml | 5 +++++ .../argocd-applicationset/ci/leader-election-values.yaml | 5 +++++ charts/argocd-applicationset/templates/deployment.yaml | 2 +- charts/argocd-applicationset/values.yaml | 4 ++-- 8 files changed, 26 insertions(+), 8 deletions(-) diff --git a/.github/configs/ct-install.yaml b/.github/configs/ct-install.yaml index e991d382..f2b9dc9e 100644 --- a/.github/configs/ct-install.yaml +++ b/.github/configs/ct-install.yaml @@ -15,5 +15,4 @@ validate-chart-schema: false validate-maintainers: true validate-yaml: true exclude-deprecated: true -excluded-charts: - - "argocd-applicationset" +excluded-charts: [] diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 2de22a8b..3cc795ee 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -40,6 +40,14 @@ jobs: uses: helm/kind-action@v1.2.0 if: steps.list-changed.outputs.changed == 'true' + - name: Deploy latest ArgoCD CRDs when testing ArgoCD extensions + if: | + contains(steps.list-changed.outputs.changed_charts, 'argocd-applicationset') || + contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') || + contains(steps.list-changed.outputs.changed_charts, 'argocd-notifications') + run: | + kubectl apply -f charts/argo-cd/crds + - name: Run chart-testing (install) run: ct install --config ./.github/configs/ct-install.yaml if: steps.list-changed.outputs.changed == 'true' diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 652adaf4..1c088119 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.5.1 +version: 1.6.0 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,5 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Removed]: Duplicated default values during chart testing" + - "[Added]: Install the chart into a kind cluster during the chart testing process" + - "[Changed]: Parameter 'args.namespace' now defaults to the namespace where you install the chart to" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index 506880a6..a89d9f6f 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -62,7 +62,7 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | args.dryRun | bool | `false` | Enable dry run mode | | args.enableLeaderElection | bool | `false` | The default leader election setting | | args.metricsAddr | string | `":8080"` | The default metric address | -| args.namespace | string | `"argocd"` | The default Argo CD repo namespace | +| args.namespace | string | `""` | Namespace where ArgoCD is deployed to (defaults to .Release.Namespace) | | args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | args.probeBindAddr | string | `":8081"` | The default health check port | | extraArgs | list | `[]` | List of extra cli args to add | diff --git a/charts/argocd-applicationset/ci/default-values.yaml b/charts/argocd-applicationset/ci/default-values.yaml index 507f1e54..adb55437 100644 --- a/charts/argocd-applicationset/ci/default-values.yaml +++ b/charts/argocd-applicationset/ci/default-values.yaml @@ -1 +1,6 @@ # Test with default values + +# Disable mounts of ArgoCD related ConfigMaps as ArgoCD isn't installed during chart testing +mountSSHKnownHostsVolume: false +mountTLSCertsVolume: false +mountGPGKeysVolume: false diff --git a/charts/argocd-applicationset/ci/leader-election-values.yaml b/charts/argocd-applicationset/ci/leader-election-values.yaml index 39ec3078..8baa26dc 100644 --- a/charts/argocd-applicationset/ci/leader-election-values.yaml +++ b/charts/argocd-applicationset/ci/leader-election-values.yaml @@ -2,3 +2,8 @@ args: enableLeaderElection: true replicaCount: 3 + +# Disable mounts of ArgoCD related ConfigMaps as ArgoCD isn't installed during chart testing +mountSSHKnownHostsVolume: false +mountTLSCertsVolume: false +mountGPGKeysVolume: false diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index c0527562..281882b6 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -39,7 +39,7 @@ spec: {{- if or (gt ( .Values.replicaCount | int64) 1) .Values.args.enableLeaderElection }} - --enable-leader-election=true {{- end }} - - --namespace={{ .Values.args.namespace }} + - --namespace={{ .Values.args.namespace | default .Release.Namespace }} - --argocd-repo-server={{ .Values.args.argocdRepoServer }} - --policy={{ .Values.args.policy }} - --debug={{ .Values.args.debug }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index fd5a50d5..b65716a9 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -20,8 +20,8 @@ args: probeBindAddr: :8081 # -- The default leader election setting enableLeaderElection: false - # -- The default Argo CD repo namespace - namespace: argocd + # -- Namespace where ArgoCD is deployed to (defaults to .Release.Namespace) + namespace: "" # -- The default Argo CD repo server address argocdRepoServer: argocd-repo-server:8081 # -- How application is synced between the generator and the cluster From 85f30392653fb7af9bfbcf795c191cc3407d8022 Mon Sep 17 00:00:00 2001 From: Sebastian J Date: Mon, 18 Oct 2021 08:29:19 -0400 Subject: [PATCH 0109/1248] feat(argo-rollouts): Support extraArgs for controller and dashboard (#978) * feat(argo-rollouts): Support extraArgs for controller and dashboard Adding support for additional arguments that are passed to the controller and the dashboard. Following the pattern of other Argo charts by re-using the name `extraArgs` for the value. Refs: https://github.com/argoproj/argo-helm/issues/969 Signed-off-by: Sebastian J * Update charts/argo-rollouts/templates/controller/deployment.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Sebastian J * Update charts/argo-rollouts/templates/dashboard/deployment.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Sebastian J * PR comments Signed-off-by: Sebastian J * Fix newly added parameters in README Signed-off-by: Marco Kilchhofer * Fix changelog keyword Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 2 ++ charts/argo-rollouts/templates/controller/deployment.yaml | 5 ++++- charts/argo-rollouts/templates/dashboard/deployment.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 7 +++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index dae0dcbd..f8b50237 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.2.1 +version: 2.3.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Changed]: Reorganize files in repo, move controller-specific things into subfolder." + - "[Added]: Support for extraArgs for controller and dashboard" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 52ced182..b13884ef 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -38,6 +38,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.image.registry | string | `quay.io` | Registry to use | | controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | +| controller.extraArgs | list | `[]` | Additional arguments for the controller. A list of flags. | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | | controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | @@ -63,6 +64,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.image.registry | string | `quay.io` | Registry to use | | dashboard.image.repository | string | `"argoproj/kubectl-argo-rollouts"` | Repository to use | | dashboard.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | +| dashboard.extraArgs | list | `[]` | Additional arguments for the dashboard. A list of flags. | | dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | | dashboard.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | | dashboard.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 71d73352..9672d119 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -32,10 +32,13 @@ spec: serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . }} containers: - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default .Chart.AppVersion .Values.controller.image.tag }}" - {{- if not .Values.clusterInstall }} args: + {{- if not .Values.clusterInstall }} - --namespaced {{- end }} + {{- with .Values.controller.extraArgs }} + {{- toYaml . | nindent 8 }} + {{- end }} imagePullPolicy: {{ .Values.controller.image.pullPolicy }} name: argo-rollouts ports: diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 48364587..87fa5fd4 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -34,6 +34,10 @@ spec: containers: - image: "{{ .Values.dashboard.image.registry }}/{{ .Values.dashboard.image.repository }}:{{ default .Chart.AppVersion .Values.dashboard.image.tag }}" imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }} + args: + {{- with .Values.dashboard.extraArgs }} + {{- toYaml . | nindent 8 }} + {{- end }} name: argo-rollouts-dashboard ports: - containerPort: 3100 diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f706f1e8..c009bbd4 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -17,6 +17,10 @@ controller: tag: "" pullPolicy: IfNotPresent + ## Additional command line arguments to pass to rollouts-controller + ## + extraArgs: [] + resources: {} # limits: # cpu: 100m @@ -110,6 +114,9 @@ dashboard: repository: argoproj/kubectl-argo-rollouts tag: "" pullPolicy: IfNotPresent + ## Additional command line arguments to pass to rollouts-dashboard + ## + extraArgs: [] resources: {} podSecurityContext: runAsNonRoot: true From 7ce743b2669a5f9bfb69fc87e1f62fa2ced663ac Mon Sep 17 00:00:00 2001 From: Paul Ayling Date: Tue, 19 Oct 2021 16:34:58 +0100 Subject: [PATCH 0110/1248] feat(argo-workflows): Add Executor image pull policy (#981) Signed-off-by: Paul Ayling --- charts/argo-workflows/Chart.yaml | 5 ++--- .../templates/controller/workflow-controller-config-map.yaml | 1 + 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 793bfc2b..3cfb791b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.7.3 +version: 0.8.0 appVersion: "v3.2.0" icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,5 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Bump appVersion to 3.2.0. Synced CRDs." - - "[Added]: WorkflowTaskSet CRD" + - "[Added]: Workflow Controller ConfigMap Executor ImagePullPolicy" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 86c7b709..77214546 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -29,6 +29,7 @@ data: {{- end }} {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: + imagePullPolicy: {{ .Values.images.pullPolicy }} {{- with .Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} {{- end }} From fbea5aa49b6dff46b0bfaf2446cf3939b282daf3 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 19 Oct 2021 17:50:42 +0200 Subject: [PATCH 0111/1248] chore(argo-cd): Add chart tests and usage info in README for HA (#951) * chore: Reconfigure KinD to 1 control-plane and 3 worker nodes This prepares chart testing of 'argo-cd' chart with redis-ha enabled. Redis-ha defines hard pod anti-affinity and requires multiple worker nodes. Signed-off-by: Marco Kilchhofer * chore(argo-cd): Add chart tests for HA Signed-off-by: Marco Kilchhofer * Add HA chapter to README Signed-off-by: Marco Kilchhofer * Skip HPA tests of ArgoCD Signed-off-by: Marco Kilchhofer --- .github/configs/kind-config.yaml | 7 +++ .github/workflows/lint-and-test.yml | 8 ++++ charts/argo-cd/.helmignore | 1 + charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 46 +++++++++++++++++++- charts/argo-cd/ci/default-values.yaml | 1 + charts/argo-cd/ci/ha-autoscaling-values.yaml | 16 +++++++ charts/argo-cd/ci/ha-static-values.yaml | 15 +++++++ 8 files changed, 95 insertions(+), 3 deletions(-) create mode 100644 .github/configs/kind-config.yaml create mode 100644 charts/argo-cd/ci/default-values.yaml create mode 100644 charts/argo-cd/ci/ha-autoscaling-values.yaml create mode 100644 charts/argo-cd/ci/ha-static-values.yaml diff --git a/.github/configs/kind-config.yaml b/.github/configs/kind-config.yaml new file mode 100644 index 00000000..f4bf78cb --- /dev/null +++ b/.github/configs/kind-config.yaml @@ -0,0 +1,7 @@ +kind: Cluster +apiVersion: kind.x-k8s.io/v1alpha4 +nodes: + - role: control-plane + - role: worker + - role: worker + - role: worker diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 3cc795ee..6dee7c2b 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -39,6 +39,8 @@ jobs: - name: Create kind cluster uses: helm/kind-action@v1.2.0 if: steps.list-changed.outputs.changed == 'true' + with: + config: .github/configs/kind-config.yaml - name: Deploy latest ArgoCD CRDs when testing ArgoCD extensions if: | @@ -48,6 +50,12 @@ jobs: run: | kubectl apply -f charts/argo-cd/crds + - name: Skip HPA tests of ArgoCD + if: contains(steps.list-changed.outputs.changed_charts, 'argo-cd') + run: | + ## Metrics API not available in kind cluster + rm charts/argo-cd/ci/ha-autoscaling-values.yaml + - name: Run chart-testing (install) run: ct install --config ./.github/configs/ct-install.yaml if: steps.list-changed.outputs.changed == 'true' diff --git a/charts/argo-cd/.helmignore b/charts/argo-cd/.helmignore index 94c89570..ebf177fc 100644 --- a/charts/argo-cd/.helmignore +++ b/charts/argo-cd/.helmignore @@ -1,2 +1,3 @@ /*.tgz output +ci/ diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 693a3e16..157ba164 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.25.2 +version: 3.25.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Reorganize some files in repo, move applications.yaml and projects.yaml into argocd-configs." + - "[Added]: Chart testing for HA setups" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 96633885..50711587 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -10,8 +10,52 @@ This is a **community maintained** chart. This chart installs [argo-cd](https:// The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases). -This chart currently installs the non-HA version of ArgoCD. +## High Availability +This chart installs the non-HA version of ArgoCD by default. If you want to run ArgoCD in HA mode, you can use one of the example values in the next sections. +Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of ArgoCD works in detail. + +> **Warning:** +> You need at least 3 worker nodes as the HA mode of redis enforces Pods to run on separate nodes. + +### HA mode with autoscaling + +```yaml +redis-ha: + enabled: true + +controller: + enableStatefulSet: true + +server: + autoscaling: + enabled: true + minReplicas: 2 + +repoServer: + autoscaling: + enabled: true + minReplicas: 2 +``` + +### HA mode without autoscaling + +```yaml +redis-ha: + enabled: true + +controller: + enableStatefulSet: true + +server: + replicas: 2 + env: + - name: ARGOCD_API_SERVER_REPLICAS + value: '2' + +repoServer: + replicas: 2 +``` ### Synchronizing Changes from Original Repository In the original [ArgoCD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). diff --git a/charts/argo-cd/ci/default-values.yaml b/charts/argo-cd/ci/default-values.yaml new file mode 100644 index 00000000..507f1e54 --- /dev/null +++ b/charts/argo-cd/ci/default-values.yaml @@ -0,0 +1 @@ +# Test with default values diff --git a/charts/argo-cd/ci/ha-autoscaling-values.yaml b/charts/argo-cd/ci/ha-autoscaling-values.yaml new file mode 100644 index 00000000..b9a9e535 --- /dev/null +++ b/charts/argo-cd/ci/ha-autoscaling-values.yaml @@ -0,0 +1,16 @@ +# Test High Availability with autoscaling +redis-ha: + enabled: true + +controller: + enableStatefulSet: true + +server: + autoscaling: + enabled: true + minReplicas: 2 + +repoServer: + autoscaling: + enabled: true + minReplicas: 2 diff --git a/charts/argo-cd/ci/ha-static-values.yaml b/charts/argo-cd/ci/ha-static-values.yaml new file mode 100644 index 00000000..7acda8d1 --- /dev/null +++ b/charts/argo-cd/ci/ha-static-values.yaml @@ -0,0 +1,15 @@ +# Test High Availability without autoscaling +redis-ha: + enabled: true + +controller: + enableStatefulSet: true + +server: + replicas: 2 + env: + - name: ARGOCD_API_SERVER_REPLICAS + value: '2' + +repoServer: + replicas: 2 From 694f8b4fe9c8c297c3154cf6d7eab900b97a9d47 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 19 Oct 2021 18:59:08 +0200 Subject: [PATCH 0112/1248] feat(argo-cd): Add ability to pass finalizers to AppProject (#982) * feat(argo-cd): Add ability to pass finalizers to AppProject Signed-off-by: Marco Kilchhofer * chore: Use 'with' instead of 'if' and beautify indent style Signed-off-by: Marco Kilchhofer * docs: Add finalizers to example in values.yaml Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +- .../templates/argocd-configs/projects.yaml | 50 ++++++++++--------- charts/argo-cd/values.yaml | 4 ++ 3 files changed, 33 insertions(+), 25 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 157ba164..deeecdb6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.25.3 +version: 3.26.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Chart testing for HA setups" + - "[Added]: Ability to add finalizers to AppProject" diff --git a/charts/argo-cd/templates/argocd-configs/projects.yaml b/charts/argo-cd/templates/argocd-configs/projects.yaml index 6b85889d..d51a19b6 100644 --- a/charts/argo-cd/templates/argocd-configs/projects.yaml +++ b/charts/argo-cd/templates/argocd-configs/projects.yaml @@ -2,53 +2,57 @@ apiVersion: v1 kind: List items: -{{- range .Values.server.additionalProjects }} + {{- range .Values.server.additionalProjects }} - apiVersion: argoproj.io/v1alpha1 kind: AppProject metadata: - {{- if .additionalAnnotations }} + {{- with .additionalAnnotations }} annotations: - {{- range $key, $value := .additionalAnnotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} - {{- end }} - {{- if .additionalLabels }} + {{- with .additionalLabels }} labels: -{{- toYaml .additionalLabels | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} name: {{ .name }} - {{- if .namespace }} - namespace: {{ .namespace }} + {{- with .namespace }} + namespace: {{ . }} + {{- end }} + {{- with .finalizers }} + finalizers: + {{- toYaml . | nindent 8 }} {{- end }} spec: description: {{ .description }} sourceRepos: -{{- toYaml .sourceRepos | nindent 8 }} + {{- toYaml .sourceRepos | nindent 8 }} destinations: -{{- toYaml .destinations | nindent 8 }} - {{- if .clusterResourceWhitelist }} + {{- toYaml .destinations | nindent 8 }} + {{- with .clusterResourceWhitelist }} clusterResourceWhitelist: -{{- toYaml .clusterResourceWhitelist | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- if .namespaceResourceBlacklist }} + {{- with .namespaceResourceBlacklist }} namespaceResourceBlacklist: -{{- toYaml .namespaceResourceBlacklist | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- if .namespaceResourceWhitelist }} + {{- with .namespaceResourceWhitelist }} namespaceResourceWhitelist: -{{- toYaml .namespaceResourceWhitelist | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- if .orphanedResources }} + {{- with .orphanedResources }} orphanedResources: -{{- toYaml .orphanedResources | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- if .roles }} + {{- with .roles }} roles: -{{- toYaml .roles | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- if .syncWindows }} + {{- with .syncWindows }} syncWindows: -{{- toYaml .syncWindows | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} -{{- end }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c32f34bf..06572cbb 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -850,6 +850,8 @@ server: # namespace: argocd # additionalLabels: {} # additionalAnnotations: {} + # finalizers: + # - resources-finalizer.argocd.argoproj.io # project: guestbook # source: # repoURL: https://github.com/argoproj/argocd-example-apps.git @@ -880,6 +882,8 @@ server: # namespace: argocd # additionalLabels: {} # additionalAnnotations: {} + # finalizers: + # - resources-finalizer.argocd.argoproj.io # description: Example Project # sourceRepos: # - '*' From c87255c165ec101123d9e7b7b041efb09fe19322 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Wed, 20 Oct 2021 02:32:30 -0400 Subject: [PATCH 0113/1248] feat(argo-cd): Upgrade argocd to v2.1.4 (#985) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index deeecdb6..b187abab 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.1.3 +appVersion: 2.1.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.0 +version: 3.26.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to add finalizers to AppProject" + - "[Changed]: Upgrade argocd to v2.1.4" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 50711587..6b27338e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -185,7 +185,7 @@ NAME: my-release |-----|------|---------| | global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | | global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.1.3"` | +| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.1.4"` | | global.podAnnotations | Annotations for the all deployed pods | | global.podLabels | Labels for the all deployed pods | | global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 06572cbb..9f9f7c08 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -8,7 +8,7 @@ kubeVersionOverride: "" global: image: repository: quay.io/argoproj/argocd - tag: v2.1.3 + tag: v2.1.4 imagePullPolicy: IfNotPresent ## Annotations applied to all pods podAnnotations: {} From 02c655ff9a6c713f8c8b083a300558e0eb86ff1c Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 21 Oct 2021 13:33:45 +0200 Subject: [PATCH 0114/1248] docs(argo-cd): Use helm-docs for ArgoCD (#983) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/.helmignore | 1 + charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 791 +++++++++++++++++--------------- charts/argo-cd/README.md.gotmpl | 293 ++++++++++++ charts/argo-cd/values.yaml | 721 ++++++++++++++++++++--------- 5 files changed, 1234 insertions(+), 576 deletions(-) create mode 100644 charts/argo-cd/README.md.gotmpl diff --git a/charts/argo-cd/.helmignore b/charts/argo-cd/.helmignore index ebf177fc..eec606dc 100644 --- a/charts/argo-cd/.helmignore +++ b/charts/argo-cd/.helmignore @@ -1,3 +1,4 @@ /*.tgz output ci/ +README.md.gotmpl diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b187abab..0d858ad1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 2.1.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.1 +version: 3.26.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade argocd to v2.1.4" + - "[Changed]: Use helm-docs to generate README.md" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6b27338e..36af1b0f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -15,7 +15,7 @@ The default installation is intended to be similar to the provided ArgoCD [relea This chart installs the non-HA version of ArgoCD by default. If you want to run ArgoCD in HA mode, you can use one of the example values in the next sections. Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of ArgoCD works in detail. -> **Warning:** +> **Warning:** > You need at least 3 worker nodes as the HA mode of redis enforces Pods to run on separate nodes. ### HA mode with autoscaling @@ -56,6 +56,7 @@ server: repoServer: replicas: 2 ``` + ### Synchronizing Changes from Original Repository In the original [ArgoCD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). @@ -129,7 +130,6 @@ kubeVersionOverride: "1.18.0" Then you should no longer encounter this issue. - ### 3.0.0 and above Helm apiVersion switched to `v2`. Requires Helm `3.0.0` or above to install. [Read More](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/) on how to migrate your release from Helm 2 to Helm 3. @@ -147,6 +147,7 @@ The application controller is now available as a `StatefulSet` when the `control `controller.extraArgs`, `repoServer.extraArgs` and `server.extraArgs` are now arrays of strings instead of a map What was + ```yaml server: extraArgs: @@ -179,388 +180,433 @@ NAME: my-release ... ``` -## Chart Values +## General parameters -| Parameter | Description | Default | -|-----|------|---------| -| global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` | -| global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` | -| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v2.1.4"` | -| global.podAnnotations | Annotations for the all deployed pods | -| global.podLabels | Labels for the all deployed pods | -| global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) | -| global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` | -| global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` | -| global.networkPolicy.create | Create NetworkPolicy objects for all components | `false` | -| global.networkPolicy.defaultDenyIngress | Default deny all ingress traffic | `false` | -| kubeVersionOverride | Override the Kubernetes version, which is used to evaluate certain manifests | `""` | -| nameOverride | Provide a name in place of `argocd` | `"argocd"` | -| fullnameOverride | String to fully override `"argo-cd.fullname"` | `""` | -| apiVersionOverrides.certmanager | String to override apiVersion of certmanager resources rendered by this helm chart | `""` | -| apiVersionOverrides.ingress | String to override apiVersion of ingresses rendered by this helm chart | `""` | -| createAggregateRoles | Create clusterroles that extend aggregated roles to use argo-cd crds | `false` | -| configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) | -| configs.gpgKeysAnnotations | GnuPG key ring annotations | `{}` | -| configs.gpgKeys | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | `{}` (See [values.yaml](values.yaml)) | -| configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` | -| configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) | -| configs.secret.annotations | Annotations for argocd-secret | `{}` | -| configs.secret.argocdServerAdminPassword | Bcrypt hashed admin password | `null` | -| configs.secret.argocdServerAdminPasswordMtime | Admin password modification time | `date "2006-01-02T15:04:05Z" now` if configs.secret.argocdServerAdminPassword is set | -| configs.secret.bitbucketSecret | BitBucket incoming webhook secret | `""` | -| configs.secret.createSecret | Create the argocd-secret. | `true` | -| configs.secret.githubSecret | GitHub incoming webhook secret | `""` | -| configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` | -| configs.repositoryCredentials | DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories. | `{}` | -| configs.credentialTemplates | Repository credentials to be used as Templates for other repos. | `{}` | -| configs.repositories | Repositories list to be used by applications. | `{}` | -| configs.tlsCertsAnnotations | TLS certificate configmap annotations | `{}` | -| configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) | -| configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` | -| configs.styles | Define custom CSS styles for your argo instance ([Read More](https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/)). This Settings will automatically mount the provided css and reference it in the argo configuration. | `""` (See [values.yaml](values.yaml)) | -| openshift.enabled | enables using arbitrary uid for argo repo server | `false` | -| server.additionalApplications | Deploy ArgoCD Applications within this helm release | `[]` (See [values.yaml](values.yaml)) | -| server.additionalProjects | Deploy ArgoCD Projects within this helm release | `[]` (See [values.yaml](values.yaml)) | +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of certmanager resources rendered by this helm chart | +| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | +| configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | +| configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | +| configs.gpgKeys | object | `{}` (See [values.yaml]) | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | +| configs.gpgKeysAnnotations | object | `{}` | GnuPG key ring annotations | +| configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts | +| configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations | +| configs.repositories | object | `{}` | Repositories list to be used by applications | +| configs.repositoryCredentials | object | `{}` | *DEPRECATED:* Instead, use `configs.credentialTemplates` and/or `configs.repositories` | +| configs.secret.annotations | object | `{}` | Annotations to be added to argocd-secret | +| configs.secret.argocdServerAdminPassword | string | `""` | Bcrypt hashed admin password | +| configs.secret.argocdServerAdminPasswordMtime | string | `""` (defaults to current time) | Admin password modification time. Eg. `"2006-01-02T15:04:05Z"` | +| configs.secret.argocdServerTlsConfig | object | `{}` | Argo TLS Data | +| configs.secret.bitbucketServerSecret | string | `""` | Shared secret for authenticating BitbucketServer webhook events | +| configs.secret.bitbucketUUID | string | `""` | UUID for authenticating Bitbucket webhook events | +| configs.secret.createSecret | bool | `true` | Create the argocd-secret | +| configs.secret.extra | object | `{}` | add additional secrets to be added to argocd-secret | +| configs.secret.githubSecret | string | `""` | Shared secret for authenticating GitHub webhook events | +| configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events | +| configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events | +| configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | +| configs.tlsCerts | object | See [values.yaml] | TLS certificate | +| configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | +| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | +| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | +| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all ArgoCD deployments | +| global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all ArgoCD deployments | +| global.image.tag | string | `"v2.1.4"` | If defined, a tag applied to all ArgoCD deployments | +| global.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository | +| global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | +| global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | +| global.podAnnotations | object | `{}` | Annotations for the all deployed pods | +| global.podLabels | object | `{}` | Labels for the all deployed pods | +| global.securityContext | object | `{}` | Toggle and define securityContext. See [values.yaml] | +| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | +| nameOverride | string | `"argocd"` | Provide a name in place of `argocd` | +| openshift.enabled | bool | `false` | enables using arbitrary uid for argo repo server | +| server.additionalApplications | list | `[]` (See [values.yaml]) | Deploy ArgoCD Applications within this helm release | +| server.additionalProjects | list | `[]` (See [values.yaml]) | Deploy ArgoCD Projects within this helm release | ## ArgoCD Controller -| Parameter | Description | Default | -|-----|---------|-------------| -| controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | -| controller.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | -| controller.args.operationProcessors | define the controller `--operation-processors` | `"10"` | -| controller.args.appResyncPeriod | define the controller `--app-resync` | `"180"` | -| controller.args.selfHealTimeout | define the controller `--self-heal-timeout-seconds` | `"5"` | -| controller.args.statusProcessors | define the controller `--status-processors` | `"20"` | -| controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | -| controller.clusterRoleRules.enabled | Enable custom rules for the Application Controller's Cluster Role resource. | `false` | -| controller.clusterRoleRules.rules | List of custom rules for the Application Controller's Cluster Role resource. | `[]` | -| controller.containerPort | Controller listening port. | `8082` | -| controller.extraArgs | Additional arguments for the controller. A list of flags | `[]` | -| controller.extraContainers | Additional containers for the controller. A list of containers. | `[]` | -| controller.enableStatefulSet | Enable deploying the controller as a StatefulSet instead of a Deployment. Used for HA installations. | `false` | -| controller.env | Environment variables for the controller. | `[]` | -| controller.envFrom | `envFrom` to pass to the controller. | `[]` (See [values.yaml](values.yaml)) | -| controller.image.repository | Repository to use for the controller | `global.image.repository` | -| controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` | -| controller.image.tag | Tag to use for the controller | `global.image.tag` | -| controller.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | -| controller.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| controller.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| controller.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| controller.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| controller.logLevel | Controller log level | `"info"` | -| controller.metrics.enabled | Deploy metrics service | `false` | -| controller.metrics.service.annotations | Metrics service annotations | `{}` | -| controller.metrics.service.labels | Metrics service labels | `{}` | -| controller.metrics.service.servicePort | Metrics service port | `8082` | -| controller.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | -| controller.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | -| controller.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | -| controller.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | -| controller.name | Controller name string. | `"application-controller"` | -| controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | -| controller.podAnnotations | Annotations for the controller pods | `{}` | -| controller.podLabels | Labels for the controller pods | `{}` | -| controller.priorityClassName | Priority class for the controller pods | `""` | -| controller.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | -| controller.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| controller.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| controller.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| controller.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| controller.replicas | The number of controller pods to run | `1` |\ -| controller.resources | Resource limits and requests for the controller pods. | `{}` | -| controller.service.annotations | Controller service annotations. | `{}` | -| controller.service.labels | Controller service labels. | `{}` | -| controller.service.port | Controller service port. | `8082` | -| controller.serviceAccount.annotations | Controller service account annotations | `{}` | -| controller.serviceAccount.automountServiceAccountToken | Automount API credentials for the Service Account | `true` | -| controller.serviceAccount.create | Create a service account for the controller | `true` | -| controller.serviceAccount.name | Service account name. | `"argocd-application-controller"` | -| controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| controller.volumeMounts | Controller volume mounts | `[]` | -| controller.volumes | Controller volumes | `[]` | +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| controller.args.appResyncPeriod | string | `"180"` | define the application controller `--app-resync` | +| controller.args.operationProcessors | string | `"10"` | define the application controller `--operation-processors` | +| controller.args.repoServerTimeoutSeconds | string | `"60"` | define the application controller `--repo-server-timeout-seconds` | +| controller.args.selfHealTimeout | string | `"5"` | define the application controller `--self-heal-timeout-seconds` | +| controller.args.statusProcessors | string | `"20"` | define the application controller `--status-processors` | +| controller.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | +| controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | +| controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | +| controller.containerPort | int | `8082` | Application controller listening port | +| controller.containerSecurityContext | object | `{}` | Application controller container-level security context | +| controller.enableStatefulSet | bool | `false` | Deploy the application controller as a StatefulSet instead of a Deployment, this is required for HA capability. This is a feature flag that will become the default in chart version 3.x | +| controller.env | list | `[]` | Environment variables to pass to application controller | +| controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | +| controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | +| controller.extraContainers | list | `[]` | Additional containers to be added to the application controller pod | +| controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller | +| controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller | +| controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | +| controller.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| controller.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| controller.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| controller.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| controller.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| controller.logFormat | string | `"text"` | Application controller log format. Either `text` or `json` | +| controller.logLevel | string | `"info"` | Application controller log level | +| controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.rules.enabled | bool | `false` | Deploy a PrometheusRule for the application controller | +| controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | +| controller.metrics.service.annotations | object | `{}` | Metrics service annotations | +| controller.metrics.service.labels | object | `{}` | Metrics service labels | +| controller.metrics.service.servicePort | int | `8082` | Metrics service port | +| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| controller.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| controller.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| controller.name | string | `"application-controller"` | Application controller name string | +| controller.nodeSelector | object | `{}` | [Node selector] | +| controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | +| controller.podLabels | object | `{}` | Labels to be added to application controller pods | +| controller.priorityClassName | string | `""` | Priority class for the application controller pods | +| controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| controller.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| controller.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| controller.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| controller.replicas | int | `1` | The number of application controller pods to run. If changing the number of replicas you must pass the number as `ARGOCD_CONTROLLER_REPLICAS` as an environment variable | +| controller.resources | object | `{}` | Resource limits and requests for the application controller pods | +| controller.service.annotations | object | `{}` | Application controller service annotations | +| controller.service.labels | object | `{}` | Application controller service labels | +| controller.service.port | int | `8082` | Application controller service port | +| controller.service.portName | string | `"https-controller"` | Application controller service port name | +| controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| controller.serviceAccount.create | bool | `true` | Create a service account for the application controller | +| controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | +| controller.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller | +| controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | +| controller.volumes | list | `[]` | Additional volumes to the application controller pod | ## Argo Repo Server -| Property | Description | Default | -|-----|---------|-------------| -| repoServer.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | -| repoServer.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | -| repoServer.autoscaling.enabled | Enable Horizontal Pod Autoscaler ([HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)) for the repo server | `false` | -| repoServer.autoscaling.minReplicas | Minimum number of replicas for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `1` | -| repoServer.autoscaling.maxReplicas | Maximum number of replicas for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `5` | -| repoServer.autoscaling.targetCPUUtilizationPercentage | Average CPU utilization percentage for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` | -| repoServer.autoscaling.targetMemoryUtilizationPercentage | Average memory utilization percentage for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` | -| repoServer.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `false` | -| repoServer.clusterRoleRules.enabled | Enable custom rules for the Repo server's Cluster Role resource. | `false` | -| repoServer.clusterRoleRules.rules | List of custom rules for the Repo server's Cluster Role resource. | `[]` | -| repoServer.containerPort | Repo server port | `8081` | -| repoServer.extraArgs | Additional arguments for the repo server. A list of flags. | `[]` | -| repoServer.extraContainers | Additional containers for the repo server. A list of containers. | `[]` | -| repoServer.env | Environment variables for the repo server. | `[]` | -| repoServer.envFrom | `envFrom` to pass to the repo server. | `[]` (See [values.yaml](values.yaml)) | -| repoServer.image.repository | Repository to use for the repo server | `global.image.repository` | -| repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` | -| repoServer.image.tag | Tag to use for the repo server | `global.image.tag` | -| repoServer.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | -| repoServer.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| repoServer.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| repoServer.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| repoServer.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| repoServer.logLevel | Log level | `"info"` | -| repoServer.metrics.enabled | Deploy metrics service | `false` | -| repoServer.metrics.service.annotations | Metrics service annotations | `{}` | -| repoServer.metrics.service.labels | Metrics service labels | `{}` | -| repoServer.metrics.service.servicePort | Metrics service port | `8082` | -| repoServer.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | -| repoServer.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | -| repoServer.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | -| repoServer.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | -| repoServer.name | Repo server name | `"repo-server"` | -| repoServer.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | -| repoServer.podAnnotations | Annotations for the repo server pods | `{}` | -| repoServer.podLabels | Labels for the repo server pods | `{}` | -| repoServer.priorityClassName | Priority class for the repo server | `""` | -| repoServer.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | -| repoServer.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| repoServer.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| repoServer.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| repoServer.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| repoServer.replicas | The number of repo server pods to run | `1` | -| repoServer.resources | Resource limits and requests for the repo server pods. | `{}` | -| repoServer.service.annotations | Repo server service annotations. | `{}` | -| repoServer.service.automountServiceAccountToken | Automount API credentials for the Service Account | `true` | -| repoServer.service.labels | Repo server service labels. | `{}` | -| repoServer.service.port | Repo server service port. | `8081` | -| repoServer.serviceAccount.annotations | Repo server service account annotations | `{}` | -| repoServer.serviceAccount.create | Create repo server service account | `false` | -| repoServer.serviceAccount.name | Repo server service account name | `"argocd-repo-server"` | -| repoServer.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| repoServer.volumeMounts | Repo server volume mounts | `[]` | -| repoServer.volumes | Repo server volumes | `[]` | +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| repoServer.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | +| repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | +| repoServer.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the repo server [HPA] | +| repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] | +| repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] | +| repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments | +| repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | +| repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | +| repoServer.containerPort | int | `8081` | Configures the repo server port | +| repoServer.containerSecurityContext | object | `{}` | Repo server container-level security context | +| repoServer.env | list | `[]` | Environment variables to pass to repo server | +| repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | +| repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | +| repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod | +| repoServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the repo server | +| repoServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the repo server | +| repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | +| repoServer.initContainers | list | `[]` | Init containers to add to the repo server pods | +| repoServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| repoServer.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| repoServer.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| repoServer.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| repoServer.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| repoServer.logFormat | string | `"text"` | Repo server log format: Either `text` or `json` | +| repoServer.logLevel | string | `"info"` | Repo server log level | +| repoServer.metrics.enabled | bool | `false` | Deploy metrics service | +| repoServer.metrics.service.annotations | object | `{}` | Metrics service annotations | +| repoServer.metrics.service.labels | object | `{}` | Metrics service labels | +| repoServer.metrics.service.servicePort | int | `8084` | Metrics service port | +| repoServer.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| repoServer.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| repoServer.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| repoServer.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| repoServer.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| repoServer.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| repoServer.name | string | `"repo-server"` | Repo server name | +| repoServer.nodeSelector | object | `{}` | [Node selector] | +| repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | +| repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | +| repoServer.priorityClassName | string | `""` | Priority class for the repo server | +| repoServer.rbac | list | `[]` | Repo server rbac rules | +| repoServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| repoServer.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| repoServer.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| repoServer.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| repoServer.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| repoServer.replicas | int | `1` | The number of repo server pods to run | +| repoServer.resources | object | `{}` | Resource limits and requests for the repo server pods | +| repoServer.service.annotations | object | `{}` | Repo server service annotations | +| repoServer.service.labels | object | `{}` | Repo server service labels | +| repoServer.service.port | int | `8081` | Repo server service port | +| repoServer.service.portName | string | `"https-repo-server"` | Repo server service port name | +| repoServer.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| repoServer.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| repoServer.serviceAccount.create | bool | `false` | Create repo server service account | +| repoServer.serviceAccount.name | string | `""` | Repo server service account name | +| repoServer.tolerations | list | `[]` | [Tolerations] for use with node taints | +| repoServer.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the repo server | +| repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container | +| repoServer.volumes | list | `[]` | Additional volumes to the repo server pod | ## Argo Server -| Parameter | Description | Default | -|-----|---------|-------------| -| server.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | -| server.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | -| server.autoscaling.enabled | Enable Horizontal Pod Autoscaler ([HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)) for the server | `false` | -| server.autoscaling.minReplicas | Minimum number of replicas for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `1` | -| server.autoscaling.maxReplicas | Maximum number of replicas for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `5` | -| server.autoscaling.targetCPUUtilizationPercentage | Average CPU utilization percentage for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` | -| server.autoscaling.targetMemoryUtilizationPercentage | Average memory utilization percentage for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` | -| server.GKEbackendConfig.enabled | Enable BackendConfig custom resource for Google Kubernetes Engine. | `false` | -| server.GKEbackendConfig.spec | [BackendConfigSpec](https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom) | `{}` | -| server.certificate.additionalHosts | Certificate manager additional hosts | `[]` | -| server.certificate.domain | Certificate manager domain | `"argocd.example.com"` | -| server.certificate.enabled | Enables a certificate manager certificate. | `false` | -| server.certificate.issuer | Certificate manager issuer | `{}` | -| server.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` | -| server.configAnnotations | ArgoCD configuration configmap annotations | `{}` | -| server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) | -| server.config.repositories | [DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories.](https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour) | See [values.yaml](values.yaml) | -| server.containerPort | Server container port. | `8080` | -| server.extraArgs | Additional arguments for the server. A list of flags. | `[]` | -| server.extraContainers | Additional containers for the server. A list of containers. | `[]` | -| server.staticAssets.enabled | Disable deprecated flag --staticassets | `false` | -| server.env | Environment variables for the server. | `[]` | -| server.envFrom | `envFrom` to pass to the server. | `[]` (See [values.yaml](values.yaml)) | -| server.image.repository | Repository to use for the server | `global.image.repository` | -| server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` | -| server.image.tag | Tag to use for the server | `global.image.tag` | -| server.ingress.annotations | Additional ingress annotations | `{}` | -| server.ingress.enabled | Enable an ingress resource for the server | `false` | -| server.ingress.hosts | List of ingress hosts | `[]` | -| server.ingress.labels | Additional ingress labels. | `{}` | -| server.ingress.ingressClassName | Defines which ingress controller will implement the resource | `""` | -| server.ingress.tls | Ingress TLS configuration. | `[]` | -| server.ingress.https | Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` | `false` | -| server.ingressGrpc.annotations | Additional ingress annotations for dedicated [gRPC-ingress] | `{}` | -| server.ingressGrpc.enabled | Enable an ingress resource for the server for dedicated [gRPC-ingress] | `false` | -| server.ingressGrpc.hosts | List of ingress hosts for dedicated [gRPC-ingress] | `[]` | -| server.ingressGrpc.labels | Additional ingress labels for dedicated [gRPC-ingress] | `{}` | -| server.ingressGrpc.ingressClassName | Defines which ingress controller will implement the resource [gRPC-ingress] | `""` | -| server.ingressGrpc.tls | Ingress TLS configuration for dedicated [gRPC-ingress] | `[]` | -| server.ingressGrpc.isAWSALB | Setup up GRPC ingress to work with an AWS ALB | `false` | -| server.ingressGrpc.awsALB.serviceType | Service type for the AWS ALB GRPC service | `NodePort` | -| server.ingressGrpc.awsALB.backendProtocolVersion | Backend protocol version for the AWS ALB GRPC service | `HTTP2` | -| server.route.enabled | Enable a OpenShift route for the server | `false` | -| server.route.hostname | Hostname of OpenShift route | `""` | -| server.lifecycle | PostStart and PreStop hooks configuration | `{}` | -| server.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | -| server.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| server.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| server.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| server.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| server.logLevel | Log level | `"info"` | -| server.metrics.enabled | Deploy metrics service | `false` | -| server.metrics.service.annotations | Metrics service annotations | `{}` | -| server.metrics.service.labels | Metrics service labels | `{}` | -| server.metrics.service.servicePort | Metrics service port | `8082` | -| server.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | -| server.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | -| server.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | -| server.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | -| server.name | Argo CD server name | `"server"` | -| server.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | -| server.podAnnotations | Annotations for the server pods | `{}` | -| server.podLabels | Labels for the server pods | `{}` | -| server.priorityClassName | Priority class for the server | `""` | -| server.rbacConfigAnnotations | RBAC configmap annotations | `{}` | -| server.rbacConfig | [Argo CD RBAC policy](https://argoproj.github.io/argo-cd/operator-manual/rbac/) | `{}` | -| server.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | -| server.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| server.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| server.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| server.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| server.replicas | The number of server pods to run | `1` | -| server.resources | Resource limits and requests for the server | `{}` | -| server.service.annotations | Server service annotations | `{}` | -| server.service.labels | Server service labels | `{}` | -| server.service.servicePortHttp | Server service http port | `80` | -| server.service.servicePortHttps | Server service https port | `443` | -| server.service.servicePortHttpName | Server service http port name, can be used to route traffic via istio | `http` | -| server.service.servicePortHttpsName | Server service https port name, can be used to route traffic via istio | `https` | -| server.service.nodePortHttp | Server service http port for NodePort service type| `30080` | -| server.service.servicePortHttps | Server service http port for NodePort service type | `30443` | -| server.service.loadBalancerSourceRanges | Source IP ranges to allow access to service from. | `[]` | -| server.service.externalIPs | Server service external IPs. | `[]` | -| server.service.type | Server service type | `"ClusterIP"` | -| server.serviceAccount.annotations | Server service account annotations | `{}` | -| server.serviceAccount.automountServiceAccountToken | Automount API credentials for the Service Account | `true` | -| server.serviceAccount.create | Create server service account | `true` | -| server.serviceAccount.name | Server service account name | `"argocd-server"` | -| server.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| server.volumeMounts | Server volume mounts | `[]` | -| server.volumes | Server volumes | `[]` | +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| server.GKEbackendConfig.enabled | bool | `false` | Enable BackendConfig custom resource for Google Kubernetes Engine | +| server.GKEbackendConfig.spec | object | `{}` | [BackendConfigSpec] | +| server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | +| server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | +| server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo CD server [HPA] | +| server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | +| server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | +| server.certificate.additionalHosts | list | `[]` | Certificate manager additional hosts | +| server.certificate.domain | string | `"argocd.example.com"` | Certificate manager domain | +| server.certificate.enabled | bool | `false` | Enables a certificate manager certificate | +| server.certificate.issuer.kind | string | `nil` | Certificate manager issuer | +| server.certificate.issuer.name | string | `nil` | Certificate manager name | +| server.certificate.secretName | string | `"argocd-server-tls"` | Certificate manager secret name | +| server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | +| server.config | object | See [values.yaml] | [General Argo CD configuration] | +| server.configAnnotations | object | `{}` | Annotations to be added to ArgoCD ConfigMap | +| server.configEnabled | bool | `true` | Manage ArgoCD configmap (Declarative Setup) | +| server.containerPort | int | `8080` | Configures the server port | +| server.containerSecurityContext | object | `{}` | Servers container-level security context | +| server.env | list | `[]` | Environment variables to pass to Argo CD server | +| server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | +| server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | +| server.extraContainers | list | `[]` | Additional containers to be added to the server pod | +| server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server | +| server.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Argo CD server | +| server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server | +| server.ingress.annotations | object | `{}` | Additional ingress annotations | +| server.ingress.enabled | bool | `false` | Enable an ingress resource for the Argo CD server | +| server.ingress.extraPaths | list | `[]` | Additional ingress paths | +| server.ingress.hosts | list | `[]` | List of ingress hosts | +| server.ingress.https | bool | `false` | Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` | +| server.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | +| server.ingress.labels | object | `{}` | Additional ingress labels | +| server.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | +| server.ingress.paths | list | `["/"]` | List of ingress paths | +| server.ingress.tls | list | `[]` | Ingress TLS configuration | +| server.ingressGrpc.annotations | object | `{}` | Additional ingress annotations for dedicated [gRPC-ingress] | +| server.ingressGrpc.awsALB.backendProtocolVersion | string | `"HTTP2"` | Backend protocol version for the AWS ALB gRPC service | +| server.ingressGrpc.awsALB.serviceType | string | `"NodePort"` | Service type for the AWS ALB gRPC service | +| server.ingressGrpc.enabled | bool | `false` | Enable an ingress resource for the Argo CD server for dedicated [gRPC-ingress] | +| server.ingressGrpc.extraPaths | list | `[]` | Additional ingress paths for dedicated [gRPC-ingress] | +| server.ingressGrpc.hosts | list | `[]` | List of ingress hosts for dedicated [gRPC-ingress] | +| server.ingressGrpc.https | bool | `false` | Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` | +| server.ingressGrpc.ingressClassName | string | `""` | Defines which ingress controller will implement the resource [gRPC-ingress] | +| server.ingressGrpc.isAWSALB | bool | `false` | Setup up gRPC ingress to work with an AWS ALB | +| server.ingressGrpc.labels | object | `{}` | Additional ingress labels for dedicated [gRPC-ingress] | +| server.ingressGrpc.pathType | string | `"Prefix"` | Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` | +| server.ingressGrpc.paths | list | `["/"]` | List of ingress paths for dedicated [gRPC-ingress] | +| server.ingressGrpc.tls | list | `[]` | Ingress TLS configuration for dedicated [gRPC-ingress] | +| server.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for your argo-cd-server container | +| server.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| server.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| server.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| server.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| server.logFormat | string | `"text"` | Argo CD server log format: Either `text` or `json` | +| server.logLevel | string | `"info"` | Argo CD server log level | +| server.metrics.enabled | bool | `false` | Deploy metrics service | +| server.metrics.service.annotations | object | `{}` | Metrics service annotations | +| server.metrics.service.labels | object | `{}` | Metrics service labels | +| server.metrics.service.servicePort | int | `8083` | Metrics service port | +| server.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| server.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| server.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| server.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| server.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| server.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| server.name | string | `"server"` | Argo CD server name | +| server.nodeSelector | object | `{}` | [Node selector] | +| server.podAnnotations | object | `{}` | Annotations to be added to server pods | +| server.podLabels | object | `{}` | Labels to be added to server pods | +| server.priorityClassName | string | `""` | Priority class for the Argo CD server | +| server.rbacConfig | object | `{}` | ArgoCD rbac config ([ArgoCD RBAC policy]) | +| server.rbacConfigAnnotations | object | `{}` | Annotations to be added to ArgoCD rbac ConfigMap | +| server.rbacConfigCreate | bool | `true` | Whether or not to create the configmap. If false, it is expected the configmap will be created by something else. ArgoCD will not work if there is no configMap created with the name above. | +| server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| server.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| server.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| server.replicas | int | `1` | The number of server pods to run | +| server.resources | object | `{}` | Resource limits and requests for the Argo CD server | +| server.route.enabled | bool | `false` | Enable a OpenShift route for the Argo CD server | +| server.route.hostname | string | `""` | Hostname of OpenShift route | +| server.service.annotations | object | `{}` | Server service annotations | +| server.service.externalIPs | list | `[]` | Server service external IPs | +| server.service.externalTrafficPolicy | string | `""` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints | +| server.service.labels | object | `{}` | Server service labels | +| server.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | +| server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | +| server.service.namedTargetPort | bool | `true` | Use named target port for argocd | +| server.service.nodePortHttp | int | `30080` | Server service http port for NodePort service type (only if `server.service.type` is set to "NodePort") | +| server.service.nodePortHttps | int | `30443` | Server service https port for NodePort service type (only if `server.service.type` is set to "NodePort") | +| server.service.servicePortHttp | int | `80` | Server service http port | +| server.service.servicePortHttpName | string | `"http"` | Server service http port name, can be used to route traffic via istio | +| server.service.servicePortHttps | int | `443` | Server service https port | +| server.service.servicePortHttpsName | string | `"https"` | Server service https port name, can be used to route traffic via istio | +| server.service.sessionAffinity | string | `""` | Used to maintain session affinity. Supports `ClientIP` and `None` | +| server.service.type | string | `"ClusterIP"` | Server service type | +| server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| server.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| server.serviceAccount.create | bool | `true` | Create server service account | +| server.serviceAccount.name | string | `"argocd-server"` | Server service account name | +| server.staticAssets.enabled | bool | `true` | Disable deprecated flag `--staticassets` | +| server.tolerations | list | `[]` | [Tolerations] for use with node taints | +| server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | +| server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | +| server.volumes | list | `[]` | Additional volumes to the server pod | ## Dex -| Property | Description | Default | -|-----|---------|-------------| -| dex.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | -| dex.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | -| dex.containerPortGrpc | GRPC container port | `5557` | -| dex.containerPortHttp | HTTP container port | `5556` | -| dex.enabled | Enable dex | `true` | -| dex.image.imagePullPolicy | Dex imagePullPolicy | `"IfNotPresent"` | -| dex.image.repository | Dex image repository | `"quay.io/dexidp/dex"` | -| dex.image.tag | Dex image tag | `"v2.14.0"` | -| dex.initImage.repository | Argo CD init image repository. | `global.image.repository` | -| dex.initImage.imagePullPolicy | Argo CD init image imagePullPolicy | `global.image.imagePullPolicy` | -| dex.initImage.tag | Argo CD init image tag | `global.image.tag` | -| dex.metrics.enabled | Deploy metrics service | `false` | -| dex.metrics.service.annotations | Metrics service annotations | `{}` | -| dex.metrics.service.labels | Metrics service labels | `{}` | -| dex.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` | -| dex.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` | -| dex.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | -| dex.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | -| dex.name | Dex name | `"dex-server"` | -| dex.extraContainers | Additional containers for the Dex server. A list of containers. | `[]` | -| dex.env | Environment variables for the Dex server. | `[]` | -| dex.envFrom | `envFrom` to pass to the Dex server. | `[]` (See [values.yaml](values.yaml)) | -| dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | -| dex.podAnnotations | Annotations for the Dex server pods | `{}` | -| dex.podLabels | Labels for the Dex server pods | `{}` | -| dex.livenessProbe.enabled | Enable Kubernetes liveness probe for Dex >= 2.28.0 | `false` | -| dex.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | -| dex.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` | -| dex.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| dex.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| dex.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| dex.readinessProbe.enabled | Enable Kubernetes readiness probe for Dex >= 2.28.0 | `false` | -| dex.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` | -| dex.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) |`10` | -| dex.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` | -| dex.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| dex.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` | -| dex.priorityClassName | Priority class for dex | `""` | -| dex.resources | Resource limits and requests for dex | `{}` | -| dex.serviceAccount.automountServiceAccountToken | Automount API credentials for the Service Account | `true` | -| dex.serviceAccount.create | Create dex service account | `true` | -| dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` | -| dex.servicePortGrpc | Server GRPC port | `5557` | -| dex.servicePortGrpcName | Server GRPC port name | `grpc` | -| dex.servicePortHttp | Server HTTP port | `5556` | -| dex.servicePortHttpName | Server GRPC port name | `http` | -| dex.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| dex.volumeMounts | Dex volume mounts | `"/shared"` | -| dex.volumes | Dex volumes | `{}` | -| dex.extraVolumeMounts | Extra dex volume mounts | `[]` | -| dex.extraVolumes | Extra dex volumes | `[]` | +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| dex.containerPortGrpc | int | `5557` | Container port for gRPC access | +| dex.containerPortHttp | int | `5556` | Container port for HTTP access | +| dex.containerPortMetrics | int | `5558` | Container port for metrics access | +| dex.containerSecurityContext | object | `{}` | Dex container-level security context | +| dex.enabled | bool | `true` | Enable dex | +| dex.env | list | `[]` | Environment variables to pass to the Dex server | +| dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | +| dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | +| dex.extraVolumeMounts | list | `[]` | Extra volumeMounts to the dex pod | +| dex.extraVolumes | list | `[]` | Extra volumes to the dex pod | +| dex.image.imagePullPolicy | string | `"IfNotPresent"` | Dex imagePullPolicy | +| dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | +| dex.image.tag | string | `"v2.30.0"` | Dex image tag | +| dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | +| dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | +| dex.initImage.tag | string | `""` (defaults to global.image.tag) | Argo CD init image tag | +| dex.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Dex >= 2.28.0 | +| dex.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| dex.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| dex.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| dex.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| dex.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| dex.metrics.enabled | bool | `false` | Deploy metrics service | +| dex.metrics.service.annotations | object | `{}` | Metrics service annotations | +| dex.metrics.service.labels | object | `{}` | Metrics service labels | +| dex.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| dex.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| dex.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| dex.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| dex.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| dex.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| dex.name | string | `"dex-server"` | Dex name | +| dex.nodeSelector | object | `{}` | [Node selector] | +| dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods | +| dex.podLabels | object | `{}` | Labels to be added to the Dex server pods | +| dex.priorityClassName | string | `""` | Priority class for dex | +| dex.readinessProbe.enabled | bool | `false` | Enable Kubernetes readiness probe for Dex >= 2.28.0 | +| dex.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| dex.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| dex.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| dex.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| dex.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| dex.resources | object | `{}` | Resource limits and requests for dex | +| dex.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| dex.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| dex.serviceAccount.create | bool | `true` | Create dex service account | +| dex.serviceAccount.name | string | `"argocd-dex-server"` | Dex service account name | +| dex.servicePortGrpc | int | `5557` | Service port for gRPC access | +| dex.servicePortGrpcName | string | `"grpc"` | Service port name for gRPC access | +| dex.servicePortHttp | int | `5556` | Service port for HTTP access | +| dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access | +| dex.servicePortMetrics | int | `5558` | Service port for metrics access | +| dex.tolerations | list | `[]` | [Tolerations] for use with node taints | +| dex.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to dex | +| dex.volumeMounts | list | `[{"mountPath":"/shared","name":"static-files"}]` | Additional volumeMounts to the dex main container | +| dex.volumes | list | `[{"emptyDir":{},"name":"static-files"}]` | Additional volumes to the dex pod | ## Redis -When Redis is completely disabled from the chart (`redis.enabled=false`) and -an external Redis instance wants to be used or -when Redis HA subcart is enabled (`redis.enabled=true and redis-ha.enabled=true`) -but HA proxy is disabled `redis-ha.haproxy.enabled=false` Redis flags need to be specified -through `xxx.extraArgs` - -| Parameter | Description | Default | -|-----|---------|-------------| -| redis.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | -| redis.topologySpreadConstraints | [Assign custom topologySpreadConstraints rules to the deployment](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | `[]` | -| redis.containerPort | Redis container port | `6379` | -| redis.enabled | Enable redis | `true` | -| redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` | -| redis.image.repository | Redis repository | `"redis"` | -| redis.image.tag | Redis tag | `"6.2.1-alpine"` | -| redis.extraArgs | Additional arguments for the `redis-server`. A list of flags. | `[]` | -| redis.extraContainers | Additional containers for the redis. A list of containers. | `[]` | -| redis.name | Redis name | `"redis"` | -| redis.env | Environment variables for the Redis server. | `[]` | -| redis.envFrom | `envFrom` to pass to the Redis server. | `[]` (See [values.yaml](values.yaml)) | -| redis.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | -| redis.podAnnotations | Annotations for the Redis server pods | `{}` | -| redis.podLabels | Labels for the Redis server pods | `{}` | -| redis.priorityClassName | Priority class for redis | `""` | -| redis.resources | Resource limits and requests for redis | `{}` | -| redis.securityContext | Redis Pod Security Context | See [values.yaml](values.yaml) | -| redis.servicePort | Redis service port | `6379` | -| redis.service.annotations | Redis service annotations | `{}` | -| redis.service.labels | Additional redis service labels | `{}` | -| redis.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | -| redis.metrics.enabled | Deploy metrics service and redis-exporter sidecar | `false` | -| redis.metrics.image.repository | redis-exporter image repository | `quay.io/bitnami/redis-exporter` | -| redis.metrics.image.tag | redis-exporter image tag | `1.26.0-debian-10-r2` | -| redis.metrics.image.imagePullPolicy | redis-exporter image PullPolicy | `IfNotPresent` | -| redis.metrics.containerPort | Port to use for redis-exporter sidecar | `9121` | -| redis.metrics.resources | Resource limits and requests for redis-exporter sidecar | `{}` | -| redis.metrics.service.type | Metrics service type | `ClusterIP` | -| redis.metrics.service.clusterIP | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | `None` | -| redis.metrics.service.annotations | Metrics service annotations | `{}` | -| redis.metrics.service.labels | Metrics service labels | `{}` | -| redis.metrics.service.servicePort | Metrics service port | `9121` | -| redis.metrics.service.portName | Metrics service port name | `http-metrics` | -| redis.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor | `false` | -| redis.metrics.serviceMonitor.interval | Interval at which metrics should be scraped | `30s` | -| redis.metrics.serviceMonitor.relabelings | Prometheus [RelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before scraping | `[]` | -| redis.metrics.serviceMonitor.metricRelabelings | Prometheus [MetricRelabelConfigs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion | `[]` | -| redis.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector labels | `{}` | -| redis.metrics.serviceMonitor.namespace | Prometheus ServiceMonitor namespace | `` | -| redis.metrics.serviceMonitor.additionalLabels | Additional labels to add to the Prometheus ServiceMonitor | `{}` | -| redis-ha | Configures [Redis HA subchart](https://github.com/DandyDeveloper/charts/tree/master/charts/redis-ha) The properties below have been changed from the subchart defaults | | -| redis-ha.enabled | Enables the Redis HA subchart and disables the custom Redis single node deployment| `false` | -| redis-ha.exporter.enabled | If `true`, the prometheus exporter sidecar is enabled | `true` | -| redis-ha.persistentVolume.enabled | Configures persistency on Redis nodes | `false` -| redis-ha.redis.masterGroupName | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | `argocd` -| redis-ha.redis.config | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | `` | -| redis-ha.redis.config.save | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | `""` | -| redis-ha.haproxy.enabled | Enabled HAProxy LoadBalancing/Proxy | `true` | -| redis-ha.haproxy.metrics.enabled | HAProxy enable prometheus metric scraping | `true` | -| redis-ha.image.tag | Redis tag | `"6.2.1-alpine"` | - -[gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ - +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| redis.containerPort | int | `6379` | Redis container port | +| redis.containerSecurityContext | object | `{}` | Redis container-level security context | +| redis.enabled | bool | `true` | Enable redis | +| redis.env | list | `[]` | Environment variables to pass to the Redis server | +| redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | +| redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | +| redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | +| redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | +| redis.image.repository | string | `"redis"` | Redis repository | +| redis.image.tag | string | `"6.2.4-alpine"` | Redis tag | +| redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | +| redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | +| redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | +| redis.metrics.image.repository | string | `"quay.io/bitnami/redis-exporter"` | redis-exporter image repository | +| redis.metrics.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | +| redis.metrics.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | +| redis.metrics.service.annotations | object | `{}` | Metrics service annotations | +| redis.metrics.service.clusterIP | string | `"None"` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | +| redis.metrics.service.labels | object | `{}` | Metrics service labels | +| redis.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | +| redis.metrics.service.servicePort | int | `9121` | Metrics service port | +| redis.metrics.service.type | string | `"ClusterIP"` | Metrics service type | +| redis.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| redis.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| redis.metrics.serviceMonitor.interval | string | `"30s"` | Interval at which metrics should be scraped | +| redis.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| redis.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| redis.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| redis.name | string | `"redis"` | Redis name | +| redis.nodeSelector | object | `{}` | [Node selector] | +| redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods | +| redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | +| redis.priorityClassName | string | `""` | Priority class for redis | +| redis.resources | object | `{}` | Resource limits and requests for redis | +| redis.securityContext | object | `{"runAsNonRoot":true,"runAsUser":999}` | Redis pod-level security context | +| redis.service.annotations | object | `{}` | Redis service annotations | +| redis.service.labels | object | `{}` | Additional redis service labels | +| redis.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| redis.serviceAccount.automountServiceAccountToken | bool | `false` | Automount API credentials for the Service Account | +| redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod | +| redis.serviceAccount.name | string | `""` | Service account name for redis pod | +| redis.servicePort | int | `6379` | Redis service port | +| redis.tolerations | list | `[]` | [Tolerations] for use with node taints | +| redis.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to redis | +| redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | +| redis.volumes | list | `[]` | Additional volumes to the redis pod | +| redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | +| redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | +| redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | +| redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | +| redis-ha.image.tag | string | `"6.2.4-alpine"` | Redis tag | +| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | +| redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | +| redis-ha.redis.config.save | string | `"\"\""` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | +| redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | ### Using AWS ALB Ingress Controller With GRPC + If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. Example: + ```yaml server: ingress: @@ -577,3 +623,22 @@ server: serviceType: ClusterIP ``` + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) + +[ArgoCD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ +[external cluster credentials]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters +[General Argo CD configuration]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories +[gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ +[HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ +[MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes +[RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ +[values.yaml]: values.yaml diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl new file mode 100644 index 00000000..608700a1 --- /dev/null +++ b/charts/argo-cd/README.md.gotmpl @@ -0,0 +1,293 @@ +# Argo CD Chart + +A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. + +Source code can be found [here](https://argoproj.github.io/argo-cd/) + +## Additional Information + +This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes. + +The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases). + +## High Availability + +This chart installs the non-HA version of ArgoCD by default. If you want to run ArgoCD in HA mode, you can use one of the example values in the next sections. +Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of ArgoCD works in detail. + +> **Warning:** +> You need at least 3 worker nodes as the HA mode of redis enforces Pods to run on separate nodes. + +### HA mode with autoscaling + +```yaml +redis-ha: + enabled: true + +controller: + enableStatefulSet: true + +server: + autoscaling: + enabled: true + minReplicas: 2 + +repoServer: + autoscaling: + enabled: true + minReplicas: 2 +``` + +### HA mode without autoscaling + +```yaml +redis-ha: + enabled: true + +controller: + enableStatefulSet: true + +server: + replicas: 2 + env: + - name: ARGOCD_API_SERVER_REPLICAS + value: '2' + +repoServer: + replicas: 2 +``` + +### Synchronizing Changes from Original Repository + +In the original [ArgoCD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). + +When installing ArgoCD using this helm chart the user should have a similar experience and configuration rolled out. Hence, it makes sense to try to achieve a similar output of rendered `.yaml` resources when calling `helm template` using the default settings in `values.yaml`. + +To update the templates and default settings in `values.yaml` it may come in handy to look up the diff of the `manifests/install.yaml` between two versions accordingly. This can either be done directly via github and look for `manifests/install.yaml`: + +https://github.com/argoproj/argo-cd/compare/v1.8.7...v2.0.0#files_bucket + +Or you clone the repository and do a local `git-diff`: + +```bash +git clone https://github.com/argoproj/argo-cd.git +cd argo-cd +git diff v1.8.7 v2.0.0 -- manifests/install.yaml +``` + +Changes in the `CustomResourceDefinition` resources shall be fixed easily by copying 1:1 from the [`manifests/crds` folder](https://github.com/argoproj/argo-cd/tree/master/manifests/crds) into this [`charts/argo-cd/crds` folder](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd/crds). + +## Upgrading + +### 3.13.0 + +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field + +### 3.10.2 + +ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default +It can be re-enabled by setting `server.staticAssets.enabled` to true + +### 3.8.1 + +This bugfix version potentially introduces a rename (and recreation) of one or more ServiceAccounts. It _only happens_ when you use one of these customization: + +```yaml +# Case 1) - only happens when you do not specify a custom name (repoServer.serviceAccount.name) +repoServer: + serviceAccount: + create: true + +# Case 2) +controller: + serviceAccount: + name: "" # or + +# Case 3) +dex: + serviceAccount: + name: "" # or + +# Case 4) +server: + serviceAccount: + name: "" # or +``` + +Please check if you are affected by one of these cases **before you upgrade**, especially when you use **cloud IAM roles for service accounts.** (eg. IRSA on AWS or Workload Identity for GKE) + +### 3.2.* + +With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). +[Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an ArgoCD instance**, +especially deploying on clusters running a cluster version prior to `1.19` (which misses `Ingress` on apiVersion `networking.k8s.io/v1`). + +If you are running a cluster version prior to `1.19` you can avoid this issue by directly installing chart version `3.6.0` and setting `kubeVersionOverride` like: + +```yaml +kubeVersionOverride: "1.18.0" +``` + +Then you should no longer encounter this issue. + + +### 3.0.0 and above + +Helm apiVersion switched to `v2`. Requires Helm `3.0.0` or above to install. [Read More](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/) on how to migrate your release from Helm 2 to Helm 3. + +### 2.14.7 and above + +The `matchLabels` key in the ArgoCD Application Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. + +### 2.10.x to 2.11.0 + +The application controller is now available as a `StatefulSet` when the `controller.enableStatefulSet` flag is set to true. Depending on your Helm deployment this may be a downtime or breaking change if enabled when using HA and will become the default in 3.x. + +### 1.8.7 to 2.x.x + +`controller.extraArgs`, `repoServer.extraArgs` and `server.extraArgs` are now arrays of strings instead of a map + +What was + +```yaml +server: + extraArgs: + insecure: "" +``` + +is now + +```yaml +server: + extraArgs: + - --insecure +``` + +## Prerequisites + +- Kubernetes 1.7+ +- Helm v3.0.0+ + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install --name my-release argo/argo-cd +NAME: my-release +... +``` + +## General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if not (or (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) ) }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} + {{- if hasPrefix "server.additional" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## ArgoCD Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "controller" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Argo Repo Server + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "repoServer" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Argo Server + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if and (hasPrefix "server" .Key) (not (hasPrefix "server.additional" .Key)) }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Dex + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "dex" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Redis + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "redis." .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} +{{- range .Values }} + {{- if hasPrefix "redis-ha" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + + + +### Using AWS ALB Ingress Controller With GRPC + +If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. + +Example: + +```yaml +server: + ingress: + enabled: true + annotations: + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + alb.ingress.kubernetes.io/scheme: internal + alb.ingress.kubernetes.io/target-type: ip + ingressGrpc: + enabled: true + isAWSALB: true + awsALB: + serviceType: ClusterIP + +``` + +{{ template "helm-docs.versionFooter" . }} + +[ArgoCD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ +[external cluster credentials]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters +[General Argo CD configuration]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories +[gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ +[HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ +[MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes +[RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ +[values.yaml]: values.yaml diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9f9f7c08..f6fae196 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1,101 +1,125 @@ ## ArgoCD configuration ## Ref: https://github.com/argoproj/argo-cd ## + +# -- Provide a name in place of `argocd` nameOverride: argocd +# -- String to fully override `"argo-cd.fullname"` fullnameOverride: "" +# -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" global: image: + # -- If defined, a repository applied to all ArgoCD deployments repository: quay.io/argoproj/argocd + # -- If defined, a tag applied to all ArgoCD deployments tag: v2.1.4 + # -- If defined, a imagePullPolicy applied to all ArgoCD deployments imagePullPolicy: IfNotPresent - ## Annotations applied to all pods + # -- Annotations for the all deployed pods podAnnotations: {} - ## Labels applied to all pods + # -- Labels for the all deployed pods podLabels: {} + # -- Toggle and define securityContext. See [values.yaml] securityContext: {} # runAsUser: 999 # runAsGroup: 999 # fsGroup: 999 + + # -- If defined, uses a Secret to pull an image from a private Docker registry or repository imagePullSecrets: [] + # -- Mapping between IP and hostnames that will be injected as entries in the pod's hosts files hostAliases: [] # - ip: 10.20.30.40 # hostnames: # - git.myhostname networkPolicy: + # -- Create NetworkPolicy objects for all components create: false + # -- Default deny all ingress traffic defaultDenyIngress: false # Override APIVersions # If you want to template helm charts but cannot access k8s API server # you can set api versions here apiVersionOverrides: + # -- String to override apiVersion of certmanager resources rendered by this helm chart certmanager: "" # cert-manager.io/v1 + # -- String to override apiVersion of ingresses rendered by this helm chart ingress: "" # networking.k8s.io/v1beta1 -## Create clusterroles that extend existing clusterroles to interact with argo-cd crds +# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: false ## Controller controller: + # -- Application controller name string name: application-controller image: - repository: # defaults to global.image.repository - tag: # defaults to global.image.tag - imagePullPolicy: # IfNotPresent + # -- Repository to use for the application controller + # @default -- `""` (defaults to global.image.repository) + repository: "" + # -- Tag to use for the application controller + # @default -- `""` (defaults to global.image.tag) + tag: "" + # -- Image pull policy for the application controller + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" - # If changing the number of replicas you must pass the number as ARGOCD_CONTROLLER_REPLICAS as an environment variable + # -- The number of application controller pods to run. + # If changing the number of replicas you must pass the number as `ARGOCD_CONTROLLER_REPLICAS` as an environment variable replicas: 1 - # Deploy the application as a StatefulSet instead of a Deployment, this is required for HA capability. + # -- Deploy the application controller as a StatefulSet instead of a Deployment, this is required for HA capability. # This is a feature flag that will become the default in chart version 3.x enableStatefulSet: false - ## Argo controller commandline flags + ## Application controller commandline flags args: + # -- define the application controller `--status-processors` statusProcessors: "20" + # -- define the application controller `--operation-processors` operationProcessors: "10" + # -- define the application controller `--app-resync` appResyncPeriod: "180" + # -- define the application controller `--self-heal-timeout-seconds` selfHealTimeout: "5" + # -- define the application controller `--repo-server-timeout-seconds` repoServerTimeoutSeconds: "60" - ## Argo controller log format: text|json + # -- Application controller log format. Either `text` or `json` logFormat: text - ## Argo controller log level + # -- Application controller log level logLevel: info - ## Additional command line arguments to pass to argocd-controller - ## + # -- Additional command line arguments to pass to application controller extraArgs: [] - ## Environment variables to pass to argocd-controller - ## + # -- Environment variables to pass to application controller env: [] # - name: "ARGOCD_CONTROLLER_REPLICAS" # value: "" - ## envFrom to pass to argocd-controller - ## + # -- envFrom to pass to application controller + # @default -- `[]` (See [values.yaml]) envFrom: [] # - configMapRef: # name: config-map-name # - secretRef: # name: secret-name - ## Annotations to be added to controller pods - ## + # -- Annotations to be added to application controller pods podAnnotations: {} - ## Labels to be added to controller pods - ## + # -- Labels to be added to application controller pods podLabels: {} - ## Labels to set container specific security contexts + # -- Application controller container-level security context containerSecurityContext: {} # capabilities: @@ -104,55 +128,71 @@ controller: # readOnlyRootFilesystem: true # runAsNonRoot: true - ## Configures the controller port + # -- Application controller listening port containerPort: 8082 ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ ## readinessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed successThreshold: 1 + # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 livenessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed successThreshold: 1 + # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - ## Additional volumeMounts to the controller main container. + # -- Additional volumeMounts to the application controller main container volumeMounts: [] - ## Additional volumes to the controller pod. + # -- Additional volumes to the application controller pod volumes: [] ## Controller service configuration service: + # -- Application controller service annotations annotations: {} + # -- Application controller service labels labels: {} + # -- Application controller service port port: 8082 + # -- Application controller service port name portName: https-controller - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} - # Pod Topology Spread Constraints - # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + # -- Assign custom [TopologySpreadConstraints] rules to the application controller + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Priority class for the application controller pods priorityClassName: "" + # -- Resource limits and requests for the application controller pods resources: {} # limits: # cpu: 500m @@ -162,31 +202,47 @@ controller: # memory: 256Mi serviceAccount: + # -- Create a service account for the application controller create: true + # -- Service account name name: argocd-application-controller - ## Annotations applied to created service account + # -- Annotations applied to created service account annotations: {} - ## Automount API credentials for the Service Account + # -- Automount API credentials for the Service Account automountServiceAccountToken: true - ## Server metrics controller configuration + ## Application controller metrics configuration metrics: + # -- Deploy metrics service enabled: false service: + # -- Metrics service annotations annotations: {} + # -- Metrics service labels labels: {} + # -- Metrics service port servicePort: 8082 serviceMonitor: + # -- Enable a prometheus ServiceMonitor enabled: false + # -- Prometheus ServiceMonitor interval interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion metricRelabelings: [] - # selector: - # prometheus: kube-prometheus - # namespace: monitoring - # additionalLabels: {} + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "" # "monitoring" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} rules: + # -- Deploy a PrometheusRule for the application controller enabled: false + # -- PrometheusRule.Spec for the application controller spec: [] # - alert: ArgoAppMissing # expr: | @@ -217,137 +273,181 @@ controller: # namespace: monitoring # additionalLabels: {} - ## Enable Admin ClusterRole resources. ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. clusterAdminAccess: + # -- Enable RBAC for local cluster deployments enabled: true - ## Enable Custom Rules for the Application Controller's Cluster Role resource + ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off clusterRoleRules: + # -- Enable custom rules for the application controller's ClusterRole resource enabled: false + # -- List of custom rules for the application controller's ClusterRole resource rules: [] - ## Additional containers to be added to the controller pod. + # -- Additional containers to be added to the application controller pod extraContainers: [] ## Dex dex: + # -- Enable dex enabled: true + # -- Dex name name: dex-server metrics: + # -- Deploy metrics service enabled: false service: + # -- Metrics service annotations annotations: {} + # -- Metrics service labels labels: {} serviceMonitor: + # -- Enable a prometheus ServiceMonitor enabled: false + # -- Prometheus ServiceMonitor interval interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion metricRelabelings: [] - # selector: - # prometheus: kube-prometheus - # namespace: monitoring - # additionalLabels: {} + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "" # "monitoring" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} image: + # -- Dex image repository repository: ghcr.io/dexidp/dex + # -- Dex image tag tag: v2.30.0 + # -- Dex imagePullPolicy imagePullPolicy: IfNotPresent initImage: - repository: - tag: - imagePullPolicy: + # -- Argo CD init image repository + # @default -- `""` (defaults to global.image.repository) + repository: "" + # -- Argo CD init image tag + # @default -- `""` (defaults to global.image.tag) + tag: "" + # -- Argo CD init image imagePullPolicy + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" - ## Environment variables to pass to the Dex server - ## + # -- Environment variables to pass to the Dex server env: [] - ## envFrom to pass to the Dex server + # -- envFrom to pass to the Dex server + # @default -- `[]` (See [values.yaml]) envFrom: [] # - configMapRef: # name: config-map-name # - secretRef: # name: secret-name - ## Annotations to be added to the Dex server pods - ## + # -- Annotations to be added to the Dex server pods podAnnotations: {} - ## Labels to be added to the Dex server pods - ## + # -- Labels to be added to the Dex server pods podLabels: {} ## Probes for Dex server ## Supported from Dex >= 2.28.0 livenessProbe: + # -- Enable Kubernetes liveness probe for Dex >= 2.28.0 enabled: false + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed successThreshold: 1 + # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 readinessProbe: + # -- Enable Kubernetes readiness probe for Dex >= 2.28.0 enabled: false + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed successThreshold: 1 + # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 serviceAccount: + # -- Create dex service account create: true + # -- Dex service account name name: argocd-dex-server - ## Annotations applied to created service account + # -- Annotations applied to created service account annotations: {} - ## Automount API credentials for the Service Account + # -- Automount API credentials for the Service Account automountServiceAccountToken: true - ## Additional volumeMounts to the controller main container. + # -- Additional volumeMounts to the dex main container volumeMounts: - name: static-files mountPath: /shared - ## Additional volumes to the controller pod. + # -- Additional volumes to the dex pod volumes: - name: static-files emptyDir: {} - ## Extra volumes to the controller pod. + # -- Extra volumes to the dex pod extraVolumes: [] - ## Extra volumeMounts to the controller pod. + # -- Extra volumeMounts to the dex pod extraVolumeMounts: [] - ## Dex deployment container ports + # -- Container port for HTTP access containerPortHttp: 5556 + # -- Service port for HTTP access servicePortHttp: 5556 + # -- Service port name for HTTP access servicePortHttpName: http + # -- Container port for gRPC access containerPortGrpc: 5557 + # -- Service port for gRPC access servicePortGrpc: 5557 + # -- Service port name for gRPC access servicePortGrpcName: grpc + # -- Container port for metrics access containerPortMetrics: 5558 + # -- Service port for metrics access servicePortMetrics: 5558 - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} - # Pod Topology Spread Constraints - # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + # -- Assign custom [TopologySpreadConstraints] rules to dex + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Priority class for dex priorityClassName: "" - ## Labels to set container specific security contexts + # -- Dex container-level security context containerSecurityContext: {} # capabilities: @@ -355,6 +455,7 @@ dex: # - all # readOnlyRootFilesystem: true +# -- Resource limits and requests for dex resources: {} # limits: # cpu: 50m @@ -363,66 +464,70 @@ dex: # cpu: 10m # memory: 32Mi - ## Additional containers to be added to the dex pod. + # -- Additional containers to be added to the dex pod extraContainers: [] ## Redis redis: + # -- Enable redis enabled: true + # -- Redis name name: redis image: + # -- Redis repository repository: redis + # -- Redis tag tag: 6.2.4-alpine + # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent - ## Additional command line arguments to pass to redis-server - ## + # -- Additional command line arguments to pass to redis-server extraArgs: [] # - --bind # - "0.0.0.0" + # -- Redis container port containerPort: 6379 + # -- Redis service port servicePort: 6379 - ## Environment variables to pass to the Redis server - ## + # -- Environment variables to pass to the Redis server env: [] - ## envFrom to pass to the Redis server - ## + # -- envFrom to pass to the Redis server + # @default -- `[]` (See [values.yaml]) envFrom: [] # - configMapRef: # name: config-map-name # - secretRef: # name: secret-name - ## Annotations to be added to the Redis server pods - ## + # -- Annotations to be added to the Redis server pods podAnnotations: {} - ## Labels to be added to the Redis server pods - ## + # -- Labels to be added to the Redis server pods podLabels: {} - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} - # Pod Topology Spread Constraints - # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + # -- Assign custom [TopologySpreadConstraints] rules to redis + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Priority class for redis priorityClassName: "" - ## Labels to set container specific security contexts + # -- Redis container-level security context containerSecurityContext: {} # capabilities: @@ -430,19 +535,22 @@ redis: # - all # readOnlyRootFilesystem: true - ## Redis Pod specific security context + # -- Redis pod-level security context securityContext: runAsNonRoot: true runAsUser: 999 serviceAccount: + # -- Create a service account for the redis pod create: false + # -- Service account name for redis pod name: "" - ## Annotations applied to created service account + # -- Annotations applied to created service account annotations: {} - ## Automount API credentials for the Service Account + # -- Automount API credentials for the Service Account automountServiceAccountToken: false + # -- Resource limits and requests for redis resources: {} # limits: # cpu: 200m @@ -451,23 +559,33 @@ redis: # cpu: 100m # memory: 64Mi + # -- Additional volumeMounts to the redis container volumeMounts: [] + # -- Additional volumes to the redis pod volumes: [] - ## Additional containers to be added to the redis pod. + # -- Additional containers to be added to the redis pod extraContainers: [] service: + # -- Redis service annotations annotations: {} + # -- Additional redis service labels labels: {} metrics: + # -- Deploy metrics service and redis-exporter sidecar enabled: false image: + # -- redis-exporter image repository repository: quay.io/bitnami/redis-exporter + # -- redis-exporter image tag tag: 1.26.0-debian-10-r2 + # -- redis-exporter image PullPolicy imagePullPolicy: IfNotPresent + # -- Port to use for redis-exporter sidecar containerPort: 9121 + # -- Resource limits and requests for redis-exporter sidecar resources: {} # limits: # cpu: 50m @@ -476,141 +594,185 @@ redis: # cpu: 10m # memory: 32Mi service: + # -- Metrics service type type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) clusterIP: None + # -- Metrics service annotations annotations: {} + # -- Metrics service labels labels: {} + # -- Metrics service port servicePort: 9121 + # -- Metrics service port name portName: http-metrics serviceMonitor: + # -- Enable a prometheus ServiceMonitor enabled: false + # -- Interval at which metrics should be scraped interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion metricRelabelings: [] + # -- Prometheus ServiceMonitor selector selector: {} # prometheus: kube-prometheus - # namespace: monitoring + + # -- Prometheus ServiceMonitor namespace + namespace: "" # "monitoring" + # -- Prometheus ServiceMonitor labels additionalLabels: {} # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted +# Check the redis-ha chart for more properties redis-ha: + # -- Enables the Redis HA subchart and disables the custom Redis single node deployment enabled: false - # Check the redis-ha chart for more properties exporter: + # -- If `true`, the prometheus exporter sidecar is enabled enabled: true persistentVolume: + # -- Configures persistency on Redis nodes enabled: false redis: + # -- Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated masterGroupName: argocd + # -- Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) + # @default -- See [values.yaml] config: + # -- Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled save: '""' haproxy: + # -- Enabled HAProxy LoadBalancing/Proxy enabled: true metrics: + # -- HAProxy enable prometheus metric scraping enabled: true image: + # -- Redis tag tag: 6.2.4-alpine ## Server server: + # -- Argo CD server name name: server + # -- The number of server pods to run replicas: 1 autoscaling: + # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server enabled: false + # -- Minimum number of replicas for the Argo CD server [HPA] minReplicas: 1 + # -- Maximum number of replicas for the Argo CD server [HPA] maxReplicas: 5 + # -- Average CPU utilization percentage for the Argo CD server [HPA] targetCPUUtilizationPercentage: 50 + # -- Average memory utilization percentage for the Argo CD server [HPA] targetMemoryUtilizationPercentage: 50 image: - repository: # defaults to global.image.repository - tag: # defaults to global.image.tag - imagePullPolicy: # IfNotPresent + # -- Repository to use for the Argo CD server + # @default -- `""` (defaults to global.image.repository) + repository: "" # defaults to global.image.repository + # -- Tag to use for the Argo CD server + # @default -- `""` (defaults to global.image.tag) + tag: "" # defaults to global.image.tag + # -- Image pull policy for the Argo CD server + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" # IfNotPresent - ## Additional command line arguments to pass to argocd-server - ## + # -- Additional command line arguments to pass to Argo CD server extraArgs: [] # - --insecure - # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the argocd-server app + # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the Argo CD server app staticAssets: + # -- Disable deprecated flag `--staticassets` enabled: true - ## Environment variables to pass to argocd-server - ## + # -- Environment variables to pass to Argo CD server env: [] - ## envFrom to pass to argocd-server - ## + # -- envFrom to pass to Argo CD server + # @default -- `[]` (See [values.yaml]) envFrom: [] # - configMapRef: # name: config-map-name # - secretRef: # name: secret-name - ## Specify postStart and preStop lifecycle hooks for your argo-cd-server container - ## + # -- Specify postStart and preStop lifecycle hooks for your argo-cd-server container lifecycle: {} - ## Argo server log format: text|json + # -- Argo CD server log format: Either `text` or `json` logFormat: text - ## Argo server log level + # -- Argo CD server log level logLevel: info - ## Annotations to be added to controller pods - ## + # -- Annotations to be added to server pods podAnnotations: {} - ## Labels to be added to controller pods - ## + # -- Labels to be added to server pods podLabels: {} - ## Configures the server port + # -- Configures the server port containerPort: 8080 ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ ## readinessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed successThreshold: 1 + # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 livenessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed successThreshold: 1 + # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - ## Additional volumeMounts to the server main container. + # -- Additional volumeMounts to the server main container volumeMounts: [] - ## Additional volumes to the controller pod. + # -- Additional volumes to the server pod volumes: [] - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} - # Pod Topology Spread Constraints - # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Priority class for the Argo CD server priorityClassName: "" - ## Labels to set container specific security contexts + # -- Servers container-level security context containerSecurityContext: {} # capabilities: @@ -618,6 +780,7 @@ server: # - all # readOnlyRootFilesystem: true + # -- Resource limits and requests for the Argo CD server resources: {} # limits: # cpu: 100m @@ -628,74 +791,118 @@ server: ## Certificate configuration certificate: + # -- Enables a certificate manager certificate enabled: false + # -- Certificate manager domain domain: argocd.example.com issuer: + # -- Certificate manager issuer kind: # ClusterIssuer + # -- Certificate manager name name: # letsencrypt + # -- Certificate manager additional hosts additionalHosts: [] + # -- Certificate manager secret name secretName: argocd-server-tls ## Server service configuration service: + # -- Server service annotations annotations: {} + # -- Server service labels labels: {} + # -- Server service type type: ClusterIP - ## For node port default ports + # -- Server service http port for NodePort service type (only if `server.service.type` is set to "NodePort") nodePortHttp: 30080 + # -- Server service https port for NodePort service type (only if `server.service.type` is set to "NodePort") nodePortHttps: 30443 + # -- Server service http port servicePortHttp: 80 + # -- Server service https port servicePortHttps: 443 + # -- Server service http port name, can be used to route traffic via istio servicePortHttpName: http + # -- Server service https port name, can be used to route traffic via istio servicePortHttpsName: https + # -- Use named target port for argocd + ## Named target ports are not supported by GCE health checks, so when deploying argocd on GKE + ## and exposing it via GCE ingress, the health checks fail and the load balancer returns a 502. namedTargetPort: true + # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" + # -- Source IP ranges to allow access to service from loadBalancerSourceRanges: [] + # -- Server service external IPs externalIPs: [] + # -- Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints externalTrafficPolicy: "" + # -- Used to maintain session affinity. Supports `ClientIP` and `None` sessionAffinity: "" ## Server metrics service configuration metrics: + # -- Deploy metrics service enabled: false service: + # -- Metrics service annotations annotations: {} + # -- Metrics service labels labels: {} + # -- Metrics service port servicePort: 8083 serviceMonitor: + # -- Enable a prometheus ServiceMonitor enabled: false + # -- Prometheus ServiceMonitor interval interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion metricRelabelings: [] - # selector: - # prometheus: kube-prometheus - # namespace: monitoring - # additionalLabels: {} + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "" # monitoring + # -- Prometheus ServiceMonitor labels + additionalLabels: {} serviceAccount: + # -- Create server service account create: true + # -- Server service account name name: argocd-server - ## Annotations applied to created service account + # -- Annotations applied to created service account annotations: {} - ## Automount API credentials for the Service Account + # -- Automount API credentials for the Service Account automountServiceAccountToken: true ingress: + # -- Enable an ingress resource for the Argo CD server enabled: false + # -- Additional ingress annotations annotations: {} + # -- Additional ingress labels labels: {} + # -- Defines which ingress controller will implement the resource ingressClassName: "" + # -- List of ingress hosts ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace - ## hosts: [] # - argocd.example.com + + # -- List of ingress paths paths: - / + # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix + # -- Additional ingress paths extraPaths: [] # - path: /* @@ -710,31 +917,44 @@ server: # name: ssl-redirect # port: # name: use-annotation + + # -- Ingress TLS configuration tls: [] # - secretName: argocd-tls-certificate # hosts: # - argocd.example.com + + # -- Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` https: false + # dedicated ingress for gRPC as documented at - # https://argoproj.github.io/argo-cd/operator-manual/ingress/ + # Ref: https://argoproj.github.io/argo-cd/operator-manual/ingress/ ingressGrpc: + # -- Enable an ingress resource for the Argo CD server for dedicated [gRPC-ingress] enabled: false + # -- Setup up gRPC ingress to work with an AWS ALB isAWSALB: false + # -- Additional ingress annotations for dedicated [gRPC-ingress] annotations: {} + # -- Additional ingress labels for dedicated [gRPC-ingress] labels: {} + # -- Defines which ingress controller will implement the resource [gRPC-ingress] ingressClassName: "" awsALB: + # -- Service type for the AWS ALB gRPC service ## Service Type if isAWSALB is set to true ## Can be of type NodePort or ClusterIP depending on which mode you are ## are running. Instance mode needs type NodePort, IP mode needs type ## ClusterIP ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic serviceType: NodePort - # This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features + # -- Backend protocol version for the AWS ALB gRPC service + ## This tells AWS to send traffic from the ALB using HTTP2. Can use gRPC as well if you want to leverage gRPC specific features backendProtocolVersion: HTTP2 + # -- List of ingress hosts for dedicated [gRPC-ingress] ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace @@ -742,9 +962,13 @@ server: hosts: [] # - argocd.example.com + + # -- List of ingress paths for dedicated [gRPC-ingress] paths: - / + # -- Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix + # -- Additional ingress paths for dedicated [gRPC-ingress] extraPaths: [] # - path: /* @@ -759,11 +983,15 @@ server: # name: ssl-redirect # port: # name: use-annotation + + # -- Ingress TLS configuration for dedicated [gRPC-ingress] tls: [] # - secretName: argocd-tls-certificate # hosts: # - argocd.example.com + + # -- Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` https: false # Create a OpenShift Route with SSL passthrough for UI and CLI @@ -771,12 +999,16 @@ server: # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: # If 'hostname' is an empty string "" OpenShift will create a hostname for you. route: + # -- Enable a OpenShift route for the Argo CD server enabled: false + # -- Hostname of OpenShift route hostname: "" - ## ArgoCD config - ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml + # -- Manage ArgoCD configmap (Declarative Setup) + ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml configEnabled: true + # -- [General Argo CD configuration] + # @default -- See [values.yaml] config: # Argo CD's externally facing base URL (optional). Required when configuring SSO url: https://argocd.example.com @@ -809,11 +1041,11 @@ server: # - profile # - email - ## Annotations to be added to ArgoCD ConfigMap + # -- Annotations to be added to ArgoCD ConfigMap configAnnotations: {} - ## ArgoCD rbac config - ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + # -- ArgoCD rbac config ([ArgoCD RBAC policy]) + ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbacConfig: {} # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). @@ -835,16 +1067,16 @@ server: # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. # scopes: '[cognito:groups, email]' - ## Annotations to be added to ArgoCD rbac ConfigMap + # -- Annotations to be added to ArgoCD rbac ConfigMap rbacConfigAnnotations: {} - # Boolean determining whether or not to create the configmap. If false, it is expected the configmap will be created + # -- Whether or not to create the configmap. If false, it is expected the configmap will be created # by something else. ArgoCD will not work if there is no configMap created with the name above. rbacConfigCreate: true - ## Not well tested and not well supported on release v1.0.0. - ## Applications - ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + # -- Deploy ArgoCD Applications within this helm release + # @default -- `[]` (See [values.yaml]) + ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ additionalApplications: [] # - name: guestbook # namespace: argocd @@ -875,8 +1107,9 @@ server: # - name: url # value: https://argoproj.github.io/ - ## Projects - ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + # -- Deploy ArgoCD Projects within this helm release + # @default -- `[]` (See [values.yaml]) + ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ additionalProjects: [] # - name: guestbook # namespace: argocd @@ -918,11 +1151,13 @@ server: ## Enable Admin ClusterRole resources. ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. clusterAdminAccess: + # -- Enable RBAC for local cluster deployments enabled: true - ## Enable BackendConfig custom resource for Google Kubernetes Engine GKEbackendConfig: + # -- Enable BackendConfig custom resource for Google Kubernetes Engine enabled: false + # -- [BackendConfigSpec] spec: {} # spec: # iap: @@ -930,9 +1165,9 @@ server: # oauthclientCredentials: # secretName: argocd-secret - extraContainers: [] - ## Additional containers to be added to the controller pod. + # -- Additional containers to be added to the server pod ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + extraContainers: [] # - name: my-sidecar # image: nginx:latest # - name: lemonldap-ng-controller @@ -956,94 +1191,119 @@ server: ## Repo Server repoServer: + # -- Repo server name name: repo-server + # -- The number of repo server pods to run replicas: 1 autoscaling: + # -- Enable Horizontal Pod Autoscaler ([HPA]) for the repo server enabled: false + # -- Minimum number of replicas for the repo server [HPA] minReplicas: 1 + # -- Maximum number of replicas for the repo server [HPA] maxReplicas: 5 + # -- Average CPU utilization percentage for the repo server [HPA] targetCPUUtilizationPercentage: 50 + # -- Average memory utilization percentage for the repo server [HPA] targetMemoryUtilizationPercentage: 50 image: - repository: # defaults to global.image.repository - tag: # defaults to global.image.tag - imagePullPolicy: # IfNotPresent + # -- Repository to use for the repo server + # @default -- `""` (defaults to global.image.repository) + repository: "" # defaults to global.image.repository + # -- Tag to use for the repo server + # @default -- `""` (defaults to global.image.tag) + tag: "" # defaults to global.image.tag + # -- Image pull policy for the repo server + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" # IfNotPresent - ## Additional command line arguments to pass to argocd-repo-server - ## + # -- Additional command line arguments to pass to repo server extraArgs: [] - ## Environment variables to pass to argocd-repo-server - ## + # -- Environment variables to pass to repo server env: [] - ## envFrom to pass to argocd-repo-server - ## + # -- envFrom to pass to repo server + # @default -- `[]` (See [values.yaml]) envFrom: [] # - configMapRef: # name: config-map-name # - secretRef: # name: secret-name - ## Argo repoServer log format: text|json + # -- Repo server log format: Either `text` or `json` logFormat: text - ## Argo repoServer log level + # -- Repo server log level logLevel: info - ## Annotations to be added to repo server pods - ## + # -- Annotations to be added to repo server pods podAnnotations: {} - ## Labels to be added to repo server pods - ## + # -- Labels to be added to repo server pods podLabels: {} - ## Configures the repo server port + # -- Configures the repo server port containerPort: 8081 ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ ## readinessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed successThreshold: 1 + # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 livenessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed successThreshold: 1 + # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - ## Additional volumeMounts to the repo server main container. + # -- Additional volumeMounts to the repo server main container volumeMounts: [] - ## Additional volumes to the repo server pod. + # -- Additional volumes to the repo server pod volumes: [] + ## Use init containers to configure custom tooling + ## https://argoproj.github.io/argo-cd/operator-manual/custom_tools/ + ## When using the volumes & volumeMounts section bellow, please comment out those above. + # - name: custom-tools + # emptyDir: {} - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} - # Pod Topology Spread Constraints - # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - # If labelSelector is left out, it will default to the labelSelector configuration of the deployment + # -- Assign custom [TopologySpreadConstraints] rules to the repo server + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Priority class for the repo server priorityClassName: "" - ## Labels to set container specific security contexts + # -- Repo server container-level security context containerSecurityContext: {} # capabilities: @@ -1051,6 +1311,7 @@ repoServer: # - all # readOnlyRootFilesystem: true + # -- Resource limits and requests for the repo server pods resources: {} # limits: # cpu: 50m @@ -1061,54 +1322,75 @@ repoServer: ## Repo server service configuration service: + # -- Repo server service annotations annotations: {} + # -- Repo server service labels labels: {} + # -- Repo server service port port: 8081 + # -- Repo server service port name portName: https-repo-server ## Repo server metrics service configuration metrics: + # -- Deploy metrics service enabled: false service: + # -- Metrics service annotations annotations: {} + # -- Metrics service labels labels: {} + # -- Metrics service port servicePort: 8084 serviceMonitor: + # -- Enable a prometheus ServiceMonitor enabled: false + # -- Prometheus ServiceMonitor interval interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion metricRelabelings: [] - # selector: - # prometheus: kube-prometheus - # namespace: monitoring - # additionalLabels: {} + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "" # "monitoring" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant cluster rights to ArgoCD repo-server. + ## Enable if you would like to grant cluster rights to ArgoCD repo server. clusterAdminAccess: + # -- Enable RBAC for local cluster deployments enabled: false ## Enable Custom Rules for the Repo server's Cluster Role resource ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off clusterRoleRules: + # -- Enable custom rules for the Repo server's Cluster Role resource enabled: false + # -- List of custom rules for the Repo server's Cluster Role resource rules: [] ## Repo server service account ## If create is set to true, make sure to uncomment the name and update the rbac section below serviceAccount: + # -- Create repo server service account create: false - # name: argocd-repo-server - ## Annotations applied to created service account + # -- Repo server service account name + name: "" # "argocd-repo-server" + # -- Annotations applied to created service account annotations: {} - ## Automount API credentials for the Service Account + # -- Automount API credentials for the Service Account automountServiceAccountToken: true - ## Additional containers to be added to the repo server pod. + # -- Additional containers to be added to the repo server pod extraContainers: [] - ## Repo server rbac rules - # rbac: + # -- Repo server rbac rules + rbac: [] # - apiGroups: # - argoproj.io # resources: @@ -1118,14 +1400,8 @@ repoServer: # - list # - watch - ## Use init containers to configure custom tooling - ## https://argoproj.github.io/argo-cd/operator-manual/custom_tools/ - ## When using the volumes & volumeMounts section bellow, please comment out those above. - # volumes: - # - name: custom-tools - # emptyDir: {} - # - # initContainers: + # -- Init containers to add to the repo server pods + initContainers: [] # - name: download-tools # image: alpine:3.8 # command: [sh, -c] @@ -1142,8 +1418,9 @@ repoServer: ## Argo Configs configs: - ## External Cluster Credentials - ## reference: + # -- Provide one or multiple [external cluster credentials] + # @default -- `[]` (See [values.yaml]) + ## Ref: ## - https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters ## - https://argoproj.github.io/argo-cd/operator-manual/security/#external-cluster-credentials clusterCredentials: [] @@ -1167,7 +1444,10 @@ configs: # insecure: false # caData: "" + # -- GnuPG key ring annotations gpgKeysAnnotations: {} + # -- [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring + # @default -- `{}` (See [values.yaml]) gpgKeys: {} # 4AEE18F83AFDEB23: | # -----BEGIN PGP PUBLIC KEY BLOCK----- @@ -1188,9 +1468,12 @@ configs: # =Bvzs # -----END PGP PUBLIC KEY BLOCK----- + # -- Known Hosts configmap annotations knownHostsAnnotations: {} knownHosts: data: + # -- Known Hosts + # @default -- See [values.yaml] ssh_known_hosts: | bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== @@ -1199,7 +1482,10 @@ configs: gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + # -- TLS certificate configmap annotations tlsCertsAnnotations: {} + # -- TLS certificate + # @default -- See [values.yaml] tlsCerts: {} # data: @@ -1238,11 +1524,12 @@ configs: # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK # XWyb96wrUlv+E8I= # -----END CERTIFICATE----- -## # Creates a secret with optional repository credentials -## DEPRECATED: Instead, use configs.credentialTemplates and/or configs.repositories + + # -- *DEPRECATED:* Instead, use `configs.credentialTemplates` and/or `configs.repositories` repositoryCredentials: {} -## Creates a secret for each key/value specified below to create repository credentials + # -- Repository credentials to be used as Templates for other repos + ## Creates a secret for each key/value specified below to create repository credentials credentialTemplates: {} # github-enterprise-creds-1: # url: https://github.com/argoproj @@ -1264,8 +1551,9 @@ configs: # ... # -----END OPENSSH PRIVATE KEY----- -## Creates a secret for each key/value specified below to create repositories -## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". + # -- Repositories list to be used by applications + ## Creates a secret for each key/value specified below to create repositories + ## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". repositories: {} # istio-helm-repo: # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts @@ -1281,26 +1569,31 @@ configs: # url: https://github.com/argoproj/private-repo secret: + # -- Create the argocd-secret createSecret: true - ## Annotations to be added to argocd-secret - ## + # -- Annotations to be added to argocd-secret annotations: {} - # Webhook Configs + # -- Shared secret for authenticating GitHub webhook events githubSecret: "" + # -- Shared secret for authenticating GitLab webhook events gitlabSecret: "" + # -- Shared secret for authenticating BitbucketServer webhook events bitbucketServerSecret: "" + # -- UUID for authenticating Bitbucket webhook events bitbucketUUID: "" + # -- Shared secret for authenticating Gogs webhook events gogsSecret: "" - # Custom secrets. Useful for injecting SSO secrets into environment variables. - # Ref: https://argoproj.github.io/argo-cd/operator-manual/sso/ - # Note that all values must be non-empty. + # -- add additional secrets to be added to argocd-secret + ## Custom secrets. Useful for injecting SSO secrets into environment variables. + ## Ref: https://argoproj.github.io/argo-cd/operator-manual/sso/ + ## Note that all values must be non-empty. extra: {} # LDAP_PASSWORD: "mypassword" - # Argo TLS Data. + # -- Argo TLS Data argocdServerTlsConfig: {} # key: @@ -1312,18 +1605,24 @@ configs: # # -----END CERTIFICATE----- - # Argo expects the password in the secret to be bcrypt hashed. You can create this hash with - # `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` - # argocdServerAdminPassword: "" - # Password modification time defaults to current time if not set - # argocdServerAdminPasswordMtime: "2006-01-02T15:04:05Z" + # -- Bcrypt hashed admin password + ## Argo expects the password in the secret to be bcrypt hashed. You can create this hash with + ## `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` + argocdServerAdminPassword: "" + # -- Admin password modification time. Eg. `"2006-01-02T15:04:05Z"` + # @default -- `""` (defaults to current time) + argocdServerAdminPasswordMtime: "" - ## Custom CSS Styles - ## Reference: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ + # -- Define custom [CSS styles] for your argo instance. + # This setting will automatically mount the provided CSS and reference it in the argo configuration. + # @default -- `""` (See [values.yaml]) + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ + styles: "" # styles: | # .nav-bar { # background: linear-gradient(to bottom, #999, #777, #333, #222, #111); # } openshift: + # -- enables using arbitrary uid for argo repo server enabled: false From 7e988dcae23c56af9a1db24d889afb830fdb72da Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 21 Oct 2021 22:55:34 +0200 Subject: [PATCH 0115/1248] fix(argo-cd): Update to app version v2.1.5 (#990) * fix(argo-cd): Update to app version v2.1.5 Signed-off-by: Marco Kilchhofer * chore: Use chart appVersion as global default imageTag Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/templates/_helpers.tpl | 9 ++++++++- .../argocd-application-controller/deployment.yaml | 6 +++--- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/deployment.yaml | 6 +++--- charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++-- 8 files changed, 24 insertions(+), 17 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0d858ad1..ab06bbcb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 2.1.4 +appVersion: v2.1.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.2 +version: 3.26.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Use helm-docs to generate README.md" + - "[Changed]: Update to app version 2.1.5" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 36af1b0f..3144961d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -213,7 +213,7 @@ NAME: my-release | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all ArgoCD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all ArgoCD deployments | -| global.image.tag | string | `"v2.1.4"` | If defined, a tag applied to all ArgoCD deployments | +| global.image.tag | string | `""` | Overrides the global ArgoCD image tag whose default is the chart appVersion | | global.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository | | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index be2927c2..e11b43da 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -190,4 +190,11 @@ Merge Argo Configuration with Preset Configuration {{- if .Values.server.configEnabled -}} {{- toYaml (mergeOverwrite (default dict (fromYaml (include "argo-cd.config.presets" $))) .Values.server.config) }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} + +{{/* +Return the default ArgoCD app version +*/}} +{{- define "argo-cd.defaultTag" -}} + {{- default .Chart.AppVersion .Values.global.image.tag }} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index b924ea41..763608d0 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag | quote }} spec: selector: matchLabels: @@ -23,7 +23,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} - app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.controller.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} @@ -61,7 +61,7 @@ spec: {{- with .Values.controller.extraArgs }} {{- . | toYaml | nindent 8 }} {{- end }} - image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default .Values.global.image.tag .Values.controller.image.tag }} + image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} name: {{ .Values.controller.name }} {{- if .Values.controller.containerSecurityContext }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 3c86cb8f..ea510f73 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag | quote }} spec: selector: matchLabels: @@ -22,7 +22,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }} - app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.repoServer.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} @@ -36,7 +36,7 @@ spec: {{- end }} containers: - name: {{ .Values.repoServer.name }} - image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }} + image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} args: - argocd-repo-server diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 38cd5cbf..697dabbd 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | quote }} spec: selector: matchLabels: @@ -22,7 +22,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} - app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.server.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} @@ -36,7 +36,7 @@ spec: {{- end }} containers: - name: {{ .Values.server.name }} - image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default .Values.global.image.tag .Values.server.image.tag }} + image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 9f289270..d05688b0 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -32,7 +32,7 @@ spec: {{- end }} initContainers: - name: copyutil - image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }} + image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} resources: {{- toYaml .Values.dex.resources | nindent 10 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f6fae196..e980ab49 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -13,8 +13,8 @@ global: image: # -- If defined, a repository applied to all ArgoCD deployments repository: quay.io/argoproj/argocd - # -- If defined, a tag applied to all ArgoCD deployments - tag: v2.1.4 + # -- Overrides the global ArgoCD image tag whose default is the chart appVersion + tag: "" # -- If defined, a imagePullPolicy applied to all ArgoCD deployments imagePullPolicy: IfNotPresent # -- Annotations for the all deployed pods From 6ff8ee14f550d225f7284b7f317e72b90414e4f2 Mon Sep 17 00:00:00 2001 From: Paul Ayling Date: Wed, 27 Oct 2021 16:13:40 +0100 Subject: [PATCH 0116/1248] feat(argo-events): Update Argo Events to 1.5.0 (#995) * Update image and tag for argo events deployments Signed-off-by: Paul Ayling * Update Nats images Signed-off-by: Paul Ayling * Update sensorImage and eventSourceImage Signed-off-by: Paul Ayling * Update Chart.yaml Signed-off-by: Paul Ayling * Place new argument at end to work with old images Signed-off-by: Paul Ayling * Update chart appversion and RBAC Signed-off-by: Paul Ayling * Apply suggestions from code review Co-authored-by: Marco Kilchhofer Signed-off-by: Paul Ayling * Default to Chart AppVersion if tag does not exist Signed-off-by: Paul Ayling * Update Chart AppVersion to v1.5.0 Signed-off-by: Paul Ayling * Update changelog Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 7 +++---- .../templates/argo-events-cluster-roles.yaml | 18 ----------------- .../templates/argo-events-roles.yaml | 18 ----------------- .../eventbus-controller-deployment.yaml | 5 +++-- .../eventsource-controller-deployment.yaml | 7 ++++--- .../sensor-controller-deployment.yaml | 7 ++++--- charts/argo-events/values.yaml | 20 +++++++++---------- 7 files changed, 24 insertions(+), 58 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index c29777c7..2d6a7fae 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.7.0 +version: 1.8.0 keywords: - argo-events - sensor-controller @@ -12,10 +12,9 @@ sources: maintainers: - name: VaibhavPage - name: whynowy -appVersion: 1.3.1 +appVersion: v1.5.0 icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Added]: Ability to specify additional/custom environment variables" - - "[Fixed]: Charts icon url" + - "[Changed]: Update to Argo Events v1.5.0" diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index c3904980..cef1ad2e 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -40,10 +40,6 @@ rules: - update - watch resources: - - workflows - - workflows/finalizers - - workflowtemplates - - workflowtemplates/finalizers - sensors - sensors/finalizers - sensors/status @@ -61,7 +57,6 @@ rules: - configmaps - secrets - services - - events - persistentvolumeclaims verbs: - create @@ -71,18 +66,6 @@ rules: - update - patch - delete - - apiGroups: - - "batch" - resources: - - jobs - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - apiGroups: - "apps" resources: @@ -96,5 +79,4 @@ rules: - update - patch - delete - {{- end }} diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml index 1371f6a6..7406073c 100644 --- a/charts/argo-events/templates/argo-events-roles.yaml +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -42,10 +42,6 @@ rules: - update - watch resources: - - workflows - - workflows/finalizers - - workflowtemplates - - workflowtemplates/finalizers - sensors - sensors/finalizers - sensors/status @@ -63,7 +59,6 @@ rules: - configmaps - secrets - services - - events - persistentvolumeclaims verbs: - create @@ -73,18 +68,6 @@ rules: - update - patch - delete - - apiGroups: - - "batch" - resources: - - jobs - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - apiGroups: - "apps" resources: @@ -98,5 +81,4 @@ rules: - update - patch - delete - {{- end }} diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index 747bfc11..834425fe 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -29,10 +29,11 @@ spec: serviceAccountName: {{ .Values.serviceAccount }} containers: - name: {{ .Values.eventbusController.name }} - image: "{{ .Values.registry }}/{{ .Values.eventbusController.image }}:{{ .Values.eventbusController.tag }}" + image: "{{ .Values.registry }}/{{ .Values.eventbusController.image }}:{{ .Values.eventbusController.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.imagePullPolicy }} - {{- if .Values.singleNamespace }} args: + - eventbus-controller + {{- if .Values.singleNamespace }} - --namespaced {{- end }} env: diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 651ff39b..2d79a4ff 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -29,10 +29,11 @@ spec: serviceAccountName: {{ .Values.serviceAccount }} containers: - name: {{ .Values.eventsourceController.name }} - image: "{{ .Values.registry }}/{{ .Values.eventsourceController.image }}:{{ .Values.eventsourceController.tag }}" + image: "{{ .Values.registry }}/{{ .Values.eventsourceController.image }}:{{ .Values.eventsourceController.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.imagePullPolicy }} - {{- if .Values.singleNamespace }} args: + - eventsource-controller + {{- if .Values.singleNamespace }} - --namespaced {{- end }} env: @@ -44,7 +45,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: EVENTSOURCE_IMAGE - value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag }}" + value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag | default .Chart.AppVersion }}" livenessProbe: httpGet: path: /healthz diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 6c2f6a04..e3590578 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -29,10 +29,11 @@ spec: serviceAccountName: {{ .Values.serviceAccount }} containers: - name: {{ .Values.sensorController.name }} - image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag }}" + image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.imagePullPolicy }} - {{- if .Values.singleNamespace }} args: + - sensor-controller + {{- if .Values.singleNamespace }} - --namespaced {{- end }} env: @@ -44,7 +45,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: SENSOR_IMAGE - value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag }}" + value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag | default .Chart.AppVersion }}" livenessProbe: httpGet: path: /healthz diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index db6f679d..8b75651b 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -44,13 +44,13 @@ singleNamespace: true # sensor controller sensorController: name: sensor-controller - image: argoproj/sensor-controller - tag: v1.3.1 + image: argoproj/argo-events + tag: "" replicaCount: 1 extraEnv: [] # - name: DEBUG_LOG # value: "true" - sensorImage: argoproj/sensor + sensorImage: argoproj/argo-events podAnnotations: {} nodeSelector: {} podLabels: {} @@ -61,13 +61,13 @@ sensorController: eventsourceController: name: eventsource-controller - image: argoproj/eventsource-controller - tag: v1.3.1 + image: argoproj/argo-events + tag: "" replicaCount: 1 extraEnv: [] # - name: DEBUG_LOG # value: "true" - eventsourceImage: argoproj/eventsource + eventsourceImage: argoproj/argo-events podAnnotations: {} nodeSelector: {} podLabels: {} @@ -78,8 +78,8 @@ eventsourceController: eventbusController: name: eventbus-controller - image: argoproj/eventbus-controller - tag: v1.3.1 + image: argoproj/argo-events + tag: "" replicaCount: 1 extraEnv: [] # - name: DEBUG_LOG @@ -91,8 +91,8 @@ eventbusController: tolerations: [] affinity: {} resources: {} - natsStreamingImage: nats-streaming:0.17.0 - natsMetricsExporterImage: synadia/prometheus-nats-exporter:0.6.2 + natsStreamingImage: nats-streaming:0.22.1 + natsMetricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 securityContext: runAsNonRoot: true From e8c59dc07912319c73c85e442ee0cfe8e2cff12b Mon Sep 17 00:00:00 2001 From: smcavallo Date: Sun, 31 Oct 2021 07:56:55 -0400 Subject: [PATCH 0117/1248] feat(argo-cd): Upgrade argocd to v2.1.6 (#1000) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ab06bbcb..72413034 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.1.5 +appVersion: v2.1.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.3 +version: 3.26.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.1.5" + - "[Changed]: Update to app version 2.1.6" From 6fe7f57fb213871f6d6dbf4e8f5351ff1fd9448c Mon Sep 17 00:00:00 2001 From: cyril-corbon Date: Sun, 31 Oct 2021 20:31:52 +0100 Subject: [PATCH 0118/1248] fix(argo-cd): helm3 install does not have flag --name (#1001) * fix(helm3): install does not have flag --name Signed-off-by: Cyril Corbon * Update charts/argo-cd/Chart.yaml Co-authored-by: Marko Bevc Signed-off-by: Cyril Corbon Co-authored-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/README.md.gotmpl | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72413034..aaf5bf72 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.4 +version: 3.26.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.1.6" + - "[Changed]: README update to reflect correct helm install syntax" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3144961d..0dbb7ba3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -175,7 +175,7 @@ To install the chart with the release name `my-release`: $ helm repo add argo https://argoproj.github.io/argo-helm "argo" has been added to your repositories -$ helm install --name my-release argo/argo-cd +$ helm install my-release argo/argo-cd NAME: my-release ... ``` diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 608700a1..bc2c0855 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -176,7 +176,7 @@ To install the chart with the release name `my-release`: $ helm repo add argo https://argoproj.github.io/argo-helm "argo" has been added to your repositories -$ helm install --name my-release argo/argo-cd +$ helm install my-release argo/argo-cd NAME: my-release ... ``` From c1e7213cdca37d9ca652758aae400c9988346933 Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Mon, 1 Nov 2021 21:12:45 +0300 Subject: [PATCH 0119/1248] fix(argo-workflows): Restore RBAC permission and clarify namespace settings. (#989) Signed-off-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 6 +++++- .../controller/workflow-controller-crb.yaml | 11 ----------- .../templates/controller/workflow-rb.yaml | 2 +- .../templates/controller/workflow-role.yaml | 2 +- .../templates/controller/workflow-sa.yaml | 2 +- charts/argo-workflows/values.yaml | 13 ++++++++----- 7 files changed, 19 insertions(+), 23 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3cfb791b..43dc0644 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.8.0 -appVersion: "v3.2.0" +version: 0.8.1 +appVersion: v3.2.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Workflow Controller ConfigMap Executor ImagePullPolicy" + - "[Changed]: Restore RBAC permissions and clarify namespace settings." diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index e25a3840..d580d9f3 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -25,7 +25,11 @@ Fields to note: - `controller.instanceID.enabled`: If set to true, the Argo Controller will **ONLY** monitor Workflow submissions with a `--instanceid` attribute - `controller.instanceID.useReleaseName`: If set to true then chart set controller instance id to release name - `controller.instanceID.explicitID`: Allows customization of an instance id for the workflow controller to monitor -- `controller.workflowNamespaces`: This is a list of namespaces where workflows will be ran +- `singleNamespace`: When true, restricts the workflow controller to operate + in just the single namespace (that one of the Helm release). +- `controller.workflowNamespaces`: This is a list of namespaces where the + workflow controller will manage workflows. Only valid when `singleNamespace` + is false. ## Breaking changes from the deprecated `argo` chart diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index 1235e325..acb7e514 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -20,17 +20,6 @@ subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- if .Values.controller.workflowNamespaces }} -{{- $uiServiceAccount := (include "argo-workflows.controllerServiceAccountName" .) }} -{{- $namespace := .Release.Namespace }} -{{- range $key := .Values.controller.workflowNamespaces }} - {{- if not (eq $key $namespace) }} - - kind: ServiceAccount - name: {{ $uiServiceAccount }} - namespace: {{ $key }} - {{- end }} -{{- end }} -{{- end }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 24223ce6..67f22504 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) (list "") }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 7e826261..66ad9328 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) (list "") }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 952c2dc7..7c76585a 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.serviceAccount.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) (list "") }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} --- apiVersion: v1 kind: ServiceAccount diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 98a7fda6..625961f4 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -19,12 +19,14 @@ fullnameOverride: ## kubeVersionOverride: "" -# Restrict Argo to only deploy into a single namespace by apply Roles and RoleBindings instead of the Cluster equivalents, -# and start argo-cli with the --namespaced flag. Use it in clusters with strict access policy. +# Restrict Argo to operate only in a single namespace (the namespace of the +# Helm release) by apply Roles and RoleBindings instead of the Cluster +# equivalents, and start workflow-controller with the --namespaced flag. Use it +# in clusters with strict access policy. singleNamespace: false workflow: - namespace: # Deprecated, for backwards compatibility: specify a single namespace to run workflows in + namespace: # Deprecated; use controller.workflowNamespaces instead. serviceAccount: create: false # Specifies whether a service account should be created annotations: {} @@ -111,8 +113,9 @@ controller: # Annotations applied to created service account annotations: {} name: workflow-controller - # Specify all namespaces to run worksflows need to be able to run in. This controls where the service - # account and RBAC resources will be created. If unspecified, will run in the default namespace. + # Specify all namespaces where this workflow controller instance will manage + # workflows. This controls where the service account and RBAC resources will + # be created. Only valid when singleNamespace is false. workflowNamespaces: - default containerRuntimeExecutor: docker From b8c689e3c7d34c9145f0d3aa3b0795b21502e786 Mon Sep 17 00:00:00 2001 From: Simon Ninon Date: Sat, 6 Nov 2021 01:23:27 -0700 Subject: [PATCH 0120/1248] fix(argo-cd) Make argocd-server /home/argocd/.aws writeable when using readOnlyRootFilesystem=false security context (#1006) Signed-off-by: Simon Ninon --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/deployment.yaml | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index aaf5bf72..947d3e5e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.5 +version: 3.26.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: README update to reflect correct helm install syntax" + - "[Changed]: Make argocd-server /home/argocd/.aws writeable when using readOnlyRootFilesystem=false security context" diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 697dabbd..93e87e95 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -90,6 +90,10 @@ spec: subPath: "custom.styles.css" name: custom-styles {{- end }} + {{- if .Values.server.containerSecurityContext.readOnlyRootFilesystem }} + - mountPath: /home/argocd/.aws + name: aws-config + {{- end }} - mountPath: /tmp name: tmp-dir ports: @@ -164,6 +168,10 @@ spec: name: static-files - emptyDir: {} name: tmp-dir + {{- if .Values.server.containerSecurityContext.readOnlyRootFilesystem }} + - emptyDir: {} + name: aws-config + {{- end }} {{- if .Values.configs.styles }} - configMap: name: argocd-custom-styles From 5e18356d25f65f219894a3a092fc53fbcc516189 Mon Sep 17 00:00:00 2001 From: Brian Johnson Date: Tue, 9 Nov 2021 12:49:48 -0800 Subject: [PATCH 0121/1248] feat(argo-rollouts): Allow additional containers in controller deployment (#999) * feat: Allow additional containers in controller deployment Our local metrics setup uses an extra container for the controller deployment. Adding this in case others have a similar use case. Signed-off-by: Brian Johnson * Apply suggesstions from code review Signed-off-by: Brian Johnson * Bump minor version Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/controller/deployment.yaml | 3 +++ charts/argo-rollouts/values.yaml | 4 ++++ 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index f8b50237..6a0841b3 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.3.0 +version: 2.4.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Support for extraArgs for controller and dashboard" + - "[Added]: Support for extraContainers for controller deployment" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index b13884ef..624cc2a6 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -39,6 +39,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | controller.extraArgs | list | `[]` | Additional arguments for the controller. A list of flags. | +| controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | | controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 9672d119..fc359d42 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -52,6 +52,9 @@ spec: {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} + {{- with .Values.controller.extraContainers }} + {{- toYaml . | nindent 6 }} + {{- end }} {{- if .Values.controller.nodeSelector }} nodeSelector: {{- toYaml .Values.controller.nodeSelector | nindent 8 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index c009bbd4..caef4d0d 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -21,6 +21,10 @@ controller: ## extraArgs: [] + ## Additional containers to add to the rollouts controller deployment + ## This will be rendered as the literal yaml + extraContainers: [] + resources: {} # limits: # cpu: 100m From a4b05b43e2f1d7257eb3ece723972dbb340a66ab Mon Sep 17 00:00:00 2001 From: Jan Pieper Date: Tue, 9 Nov 2021 22:14:17 +0100 Subject: [PATCH 0122/1248] feat(argocd-image-updater): Optionally expose metrics (#1005) * feat(argocd-image-updater): Optionally expose metrics Signed-off-by: Jan Pieper * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Add missing link references to README Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 4 +- charts/argocd-image-updater/README.md | 19 +++++++++- charts/argocd-image-updater/README.md.gotmpl | 5 +++ .../templates/deployment.yaml | 5 +++ .../templates/metrics-service.yaml | 25 ++++++++++++ .../templates/servicemonitor.yaml | 38 +++++++++++++++++++ charts/argocd-image-updater/values.yaml | 31 ++++++++++++++- 7 files changed, 123 insertions(+), 4 deletions(-) create mode 100644 charts/argocd-image-updater/templates/metrics-service.yaml create mode 100644 charts/argocd-image-updater/templates/servicemonitor.yaml diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 7ff1d925..ee806cd6 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.2.1 +version: 0.3.0 appVersion: v0.10.1 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Update default values example for extraArgs + - "[Added]: Ability to expose metrics and deploy a Prometheus ServiceMonitor" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index a3c97ced..8068d285 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -66,13 +66,24 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.argocd.serverAddress | string | `""` | Connect to the Argo CD API server at server address | | config.logLevel | string | `"info"` | ArgoCD Image Update log level | | config.registries | list | `[]` | ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | -| extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in config.argocd | +| extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | | extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | | image.pullPolicy | string | `"Always"` | Default image pull policy | | image.repository | string | `"argoprojlabs/argocd-image-updater"` | Default image repository | | image.tag | string | `"v0.10.1"` | Default image tag | | imagePullSecrets | list | `[]` | ImagePullSecrets for the image updater deployment | +| metrics.enabled | bool | `false` | Deploy metrics service | +| metrics.service.annotations | object | `{}` | Metrics service annotations | +| metrics.service.labels | object | `{}` | Metrics service labels | +| metrics.service.servicePort | int | `8081` | Metrics service port | +| metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | nameOverride | string | `""` | Global name (argocd-image-updater.name in _helpers.tpl) override | | nodeSelector | object | `{}` | Kubernetes nodeSelector settings for the deployment | | podAnnotations | object | `{}` | Pod Annotations for the deployment | @@ -85,3 +96,9 @@ The `config.registries` value can be used exactly as it looks in the documentati | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | tolerations | list | `[]` | Kubernetes toleration settings for the deployment | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) + +[MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +[RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config diff --git a/charts/argocd-image-updater/README.md.gotmpl b/charts/argocd-image-updater/README.md.gotmpl index eab46779..da81914b 100644 --- a/charts/argocd-image-updater/README.md.gotmpl +++ b/charts/argocd-image-updater/README.md.gotmpl @@ -56,3 +56,8 @@ If you need support for ECR, you can reference [this issue](https://github.com/a The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. {{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} + +[MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs +[RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index d19ecf4e..8b1b2581 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -60,6 +60,11 @@ spec: imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - containerPort: 8080 + {{ if .Values.metrics.enabled }} + - name: metrics + containerPort: 8081 + protocol: TCP + {{- end }} readinessProbe: httpGet: path: /healthz diff --git a/charts/argocd-image-updater/templates/metrics-service.yaml b/charts/argocd-image-updater/templates/metrics-service.yaml new file mode 100644 index 00000000..5d1232ae --- /dev/null +++ b/charts/argocd-image-updater/templates/metrics-service.yaml @@ -0,0 +1,25 @@ +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + {{- if .Values.metrics.service.annotations }} + annotations: + {{- range $key, $value := .Values.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + {{- with .Values.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "argocd-image-updater.fullname" . }}-metrics +spec: + ports: + - name: metrics + protocol: TCP + port: {{ .Values.metrics.service.servicePort }} + targetPort: metrics + selector: + {{- include "argocd-image-updater.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/argocd-image-updater/templates/servicemonitor.yaml b/charts/argocd-image-updater/templates/servicemonitor.yaml new file mode 100644 index 00000000..fa0b26a6 --- /dev/null +++ b/charts/argocd-image-updater/templates/servicemonitor.yaml @@ -0,0 +1,38 @@ +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "argocd-image-updater.fullname" . }}-metrics + {{- with .Values.metrics.serviceMonitor.namespace }} + namespace: {{ . }} + {{- end }} + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + {{- with .Values.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + {{- with .Values.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + path: /metrics + {{- with .Values.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argocd-image-updater.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 01f63fc7..28ac7011 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -15,7 +15,7 @@ nameOverride: "" # -- Global fullname (argocd-image-updater.fullname in _helpers.tpl) override fullnameOverride: "" -# -- Extra arguments for argocd-image-updater not defined in config.argocd +# -- Extra arguments for argocd-image-updater not defined in `config.argocd`. # If a flag contains both key and value, they need to be split to a new entry extraArgs: [] # - --disable-kubernetes @@ -112,3 +112,32 @@ tolerations: [] # -- Kubernetes affinity settings for the deployment affinity: {} + +# Metrics configuration +metrics: + # -- Deploy metrics service + enabled: false + service: + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 8081 + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: false + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: {} + # promtheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} From fc37802882bb011bdcc263c711b892b20d35edb1 Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 10 Nov 2021 10:18:13 -0700 Subject: [PATCH 0123/1248] fix(argo-cd): Added openshift route options to values.yaml (#1010) * fix(argo-cd): Added openshift route options to values.yaml Signed-off-by: bbensky * removed default values from template Signed-off-by: bbensky * changed case of default termination type Signed-off-by: bbensky --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 7 +++++-- charts/argo-cd/templates/argocd-server/route.yaml | 4 ++-- charts/argo-cd/values.yaml | 10 ++++++++-- 4 files changed, 17 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 947d3e5e..379085f8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.6 +version: 3.26.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Make argocd-server /home/argocd/.aws writeable when using readOnlyRootFilesystem=false security context" + - "[Fixed]: Added Openshift Route values that were previously included in Route.yaml directives." diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 0dbb7ba3..153f12a6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -449,8 +449,11 @@ NAME: my-release | server.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | server.replicas | int | `1` | The number of server pods to run | | server.resources | object | `{}` | Resource limits and requests for the Argo CD server | -| server.route.enabled | bool | `false` | Enable a OpenShift route for the Argo CD server | -| server.route.hostname | string | `""` | Hostname of OpenShift route | +| server.route.enabled | bool | `false` | Enable an OpenShift Route for the Argo CD server | +| server.route.annotations | object | `{}` | Openshift Route annotations | +| server.route.hostname | string | `""` | Hostname of OpenShift Route | +| server.route.termination_type | string | `"passthrough"` | Openshift Route termination type | +| server.route.termination_policy| string | `"None"` | Openshift Route termination policy | | server.service.annotations | object | `{}` | Server service annotations | | server.service.externalIPs | list | `[]` | Server service external IPs | | server.service.externalTrafficPolicy | string | `""` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints | diff --git a/charts/argo-cd/templates/argocd-server/route.yaml b/charts/argo-cd/templates/argocd-server/route.yaml index f6b1ce1c..25cd2d8c 100644 --- a/charts/argo-cd/templates/argocd-server/route.yaml +++ b/charts/argo-cd/templates/argocd-server/route.yaml @@ -18,7 +18,7 @@ spec: port: targetPort: https tls: - termination: {{ .Values.server.route.termination_type | default "passthrough" }} - insecureEdgeTerminationPolicy: {{ .Values.server.route.termination_policy | default "None" }} + termination: {{ .Values.server.route.termination_type | quote }} + insecureEdgeTerminationPolicy: {{ .Values.server.route.termination_policy | quote }} wildcardPolicy: None {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e980ab49..b7d64e10 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -999,10 +999,16 @@ server: # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: # If 'hostname' is an empty string "" OpenShift will create a hostname for you. route: - # -- Enable a OpenShift route for the Argo CD server + # -- Enable an OpenShift Route for the Argo CD server enabled: false - # -- Hostname of OpenShift route + # -- Openshift Route annotations + annotations: {} + # -- Hostname of OpenShift Route hostname: "" + # -- Termination type of Openshift Route + termination_type: passthrough + # -- Termination policy of Openshift Route + termination_policy: None # -- Manage ArgoCD configmap (Declarative Setup) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml From 9f2d1e5d3015cf4955161570ddd70278f88163c0 Mon Sep 17 00:00:00 2001 From: Jakub Date: Thu, 11 Nov 2021 15:59:34 +0100 Subject: [PATCH 0124/1248] feat(argo-cd): Add signature keys for GPG in additionalProjects (#1011) * Add signature keys for GPG in additionalProjects Signed-off-by: Jakub Faber * Fix whitespace Signed-off-by: Jakub Faber * Fix lint - Newline at the end of file Signed-off-by: Jakub Faber --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/projects.yaml | 4 ++++ charts/argo-cd/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 379085f8..faf1fc48 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.7 +version: 3.26.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Added Openshift Route values that were previously included in Route.yaml directives." + - "[Added]: Signature keys for GPG in additionalProjects" diff --git a/charts/argo-cd/templates/argocd-configs/projects.yaml b/charts/argo-cd/templates/argocd-configs/projects.yaml index d51a19b6..dd24c10f 100644 --- a/charts/argo-cd/templates/argocd-configs/projects.yaml +++ b/charts/argo-cd/templates/argocd-configs/projects.yaml @@ -54,5 +54,9 @@ items: syncWindows: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .signatureKeys }} + signatureKeys: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b7d64e10..4082489c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1153,6 +1153,8 @@ server: # applications: # - '*-prod' # manualSync: true + # signatureKeys: + # - keyID: ABCDEF1234567890 ## Enable Admin ClusterRole resources. ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. From 80eeb61a05f8d0b3d55118af176ef0a44910a2cd Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 12 Nov 2021 10:25:07 +0100 Subject: [PATCH 0125/1248] docs(argocd-notifications): Use helm-docs (#1015) * docs(argocd-notifications): Use helm-docs Signed-off-by: Marco Kilchhofer * Use chart appVersion as default image tag Signed-off-by: Marco Kilchhofer --- charts/argocd-notifications/Chart.yaml | 6 +- charts/argocd-notifications/README.md | 79 ++++++++++++ charts/argocd-notifications/README.md.gotmpl | 45 +++++++ .../templates/bots/slack/deployment.yaml | 2 +- .../templates/deployment.yaml | 2 +- charts/argocd-notifications/values.yaml | 113 ++++++++++++------ 6 files changed, 204 insertions(+), 43 deletions(-) create mode 100644 charts/argocd-notifications/README.md.gotmpl diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 171a5dfa..3d2cdce2 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.1.1 +appVersion: v1.1.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.5.1 +version: 1.5.2 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Added]: Support annotations on secret objects" + - "[Changed]: Use helm-docs to generate README.md" diff --git a/charts/argocd-notifications/README.md b/charts/argocd-notifications/README.md index 61e1d363..bdc7af40 100644 --- a/charts/argocd-notifications/README.md +++ b/charts/argocd-notifications/README.md @@ -7,3 +7,82 @@ This is a **community maintained** chart. It installs the [argocd-notifications] - Service Account - Roles - Role Bindings + +To regenerate this document, from the root of this chart directory run: + +```console +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + +## Values + +### General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | Assign custom [affinity] rules | +| argocdUrl | string | `nil` | ArgoCD dashboard url; used in place of {{.context.argocdUrl}} in templates | +| cm.create | bool | `true` | Whether helm chart creates controller config map | +| containerSecurityContext | object | `{}` | Container Security Context | +| context | object | `{}` | Define user-defined context | +| extraArgs | list | `[]` | Extra arguments to provide to the controller | +| extraEnv | list | `[]` | Additional container environment variables | +| fullnameOverride | string | `""` | String to partially override "argocd-notifications.fullname" template | +| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the controller | +| image.repository | string | `"argoprojlabs/argocd-notifications"` | Repository to use for the controller | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | +| imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| logLevel | string | `"info"` | Set the logging level. (One of: `debug`, `info`, `warn`, `error`) | +| metrics.enabled | bool | `false` | Enables prometheus metrics server | +| metrics.port | int | `9001` | Metrics port | +| metrics.service.annotations | object | `{}` | Metrics service annotations | +| metrics.service.labels | object | `{}` | Metrics service labels | +| metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| nameOverride | string | `"argocd-notifications"` | String to partially override "argocd-notifications.fullname" template | +| nodeSelector | object | `{}` | [Node selector] | +| notifiers | object | See [values.yaml] | Configures notification services | +| podAnnotations | object | `{}` | Annotations to be applied to the controller Pods | +| podLabels | object | `{}` | Labels to be applied to the controller Pods | +| resources | object | `{}` | Resource limits and requests for the controller | +| secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | +| secret.create | bool | `true` | Whether helm chart creates controller secret | +| secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | +| securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | +| serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | +| subscriptions | object | `{}` | Contains centrally managed global application subscriptions | +| templates | object | `{}` | The notification template is used to generate the notification content | +| tolerations | list | `[]` | [Tolerations] for use with node taints | +| triggers | object | `{}` | The trigger defines the condition when the notification should be sent | +| updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | + +### Bots + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | +| bots.slack.enabled | bool | `false` | Enable slack bot | +| bots.slack.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the Slack bot | +| bots.slack.image.repository | string | `"argoprojlabs/argocd-notifications"` | Repository to use for the Slack bot | +| bots.slack.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | +| bots.slack.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| bots.slack.nodeSelector | object | `{}` | [Node selector] | +| bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | +| bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | +| bots.slack.service.port | int | `80` | Service port for Slack bot | +| bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | +| bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | +| bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | +| bots.slack.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[values.yaml]: values.yaml diff --git a/charts/argocd-notifications/README.md.gotmpl b/charts/argocd-notifications/README.md.gotmpl new file mode 100644 index 00000000..de0184ec --- /dev/null +++ b/charts/argocd-notifications/README.md.gotmpl @@ -0,0 +1,45 @@ +## ArgoCD Notifications Chart + +This is a **community maintained** chart. It installs the [argocd-notifications](https://github.com/argoproj-labs/argocd-notifications) application. This application comes packaged with: +- Notifications Controller Deployment +- Notifications Controller ConfigMap +- Notifications Controller Secret +- Service Account +- Roles +- Role Bindings + +To regenerate this document, from the root of this chart directory run: + +```console +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + +## Values + +### General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if not (hasPrefix "bots" .Key) }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Bots + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "bots" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[values.yaml]: values.yaml diff --git a/charts/argocd-notifications/templates/bots/slack/deployment.yaml b/charts/argocd-notifications/templates/bots/slack/deployment.yaml index 112266ed..83efd6ba 100644 --- a/charts/argocd-notifications/templates/bots/slack/deployment.yaml +++ b/charts/argocd-notifications/templates/bots/slack/deployment.yaml @@ -23,7 +23,7 @@ spec: serviceAccountName: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} containers: - name: {{ include "argocd-notifications.name" . }}-bot - image: "{{ .Values.bots.slack.image.repository }}:{{ .Values.bots.slack.image.tag }}" + image: "{{ .Values.bots.slack.image.repository }}:{{ default .Chart.AppVersion .Values.bots.slack.image.tag }}" imagePullPolicy: {{ .Values.bots.slack.image.pullPolicy }} resources: {{- toYaml .Values.bots.slack.resources | nindent 12 }} diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml index f1d9ab5e..0a91b0ac 100644 --- a/charts/argocd-notifications/templates/deployment.yaml +++ b/charts/argocd-notifications/templates/deployment.yaml @@ -34,7 +34,7 @@ spec: {{- end }} containers: - name: {{ include "argocd-notifications.name" . }}-controller - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + image: "{{ .Values.image.repository }}:{{ default .Chart.AppVersion .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index 554bedc1..f3d32c66 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -1,41 +1,50 @@ +# -- Assign custom [affinity] rules affinity: {} -# ArgoCD dashboard url; used in place of {{.context.argocdUrl}} in templates +# -- ArgoCD dashboard url; used in place of {{.context.argocdUrl}} in templates argocdUrl: +# -- String to partially override "argocd-notifications.fullname" template fullnameOverride: "" image: + # -- Repository to use for the controller repository: argoprojlabs/argocd-notifications - tag: v1.1.1 + # -- Overrides the image tag whose default is the chart appVersion + tag: "" + # -- Image pull policy for the controller pullPolicy: IfNotPresent +# -- Secrets with credentials to pull images from a private registry imagePullSecrets: [] +# -- String to partially override "argocd-notifications.fullname" template nameOverride: "argocd-notifications" +# -- [Node selector] nodeSelector: {} +# -- The deployment strategy to use to replace existing pods with new ones updateStrategy: type: Recreate -context: - # Add custom values into context - # region: east - # environmentName: staging +# -- Define user-defined context +## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/#defining-user-defined-context +context: {} + # region: east + # environmentName: staging secret: - # Whether helm chart creates controller secret + # -- Whether helm chart creates controller secret create: true - # key:value pairs to be added to the secret + # -- key:value pairs of annotations to be added to the secret annotations: {} - items: - # Generic key:value pairs to be inserted into the secret - # Can be used for templates, notification services etc. Some examples given below. - # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ - + # -- Generic key:value pairs to be inserted into the secret + ## Can be used for templates, notification services etc. Some examples given below. + ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ + items: {} # slack-token: # # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/slack/ @@ -48,43 +57,55 @@ secret: # email-password: # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ +# -- Set the logging level. (One of: `debug`, `info`, `warn`, `error`) logLevel: info +# -- Extra arguments to provide to the controller extraArgs: [] metrics: + # -- Enables prometheus metrics server enabled: false + # -- Metrics port port: 9001 service: + # -- Metrics service annotations annotations: {} + # -- Metrics service labels labels: {} serviceMonitor: + # -- Enable a prometheus ServiceMonitor enabled: false + # -- Prometheus ServiceMonitor labels additionalLabels: {} # namespace: monitoring # interval: 30s # scrapeTimeout: 10s -# Additional container environment variables +# -- Additional container environment variables extraEnv: [] +# -- Configures notification services +# @default -- See [values.yaml] +## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ notifiers: -# For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ - service.slack: | token: $slack-token +# -- Annotations to be applied to the controller Pods podAnnotations: {} +# -- Labels to be applied to the controller Pods podLabels: {} -## Pod Security Context +# -- Pod Security Context securityContext: runAsNonRoot: true -## Container Security Context +# -- Container Security Context containerSecurityContext: {} +# -- Resource limits and requests for the controller resources: {} # limits: # cpu: 100m @@ -94,22 +115,23 @@ resources: {} # memory: 128Mi serviceAccount: - # Specifies whether a service account should be created + # -- Specifies whether a service account should be created create: true - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template + # -- The name of the service account to use. + ## If not set and create is true, a name is generated using the fullname template name: argocd-notifications-controller + # -- Annotations applied to created service account annotations: {} cm: - # Whether helm chart creates controller config map + # -- Whether helm chart creates controller config map create: true -subscriptions: - # For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ - +# -- Contains centrally managed global application subscriptions +## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ +subscriptions: {} # # subscription for on-sync-status-unknown trigger notifications # - recipients: # - slack:test2 @@ -123,9 +145,9 @@ subscriptions: # triggers: # - on-sync-status-unknown -templates: - # For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/ - +# -- The notification template is used to generate the notification content +## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/ +templates: {} # template.app-deployed: | # email: # subject: New version of an application {{.app.metadata.name}} is up and running. @@ -314,12 +336,12 @@ templates: # slack: # attachments: "[{\n \"title\": \"{{ .app.metadata.name}}\",\n \"title_link\":\"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}\",\n \"color\": \"#18be52\",\n \"fields\": [\n {\n \"title\": \"Sync Status\",\n \"value\": \"{{.app.status.sync.status}}\",\n \"short\": true\n },\n {\n \"title\": \"Repository\",\n \"value\": \"{{.app.spec.source.repoURL}}\",\n \"short\": true\n }\n {{range $index, $c := .app.status.conditions}}\n {{if not $index}},{{end}}\n {{if $index}},{{end}}\n {\n \"title\": \"{{$c.type}}\",\n \"value\": \"{{$c.message}}\",\n \"short\": true\n }\n {{end}}\n ]\n}] " - +# -- [Tolerations] for use with node taints tolerations: [] -triggers: - # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/ - +# -- The trigger defines the condition when the notification should be sent +## For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/ +triggers: {} # trigger.on-deployed: | # - description: Application is synced and healthy. Triggered once per commit. # oncePer: app.status.sync.revision @@ -356,37 +378,49 @@ triggers: # defaultTriggers: | # - on-sync-status-unknown +## The optional bot component simplifies managing subscriptions +## For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ bots: - # For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ slack: - # You have to set secret.notifiers.slack.signingSecret + # -- Enable slack bot + ## You have to set secret.notifiers.slack.signingSecret enabled: false + # -- The deployment strategy to use to replace existing pods with new ones updateStrategy: type: Recreate image: + # -- Repository to use for the Slack bot repository: argoprojlabs/argocd-notifications - tag: v1.1.1 + # -- Overrides the image tag whose default is the chart appVersion + tag: "" + # -- Image pull policy for the Slack bot pullPolicy: IfNotPresent + # -- Secrets with credentials to pull images from a private registry imagePullSecrets: [] service: + # -- Service annotations for Slack bot annotations: {} + # -- Service port for Slack bot port: 80 + # -- Service type for Slack bot type: LoadBalancer serviceAccount: - # Specifies whether a service account should be created + # -- Specifies whether a service account should be created create: true - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template + # -- The name of the service account to use. + ## If not set and create is true, a name is generated using the fullname template name: argocd-notifications-bot + # -- Annotations applied to created service account annotations: {} + # -- Resource limits and requests for the Slack bot resources: {} # limits: # cpu: 100m @@ -395,8 +429,11 @@ bots: # cpu: 100m # memory: 128Mi + # -- Assign custom [affinity] rules affinity: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- [Node selector] nodeSelector: {} From 12e25a37f939bf2d1ca30748cbf2868a7d7b7e33 Mon Sep 17 00:00:00 2001 From: Donovan Muller Date: Mon, 15 Nov 2021 09:02:03 +0200 Subject: [PATCH 0126/1248] fix(argo-rollouts): Update ClusterRole with new rules (#993) Signed-off-by: Donovan Muller --- charts/argo-rollouts/Chart.yaml | 4 +-- .../templates/controller/clusterrole.yaml | 32 +++++++++++++++++-- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6a0841b3..1e0976fd 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.4.0 +version: 2.5.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Support for extraContainers for controller deployment" + - "[Added]: Updated ClusterRole with new rules" diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index fdd0f2b0..18318e44 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -56,6 +56,7 @@ rules: - update - patch - delete +# deployments and podtemplates read access needed for workload reference support - apiGroups: - "" - apps @@ -67,6 +68,7 @@ rules: - list - watch # services patch needed to update selector of canary/stable/active/preview services +# services create needed to create services for experiments - apiGroups: - "" resources: @@ -76,8 +78,17 @@ rules: - list - watch - patch + - create +# leases create/get/update needed for leader election +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update # secret read access to run analysis templates which reference secrets -# configmap access to read notification-engine configuration - apiGroups: - "" resources: @@ -136,7 +147,7 @@ rules: - update - patch - delete -# virtualservice access needed for using the Istio provider +# virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io resources: @@ -159,10 +170,13 @@ rules: - get - update - patch +# ambassador access needed for Ambassador provider - apiGroups: - getambassador.io + - x.getambassador.io resources: - mappings + - ambassadormappings verbs: - create - watch @@ -170,4 +184,18 @@ rules: - update - list - delete +# Endpoints and TargetGroupBindings needed for ALB target group verification +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get +- apiGroups: + - elbv2.k8s.aws + resources: + - targetgroupbindings + verbs: + - list + - get {{- end }} From 3e8463d1c5b90a94b9f532cd47b5ceb22f4e136b Mon Sep 17 00:00:00 2001 From: Niels ten Boom Date: Mon, 15 Nov 2021 23:19:03 +0000 Subject: [PATCH 0127/1248] feat(argocd-image-updater): Add ability to mount authentication scripts (#987) --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 4 +++- .../templates/configmap-authscripts.yaml | 10 +++++++++ .../templates/deployment.yaml | 10 +++++++++ charts/argocd-image-updater/values.yaml | 21 +++++++++++++++++++ 5 files changed, 46 insertions(+), 3 deletions(-) create mode 100644 charts/argocd-image-updater/templates/configmap-authscripts.yaml diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index ee806cd6..c1f4cdd1 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.3.0 +version: 0.4.0 appVersion: v0.10.1 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Ability to expose metrics and deploy a Prometheus ServiceMonitor" + - "[Added]: Ability to mount authentication scripts" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 8068d285..1def76d8 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -51,7 +51,7 @@ ArgoCD Image Updater natively supports the following registries (as mentioned in - GitHub Container Registry - GitHub Docker Packages -If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. +If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. @@ -60,6 +60,8 @@ The `config.registries` value can be used exactly as it looks in the documentati | Key | Type | Default | Description | |-----|------|---------|-------------| | affinity | object | `{}` | Kubernetes affinity settings for the deployment | +| authScripts.enabled | bool | `false` | Whether to mount the defined scripts that can be used to authenticate with a registry, the scripts will be mounted at `/scripts` | +| authScripts.scripts | object | `{}` | Map of key-value pairs where the key consists of the name of the script and the value the contents | | config.argocd.grpcWeb | bool | `true` | Use the gRPC-web protocol to connect to the Argo CD API | | config.argocd.insecure | bool | `false` | If specified, the certificate of the Argo CD API server is not verified. | | config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. | diff --git a/charts/argocd-image-updater/templates/configmap-authscripts.yaml b/charts/argocd-image-updater/templates/configmap-authscripts.yaml new file mode 100644 index 00000000..fe834149 --- /dev/null +++ b/charts/argocd-image-updater/templates/configmap-authscripts.yaml @@ -0,0 +1,10 @@ +{{- if .Values.authScripts.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + name: argocd-image-updater-authscripts +data: + {{- toYaml .Values.authScripts.scripts | nindent 2}} +{{- end }} diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 8b1b2581..b503444d 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -84,6 +84,10 @@ spec: name: registries-conf - mountPath: /tmp name: tmp-dir + {{- if .Values.authScripts.enabled }} + - mountPath: /scripts + name: authscripts + {{- end }} volumes: - configMap: items: @@ -91,6 +95,12 @@ spec: path: registries.conf name: argocd-image-updater-config name: registries-conf + {{- if .Values.authScripts.enabled }} + - configMap: + defaultMode: 0777 + name: argocd-image-updater-authscripts + name: authscripts + {{- end }} - emptyDir: {} name: tmp-dir {{- with .Values.nodeSelector }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 28ac7011..fdda9232 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -71,6 +71,27 @@ config: # ping: no # prefix: quay.io # credentials: env:REGISTRY_SECRET + # - name: ECR + # api_url: https://123456789.dkr.ecr.eu-west-1.amazonaws.com + # prefix: 123456789.dkr.ecr.eu-west-1.amazonaws.com + # ping: yes + # insecure: no + # credentials: ext:/scripts/auth1.sh + # credsexpire: 10h + +# whether to mount authentication scripts, if enabled, the authentication scripts will be mounted on /scripts that can be used to authenticate with registries (ECR) +# refer to https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/#specifying-credentials-for-accessing-container-registries for more info +authScripts: + # -- Whether to mount the defined scripts that can be used to authenticate with a registry, the scripts will be mounted at `/scripts` + enabled: false + # -- Map of key-value pairs where the key consists of the name of the script and the value the contents + scripts: {} + # auth1.sh: | + # #!/bin/sh + # echo "auth script 1 here" + # auth2.sh: | + # #!/bin/sh + # echo "auth script 2 here" serviceAccount: # -- Specifies whether a service account should be created From 27aa2a9ad02cd29de35f8130bea592f2723d745a Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Zaib Date: Wed, 17 Nov 2021 08:42:35 +0100 Subject: [PATCH 0128/1248] fix(argo-cd): Update github SSH key fingerprint (#1018) Signed-off-by: Muhammad Hamza Zaib --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index faf1fc48..d6765975 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.6 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.8 +version: 3.26.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Signature keys for GPG in additionalProjects" + - "[Changed]: Update github ssh key fingerprint" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4082489c..0940623f 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1484,6 +1484,8 @@ configs: # @default -- See [values.yaml] ssh_known_hosts: | bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf From 26d0a54345c8b80e60e63cf08dd6723b35098db5 Mon Sep 17 00:00:00 2001 From: Niels ten Boom Date: Wed, 17 Nov 2021 09:50:29 +0000 Subject: [PATCH 0129/1248] fix(argocd-image-updater): Bump application version (#1017) --- charts/argocd-image-updater/Chart.yaml | 6 +++--- charts/argocd-image-updater/README.md | 2 +- charts/argocd-image-updater/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index c1f4cdd1..d9ca894a 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.4.0 -appVersion: v0.10.1 +version: 0.4.1 +appVersion: v0.10.3 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Ability to mount authentication scripts" + - "[Changed]: Bumped application version to v0.10.3" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 1def76d8..ee5f8f52 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -73,7 +73,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | | image.pullPolicy | string | `"Always"` | Default image pull policy | | image.repository | string | `"argoprojlabs/argocd-image-updater"` | Default image repository | -| image.tag | string | `"v0.10.1"` | Default image tag | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | | imagePullSecrets | list | `[]` | ImagePullSecrets for the image updater deployment | | metrics.enabled | bool | `false` | Deploy metrics service | | metrics.service.annotations | object | `{}` | Metrics service annotations | diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index fdda9232..b511a35c 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -5,8 +5,8 @@ image: repository: argoprojlabs/argocd-image-updater # -- Default image pull policy pullPolicy: Always - # -- Default image tag - tag: v0.10.1 + # -- Overrides the image tag whose default is the chart appVersion + tag: "" # -- ImagePullSecrets for the image updater deployment imagePullSecrets: [] From 46eb042763eb680d30ad4d90215129cac2d0acd2 Mon Sep 17 00:00:00 2001 From: Tuan Anh Tran Date: Sat, 20 Nov 2021 04:35:13 +0700 Subject: [PATCH 0130/1248] docs(argo-workflows): Use helm docs for workflows (#1003) * Use helm-docs for argo-workflows Signed-off-by: Tuan Anh Tran * bump version and update changelog Signed-off-by: Tuan Anh Tran * ci: add step to check if docs is staled and needs update Signed-off-by: Tuan Anh Tran * docs: run helm-docs to generate readme Signed-off-by: Tuan Anh Tran * Add missing parameter documentation Signed-off-by: Marco Kilchhofer * Add .helmdocsignore for charts which not yet use helm-docs Signed-off-by: Marco Kilchhofer * Do not exclude argocd-notifications anymore Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 6 + .helmdocsignore | 2 + charts/argo-workflows/Chart.yaml | 4 +- charts/argo-workflows/README.md | 164 +++++++++++++ charts/argo-workflows/README.md.gotmpl | 120 ++++++++++ charts/argo-workflows/values.yaml | 306 ++++++++++++++++--------- 6 files changed, 492 insertions(+), 110 deletions(-) create mode 100644 .helmdocsignore create mode 100644 charts/argo-workflows/README.md.gotmpl diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 6dee7c2b..7dd576cf 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -35,6 +35,12 @@ jobs: fi - name: Run chart-testing (lint) run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml + + - name: Run docs-testing (helm-docs) + uses: buttahtoast/helm-release-action@v2.0.1 + with: + charts: "${{ steps.list-changed.outputs.changed_charts }}" + if: steps.list-changed.outputs.changed == 'true' - name: Create kind cluster uses: helm/kind-action@v1.2.0 diff --git a/.helmdocsignore b/.helmdocsignore new file mode 100644 index 00000000..a02fad29 --- /dev/null +++ b/.helmdocsignore @@ -0,0 +1,2 @@ +charts/argo-events +charts/argo-rollouts diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 43dc0644..8ac087e5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.8.1 +version: 0.8.2 appVersion: v3.2.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Restore RBAC permissions and clarify namespace settings." + - "[Changed]: Use helm-docs to generate README.md" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d580d9f3..098bad79 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -31,6 +31,162 @@ Fields to note: workflow controller will manage workflows. Only valid when `singleNamespace` is false. +### General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template | +| images.pullPolicy | string | `"Always"` | imagePullPolicy to apply to all containers | +| images.pullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | +| nameOverride | string | `nil` | String to partially override "argo-workflows.fullname" template | +| singleNamespace | bool | `false` | Restrict Argo to operate only in a single namespace (the namespace of the Helm release) by apply Roles and RoleBindings instead of the Cluster equivalents, and start workflow-controller with the --namespaced flag. Use it in clusters with strict access policy. | + +### Workflow + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| workflow.namespace | string | `nil` | Deprecated; use controller.workflowNamespaces instead. | +| workflow.rbac.create | bool | `true` | Adds Role and RoleBinding for the above specified service account to be able to run workflows. A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) | +| workflow.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | +| workflow.serviceAccount.name | string | `"argo-workflow"` | Service account which is used to run workflows | + +### Workflow Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| controller.affinity | object | `{}` | Assign custom [affinity] rules | +| controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | +| controller.containerRuntimeExecutor | string | `"docker"` | Specifies the container runtime interface to use (one of: `docker`, `kubelet`, `k8sapi`, `pns`, `emissary`) | +| controller.containerRuntimeExecutors | list | `[]` | Specifies the executor to use. This has precedence over `controller.containerRuntimeExecutor`. | +| controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | +| controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | +| controller.extraEnv | list | `[]` | Extra environment variables to provide to the controller container | +| controller.image.registry | string | `"quay.io"` | Registry to use for the controller | +| controller.image.repository | string | `"argoproj/workflow-controller"` | Registry to use for the controller | +| controller.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| controller.initialDelay | string | `nil` | Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 | +| controller.instanceID.enabled | bool | `false` | Configures the controller to filter workflow submissions to only those which have a matching instanceID attribute. | +| controller.instanceID.explicitID | string | `""` | Use a custom instanceID | +| controller.instanceID.useReleaseName | bool | `false` | Use ReleaseName as instanceID | +| controller.links | list | `[]` | Configure Argo Server to show custom [links] | +| controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | +| controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | +| controller.logging.globallevel | string | `"0"` | Set the glog logging level | +| controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | +| controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | +| controller.metricsConfig.path | string | `"/metrics"` | Path is the path where metrics are emitted. Must start with a "/". | +| controller.metricsConfig.port | int | `9090` | Port is the port where metrics are emitted | +| controller.metricsConfig.portName | string | `"metrics"` | Container metrics port name | +| controller.metricsConfig.servicePort | int | `8080` | Service metrics port | +| controller.metricsConfig.servicePortName | string | `"metrics"` | Service metrics port name | +| controller.name | string | `"workflow-controller"` | Workflow controller name string | +| controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace | +| controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | +| controller.parallelism | string | `nil` | parallelism dictates how many workflows can be running at the same time | +| controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | +| controller.persistence | object | `{}` | enable persistence using postgres | +| controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | +| controller.podLabels | object | `{}` | Optional labels to add to the controller pods | +| controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | +| controller.podWorkers | string | `nil` | Number of pod workers | +| controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | +| controller.replicas | int | `1` | The number of controller pods to run | +| controller.resources | object | `{}` | Resource limits and requests for the controller | +| controller.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | the controller container's securityContext | +| controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| controller.serviceAccount.create | bool | `true` | Create a service account for the controller | +| controller.serviceAccount.name | string | `""` | Service account name | +| controller.serviceAnnotations | object | `{}` | Annotations to be applied to the controller Service | +| controller.serviceLabels | object | `{}` | Optional labels to add to the controller Service | +| controller.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| controller.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.serviceType | string | `"ClusterIP"` | Service type of the controller Service | +| controller.telemetryConfig.enabled | bool | `false` | Enables prometheus telemetry server | +| controller.telemetryConfig.path | string | `"/telemetry"` | telemetry path | +| controller.telemetryConfig.port | int | `8081` | telemetry container port | +| controller.telemetryConfig.servicePort | int | `8081` | telemetry service port | +| controller.telemetryConfig.servicePortName | string | `"telemetry"` | telemetry service port name | +| controller.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.workflowDefaults | object | `{}` | Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. Only valid for 2.7+ | +| controller.workflowNamespaces | list | `["default"]` | Specify all namespaces where this workflow controller instance will manage workflows. This controls where the service account and RBAC resources will be created. Only valid when singleNamespace is false. | +| controller.workflowRestrictions | object | `{}` | Restricts the Workflows that the controller will process. Only valid for 2.9+ | +| controller.workflowWorkers | string | `nil` | Number of workflow workers | + +### Workflow Executor + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| executor.env | object | `{}` | Adds environment variables for the executor. | +| executor.image.registry | string | `"quay.io"` | Registry to use for the Workflow Executors | +| executor.image.repository | string | `"argoproj/argoexec"` | Repository to use for the Workflow Executors | +| executor.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| executor.resources | object | `{}` | Resource limits and requests for the Workflow Executors | +| executor.securityContext | object | `{}` | sets security context for the executor container | + +### Workflow Server + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| server.affinity | object | `{}` | Assign custom [affinity] rules | +| server.baseHref | string | `"/"` | Value for base href in index.html. Used if the server is running behind reverse proxy under subpath different from /. | +| server.clusterWorkflowTemplates.enableEditing | bool | `true` | Give the server permissions to edit ClusterWorkflowTemplates. | +| server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. | +| server.enabled | bool | `true` | Deploy the Argo Server | +| server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary. | +| server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | +| server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | +| server.image.registry | string | `"quay.io"` | Registry to use for the server | +| server.image.repository | string | `"argoproj/argocli"` | Repository to use for the server | +| server.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| server.ingress.annotations | object | `{}` | Additional ingress annotations | +| server.ingress.enabled | bool | `false` | Enable an ingress resource | +| server.ingress.extraPaths | list | `[]` | Additional ingress paths | +| server.ingress.hosts | list | `[]` | List of ingress hosts | +| server.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | +| server.ingress.labels | object | `{}` | Additional ingress labels | +| server.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | +| server.ingress.paths | list | `["/"]` | List of ingress paths | +| server.ingress.tls | list | `[]` | Ingress TLS configuration | +| server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` | +| server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | +| server.name | string | `"server"` | Server name string | +| server.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | +| server.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the server pods | +| server.podAnnotations | object | `{}` | optional map of annotations to be applied to the ui Pods | +| server.podLabels | object | `{}` | Optional labels to add to the UI pods | +| server.podSecurityContext | object | `{}` | SecurityContext to set on the server pods | +| server.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages | +| server.replicas | int | `1` | The number of server pods to run | +| server.resources | object | `{}` | Resource limits and requests for the server | +| server.secure | bool | `false` | Run the argo server in "secure" mode. Configure this value instead of `--secure` in extraArgs. | +| server.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsNonRoot":true}` | Servers container-level security context | +| server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| server.serviceAccount.create | bool | `true` | Create a service account for the server | +| server.serviceAccount.name | string | `""` | Service account name | +| server.serviceAnnotations | object | `{}` | Annotations to be applied to the UI Service | +| server.serviceLabels | object | `{}` | Optional labels to add to the UI Service | +| server.serviceNodePort | string | `nil` | Service node port | +| server.servicePort | int | `2746` | Service port for server | +| server.servicePortName | string | `""` | Service port name | +| server.serviceType | string | `"ClusterIP"` | Service type for server pods | +| server.sso | object | `{}` | SSO configuration when SSO is specified as a server auth mode. | +| server.tolerations | list | `[]` | [Tolerations] for use with node taints | +| server.volumeMounts | list | `[]` | Additional volume mounts to the server main container. | +| server.volumes | list | `[]` | Additional volumes to the server pod. | + +### Artifact Repository + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| artifactRepository.archiveLogs | bool | `false` | Archive the main container logs as an artifact | +| artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | +| artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | +| useDefaultArtifactRepo | bool | `false` | Influences the creation of the ConfigMap for the workflow-controller itself. | +| useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | + ## Breaking changes from the deprecated `argo` chart 1. the `installCRD` value has been removed. CRDs are now only installed from the conventional crds/ directory @@ -50,3 +206,11 @@ Fields to note: 1. removed any included usage of Minio 1. aligned the configuration of serviceAccounts with the argo-cd chart, ie: what used to be `server.createServiceAccount` is now `server.serviceAccount.create` 1. moved the previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[links]: https://argoproj.github.io/argo-workflows/links/ +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ +[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[values.yaml]: values.yaml diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl new file mode 100644 index 00000000..65d3368e --- /dev/null +++ b/charts/argo-workflows/README.md.gotmpl @@ -0,0 +1,120 @@ +# Argo Workflows Chart + +This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). + +If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo-workflows), you should deploy it in the `kube-system` namespace. + +## Pre-Requisites + +This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to do create these. + +A few options are: + +- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec +- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions + +## Usage Notes + +This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. + +## Values + +The `values.yaml` contains items used to tweak a deployment of this chart. +Fields to note: + +- `controller.instanceID.enabled`: If set to true, the Argo Controller will **ONLY** monitor Workflow submissions with a `--instanceid` attribute +- `controller.instanceID.useReleaseName`: If set to true then chart set controller instance id to release name +- `controller.instanceID.explicitID`: Allows customization of an instance id for the workflow controller to monitor +- `singleNamespace`: When true, restricts the workflow controller to operate + in just the single namespace (that one of the Helm release). +- `controller.workflowNamespaces`: This is a list of namespaces where the + workflow controller will manage workflows. Only valid when `singleNamespace` + is false. + +### General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if not (or (hasPrefix "workflow" .Key) (hasPrefix "controller" .Key) (hasPrefix "executor" .Key) (hasPrefix "server" .Key) (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) ) }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Workflow + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "workflow" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Workflow Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "controller" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Workflow Executor + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "executor" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Workflow Server + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "server" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Artifact Repository + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if or (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Breaking changes from the deprecated `argo` chart + +1. the `installCRD` value has been removed. CRDs are now only installed from the conventional crds/ directory +1. the CRDs were updated to `apiextensions.k8s.io/v1` +1. the container image registry/project/tag format was changed to be more in line with the more common + + ```yaml + image: + registry: quay.io + repository: argoproj/argocli + tag: v3.0.1 + ``` + + this also makes it easier for automatic update tooling (eg. renovate bot) to detect and update images. + +1. switched to quay.io as the default registry for all images +1. removed any included usage of Minio +1. aligned the configuration of serviceAccounts with the argo-cd chart, ie: what used to be `server.createServiceAccount` is now `server.serviceAccount.create` +1. moved the previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[links]: https://argoproj.github.io/argo-workflows/links/ +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ +[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[values.yaml]: values.yaml diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 625961f4..bf336a4e 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -1,68 +1,79 @@ images: - # imagePullPolicy to apply to all containers + # -- imagePullPolicy to apply to all containers pullPolicy: Always - # Secrets with credentials to pull images from a private registry + # -- Secrets with credentials to pull images from a private registry pullSecrets: [] # - name: argo-pull-secret +# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds +## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: true -## String to partially override "argo-workflows.fullname" template -## +# -- String to partially override "argo-workflows.fullname" template nameOverride: -## String to fully override "argo-workflows.fullname" template -## +# -- String to fully override "argo-workflows.fullname" template fullnameOverride: -## Override the Kubernetes version, which is used to evaluate certain manifests -## +# -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" -# Restrict Argo to operate only in a single namespace (the namespace of the +# -- Restrict Argo to operate only in a single namespace (the namespace of the # Helm release) by apply Roles and RoleBindings instead of the Cluster # equivalents, and start workflow-controller with the --namespaced flag. Use it # in clusters with strict access policy. singleNamespace: false workflow: - namespace: # Deprecated; use controller.workflowNamespaces instead. + # -- Deprecated; use controller.workflowNamespaces instead. + namespace: serviceAccount: - create: false # Specifies whether a service account should be created + # -- Specifies whether a service account should be created + create: false + # -- Annotations applied to created service account annotations: {} - name: "argo-workflow" # Service account which is used to run workflows + # -- Service account which is used to run workflows + name: "argo-workflow" rbac: - # Adds Role and RoleBinding for the above specified service account to be able to run workflows + # -- Adds Role and RoleBinding for the above specified service account to be able to run workflows. # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) create: true controller: image: + # -- Registry to use for the controller registry: quay.io + # -- Registry to use for the controller repository: argoproj/workflow-controller - # Overrides the image tag whose default is the chart appVersion. + # -- Overrides the image tag whose default is the chart appVersion. tag: "" - # parallelism dictates how many workflows can be running at the same time + # -- parallelism dictates how many workflows can be running at the same time parallelism: - # Limits the maximum number of incomplete workflows in a namespace + # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: - # Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 + # -- Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 initialDelay: - # podAnnotations is an optional map of annotations to be applied to the controller Pods + # -- podAnnotations is an optional map of annotations to be applied to the controller Pods podAnnotations: {} - # Optional labels to add to the controller pods + # -- Optional labels to add to the controller pods podLabels: {} - # SecurityContext to set on the controller pods + # -- SecurityContext to set on the controller pods podSecurityContext: {} # podPortName: http metricsConfig: + # -- Enables prometheus metrics server enabled: false + # -- Path is the path where metrics are emitted. Must start with a "/". path: /metrics + # -- Port is the port where metrics are emitted port: 9090 + # -- Container metrics port name portName: metrics + # -- Service metrics port servicePort: 8080 + # -- Service metrics port name servicePortName: metrics - # the controller container's securityContext + # -- the controller container's securityContext securityContext: readOnlyRootFilesystem: true runAsNonRoot: true @@ -70,6 +81,7 @@ controller: capabilities: drop: - ALL + # -- enable persistence using postgres persistence: {} # connectionPool: # maxIdleConns: 100 @@ -90,132 +102,185 @@ controller: # passwordSecret: # name: argo-postgres-config # key: password - workflowDefaults: {} # Only valid for 2.7+ + + # -- Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. + # Only valid for 2.7+ + ## See more: https://argoproj.github.io/argo-workflows/default-workflow-specs/ + workflowDefaults: {} # spec: # ttlStrategy: # secondsAfterCompletion: 84600 - # workflowWorkers: 32 - # podWorkers: 32 - workflowRestrictions: {} # Only valid for 2.9+ - # templateReferencing: Strict|Secure + + # -- Number of workflow workers + workflowWorkers: # 32 + # -- Number of pod workers + podWorkers: # 32 + # -- Restricts the Workflows that the controller will process. + # Only valid for 2.9+ + workflowRestrictions: {} + # templateReferencing: Strict|Secure + + # telemetryConfig controls the path and port for prometheus telemetry. Telemetry is enabled and emitted in the same endpoint + # as metrics by default, but can be overridden using this config. telemetryConfig: + # -- Enables prometheus telemetry server enabled: false + # -- telemetry path path: /telemetry + # -- telemetry container port port: 8081 + # -- telemetry service port servicePort: 8081 + # -- telemetry service port name servicePortName: telemetry serviceMonitor: + # -- Enable a prometheus ServiceMonitor enabled: false + # -- Prometheus ServiceMonitor labels additionalLabels: {} serviceAccount: + # -- Create a service account for the controller create: true + # -- Service account name name: "" - # Annotations applied to created service account + # -- Annotations applied to created service account annotations: {} + + # -- Workflow controller name string name: workflow-controller - # Specify all namespaces where this workflow controller instance will manage + + # -- Specify all namespaces where this workflow controller instance will manage # workflows. This controls where the service account and RBAC resources will # be created. Only valid when singleNamespace is false. workflowNamespaces: - default + + # -- Specifies the container runtime interface to use (one of: `docker`, `kubelet`, `k8sapi`, `pns`, `emissary`) + ## Ref: https://argoproj.github.io/argo-workflows/workflow-executors/ containerRuntimeExecutor: docker - # containerRuntimeExecutors: - # - name: emissary - # selector: - # matchLabels: - # workflows.argoproj.io/container-runtime-executor: emissary + # -- Specifies the executor to use. This has precedence over `controller.containerRuntimeExecutor`. + containerRuntimeExecutors: [] + # - name: emissary + # selector: + # matchLabels: + # workflows.argoproj.io/container-runtime-executor: emissary instanceID: - # `instanceID.enabled` configures the controller to filter workflow submissions + # -- Configures the controller to filter workflow submissions # to only those which have a matching instanceID attribute. + ## NOTE: If `instanceID.enabled` is set to `true` then either `instanceID.userReleaseName` + ## or `instanceID.explicitID` must be defined. enabled: false - # NOTE: If `instanceID.enabled` is set to `true` then either `instanceID.userReleaseName` - # or `instanceID.explicitID` must be defined. + # -- Use ReleaseName as instanceID + useReleaseName: false # useReleaseName: true + + # -- Use a custom instanceID + explicitID: "" # explicitID: unique-argo-controller-identifier + logging: + # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) level: info + # -- Set the glog logging level globallevel: "0" + + # -- Service type of the controller Service serviceType: ClusterIP - # Annotations to be applied to the controller Service + # -- Annotations to be applied to the controller Service serviceAnnotations: {} - # Optional labels to add to the controller Service + # -- Optional labels to add to the controller Service serviceLabels: {} - # Source ranges to allow access to service from. Only applies to - # service type `LoadBalancer` + # -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer` loadBalancerSourceRanges: [] + + # -- Resource limits and requests for the controller resources: {} + + # -- Configure liveness [probe] for the controller + # @default -- See [values.yaml] livenessProbe: httpGet: port: 6060 path: /healthz - # Require three failures to tolerate transient errors. failureThreshold: 3 initialDelaySeconds: 90 periodSeconds: 60 timeoutSeconds: 30 - ## Extra environment variables to provide to the controller container - ## extraEnv: - ## - name: FOO - ## value: "bar" + # -- Extra environment variables to provide to the controller container extraEnv: [] + # - name: FOO + # value: "bar" - # Extra arguments to be added to the controller + # -- Extra arguments to be added to the controller extraArgs: [] + # -- The number of controller pods to run replicas: 1 + pdb: + # -- Configure [Pod Disruption Budget] for the controller pods enabled: false # minAvailable: 1 # maxUnavailable: 1 - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## + + # -- [Node selector] nodeSelector: kubernetes.io/os: linux + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules affinity: {} - # Leverage a PriorityClass to ensure your pods survive resource shortages - # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ - # PriorityClass: system-cluster-critical + # -- Leverage a PriorityClass to ensure your pods survive resource shortages. + ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ priorityClassName: "" - # https://argoproj.github.io/argo-workflows/links/ + + # -- Configure Argo Server to show custom [links] + ## Ref: https://argoproj.github.io/argo-workflows/links/ links: [] clusterWorkflowTemplates: - # Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. + # -- Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. enabled: true - # Extra containers to be added to the controller deployment + # -- Extra containers to be added to the controller deployment extraContainers: [] # executor controls how the init and wait container should be customized executor: image: + # -- Registry to use for the Workflow Executors registry: quay.io + # -- Repository to use for the Workflow Executors repository: argoproj/argoexec - # Overrides the image tag whose default is the chart appVersion. + # -- Overrides the image tag whose default is the chart appVersion. tag: "" + # -- Resource limits and requests for the Workflow Executors resources: {} - # Adds environment variables for the executor. + # -- Adds environment variables for the executor. env: {} - # sets security context for the executor container + # -- sets security context for the executor container securityContext: {} server: + # -- Deploy the Argo Server enabled: true - # only updates base url of resources on client side, - # it's expected that a proxy server rewrites the request URL and gets rid of this prefix - # https://github.com/argoproj/argo-workflows/issues/716#issuecomment-433213190 + # -- Value for base href in index.html. Used if the server is running behind reverse proxy under subpath different from /. + ## only updates base url of resources on client side, + ## it's expected that a proxy server rewrites the request URL and gets rid of this prefix + ## https://github.com/argoproj/argo-workflows/issues/716#issuecomment-433213190 baseHref: / image: + # -- Registry to use for the server registry: quay.io + # -- Repository to use for the server repository: argoproj/argocli - # Overrides the image tag whose default is the chart appVersion. + # -- Overrides the image tag whose default is the chart appVersion. tag: "" - # optional map of annotations to be applied to the ui Pods + # -- optional map of annotations to be applied to the ui Pods podAnnotations: {} - # Optional labels to add to the UI pods + # -- Optional labels to add to the UI pods podLabels: {} - # SecurityContext to set on the server pods + # -- SecurityContext to set on the server pods podSecurityContext: {} + # -- Servers container-level security context securityContext: readOnlyRootFilesystem: false runAsNonRoot: true @@ -223,83 +288,101 @@ server: capabilities: drop: - ALL + # -- Server name string name: server + # -- Service type for server pods serviceType: ClusterIP + # -- Service port for server servicePort: 2746 - # serviceNodePort: 32746 - # servicePortName: http + # -- Service node port + serviceNodePort: # 32746 + # -- Service port name + servicePortName: "" # http + serviceAccount: + # -- Create a service account for the server create: true + # -- Service account name name: "" + # -- Annotations applied to created service account annotations: {} - # Annotations to be applied to the UI Service + + # -- Annotations to be applied to the UI Service serviceAnnotations: {} - # Optional labels to add to the UI Service + # -- Optional labels to add to the UI Service serviceLabels: {} - # Static IP address to assign to loadBalancer - # service type `LoadBalancer` + # -- Static IP address to assign to loadBalancer service type `LoadBalancer` loadBalancerIP: "" - # Source ranges to allow access to service from. Only applies to - # service type `LoadBalancer` + # -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer` loadBalancerSourceRanges: [] + # -- Resource limits and requests for the server resources: {} + # -- The number of server pods to run replicas: 1 pdb: + # -- Configure [Pod Disruption Budget] for the server pods enabled: false # minAvailable: 1 # maxUnavailable: 1 - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## + + # -- [Node selector] nodeSelector: kubernetes.io/os: linux + + # -- [Tolerations] for use with node taints tolerations: [] + + # -- Assign custom [affinity] rules affinity: {} - # Leverage a PriorityClass to ensure your pods survive resource shortages - # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ - # PriorityClass: system-cluster-critical + + # -- Leverage a PriorityClass to ensure your pods survive resource shortages + ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ priorityClassName: "" - # Run the argo server in "secure" mode. Configure this value instead of - # "--secure" in extraArgs. See the following documentation for more details - # on secure mode: - # https://argoproj.github.io/argo-workflows/tls/ + # -- Run the argo server in "secure" mode. Configure this value instead of `--secure` in extraArgs. + ## See the following documentation for more details on secure mode: + ## https://argoproj.github.io/argo-workflows/tls/ secure: false - ## Extra environment variables to provide to the argo-server container - ## extraEnv: - ## - name: FOO - ## value: "bar" + # -- Extra environment variables to provide to the argo-server container extraEnv: [] + # - name: FOO + # value: "bar" - # Extra arguments to provide to the Argo server binary. + # -- Extra arguments to provide to the Argo server binary. extraArgs: [] - ## Additional volumes to the server main container. + # -- Additional volume mounts to the server main container. volumeMounts: [] + # -- Additional volumes to the server pod. volumes: [] ## Ingress configuration. - ## ref: https://kubernetes.io/docs/user-guide/ingress/ - ## + # ref: https://kubernetes.io/docs/user-guide/ingress/ ingress: + # -- Enable an ingress resource enabled: false + # -- Additional ingress annotations annotations: {} + # -- Additional ingress labels labels: {} + # -- Defines which ingress controller will implement the resource ingressClassName: "" - ## Argo Workflows Server Ingress. + # -- List of ingress hosts ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace - ## - hosts: - [] + hosts: [] # - argoworkflows.example.com + + # -- List of ingress paths paths: - / + + # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix - extraPaths: - [] + # -- Additional ingress paths + extraPaths: [] # - path: /* # backend: # serviceName: ssl-redirect @@ -312,20 +395,21 @@ server: # name: ssl-redirect # port: # name: use-annotation - tls: - [] + + # -- Ingress TLS configuration + tls: [] # - secretName: argoworkflows-example-tls # hosts: # - argoworkflows.example.com - https: false clusterWorkflowTemplates: - # Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. + # -- Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. enabled: true - # Give the server permissions to edit ClusterWorkflowTemplates. + # -- Give the server permissions to edit ClusterWorkflowTemplates. enableEditing: true - sso: - ## SSO configuration when SSO is specified as a server auth mode. + + # -- SSO configuration when SSO is specified as a server auth mode. + sso: {} ## All the values are required. SSO is activated by adding --auth-mode=sso ## to the server command line. # @@ -353,15 +437,19 @@ server: ## decisions. # scopes: # - groups - # Extra containers to be added to the server deployment + + # -- Extra containers to be added to the server deployment extraContainers: [] -# Influences the creation of the ConfigMap for the workflow-controller itself. +# -- Influences the creation of the ConfigMap for the workflow-controller itself. useDefaultArtifactRepo: false +# -- Use static credentials for S3 (eg. when not using AWS IRSA) useStaticCredentials: true artifactRepository: - # archiveLogs will archive the main container logs as an artifact + # -- Archive the main container logs as an artifact archiveLogs: false + # -- Store artifact in a S3-compliant object store + # @default -- See [values.yaml] s3: # Note the `key` attribute is not the actual secret, it's the PATH to # the contents in the associated secret, as defined by the `name` attribute. @@ -377,7 +465,9 @@ artifactRepository: # region: # roleARN: # useSDKCreds: true - # gcs: + # -- Store artifact in a GCS object store + # @default -- `{}` (See [values.yaml]) + gcs: {} # bucket: -argo # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/" # serviceAccountKeySecret is a secret selector. From 4702907e8d22284bfd4879b6088bbac4c5bcc9fc Mon Sep 17 00:00:00 2001 From: smcavallo Date: Sun, 21 Nov 2021 07:48:17 -0500 Subject: [PATCH 0131/1248] feat(argo-cd): Upgrade argocd to v2.1.7 (#1024) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d6765975..5a2a8478 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.1.6 +appVersion: v2.1.7 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.9 +version: 3.26.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update github ssh key fingerprint" + - "[Changed]: Update to app version 2.1.7" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 153f12a6..77b4ae59 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -449,11 +449,11 @@ NAME: my-release | server.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | server.replicas | int | `1` | The number of server pods to run | | server.resources | object | `{}` | Resource limits and requests for the Argo CD server | -| server.route.enabled | bool | `false` | Enable an OpenShift Route for the Argo CD server | | server.route.annotations | object | `{}` | Openshift Route annotations | +| server.route.enabled | bool | `false` | Enable an OpenShift Route for the Argo CD server | | server.route.hostname | string | `""` | Hostname of OpenShift Route | -| server.route.termination_type | string | `"passthrough"` | Openshift Route termination type | -| server.route.termination_policy| string | `"None"` | Openshift Route termination policy | +| server.route.termination_policy | string | `"None"` | Termination policy of Openshift Route | +| server.route.termination_type | string | `"passthrough"` | Termination type of Openshift Route | | server.service.annotations | object | `{}` | Server service annotations | | server.service.externalIPs | list | `[]` | Server service external IPs | | server.service.externalTrafficPolicy | string | `""` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints | From bdb42a55cc285dee4201412113dfbd1a66c70391 Mon Sep 17 00:00:00 2001 From: 66li <37136076+66li@users.noreply.github.com> Date: Mon, 22 Nov 2021 02:58:58 +0800 Subject: [PATCH 0132/1248] feat(argo-workflows): Upgrade argo-workflows to v3.2.4 (#1030) --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8ac087e5..866975e6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.8.2 -appVersion: v3.2.0 +version: 0.8.3 +appVersion: v3.2.4 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Use helm-docs to generate README.md" + - "[Changed]: Update to app version v3.2.4" From aa418962922d5967aaebe7a7fb362fa21d1104e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Niklas=20J=C3=B6nsson?= Date: Mon, 22 Nov 2021 08:18:26 +0100 Subject: [PATCH 0133/1248] feat(argocd-image-updater): Add missing config map key for git commit-message-template (#986) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [v0.2.2] Add missing config map key for git commit-message-template Signed-off-by: Niklas Jönsson * Sync some other things from upstream manifests Signed-off-by: Marco Kilchhofer * Quote bools Signed-off-by: Marco Kilchhofer * fix: Rerun helm-docs Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 4 +- charts/argocd-image-updater/README.md | 7 ++- charts/argocd-image-updater/README.md.gotmpl | 2 +- .../templates/configmap.yaml | 23 +++++++ .../templates/deployment.yaml | 61 ++++++++++++++++--- charts/argocd-image-updater/values.yaml | 15 +++++ 6 files changed, 101 insertions(+), 11 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index d9ca894a..17601f76 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.4.1 +version: 0.4.2 appVersion: v0.10.3 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Bumped application version to v0.10.3" + - "[Fixed]: Added missing git-template-message key to deployment configMap" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index ee5f8f52..e1223139 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -61,11 +61,16 @@ The `config.registries` value can be used exactly as it looks in the documentati |-----|------|---------|-------------| | affinity | object | `{}` | Kubernetes affinity settings for the deployment | | authScripts.enabled | bool | `false` | Whether to mount the defined scripts that can be used to authenticate with a registry, the scripts will be mounted at `/scripts` | -| authScripts.scripts | object | `{}` | Map of key-value pairs where the key consists of the name of the script and the value the contents | +| authScripts.scripts | object | `{}` | Map of key-value pairs where the key consists of the name of the script and the value the contents | +| config.applicationsAPIKind | string | `""` | API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`) | | config.argocd.grpcWeb | bool | `true` | Use the gRPC-web protocol to connect to the Argo CD API | | config.argocd.insecure | bool | `false` | If specified, the certificate of the Argo CD API server is not verified. | | config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. | | config.argocd.serverAddress | string | `""` | Connect to the Argo CD API server at server address | +| config.disableKubeEvents | bool | `false` | Disable kubernetes events | +| config.gitCommitMail | string | `""` | E-Mail address to use for Git commits | +| config.gitCommitTemplate | string | `""` | Changing the Git commit message | +| config.gitCommitUser | string | `""` | Username to use for Git commits | | config.logLevel | string | `"info"` | ArgoCD Image Update log level | | config.registries | list | `[]` | ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | diff --git a/charts/argocd-image-updater/README.md.gotmpl b/charts/argocd-image-updater/README.md.gotmpl index da81914b..afefdafe 100644 --- a/charts/argocd-image-updater/README.md.gotmpl +++ b/charts/argocd-image-updater/README.md.gotmpl @@ -51,7 +51,7 @@ ArgoCD Image Updater natively supports the following registries (as mentioned in - GitHub Container Registry - GitHub Docker Packages -If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. +If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml index dab468a2..0e0b6cfc 100644 --- a/charts/argocd-image-updater/templates/configmap.yaml +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -6,6 +6,29 @@ metadata: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-config data: + {{- with .Values.config.applicationsAPIKind }} + applications_api: {{ . }} + {{- end }} + argocd.grpc_web: {{ .Values.config.argocd.grpcWeb | quote }} + {{- with .Values.config.argocd.serverAddress }} + argocd.server_addr: {{ . }} + {{- end }} + argocd.insecure: {{ .Values.config.argocd.insecure | quote }} + argocd.plaintext: {{ .Values.config.argocd.plaintext | quote }} + {{- with .Values.config.logLevel }} + log.level: {{ . }} + {{- end }} + {{- with .Values.config.gitCommitUser }} + git.user: {{ . }} + {{- end }} + {{- with .Values.config.gitCommitMail }} + git.email: {{ . }} + {{- end }} + {{- with .Values.config.gitCommitTemplate }} + git.commit-message-template: | + {{- nindent 4 . }} + {{- end }} + kube.events: {{ .Values.config.disableKubeEvents | quote }} registries.conf: | {{- with .Values.config.registries }} registries: diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index b503444d..d975747d 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -35,14 +35,36 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} env: + - name: APPLICATIONS_API + valueFrom: + configMapKeyRef: + key: applications_api + name: argocd-image-updater-config + optional: true - name: ARGOCD_GRPC_WEB - value: {{ .Values.config.argocd.grpcWeb | quote }} + valueFrom: + configMapKeyRef: + key: argocd.grpc_web + name: argocd-image-updater-config + optional: true - name: ARGOCD_SERVER - value: {{ .Values.config.argocd.serverAddress }} + valueFrom: + configMapKeyRef: + key: argocd.server_addr + name: argocd-image-updater-config + optional: true - name: ARGOCD_INSECURE - value: {{ .Values.config.argocd.insecure | quote }} + valueFrom: + configMapKeyRef: + key: argocd.insecure + name: argocd-image-updater-config + optional: true - name: ARGOCD_PLAINTEXT - value: {{ .Values.config.argocd.plaintext | quote }} + valueFrom: + configMapKeyRef: + key: argocd.plaintext + name: argocd-image-updater-config + optional: true - name: ARGOCD_TOKEN valueFrom: secretKeyRef: @@ -50,7 +72,29 @@ spec: name: argocd-image-updater-secret optional: true - name: IMAGE_UPDATER_LOGLEVEL - value: {{ .Values.config.logLevel }} + valueFrom: + configMapKeyRef: + key: log.level + name: argocd-image-updater-config + optional: true + - name: GIT_COMMIT_USER + valueFrom: + configMapKeyRef: + key: git.user + name: argocd-image-updater-config + optional: true + - name: GIT_COMMIT_EMAIL + valueFrom: + configMapKeyRef: + key: git.email + name: argocd-image-updater-config + optional: true + - name: IMAGE_UPDATER_KUBE_EVENTS + valueFrom: + configMapKeyRef: + key: kube.events + name: argocd-image-updater-config + optional: true {{- with .Values.extraEnv }} {{- toYaml . | nindent 10 }} {{- end }} @@ -81,7 +125,7 @@ spec: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: - mountPath: /app/config - name: registries-conf + name: image-updater-conf - mountPath: /tmp name: tmp-dir {{- if .Values.authScripts.enabled }} @@ -93,8 +137,11 @@ spec: items: - key: registries.conf path: registries.conf + - key: git.commit-message-template + path: commit.template name: argocd-image-updater-config - name: registries-conf + optional: true + name: image-updater-conf {{- if .Values.authScripts.enabled }} - configMap: defaultMode: 0777 diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index b511a35c..460006dc 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -40,6 +40,9 @@ extraEnv: [] # value: "us-west-1" config: + # -- API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`) + applicationsAPIKind: "" + # Described in detail here https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags argocd: # -- Use the gRPC-web protocol to connect to the Argo CD API @@ -51,6 +54,18 @@ config: # -- If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. plaintext: false + # -- Disable kubernetes events + disableKubeEvents: false + + # -- Username to use for Git commits + gitCommitUser: "" + + # -- E-Mail address to use for Git commits + gitCommitMail: "" + + # -- Changing the Git commit message + gitCommitTemplate: "" + # -- ArgoCD Image Update log level logLevel: "info" From 22575d4c620a1c3938150e1498795b70bfb25f7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= <16559029+clementlecorre@users.noreply.github.com> Date: Mon, 22 Nov 2021 10:32:27 +0100 Subject: [PATCH 0134/1248] feat(argo-workflows): support resourceRateLimit config (#1008) * feat(argo-workflows): add `resourceRateLimit` config Signed-off-by: clement * chore: update chart version Signed-off-by: clement * chore(linter): add new line Signed-off-by: clement * chore: bump chart helm 0.9.0 Signed-off-by: clement --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 7 +++++++ 4 files changed, 13 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 866975e6..ed425839 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.8.3 +version: 0.9.0 appVersion: v3.2.4 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v3.2.4" + - "[Added]: support resourceRateLimit config" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 098bad79..f86d3d6c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -94,6 +94,7 @@ Fields to note: | controller.podWorkers | string | `nil` | Number of pod workers | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | | controller.replicas | int | `1` | The number of controller pods to run | +| controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | | controller.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | the controller container's securityContext | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 77214546..c09a0dc9 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -21,6 +21,9 @@ data: {{- if .Values.controller.parallelism }} parallelism: {{ .Values.controller.parallelism }} {{- end }} + {{- if .Values.controller.resourceRateLimit }} + resourceRateLimit: {{ toYaml .Values.controller.resourceRateLimit | nindent 6 }} + {{- end }} {{- with .Values.controller.namespaceParallelism }} namespaceParallelism: {{ . }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index bf336a4e..6548ead4 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -49,6 +49,13 @@ controller: tag: "" # -- parallelism dictates how many workflows can be running at the same time parallelism: + # -- Globally limits the rate at which pods are created. + # This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of + # parallel nodes. + resourceRateLimit: {} + # limit: 10 + # burst: 1 + # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: # -- Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 From 3088cf68b29a84733502f978c5a214af6e048a57 Mon Sep 17 00:00:00 2001 From: Michiel De Mey Date: Mon, 22 Nov 2021 10:40:42 +0100 Subject: [PATCH 0135/1248] feat(argo-workflows): Include pod name in key format for GCS logs (#915) * feat(argo-workflows) Include pod name in key format for GCS logs A better default would be to add the `pod.name` to the key format of the Argo logs. I noticed that when not including the pod name, it would constantly overwrite the same log from from different pods. Including it makes sure that each pod will have its own log file. Signed-off-by: Michiel De Mey * Bump chart version and added changelog Signed-off-by: Michiel De Mey Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ed425839..39a1cf1f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.9.0 +version: 0.9.1 appVersion: v3.2.4 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: support resourceRateLimit config" + - "[Changed]: Changed default GCP keyFormat" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 6548ead4..abc3f6d2 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -476,7 +476,7 @@ artifactRepository: # @default -- `{}` (See [values.yaml]) gcs: {} # bucket: -argo - # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/" + # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}" # serviceAccountKeySecret is a secret selector. # It references the k8s secret named 'my-gcs-credentials'. # This secret is expected to have have the key 'serviceAccountKey', From f9b2f22203be35382219d06a0e90f148b609dc8b Mon Sep 17 00:00:00 2001 From: Sean Johnson Date: Tue, 23 Nov 2021 03:24:12 +1100 Subject: [PATCH 0136/1248] chore(argocd): remove myself from CODEOWNERS (#1029) Signed-off-by: Sean Johnson Co-authored-by: Marko Bevc --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 012ac7f7..f35e2b20 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,7 +7,7 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler # Argo CD -/charts/argo-cd/ @seanson @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 +/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 # Argo Events /charts/argo-events/ @jbehling @VaibhavPage @oliverbaehler From 46d43f8af3894d2303ac0f965f03abaec23819d7 Mon Sep 17 00:00:00 2001 From: Paul Ayling Date: Tue, 23 Nov 2021 10:12:11 +0000 Subject: [PATCH 0137/1248] fix(argo-workflows): Add missing WorkflowTasksets RBAC to controller (#1032) * Add missing WorkflowTasksets RBAC to controller Signed-off-by: Paul Ayling * Add WorkflowTaskSet RBAC to admin role Signed-off-by: Paul Ayling --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-aggregate-roles.yaml | 2 ++ .../controller/workflow-controller-cluster-roles.yaml | 2 ++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 39a1cf1f..85fe989f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.9.1 +version: 0.9.2 appVersion: v3.2.4 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Changed default GCP keyFormat" + - "[Fixed]: Added missing WorkflowTaskSets RBAC to controller" diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml index ba1c202d..5a89fe75 100644 --- a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -68,6 +68,8 @@ rules: - workflows/finalizers - workfloweventbindings - workfloweventbindings/finalizers + - workflowtasksets + - workflowtasksets/finalizers - workflowtemplates - workflowtemplates/finalizers - cronworkflows diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 72e97f45..e946f058 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -42,6 +42,8 @@ rules: resources: - workflows - workflows/finalizers + - workflowtasksets + - workflowtasksets/finalizers verbs: - get - list From 7ddcd377f31c9e6b3fd79cd18492986e3fdc21a4 Mon Sep 17 00:00:00 2001 From: antoinebourayne <38851970+antoinebourayne@users.noreply.github.com> Date: Wed, 24 Nov 2021 17:30:09 +0100 Subject: [PATCH 0138/1248] feat(argo-cd): add flag and labels for application labels (#1021) * add flag and labels for application labels Signed-off-by: Antoine Bourayne * upgrade chart version Signed-off-by: Antoine Bourayne Co-authored-by: Antoine Bourayne Co-authored-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ .../templates/argocd-application-controller/deployment.yaml | 6 ++++++ charts/argo-cd/values.yaml | 5 +++++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5a2a8478..465c005c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.7 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.10 +version: 3.26.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.1.7" + - "[Changed]: add flag and labels for application labels" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 77b4ae59..785d38bd 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -256,6 +256,8 @@ NAME: my-release | controller.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | controller.logFormat | string | `"text"` | Application controller log format. Either `text` or `json` | | controller.logLevel | string | `"info"` | Application controller log level | +| controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | +| controller.metrics.applicationLabels.labels | object | `{}` | Additional labels | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.rules.enabled | bool | `false` | Deploy a PrometheusRule for the application controller | | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 763608d0..8ec4d8c9 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -54,6 +54,12 @@ spec: - {{ .Values.controller.logFormat }} - --loglevel - {{ .Values.controller.logLevel }} + {{- if .Values.controller.metrics.applicationLabels.enabled }} + - --metrics-application-labels + {{- range .Values.controller.metrics.applicationLabels.labels }} + - {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 0940623f..41e26108 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -215,6 +215,11 @@ controller: metrics: # -- Deploy metrics service enabled: false + applicationLabels: + # -- Enables additional labels in argocd_app_labels metric + enabled: false + # -- Additional labels + labels: {} service: # -- Metrics service annotations annotations: {} From 1292c99014caf47fea9d35984c497c9ae089f314 Mon Sep 17 00:00:00 2001 From: lukpep Date: Wed, 24 Nov 2021 21:44:28 +0100 Subject: [PATCH 0139/1248] feat(argocd-image-updater): Update to app version v0.11.0 (#1036) * bumped appVersion / image to v0.11.0 Signed-off-by: lukasz.peplinski * docs: Update changelog Signed-off-by: Marco Kilchhofer Co-authored-by: lukasz.peplinski Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 17601f76..ea10791d 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.4.2 -appVersion: v0.10.3 +version: 0.5.0 +appVersion: v0.11.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Added missing git-template-message key to deployment configMap" + - "[Changed]: Update to app version v0.11.0" From b13aa9facfd8ea0c3a5c8d0c5f48c36c5fe26feb Mon Sep 17 00:00:00 2001 From: lukpep Date: Thu, 25 Nov 2021 18:39:22 +0100 Subject: [PATCH 0140/1248] bumped appVersion / image to v1.2.0 (#1039) Signed-off-by: lukasz.peplinski Co-authored-by: lukasz.peplinski --- charts/argocd-notifications/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 3d2cdce2..51241ac3 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v1.1.1 +appVersion: v1.2.0 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.5.2 +version: 1.6.0 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Changed]: Use helm-docs to generate README.md" + - "[Changed]: Update to app version v1.2.0" From 0bbe2b1aae9a6beb157f2bc655e65385ffba302d Mon Sep 17 00:00:00 2001 From: "J. Mark Pim" Date: Mon, 29 Nov 2021 10:50:39 +0000 Subject: [PATCH 0141/1248] feat(argo-cd): support initContainers on all pods (#1043) * feat(argo-cd) support initContainers on all pods Signed-off-by: Mark Pim * Fix linting Signed-off-by: Mark Pim * Run helm-docs Signed-off-by: Mark Pim --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 4 ++ .../deployment.yaml | 4 ++ .../argocd-repo-server/deployment.yaml | 2 +- .../templates/argocd-server/deployment.yaml | 4 ++ charts/argo-cd/templates/dex/deployment.yaml | 4 ++ .../argo-cd/templates/redis/deployment.yaml | 4 ++ charts/argo-cd/values.yaml | 70 +++++++++++++++++++ 8 files changed, 93 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 465c005c..31db2ff0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.7 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.11 +version: 3.26.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: add flag and labels for application labels" + - "[Added]: add custom initContainers support to all Deployments" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 785d38bd..cf1c86de 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -249,6 +249,7 @@ NAME: my-release | controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller | | controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller | | controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | +| controller.initContainers | list | `[]` | Init containers to add to the application controller pod | | controller.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | controller.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | controller.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | @@ -417,6 +418,7 @@ NAME: my-release | server.ingressGrpc.pathType | string | `"Prefix"` | Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` | | server.ingressGrpc.paths | list | `["/"]` | List of ingress paths for dedicated [gRPC-ingress] | | server.ingressGrpc.tls | list | `[]` | Ingress TLS configuration for dedicated [gRPC-ingress] | +| server.initContainers | list | `[]` | Init containers to add to the server pod | | server.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for your argo-cd-server container | | server.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | server.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -499,6 +501,7 @@ NAME: my-release | dex.image.imagePullPolicy | string | `"IfNotPresent"` | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | | dex.image.tag | string | `"v2.30.0"` | Dex image tag | +| dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | | dex.initImage.tag | string | `""` (defaults to global.image.tag) | Argo CD init image tag | @@ -559,6 +562,7 @@ NAME: my-release | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | | redis.image.repository | string | `"redis"` | Redis repository | | redis.image.tag | string | `"6.2.4-alpine"` | Redis tag | +| redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | | redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 8ec4d8c9..3fe88f17 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -160,6 +160,10 @@ spec: {{- with .Values.controller.volumes }} {{- toYaml . | nindent 6 }} {{- end }} + {{- if .Values.controller.initContainers }} + initContainers: + {{- toYaml .Values.controller.initContainers | nindent 6 }} + {{- end }} {{- if .Values.controller.priorityClassName }} priorityClassName: {{ .Values.controller.priorityClassName }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index ea510f73..dabaa105 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -179,7 +179,7 @@ spec: name: tmp-dir {{- if .Values.repoServer.initContainers }} initContainers: -{{- toYaml .Values.repoServer.initContainers | nindent 6 }} + {{- toYaml .Values.repoServer.initContainers | nindent 6 }} {{- end }} {{- if .Values.repoServer.priorityClassName }} priorityClassName: {{ .Values.repoServer.priorityClassName }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 93e87e95..babfbc6b 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -198,6 +198,10 @@ spec: path: ca.crt optional: true secretName: argocd-repo-server-tls + {{- if .Values.server.initContainers }} + initContainers: + {{- toYaml .Values.server.initContainers | nindent 6 }} + {{- end }} {{- if .Values.server.priorityClassName }} priorityClassName: {{ .Values.server.priorityClassName }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index d05688b0..41f6b3af 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -143,6 +143,10 @@ spec: {{- if .Values.dex.extraVolumes }} {{- toYaml .Values.dex.extraVolumes | nindent 6 }} {{- end }} + {{- if .Values.dex.initContainers }} + initContainers: + {{- toYaml .Values.dex.initContainers | nindent 6 }} + {{- end }} {{- if .Values.dex.priorityClassName }} priorityClassName: {{ .Values.dex.priorityClassName }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index fa01c7b4..0c6d903a 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -112,6 +112,10 @@ spec: volumes: {{- toYaml .Values.redis.volumes | nindent 8}} {{- end }} + {{- if .Values.redis.initContainers }} + initContainers: + {{- toYaml .Values.redis.initContainers | nindent 6 }} + {{- end }} {{- if .Values.redis.priorityClassName }} priorityClassName: {{ .Values.redis.priorityClassName }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 41e26108..fbadb467 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -294,6 +294,25 @@ controller: # -- Additional containers to be added to the application controller pod extraContainers: [] + # -- Init containers to add to the application controller pod + ## If your target Kubernetes cluster(s) require a custom auth provider executable + ## you could use this (and the same in the server pod) to bootstrap + ## that executable into your ArgoCD container + initContainers: [] + # - name: download-tools + # image: alpine:3.8 + # command: [sh, -c] + # args: + # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && + # mv linux-amd64/helm /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + # volumeMounts: + # - mountPath: /usr/local/bin/helm + # name: custom-tools + # subPath: helm + ## Dex dex: # -- Enable dex @@ -472,6 +491,22 @@ dex: # -- Additional containers to be added to the dex pod extraContainers: [] + # -- Init containers to add to the dex pod + initContainers: [] + # - name: download-tools + # image: alpine:3.8 + # command: [sh, -c] + # args: + # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && + # mv linux-amd64/helm /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + # volumeMounts: + # - mountPath: /usr/local/bin/helm + # name: custom-tools + # subPath: helm + ## Redis redis: # -- Enable redis @@ -572,6 +607,22 @@ redis: # -- Additional containers to be added to the redis pod extraContainers: [] + # -- Init containers to add to the redis pod + initContainers: [] + # - name: download-tools + # image: alpine:3.8 + # command: [sh, -c] + # args: + # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && + # mv linux-amd64/helm /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + # volumeMounts: + # - mountPath: /usr/local/bin/helm + # name: custom-tools + # subPath: helm + service: # -- Redis service annotations annotations: {} @@ -1202,6 +1253,25 @@ server: # - name: copy-portal-skins # mountPath: /srv/var/lib/lemonldap-ng/portal/skins + # -- Init containers to add to the server pod + ## If your target Kubernetes cluster(s) require a custom auth provider executable + ## you could use this (and the same in the application controller pod) to bootstrap + ## that executable into your ArgoCD container + initContainers: [] + # - name: download-tools + # image: alpine:3.8 + # command: [sh, -c] + # args: + # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && + # mv linux-amd64/helm /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + # volumeMounts: + # - mountPath: /usr/local/bin/helm + # name: custom-tools + # subPath: helm + ## Repo Server repoServer: # -- Repo server name From 8ed7b2bc054c3c2e472d799c2f5c6cf584ec08c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Tue, 30 Nov 2021 09:21:51 +0100 Subject: [PATCH 0142/1248] chore(argocd): remove myself from CODEOWNERS (#1044) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Oliver Bähler --- CODEOWNERS | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index f35e2b20..97cfcfb2 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -4,16 +4,16 @@ /charts/ @mkilchhofer # Argo Workflows -/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @oliverbaehler +/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @oliverbaehler @mbevc1 +/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 # Argo Events -/charts/argo-events/ @jbehling @VaibhavPage @oliverbaehler +/charts/argo-events/ @jbehling @VaibhavPage # Argo Rollouts -/charts/argo-rollouts/ @oliverbaehler +/charts/argo-rollouts/ # Argo CD Notifications -/charts/argocd-notifications/ @alexmt @andyfeller @oliverbaehler @mbevc1 +/charts/argocd-notifications/ @alexmt @andyfeller @mbevc1 From 8425213cbe54e5cda2693d65c9fc763bd42a4815 Mon Sep 17 00:00:00 2001 From: Nicolas Lamirault Date: Fri, 3 Dec 2021 23:19:29 +0100 Subject: [PATCH 0143/1248] feat(argo-cd): Support for additional labels (#929) * Update: bump chart version Signed-off-by: Nicolas Lamirault * Update: additional labels Signed-off-by: Nicolas Lamirault * Add: bump chart version Signed-off-by: Nicolas Lamirault * Update: changelog Signed-off-by: Nicolas Lamirault * Fix: Redis label version Signed-off-by: Nicolas Lamirault * Fix: Redis labels Signed-off-by: Nicolas Lamirault * Fix: Redis labels Signed-off-by: Nicolas Lamirault * Fix: typo Signed-off-by: Nicolas Lamirault * Update: use with term Signed-off-by: Nicolas Lamirault * Fix: remove version from helper Signed-off-by: Nicolas Lamirault * docs: Use correct comment style and rerun helm-docs Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 3 ++- charts/argo-cd/README.md.gotmpl | 3 ++- charts/argo-cd/templates/_helpers.tpl | 3 +++ charts/argo-cd/values.yaml | 4 ++++ 5 files changed, 13 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 31db2ff0..98e0d162 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.7 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.26.12 +version: 3.27.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: add custom initContainers support to all Deployments" + - "[Added]: Support for additional labels" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index cf1c86de..82bf16e4 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -210,6 +210,7 @@ NAME: my-release | configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | | createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | +| global.additionalLabels | object | `{}` | Additional labels to add to all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all ArgoCD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all ArgoCD deployments | @@ -634,7 +635,7 @@ server: ``` ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) [ArgoCD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index bc2c0855..f9ad0b57 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -274,7 +274,8 @@ server: ``` -{{ template "helm-docs.versionFooter" . }} +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) [ArgoCD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index e11b43da..523f6a92 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -137,6 +137,9 @@ helm.sh/chart: {{ include "argo-cd.chart" .context }} {{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argocd +{{- with .context.Values.global.additionalLabels }} +{{ toYaml . }} +{{- end }} {{- end }} {{/* diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fbadb467..c3f6cd75 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -35,6 +35,10 @@ global: # hostnames: # - git.myhostname + # -- Additional labels to add to all resources + additionalLabels: {} + # app: argo-cd + networkPolicy: # -- Create NetworkPolicy objects for all components create: false From 9b35844af73bcd0983c452f10eeaf1c53788bdbf Mon Sep 17 00:00:00 2001 From: Cyril Cros Date: Fri, 3 Dec 2021 17:41:19 -0500 Subject: [PATCH 0144/1248] docs(argo-cd): mention declarative set up for Argo-CD (#1037) * docs(argo-cd): mention declarative set up for Argo-CD * docs: Explain how you can avoid setting some Helm values like configs.repositories via the declarative set up with secrets. Signed-off-by: cyril.cros Co-authored-by: Marko Bevc * bumped appVersion / image to v1.2.0 (#1039) Signed-off-by: lukasz.peplinski Co-authored-by: lukasz.peplinski Signed-off-by: cyril.cros * docs: Add README section also to README.md.gotmpl and bump chart version Signed-off-by: Marco Kilchhofer Co-authored-by: cyril.cros Co-authored-by: Marko Bevc Co-authored-by: lukpep Co-authored-by: lukasz.peplinski Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 3 +++ charts/argo-cd/README.md.gotmpl | 3 +++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 98e0d162..44390fd9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.7 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.27.0 +version: 3.27.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support for additional labels" + - "[Added]: Mention declarative set up for Argo CD in README.md" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 82bf16e4..d9198396 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -10,6 +10,9 @@ This is a **community maintained** chart. This chart installs [argo-cd](https:// The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases). +If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative set up](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) of Argo CD. +For instance, rather than adding repositories and their keys in your Helm values, you could deploy [SealedSecrets](https://github.com/bitnami-labs/sealed-secrets) with contents as seen in this [repositories section](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories) or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.). + ## High Availability This chart installs the non-HA version of ArgoCD by default. If you want to run ArgoCD in HA mode, you can use one of the example values in the next sections. diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index f9ad0b57..2492ccea 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -10,6 +10,9 @@ This is a **community maintained** chart. This chart installs [argo-cd](https:// The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases). +If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative set up](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) of Argo CD. +For instance, rather than adding repositories and their keys in your Helm values, you could deploy [SealedSecrets](https://github.com/bitnami-labs/sealed-secrets) with contents as seen in this [repositories section](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories) or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.). + ## High Availability This chart installs the non-HA version of ArgoCD by default. If you want to run ArgoCD in HA mode, you can use one of the example values in the next sections. From 16a3b26f0e541cf88eef9f8b670f3b9134b74ad4 Mon Sep 17 00:00:00 2001 From: Rein van 't Veer Date: Mon, 6 Dec 2021 11:01:50 +0100 Subject: [PATCH 0145/1248] feat(argo-workflows): Add dev/delegated auth (#1048) * add commented server auth disable option Signed-off-by: reinvantveer * add sectioned server authentication documentation Signed-off-by: reinvantveer * add change notes Signed-off-by: reinvantveer * fix helm-docs checksum error Signed-off-by: reinvantveer * revert dropped `volumeMounts` docs entry by removing whitespace above commented-out `extraArgs` Signed-off-by: reinvantveer * add extra comment on disabling auth Signed-off-by: reinvantveer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 8 +++++++- charts/argo-workflows/README.md.gotmpl | 6 ++++++ charts/argo-workflows/values.yaml | 8 +++++++- 4 files changed, 22 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 85fe989f..742e12d7 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.9.2 +version: 0.9.3 appVersion: v3.2.4 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Added missing WorkflowTaskSets RBAC to controller" + - "[Added]: Added documentation and (default disabled) settings for dev-mode or delegated server authentication" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index f86d3d6c..7a3ab5f7 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -15,8 +15,14 @@ A few options are: ## Usage Notes +### Workflow controller + This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. +### Workflow server authentication + +By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting. + ## Values The `values.yaml` contains items used to tweak a deployment of this chart. @@ -136,7 +142,7 @@ Fields to note: | server.clusterWorkflowTemplates.enableEditing | bool | `true` | Give the server permissions to edit ClusterWorkflowTemplates. | | server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. | | server.enabled | bool | `true` | Deploy the Argo Server | -| server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary. | +| server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary, such as for disabling authentication. | | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | | server.image.registry | string | `"quay.io"` | Registry to use for the server | diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 65d3368e..3f9a0121 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -15,8 +15,14 @@ A few options are: ## Usage Notes +### Workflow controller + This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. +### Workflow server authentication + +By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting. + ## Values The `values.yaml` contains items used to tweak a deployment of this chart. diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index abc3f6d2..8b727b67 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -356,8 +356,14 @@ server: # - name: FOO # value: "bar" - # -- Extra arguments to provide to the Argo server binary. + # -- Extra arguments to provide to the Argo server binary, such as for disabling authentication. extraArgs: [] + # If you want to disable authentication for purposes such as: + # - local dev-mode without authentication + # - gateway authentication through some other service such as KeyCloak + # uncomment the lines below and comment out the default empty list `extraArgs: []` above: + # extraArgs: + # - --auth-mode=server # -- Additional volume mounts to the server main container. volumeMounts: [] From 60693bb2896f19367a073d0a6c491e6fba01ba61 Mon Sep 17 00:00:00 2001 From: Dong Wang Date: Tue, 7 Dec 2021 14:40:09 +0800 Subject: [PATCH 0146/1248] feat(argocd-image-updater): Mount ssh-known-hosts from argocd (#1040) * feat(argocd-image-updater): Mount ssh-known-hosts from argocd Signed-off-by: Dong Wang * Bump minor version Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/templates/deployment.yaml | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index ea10791d..9ff3361e 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.5.0 +version: 0.6.0 appVersion: v0.11.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v0.11.0" + - "[Added]: Mount ssh-known-hosts from argocd" diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index d975747d..9c414072 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -128,6 +128,8 @@ spec: name: image-updater-conf - mountPath: /tmp name: tmp-dir + - mountPath: /app/config/ssh + name: ssh-known-hosts {{- if .Values.authScripts.enabled }} - mountPath: /scripts name: authscripts @@ -150,6 +152,10 @@ spec: {{- end }} - emptyDir: {} name: tmp-dir + - configMap: + name: argocd-ssh-known-hosts-cm + optional: true + name: ssh-known-hosts {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} From 817652a449634fa8b82be3d46f2719c576f429b2 Mon Sep 17 00:00:00 2001 From: FuyuanChu <86345114+FuyuanChu@users.noreply.github.com> Date: Thu, 9 Dec 2021 22:56:32 +0800 Subject: [PATCH 0147/1248] feat(argocd-applicationset): Add resources metrics-service and servicemonitor. (#1041) * [argocd-applicationset]: Add metrics-service and servicemonitor to applicationset. Signed-off-by: fuyuan.chu * [argocd-applicationset]: Add ci values for servicemonitor. Signed-off-by: fuyuan.chu * format indent Signed-off-by: fuyuan.chu * update helm docs Signed-off-by: fuyuan.chu * update ci values Signed-off-by: fuyuan.chu * update ci values Signed-off-by: fuyuan.chu * chore: Use consistent indents and file ending Signed-off-by: Marco Kilchhofer * Also disable mounts of ArgoCD during metrics test Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 5 +-- charts/argocd-applicationset/README.md | 11 ++++++ .../ci/servicemonitor-values.yaml | 7 ++++ .../templates/deployment.yaml | 3 ++ .../templates/metrics-service.yaml | 25 ++++++++++++ .../templates/servicemonitor.yaml | 38 +++++++++++++++++++ charts/argocd-applicationset/values.yaml | 29 ++++++++++++++ 7 files changed, 115 insertions(+), 3 deletions(-) create mode 100644 charts/argocd-applicationset/ci/servicemonitor-values.yaml create mode 100644 charts/argocd-applicationset/templates/metrics-service.yaml create mode 100644 charts/argocd-applicationset/templates/servicemonitor.yaml diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 1c088119..5185d857 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.6.0 +version: 1.7.0 appVersion: "v0.2.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,5 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: Install the chart into a kind cluster during the chart testing process" - - "[Changed]: Parameter 'args.namespace' now defaults to the namespace where you install the chart to" + - "[Added]: Add resources metrics-service and servicemonitor, not enabled by default." diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index a89d9f6f..53fd218f 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -73,6 +73,17 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | image.repository | string | `"quay.io/argoproj/argocd-applicationset"` | The image repository | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| metrics.enabled | bool | `false` | Deploy metrics service | +| metrics.service.annotations | object | `{}` | Metrics service annotations | +| metrics.service.labels | object | `{}` | Metrics service labels | +| metrics.service.servicePort | int | `8085` | Metrics service port | +| metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` | | mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | | mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume | diff --git a/charts/argocd-applicationset/ci/servicemonitor-values.yaml b/charts/argocd-applicationset/ci/servicemonitor-values.yaml new file mode 100644 index 00000000..61bc0901 --- /dev/null +++ b/charts/argocd-applicationset/ci/servicemonitor-values.yaml @@ -0,0 +1,7 @@ +metrics: + enabled: true + +# Disable mounts of ArgoCD related ConfigMaps as ArgoCD isn't installed during chart testing +mountSSHKnownHostsVolume: false +mountTLSCertsVolume: false +mountGPGKeysVolume: false diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index 281882b6..b40c94d2 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -53,6 +53,9 @@ spec: - name: http containerPort: {{ (split ":" .Values.args.probeBindAddr)._1 }} protocol: TCP + - name: metrics + containerPort: {{ (split ":" .Values.args.metricsAddr)._1 }} + protocol: TCP resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: diff --git a/charts/argocd-applicationset/templates/metrics-service.yaml b/charts/argocd-applicationset/templates/metrics-service.yaml new file mode 100644 index 00000000..b929dfc1 --- /dev/null +++ b/charts/argocd-applicationset/templates/metrics-service.yaml @@ -0,0 +1,25 @@ +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + {{- if .Values.metrics.service.annotations }} + annotations: + {{- range $key, $value := .Values.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} + {{- with .Values.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "argo-applicationset.fullname" . }}-metrics +spec: + ports: + - name: metrics + protocol: TCP + port: {{ .Values.metrics.service.servicePort }} + targetPort: metrics + selector: + {{- include "argo-applicationset.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/argocd-applicationset/templates/servicemonitor.yaml b/charts/argocd-applicationset/templates/servicemonitor.yaml new file mode 100644 index 00000000..fe3a614c --- /dev/null +++ b/charts/argocd-applicationset/templates/servicemonitor.yaml @@ -0,0 +1,38 @@ +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-applicationset.fullname" . }} + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} + {{- with .Values.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + {{- with .Values.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + path: /metrics + {{- with .Values.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argo-applicationset.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index b65716a9..c493e28a 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -31,6 +31,35 @@ args: # -- Enable dry run mode dryRun: false + ## Metrics service configuration +metrics: + # -- Deploy metrics service + enabled: false + service: + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 8085 + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: false + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "" # monitoring + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + # -- If defined, uses a Secret to pull an image from a private Docker registry or repository. imagePullSecrets: [] # -- Provide a name in place of `argocd-applicationset` From e4d94ad91eca84df43185cea38b07736d20a9521 Mon Sep 17 00:00:00 2001 From: MrWetsnow <509887+DanTulovsky@users.noreply.github.com> Date: Thu, 9 Dec 2021 10:12:58 -0500 Subject: [PATCH 0148/1248] feat(argo-rollouts): Allow setting the type for the dashboard service (#973) * feat: Allow setting the type for the dashboard service. (We have a requirement to run it as NodePort). Default to what it is if not set. Signed-off-by: Dan Tulovsky * Bump Chart version. Signed-off-by: Dan Tulovsky * Add serviceType into values.yaml Signed-off-by: Dan Tulovsky * Address review comments: Remove old changes annotation. Rename serviceType to service.type. Signed-off-by: Dan Tulovsky * Bump Chart version. Signed-off-by: Dan Tulovsky * Fix typo Signed-off-by: Dan Tulovsky * FIx indentation (lint error) Signed-off-by: Dan Tulovsky * Update README Signed-off-by: Dan Tulovsky * Update charts/argo-rollouts/README.md Co-authored-by: Marco Kilchhofer Signed-off-by: Dan Tulovsky * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * fix changelog Signed-off-by: Marco Kilchhofer * docs: Add warning about exposing the Dashboard via Service type Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 6 ++++++ charts/argo-rollouts/templates/dashboard/service.yaml | 1 + charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 1e0976fd..707b627a 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.5.0 +version: 2.6.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Updated ClusterRole with new rules" + - "[Added]: Ability to set the type of Service on the dashboard Service" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 624cc2a6..19876ee7 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -24,10 +24,15 @@ To install the chart with the release name `my-release`: $ helm repo add argo https://argoproj.github.io/argo-helm $ helm install my-release argo/argo-rollouts ``` +### UI Dashboard If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-rollouts dashboard by `kubectl port-forward service/argo-rollouts-dashboard 31000:3100` and pointing the browser to `localhost:31000` +| :warning: WARNING when the Service type is set to LoadBalancer or NodePort | +|:---------------------------------------------------------------------------| +| The chart provides an option to change the service type (`dashboard.service.type`). Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | + ## Chart Values | Key | Type | Default | Description | @@ -67,6 +72,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | dashboard.extraArgs | list | `[]` | Additional arguments for the dashboard. A list of flags. | | dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | +| dashboard.service.type | string | `ClusterIP` | Sets the type of the Service | | dashboard.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | | dashboard.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | | dashboard.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml index d2bd432b..b8605c58 100644 --- a/charts/argo-rollouts/templates/dashboard/service.yaml +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -11,6 +11,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + type: {{ .Values.dashboard.service.type }} ports: - name: dashboard protocol: TCP diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index caef4d0d..a598ad05 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -125,6 +125,8 @@ dashboard: podSecurityContext: runAsNonRoot: true containerSecurityContext: {} + service: + type: ClusterIP serviceAccount: create: true annotations: {} From 7033883914e07f9248eba1cf5a208084394318bc Mon Sep 17 00:00:00 2001 From: YE Qing <2chin.yip@gmail.com> Date: Fri, 10 Dec 2021 23:22:37 +0800 Subject: [PATCH 0149/1248] feat(argo-cd): Add support for extension (#1050) * add support for extension Signed-off-by: Qing Ye * add volume mounts Signed-off-by: Qing Ye * add RBAC Signed-off-by: Qing Ye * add more control to extensions values and update readme Signed-off-by: Qing Ye * remove trailing spaces in values file Signed-off-by: Qing Ye * add missing extensions.enabled Signed-off-by: Qing Ye * Update charts/argo-cd/Chart.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Qing Ye * add comment to extensions values Signed-off-by: Qing Ye Co-authored-by: Qing Ye Co-authored-by: Marko Bevc Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 5 + charts/argo-cd/crds/crd-extension.yaml | 96 +++++++++++++++++++ .../templates/argocd-server/deployment.yaml | 16 ++++ .../argocd-server/extensions-rolebinding.yaml | 15 +++ .../templates/argocd-server/extensions.yaml | 17 ++++ .../argocd-server/extentions-role.yaml | 21 ++++ charts/argo-cd/values.yaml | 18 ++++ 8 files changed, 190 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/crds/crd-extension.yaml create mode 100644 charts/argo-cd/templates/argocd-server/extensions-rolebinding.yaml create mode 100644 charts/argo-cd/templates/argocd-server/extensions.yaml create mode 100644 charts/argo-cd/templates/argocd-server/extentions-role.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 44390fd9..e794655a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.7 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.27.1 +version: 3.28.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Mention declarative set up for Argo CD in README.md" + - "[Added]: add extensions support" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d9198396..0aae3295 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,11 @@ NAME: my-release | server.containerSecurityContext | object | `{}` | Servers container-level security context | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | +| server.extensions.contents | list | `[]` | Extensions to be loaded into the server | +| server.extensions.enabled | bool | `false` | Enable support for extensions | +| server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions | +| server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | +| server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | | server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server | diff --git a/charts/argo-cd/crds/crd-extension.yaml b/charts/argo-cd/crds/crd-extension.yaml new file mode 100644 index 00000000..ddb11e70 --- /dev/null +++ b/charts/argo-cd/crds/crd-extension.yaml @@ -0,0 +1,96 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: argocdextensions.argoproj.io + app.kubernetes.io/part-of: argocd + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + name: argocdextensions.argoproj.io +spec: + group: argoproj.io + names: + kind: ArgoCDExtension + listKind: ArgoCDExtensionList + plural: argocdextensions + singular: argocdextension + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ArgoCDExtension is the Schema for the argocdextensions API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ArgoCDExtensionSpec defines the desired state of ArgoCDExtension + properties: + sources: + description: Sources specifies where the extension should come from + items: + description: ExtensionSource specifies where the extension should + be sourced from + properties: + git: + description: Git is specified if the extension should be sourced + from a git repository + properties: + revision: + description: Revision specifies the revision of the Repository + to fetch + type: string + url: + description: URL specifies the Git repository URL to fetch + type: string + type: object + web: + description: Web is specified if the extension should be sourced + from a web file + properties: + url: + description: URK specifies the remote file URL + type: string + type: object + type: object + type: array + required: + - sources + type: object + status: + description: ArgoCDExtensionStatus defines the observed state of ArgoCDExtension + properties: + conditions: + items: + properties: + message: + description: Message contains human-readable message indicating + details about condition + type: string + status: + description: Boolean status describing if the condition is currently + true + type: string + type: + description: Type is an ArgoCDExtension condition type + type: string + required: + - message + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index babfbc6b..426093fa 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -75,6 +75,10 @@ spec: {{- if .Values.server.volumeMounts }} {{- toYaml .Values.server.volumeMounts | nindent 8}} {{- end }} + {{- if .Values.server.extensions.enabled }} + - name: extensions + mountPath: /tmp/extensions/ + {{- end }} {{- if .Values.configs.knownHosts }} - mountPath: /app/config/ssh name: ssh-known-hosts @@ -132,6 +136,14 @@ spec: {{- with .Values.server.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} + {{- if .Values.server.extensions.enabled }} + - name: argocd-extensions + image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }} + imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }} + volumeMounts: + - name: extensions + mountPath: /tmp/extensions/ + {{- end }} {{- if .Values.server.nodeSelector }} nodeSelector: {{- toYaml .Values.server.nodeSelector | nindent 8 }} @@ -164,6 +176,10 @@ spec: {{- if .Values.server.volumes }} {{- toYaml .Values.server.volumes | nindent 6}} {{- end }} + {{- if .Values.server.extensions.enabled }} + - name: extensions + emptyDir: {} + {{- end }} - emptyDir: {} name: static-files - emptyDir: {} diff --git a/charts/argo-cd/templates/argocd-server/extensions-rolebinding.yaml b/charts/argo-cd/templates/argocd-server/extensions-rolebinding.yaml new file mode 100644 index 00000000..3e8ec5d6 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/extensions-rolebinding.yaml @@ -0,0 +1,15 @@ +{{- if .Values.server.extensions.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + name: argocd-server-extensions +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-server-extensions +subjects: +- kind: ServiceAccount + name: argocd-server +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/extensions.yaml b/charts/argo-cd/templates/argocd-server/extensions.yaml new file mode 100644 index 00000000..5ac595db --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/extensions.yaml @@ -0,0 +1,17 @@ +{{- if .Values.server.extensions.enabled }} +{{- range $extension := .Values.server.extensions.contents }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCDExtension +metadata: + name: {{ $extension.name }} + finalizers: + - extensions-finalizer.argocd.argoproj.io + labels: + {{- include "argo-cd.labels" (dict "context" $ "component" $.Values.server.name "name" (printf "%s-extensions" $.Values.server.name)) | nindent 4 }} +spec: + sources: + - web: + url: {{ $extension.url }} +{{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/extentions-role.yaml b/charts/argo-cd/templates/argocd-server/extentions-role.yaml new file mode 100644 index 00000000..53e592ae --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/extentions-role.yaml @@ -0,0 +1,21 @@ +{{- if .Values.server.extensions.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + name: argocd-server-extensions +rules: +- apiGroups: + - argoproj.io + resources: + - argocdextensions + verbs: + - create + - get + - list + - watch + - update + - delete + - patch +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c3f6cd75..2cf1c61e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1276,6 +1276,24 @@ server: # name: custom-tools # subPath: helm + extensions: + # -- Enable support for extensions + ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary. + enabled: false + + image: + # -- Repository to use for extensions image + repository: "ghcr.io/argoproj-labs/argocd-extensions" + # -- Tag to use for extensions image + tag: "v0.1.0" + # -- Image pull policy for extensions + imagePullPolicy: IfNotPresent + + # -- Extensions to be loaded into the server + contents: [] + # - name: argo-rollouts + # url: https://github.com/argoproj-labs/rollout-extension/releases/download/v0.1.0/extension.tar + ## Repo Server repoServer: # -- Repo server name From 103914446e778a625f0239c4ac797236d8255ee2 Mon Sep 17 00:00:00 2001 From: Eugene Lugovtsov <34510252+EugeneLugovtsov@users.noreply.github.com> Date: Sat, 11 Dec 2021 21:28:08 +0200 Subject: [PATCH 0150/1248] feat(argo-cd): Add support for argocd-extensions resources (#1053) * add support for extensions resource Signed-off-by: Yevhen Luhovtsov * fix documentation for extensions resource Signed-off-by: Yevhen Luhovtsov Co-authored-by: Yevhen Luhovtsov --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 9 +++++++++ 4 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e794655a..cb37edb8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.1.7 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.28.0 +version: 3.28.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: add extensions support" + - "[Added]: add argocd-extensions resources support" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 0aae3295..caece20b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -399,6 +399,7 @@ NAME: my-release | server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | | server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | +| server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | | server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server | diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 426093fa..64190910 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -143,6 +143,8 @@ spec: volumeMounts: - name: extensions mountPath: /tmp/extensions/ + resources: + {{- toYaml .Values.server.extensions.resources | nindent 10 }} {{- end }} {{- if .Values.server.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2cf1c61e..58e2d52c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1289,6 +1289,15 @@ server: # -- Image pull policy for extensions imagePullPolicy: IfNotPresent + # -- Resource limits and requests for the argocd-extensions container + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + # -- Extensions to be loaded into the server contents: [] # - name: argo-rollouts From 6d872cb02fff53644546f0dfe3197bbad2fa2f88 Mon Sep 17 00:00:00 2001 From: cedi Date: Wed, 15 Dec 2021 11:15:02 +0100 Subject: [PATCH 0151/1248] Bumping the Version of the argo-cd helm chart to v2.2.0 (#1055) Signed-off-by: Cedric Kienzler --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/crds/crd-application.yaml | 1109 ++++++++++++----- charts/argo-cd/crds/crd-extension.yaml | 96 -- charts/argo-cd/crds/crd-project.yaml | 135 +- .../argocd-repo-server/deployment.yaml | 17 + .../templates/argocd-server/deployment.yaml | 4 + 6 files changed, 898 insertions(+), 467 deletions(-) delete mode 100644 charts/argo-cd/crds/crd-extension.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cb37edb8..1572e74c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.1.7 +appVersion: v2.2.0 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.28.1 +version: 3.29.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index 714b363e..cb3d1ba0 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -34,15 +34,20 @@ spec: description: Application is a definition of Application resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object operation: - description: Operation contains information about a requested or running operation + description: Operation contains information about a requested or running + operation properties: info: description: Info is a list of informational items for this operation @@ -58,34 +63,42 @@ spec: type: object type: array initiatedBy: - description: InitiatedBy contains information about who initiated the operations + description: InitiatedBy contains information about who initiated + the operations properties: automated: - description: Automated is set to true if operation was initiated automatically by the application controller. + description: Automated is set to true if operation was initiated + automatically by the application controller. type: boolean username: - description: Username contains the name of a user who started operation + description: Username contains the name of a user who started + operation type: string type: object retry: description: Retry controls the strategy to apply if a sync fails properties: backoff: - description: Backoff controls how to backoff on subsequent retries of failed syncs + description: Backoff controls how to backoff on subsequent retries + of failed syncs properties: duration: - description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + description: Duration is the amount to back off. Default unit + is seconds, but could also be a duration (e.g. "2m", "1h") type: string factor: - description: Factor is a factor to multiply the base duration after each failed retry + description: Factor is a factor to multiply the base duration + after each failed retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum amount of time allowed for the backoff strategy + description: MaxDuration is the maximum amount of time allowed + for the backoff strategy type: string type: object limit: - description: Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. + description: Limit is the maximum number of attempts for retrying + a failed sync. If set to 0, no retries will be performed. format: int64 type: integer type: object @@ -93,18 +106,22 @@ spec: description: Sync contains parameters for the operation properties: dryRun: - description: DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync + description: DryRun specifies to perform a `kubectl apply --dry-run` + without actually performing the sync type: boolean manifests: - description: Manifests is an optional field that overrides sync source with a local directory for development + description: Manifests is an optional field that overrides sync + source with a local directory for development items: type: string type: array prune: - description: Prune specifies to delete resources from the cluster that are no longer tracked in git + description: Prune specifies to delete resources from the cluster + that are no longer tracked in git type: boolean resources: - description: Resources describes which resources shall be part of the sync + description: Resources describes which resources shall be part + of the sync items: description: SyncOperationResource contains resources to sync. properties: @@ -122,30 +139,41 @@ spec: type: object type: array revision: - description: Revision is the revision (Git) or chart version (Helm) which to sync the application to If omitted, will use the revision specified in app spec. + description: Revision is the revision (Git) or chart version (Helm) + which to sync the application to If omitted, will use the revision + specified in app spec. type: string source: - description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and is nil during a Sync operation + description: Source overrides the source definition set in the + application. This is typically set in a Rollback operation and + is nil during a Sync operation properties: chart: - description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: - description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation type: string include: - description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation type: string jsonnet: description: Jsonnet holds options specific to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet External Variables + description: ExtVars is a list of Jsonnet External + Variables items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable to + be passed to jsonnet during manifest generation properties: code: type: boolean @@ -166,7 +194,8 @@ spec: tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable to + be passed to jsonnet during manifest generation properties: code: type: boolean @@ -181,32 +210,40 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to scan a directory recursively for manifests + description: Recurse specifies whether to scan a directory + recursively for manifests type: boolean type: object helm: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm template + description: FileParameters are file parameters to the + helm template items: - description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation properties: name: description: Name is the name of the Helm parameter type: string path: - description: Path is the path to the file containing the values for the Helm parameter + description: Path is the path to the file containing + the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation items: - description: HelmParameter is a parameter that's passed to helm template during manifest generation + description: HelmParameter is a parameter that's passed + to helm template during manifest generation properties: forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the Helm parameter @@ -216,31 +253,42 @@ spec: type: string type: object type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean releaseName: - description: ReleaseName is the Helm release name to use. If omitted it will use the application name + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template + description: ValuesFiles is a list of Helm value files + to use when generating a template items: type: string type: array values: - description: Values specifies Helm values to be passed to helm template, typically defined as a block + description: Values specifies Helm values to be passed + to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating (either "2" or "3") + description: Version is the Helm version to use for templating + (either "2" or "3") type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment name + description: Environment is a ksonnet application environment + name type: string parameters: - description: Parameters are a list of ksonnet component parameter override values + description: Parameters are a list of ksonnet component + parameter override values items: - description: KsonnetParameter is a ksonnet component parameter + description: KsonnetParameter is a ksonnet component + parameter properties: component: type: string @@ -260,48 +308,62 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list of additional annotations to add to rendered manifests + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional labels to add to rendered manifests + description: CommonLabels is a list of additional labels + to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources for + Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps type: boolean images: - description: Images is a list of Kustomize image override specifications + description: Images is a list of Kustomize image override + specifications items: - description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for Kustomize apps + description: NamePrefix is a prefix appended to resources + for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for Kustomize apps + description: NameSuffix is a suffix appended to resources + for Kustomize apps type: string version: - description: Version controls which version of Kustomize to use for rendering manifests + description: Version controls which version of Kustomize + to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management plugin specific options + description: ConfigManagementPlugin holds config management + plugin specific options properties: env: description: Env is a list of environment variable entries items: - description: EnvEntry represents an entry in the application's environment + description: EnvEntry represents an entry in the application's + environment properties: name: - description: Name is the name of the variable, usually expressed in uppercase + description: Name is the name of the variable, usually + expressed in uppercase type: string value: description: Value is the value of the variable @@ -315,10 +377,14 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + description: TargetRevision defines the revision of the source + to sync the application to. In case of Git, this can be + commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -332,42 +398,60 @@ spec: description: SyncStrategy describes how to perform the sync properties: apply: - description: Apply will perform a `kubectl apply` to perform the sync. + description: Apply will perform a `kubectl apply` to perform + the sync. properties: force: - description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + description: Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force flag + deletes and re-create the resource, when PATCH encounters + conflict and has retried for 5 times. type: boolean type: object hook: - description: Hook will submit any referenced resources to perform the sync. This is the default strategy + description: Hook will submit any referenced resources to + perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + description: Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force flag + deletes and re-create the resource, when PATCH encounters + conflict and has retried for 5 times. type: boolean type: object type: object type: object type: object spec: - description: ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. + description: ApplicationSpec represents desired application state. Contains + link to repository with application definition and additional parameters + link definition revision. properties: destination: - description: Destination is a reference to the target Kubernetes server and namespace + description: Destination is a reference to the target Kubernetes server + and namespace properties: name: - description: Name is an alternate way of specifying the target cluster by its symbolic name + description: Name is an alternate way of specifying the target + cluster by its symbolic name type: string namespace: - description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + description: Namespace specifies the target namespace for the + application's resources. The namespace will only be set for + namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster and + must be set to the Kubernetes control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list of resources and their fields which should be ignored during comparison + description: IgnoreDifferences is a list of resources and their fields + which should be ignored during comparison items: - description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. + description: ResourceIgnoreDifferences contains resource filter + and list of json paths which should be ignored during comparison + with live state. properties: group: type: string @@ -381,6 +465,14 @@ spec: type: array kind: type: string + managedFieldsManagers: + description: ManagedFieldsManagers is a list of trusted managers. + Fields mutated by those managers will take precedence over + the desired state defined in the SCM and won't be displayed + in diffs + items: + type: string + type: array name: type: string namespace: @@ -390,7 +482,8 @@ spec: type: object type: array info: - description: Info contains a list of information (URLs, email addresses, and plain text) that relates to the application + description: Info contains a list of information (URLs, email addresses, + and plain text) that relates to the application items: properties: name: @@ -403,26 +496,40 @@ spec: type: object type: array project: - description: Project is a reference to the project this application belongs to. The empty string means that application belongs to the 'default' project. + description: Project is a reference to the project this application + belongs to. The empty string means that application belongs to the + 'default' project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions. This should only be changed in exceptional circumstances. Setting to zero will store no history. This will reduce storage used. Increasing will increase the space used to store the history, so we do not recommend increasing it. Default is 10. + description: RevisionHistoryLimit limits the number of items kept + in the application's revision history, which is used for informational + purposes as well as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. Setting to zero will + store no history. This will reduce storage used. Increasing will + increase the space used to store the history, so we do not recommend + increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location of the application's manifests or chart + description: Source is a reference to the location of the application's + manifests or chart properties: chart: - description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: - description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being used + during manifest generation type: string include: - description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation type: string jsonnet: description: Jsonnet holds options specific to Jsonnet @@ -430,7 +537,8 @@ spec: extVars: description: ExtVars is a list of Jsonnet External Variables items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation properties: code: type: boolean @@ -451,7 +559,8 @@ spec: tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation properties: code: type: boolean @@ -466,32 +575,39 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to scan a directory recursively for manifests + description: Recurse specifies whether to scan a directory + recursively for manifests type: boolean type: object helm: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm template + description: FileParameters are file parameters to the helm + template items: - description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation properties: name: description: Name is the name of the Helm parameter type: string path: - description: Path is the path to the file containing the values for the Helm parameter + description: Path is the path to the file containing + the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest generation items: - description: HelmParameter is a parameter that's passed to helm template during manifest generation + description: HelmParameter is a parameter that's passed + to helm template during manifest generation properties: forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings type: boolean name: description: Name is the name of the Helm parameter @@ -501,29 +617,39 @@ spec: type: string type: object type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean releaseName: - description: ReleaseName is the Helm release name to use. If omitted it will use the application name + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template + description: ValuesFiles is a list of Helm value files to + use when generating a template items: type: string type: array values: - description: Values specifies Helm values to be passed to helm template, typically defined as a block + description: Values specifies Helm values to be passed to + helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating (either "2" or "3") + description: Version is the Helm version to use for templating + (either "2" or "3") type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment name + description: Environment is a ksonnet application environment + name type: string parameters: - description: Parameters are a list of ksonnet component parameter override values + description: Parameters are a list of ksonnet component parameter + override values items: description: KsonnetParameter is a ksonnet component parameter properties: @@ -545,48 +671,61 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list of additional annotations to add to rendered manifests + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional labels to add to rendered manifests + description: CommonLabels is a list of additional labels to + add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + description: ForceCommonAnnotations specifies whether to force + applying common annotations to resources for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps type: boolean images: - description: Images is a list of Kustomize image override specifications + description: Images is a list of Kustomize image override + specifications items: - description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for Kustomize apps + description: NamePrefix is a prefix appended to resources + for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for Kustomize apps + description: NameSuffix is a suffix appended to resources + for Kustomize apps type: string version: - description: Version controls which version of Kustomize to use for rendering manifests + description: Version controls which version of Kustomize to + use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management plugin specific options + description: ConfigManagementPlugin holds config management plugin + specific options properties: env: description: Env is a list of environment variable entries items: - description: EnvEntry represents an entry in the application's environment + description: EnvEntry represents an entry in the application's + environment properties: name: - description: Name is the name of the variable, usually expressed in uppercase + description: Name is the name of the variable, usually + expressed in uppercase type: string value: description: Value is the value of the variable @@ -600,10 +739,14 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + description: TargetRevision defines the revision of the source + to sync the application to. In case of Git, this can be commit, + tag, or branch. If omitted, will equal to HEAD. In case of Helm, + this is a semver tag for the Chart's version. type: string required: - repoURL @@ -612,37 +755,49 @@ spec: description: SyncPolicy controls when and how a sync will be performed properties: automated: - description: Automated will keep an application synced to the target revision + description: Automated will keep an application synced to the + target revision properties: allowEmpty: - description: 'AllowEmpty allows apps have zero live resources (default: false)' + description: 'AllowEmpty allows apps have zero live resources + (default: false)' type: boolean prune: - description: 'Prune specifies whether to delete resources from the cluster that are not found in the sources anymore as part of automated sync (default: false)' + description: 'Prune specifies whether to delete resources + from the cluster that are not found in the sources anymore + as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)' + description: 'SelfHeal specifes whether to revert resources + back to their desired state upon modification in the cluster + (default: false)' type: boolean type: object retry: description: Retry controls failed sync retry behavior properties: backoff: - description: Backoff controls how to backoff on subsequent retries of failed syncs + description: Backoff controls how to backoff on subsequent + retries of failed syncs properties: duration: - description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. + "2m", "1h") type: string factor: - description: Factor is a factor to multiply the base duration after each failed retry + description: Factor is a factor to multiply the base duration + after each failed retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum amount of time allowed for the backoff strategy + description: MaxDuration is the maximum amount of time + allowed for the backoff strategy type: string type: object limit: - description: Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. + description: Limit is the maximum number of attempts for retrying + a failed sync. If set to 0, no retries will be performed. format: int64 type: integer type: object @@ -661,16 +816,20 @@ spec: description: ApplicationStatus contains status information for the application properties: conditions: - description: Conditions is a list of currently observed application conditions + description: Conditions is a list of currently observed application + conditions items: - description: ApplicationCondition contains details about an application condition, which is usally an error or warning + description: ApplicationCondition contains details about an application + condition, which is usally an error or warning properties: lastTransitionTime: - description: LastTransitionTime is the time the condition was last observed + description: LastTransitionTime is the time the condition was + last observed format: date-time type: string message: - description: Message contains human-readable message indicating details about condition + description: Message contains human-readable message indicating + details about condition type: string type: description: Type is an application condition type @@ -681,22 +840,28 @@ spec: type: object type: array health: - description: Health contains information about the application's current health status + description: Health contains information about the application's current + health status properties: message: - description: Message is a human-readable informational message describing the health status + description: Message is a human-readable informational message + describing the health status type: string status: - description: Status holds the status code of the application or resource + description: Status holds the status code of the application or + resource type: string type: object history: - description: History contains information about the application's sync history + description: History contains information about the application's + sync history items: - description: RevisionHistory contains history information about a previous sync + description: RevisionHistory contains history information about + a previous sync properties: deployStartedAt: - description: DeployStartedAt holds the time the sync operation started + description: DeployStartedAt holds the time the sync operation + started format: date-time type: string deployedAt: @@ -708,30 +873,39 @@ spec: format: int64 type: integer revision: - description: Revision holds the revision the sync was performed against + description: Revision holds the revision the sync was performed + against type: string source: - description: Source is a reference to the application source used for the sync operation + description: Source is a reference to the application source + used for the sync operation properties: chart: - description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: - description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation type: string include: - description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation type: string jsonnet: description: Jsonnet holds options specific to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet External Variables + description: ExtVars is a list of Jsonnet External + Variables items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -750,9 +924,11 @@ spec: type: string type: array tlas: - description: TLAS is a list of Jsonnet Top-level Arguments + description: TLAS is a list of Jsonnet Top-level + Arguments items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -767,32 +943,41 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to scan a directory recursively for manifests + description: Recurse specifies whether to scan a directory + recursively for manifests type: boolean type: object helm: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm template + description: FileParameters are file parameters to the + helm template items: - description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation properties: name: description: Name is the name of the Helm parameter type: string path: - description: Path is the path to the file containing the values for the Helm parameter + description: Path is the path to the file containing + the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation items: - description: HelmParameter is a parameter that's passed to helm template during manifest generation + description: HelmParameter is a parameter that's passed + to helm template during manifest generation properties: forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings type: boolean name: description: Name is the name of the Helm parameter @@ -802,31 +987,42 @@ spec: type: string type: object type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean releaseName: - description: ReleaseName is the Helm release name to use. If omitted it will use the application name + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template + description: ValuesFiles is a list of Helm value files + to use when generating a template items: type: string type: array values: - description: Values specifies Helm values to be passed to helm template, typically defined as a block + description: Values specifies Helm values to be passed + to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating (either "2" or "3") + description: Version is the Helm version to use for + templating (either "2" or "3") type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment name + description: Environment is a ksonnet application environment + name type: string parameters: - description: Parameters are a list of ksonnet component parameter override values + description: Parameters are a list of ksonnet component + parameter override values items: - description: KsonnetParameter is a ksonnet component parameter + description: KsonnetParameter is a ksonnet component + parameter properties: component: type: string @@ -846,48 +1042,63 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list of additional annotations to add to rendered manifests + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional labels to add to rendered manifests + description: CommonLabels is a list of additional labels + to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies whether toforce applying common labels to resources for Kustomizeapps + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps type: boolean images: - description: Images is a list of Kustomize image override specifications + description: Images is a list of Kustomize image override + specifications items: - description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for Kustomize apps + description: NamePrefix is a prefix appended to resources + for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for Kustomize apps + description: NameSuffix is a suffix appended to resources + for Kustomize apps type: string version: - description: Version controls which version of Kustomize to use for rendering manifests + description: Version controls which version of Kustomize + to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management plugin specific options + description: ConfigManagementPlugin holds config management + plugin specific options properties: env: description: Env is a list of environment variable entries items: - description: EnvEntry represents an entry in the application's environment + description: EnvEntry represents an entry in the application's + environment properties: name: - description: Name is the name of the variable, usually expressed in uppercase + description: Name is the name of the variable, + usually expressed in uppercase type: string value: description: Value is the value of the variable @@ -901,10 +1112,15 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL @@ -916,24 +1132,29 @@ spec: type: object type: array observedAt: - description: 'ObservedAt indicates when the application state was updated without querying latest git state Deprecated: controller no longer updates ObservedAt field' + description: 'ObservedAt indicates when the application state was + updated without querying latest git state Deprecated: controller + no longer updates ObservedAt field' format: date-time type: string operationState: - description: OperationState contains information about any ongoing operations, such as a sync + description: OperationState contains information about any ongoing + operations, such as a sync properties: finishedAt: description: FinishedAt contains time of operation completion format: date-time type: string message: - description: Message holds any pertinent messages when attempting to perform operation (typically errors). + description: Message holds any pertinent messages when attempting + to perform operation (typically errors). type: string operation: description: Operation is the original requested operation properties: info: - description: Info is a list of informational items for this operation + description: Info is a list of informational items for this + operation items: properties: name: @@ -946,34 +1167,45 @@ spec: type: object type: array initiatedBy: - description: InitiatedBy contains information about who initiated the operations + description: InitiatedBy contains information about who initiated + the operations properties: automated: - description: Automated is set to true if operation was initiated automatically by the application controller. + description: Automated is set to true if operation was + initiated automatically by the application controller. type: boolean username: - description: Username contains the name of a user who started operation + description: Username contains the name of a user who + started operation type: string type: object retry: - description: Retry controls the strategy to apply if a sync fails + description: Retry controls the strategy to apply if a sync + fails properties: backoff: - description: Backoff controls how to backoff on subsequent retries of failed syncs + description: Backoff controls how to backoff on subsequent + retries of failed syncs properties: duration: - description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. + "2m", "1h") type: string factor: - description: Factor is a factor to multiply the base duration after each failed retry + description: Factor is a factor to multiply the base + duration after each failed retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum amount of time allowed for the backoff strategy + description: MaxDuration is the maximum amount of + time allowed for the backoff strategy type: string type: object limit: - description: Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. + description: Limit is the maximum number of attempts for + retrying a failed sync. If set to 0, no retries will + be performed. format: int64 type: integer type: object @@ -981,20 +1213,25 @@ spec: description: Sync contains parameters for the operation properties: dryRun: - description: DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync + description: DryRun specifies to perform a `kubectl apply + --dry-run` without actually performing the sync type: boolean manifests: - description: Manifests is an optional field that overrides sync source with a local directory for development + description: Manifests is an optional field that overrides + sync source with a local directory for development items: type: string type: array prune: - description: Prune specifies to delete resources from the cluster that are no longer tracked in git + description: Prune specifies to delete resources from + the cluster that are no longer tracked in git type: boolean resources: - description: Resources describes which resources shall be part of the sync + description: Resources describes which resources shall + be part of the sync items: - description: SyncOperationResource contains resources to sync. + description: SyncOperationResource contains resources + to sync. properties: group: type: string @@ -1010,30 +1247,45 @@ spec: type: object type: array revision: - description: Revision is the revision (Git) or chart version (Helm) which to sync the application to If omitted, will use the revision specified in app spec. + description: Revision is the revision (Git) or chart version + (Helm) which to sync the application to If omitted, + will use the revision specified in app spec. type: string source: - description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and is nil during a Sync operation + description: Source overrides the source definition set + in the application. This is typically set in a Rollback + operation and is nil during a Sync operation properties: chart: - description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. type: string directory: - description: Directory holds path/directory specific options + description: Directory holds path/directory specific + options properties: exclude: - description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation type: string include: - description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation type: string jsonnet: - description: Jsonnet holds options specific to Jsonnet + description: Jsonnet holds options specific to + Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet External Variables + description: ExtVars is a list of Jsonnet + External Variables items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation properties: code: type: boolean @@ -1052,9 +1304,12 @@ spec: type: string type: array tlas: - description: TLAS is a list of Jsonnet Top-level Arguments + description: TLAS is a list of Jsonnet Top-level + Arguments items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation properties: code: type: boolean @@ -1069,66 +1324,92 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to scan a directory recursively for manifests + description: Recurse specifies whether to scan + a directory recursively for manifests type: boolean type: object helm: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm template + description: FileParameters are file parameters + to the helm template items: - description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation properties: name: - description: Name is the name of the Helm parameter + description: Name is the name of the Helm + parameter type: string path: - description: Path is the path to the file containing the values for the Helm parameter + description: Path is the path to the file + containing the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation items: - description: HelmParameter is a parameter that's passed to helm template during manifest generation + description: HelmParameter is a parameter that's + passed to helm template during manifest generation properties: forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings type: boolean name: - description: Name is the name of the Helm parameter + description: Name is the name of the Helm + parameter type: string value: - description: Value is the value for the Helm parameter + description: Value is the value for the + Helm parameter type: string type: object type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean releaseName: - description: ReleaseName is the Helm release name to use. If omitted it will use the application name + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template + description: ValuesFiles is a list of Helm value + files to use when generating a template items: type: string type: array values: - description: Values specifies Helm values to be passed to helm template, typically defined as a block + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block type: string version: - description: Version is the Helm version to use for templating (either "2" or "3") + description: Version is the Helm version to use + for templating (either "2" or "3") type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment name + description: Environment is a ksonnet application + environment name type: string parameters: - description: Parameters are a list of ksonnet component parameter override values + description: Parameters are a list of ksonnet + component parameter override values items: - description: KsonnetParameter is a ksonnet component parameter + description: KsonnetParameter is a ksonnet component + parameter properties: component: type: string @@ -1148,48 +1429,65 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list of additional annotations to add to rendered manifests + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional labels to add to rendered manifests + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps type: boolean images: - description: Images is a list of Kustomize image override specifications + description: Images is a list of Kustomize image + override specifications items: - description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for Kustomize apps + description: NamePrefix is a prefix appended to + resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for Kustomize apps + description: NameSuffix is a suffix appended to + resources for Kustomize apps type: string version: - description: Version controls which version of Kustomize to use for rendering manifests + description: Version controls which version of + Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. type: string plugin: - description: ConfigManagementPlugin holds config management plugin specific options + description: ConfigManagementPlugin holds config management + plugin specific options properties: env: - description: Env is a list of environment variable entries + description: Env is a list of environment variable + entries items: - description: EnvEntry represents an entry in the application's environment + description: EnvEntry represents an entry in + the application's environment properties: name: - description: Name is the name of the variable, usually expressed in uppercase + description: Name is the name of the variable, + usually expressed in uppercase type: string value: description: Value is the value of the variable @@ -1203,34 +1501,51 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. type: string required: - repoURL type: object syncOptions: - description: SyncOptions provide per-sync sync-options, e.g. Validate=false + description: SyncOptions provide per-sync sync-options, + e.g. Validate=false items: type: string type: array syncStrategy: - description: SyncStrategy describes how to perform the sync + description: SyncStrategy describes how to perform the + sync properties: apply: - description: Apply will perform a `kubectl apply` to perform the sync. + description: Apply will perform a `kubectl apply` + to perform the sync. properties: force: - description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + description: Force indicates whether or not to + supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, + when PATCH encounters conflict and has retried + for 5 times. type: boolean type: object hook: - description: Hook will submit any referenced resources to perform the sync. This is the default strategy + description: Hook will submit any referenced resources + to perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + description: Force indicates whether or not to + supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, + when PATCH encounters conflict and has retried + for 5 times. type: boolean type: object type: object @@ -1251,39 +1566,50 @@ spec: description: SyncResult is the result of a Sync operation properties: resources: - description: Resources contains a list of sync result items for each individual resource in a sync operation + description: Resources contains a list of sync result items + for each individual resource in a sync operation items: - description: ResourceResult holds the operation result details of a specific resource + description: ResourceResult holds the operation result details + of a specific resource properties: group: description: Group specifies the API group of the resource type: string hookPhase: - description: HookPhase contains the state of any operation associated with this resource OR hook This can also contain values for non-hook resources. + description: HookPhase contains the state of any operation + associated with this resource OR hook This can also + contain values for non-hook resources. type: string hookType: - description: HookType specifies the type of the hook. Empty for non-hook resources + description: HookType specifies the type of the hook. + Empty for non-hook resources type: string kind: description: Kind specifies the API kind of the resource type: string message: - description: Message contains an informational or error message for the last sync OR operation + description: Message contains an informational or error + message for the last sync OR operation type: string name: description: Name specifies the name of the resource type: string namespace: - description: Namespace specifies the target namespace of the resource + description: Namespace specifies the target namespace + of the resource type: string status: - description: Status holds the final result of the sync. Will be empty if the resources is yet to be applied/pruned and is always zero-value for hooks + description: Status holds the final result of the sync. + Will be empty if the resources is yet to be applied/pruned + and is always zero-value for hooks type: string syncPhase: - description: SyncPhase indicates the particular phase of the sync that this result was acquired in + description: SyncPhase indicates the particular phase + of the sync that this result was acquired in type: string version: - description: Version specifies the API version of the resource + description: Version specifies the API version of the + resource type: string required: - group @@ -1294,30 +1620,39 @@ spec: type: object type: array revision: - description: Revision holds the revision this sync operation was performed to + description: Revision holds the revision this sync operation + was performed to type: string source: - description: Source records the application source information of the sync, used for comparing auto-sync + description: Source records the application source information + of the sync, used for comparing auto-sync properties: chart: - description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: - description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation type: string include: - description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation type: string jsonnet: description: Jsonnet holds options specific to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet External Variables + description: ExtVars is a list of Jsonnet External + Variables items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1336,9 +1671,11 @@ spec: type: string type: array tlas: - description: TLAS is a list of Jsonnet Top-level Arguments + description: TLAS is a list of Jsonnet Top-level + Arguments items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1353,66 +1690,88 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to scan a directory recursively for manifests + description: Recurse specifies whether to scan a directory + recursively for manifests type: boolean type: object helm: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm template + description: FileParameters are file parameters to + the helm template items: - description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation properties: name: description: Name is the name of the Helm parameter type: string path: - description: Path is the path to the file containing the values for the Helm parameter + description: Path is the path to the file containing + the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation items: - description: HelmParameter is a parameter that's passed to helm template during manifest generation + description: HelmParameter is a parameter that's + passed to helm template during manifest generation properties: forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings type: boolean name: description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the Helm parameter + description: Value is the value for the Helm + parameter type: string type: object type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean releaseName: - description: ReleaseName is the Helm release name to use. If omitted it will use the application name + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template + description: ValuesFiles is a list of Helm value files + to use when generating a template items: type: string type: array values: - description: Values specifies Helm values to be passed to helm template, typically defined as a block + description: Values specifies Helm values to be passed + to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating (either "2" or "3") + description: Version is the Helm version to use for + templating (either "2" or "3") type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment name + description: Environment is a ksonnet application + environment name type: string parameters: - description: Parameters are a list of ksonnet component parameter override values + description: Parameters are a list of ksonnet component + parameter override values items: - description: KsonnetParameter is a ksonnet component parameter + description: KsonnetParameter is a ksonnet component + parameter properties: component: type: string @@ -1432,48 +1791,64 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list of additional annotations to add to rendered manifests + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional labels to add to rendered manifests + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps type: boolean images: - description: Images is a list of Kustomize image override specifications + description: Images is a list of Kustomize image override + specifications items: - description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for Kustomize apps + description: NamePrefix is a prefix appended to resources + for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for Kustomize apps + description: NameSuffix is a suffix appended to resources + for Kustomize apps type: string version: - description: Version controls which version of Kustomize to use for rendering manifests + description: Version controls which version of Kustomize + to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management plugin specific options + description: ConfigManagementPlugin holds config management + plugin specific options properties: env: - description: Env is a list of environment variable entries + description: Env is a list of environment variable + entries items: - description: EnvEntry represents an entry in the application's environment + description: EnvEntry represents an entry in the + application's environment properties: name: - description: Name is the name of the variable, usually expressed in uppercase + description: Name is the name of the variable, + usually expressed in uppercase type: string value: description: Value is the value of the variable @@ -1487,10 +1862,15 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL @@ -1504,24 +1884,30 @@ spec: - startedAt type: object reconciledAt: - description: ReconciledAt indicates when the application state was reconciled using the latest git version + description: ReconciledAt indicates when the application state was + reconciled using the latest git version format: date-time type: string resources: - description: Resources is a list of Kubernetes resources managed by this application + description: Resources is a list of Kubernetes resources managed by + this application items: - description: 'ResourceStatus holds the current sync and health status of a resource TODO: describe members of this type' + description: 'ResourceStatus holds the current sync and health status + of a resource TODO: describe members of this type' properties: group: type: string health: - description: HealthStatus contains information about the currently observed health state of an application or resource + description: HealthStatus contains information about the currently + observed health state of an application or resource properties: message: - description: Message is a human-readable informational message describing the health status + description: Message is a human-readable informational message + describing the health status type: string status: - description: Status holds the status code of the application or resource + description: Status holds the status code of the application + or resource type: string type: object hook: @@ -1535,7 +1921,8 @@ spec: requiresPruning: type: boolean status: - description: SyncStatusCode is a type which represents possible comparison results + description: SyncStatusCode is a type which represents possible + comparison results type: string version: type: string @@ -1545,10 +1932,12 @@ spec: description: SourceType specifies the type of this application type: string summary: - description: Summary contains a list of URLs and container images used by this application + description: Summary contains a list of URLs and container images + used by this application properties: externalURLs: - description: ExternalURLs holds all external URLs of application child resources. + description: ExternalURLs holds all external URLs of application + child resources. items: type: string type: array @@ -1559,46 +1948,62 @@ spec: type: array type: object sync: - description: Sync contains information about the application's current sync status + description: Sync contains information about the application's current + sync status properties: comparedTo: - description: ComparedTo contains information about what has been compared + description: ComparedTo contains information about what has been + compared properties: destination: - description: Destination is a reference to the application's destination used for comparison + description: Destination is a reference to the application's + destination used for comparison properties: name: - description: Name is an alternate way of specifying the target cluster by its symbolic name + description: Name is an alternate way of specifying the + target cluster by its symbolic name type: string namespace: - description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + description: Namespace specifies the target namespace + for the application's resources. The namespace will + only be set for namespace-scoped resources that have + not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object source: - description: Source is a reference to the application's source used for comparison + description: Source is a reference to the application's source + used for comparison properties: chart: - description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. type: string directory: description: Directory holds path/directory specific options properties: exclude: - description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation type: string include: - description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation type: string jsonnet: description: Jsonnet holds options specific to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet External Variables + description: ExtVars is a list of Jsonnet External + Variables items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1617,9 +2022,11 @@ spec: type: string type: array tlas: - description: TLAS is a list of Jsonnet Top-level Arguments + description: TLAS is a list of Jsonnet Top-level + Arguments items: - description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -1634,66 +2041,88 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to scan a directory recursively for manifests + description: Recurse specifies whether to scan a directory + recursively for manifests type: boolean type: object helm: description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to the helm template + description: FileParameters are file parameters to + the helm template items: - description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation properties: name: description: Name is the name of the Helm parameter type: string path: - description: Path is the path to the file containing the values for the Helm parameter + description: Path is the path to the file containing + the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation items: - description: HelmParameter is a parameter that's passed to helm template during manifest generation + description: HelmParameter is a parameter that's + passed to helm template during manifest generation properties: forceString: - description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings type: boolean name: description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the Helm parameter + description: Value is the value for the Helm + parameter type: string type: object type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean releaseName: - description: ReleaseName is the Helm release name to use. If omitted it will use the application name + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files to use when generating a template + description: ValuesFiles is a list of Helm value files + to use when generating a template items: type: string type: array values: - description: Values specifies Helm values to be passed to helm template, typically defined as a block + description: Values specifies Helm values to be passed + to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for templating (either "2" or "3") + description: Version is the Helm version to use for + templating (either "2" or "3") type: string type: object ksonnet: description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application environment name + description: Environment is a ksonnet application + environment name type: string parameters: - description: Parameters are a list of ksonnet component parameter override values + description: Parameters are a list of ksonnet component + parameter override values items: - description: KsonnetParameter is a ksonnet component parameter + description: KsonnetParameter is a ksonnet component + parameter properties: component: type: string @@ -1713,48 +2142,64 @@ spec: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list of additional annotations to add to rendered manifests + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional labels to add to rendered manifests + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies whether to force applying common labels to resources for Kustomize apps + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps type: boolean images: - description: Images is a list of Kustomize image override specifications + description: Images is a list of Kustomize image override + specifications items: - description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources for Kustomize apps + description: NamePrefix is a prefix appended to resources + for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources for Kustomize apps + description: NameSuffix is a suffix appended to resources + for Kustomize apps type: string version: - description: Version controls which version of Kustomize to use for rendering manifests + description: Version controls which version of Kustomize + to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management plugin specific options + description: ConfigManagementPlugin holds config management + plugin specific options properties: env: - description: Env is a list of environment variable entries + description: Env is a list of environment variable + entries items: - description: EnvEntry represents an entry in the application's environment + description: EnvEntry represents an entry in the + application's environment properties: name: - description: Name is the name of the variable, usually expressed in uppercase + description: Name is the name of the variable, + usually expressed in uppercase type: string value: description: Value is the value of the variable @@ -1768,10 +2213,15 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. type: string required: - repoURL @@ -1781,7 +2231,8 @@ spec: - source type: object revision: - description: Revision contains information about the revision the comparison has been performed to + description: Revision contains information about the revision + the comparison has been performed to type: string status: description: Status is the sync state of the comparison diff --git a/charts/argo-cd/crds/crd-extension.yaml b/charts/argo-cd/crds/crd-extension.yaml deleted file mode 100644 index ddb11e70..00000000 --- a/charts/argo-cd/crds/crd-extension.yaml +++ /dev/null @@ -1,96 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: argocdextensions.argoproj.io - app.kubernetes.io/part-of: argocd - annotations: - controller-gen.kubebuilder.io/version: v0.4.1 - name: argocdextensions.argoproj.io -spec: - group: argoproj.io - names: - kind: ArgoCDExtension - listKind: ArgoCDExtensionList - plural: argocdextensions - singular: argocdextension - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ArgoCDExtension is the Schema for the argocdextensions API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ArgoCDExtensionSpec defines the desired state of ArgoCDExtension - properties: - sources: - description: Sources specifies where the extension should come from - items: - description: ExtensionSource specifies where the extension should - be sourced from - properties: - git: - description: Git is specified if the extension should be sourced - from a git repository - properties: - revision: - description: Revision specifies the revision of the Repository - to fetch - type: string - url: - description: URL specifies the Git repository URL to fetch - type: string - type: object - web: - description: Web is specified if the extension should be sourced - from a web file - properties: - url: - description: URK specifies the remote file URL - type: string - type: object - type: object - type: array - required: - - sources - type: object - status: - description: ArgoCDExtensionStatus defines the observed state of ArgoCDExtension - properties: - conditions: - items: - properties: - message: - description: Message contains human-readable message indicating - details about condition - type: string - status: - description: Boolean status describing if the condition is currently - true - type: string - type: - description: Type is an ArgoCDExtension condition type - type: string - required: - - message - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true diff --git a/charts/argo-cd/crds/crd-project.yaml b/charts/argo-cd/crds/crd-project.yaml index 7bb09652..79179e8e 100644 --- a/charts/argo-cd/crds/crd-project.yaml +++ b/charts/argo-cd/crds/crd-project.yaml @@ -20,13 +20,22 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)' + description: 'AppProject provides a logical grouping of applications, providing + controls for: * where the apps may deploy to (cluster whitelist) * what + may be deployed (repository whitelist, resource whitelist/blacklist) * who + can access these applications (roles, OIDC group claims bindings) * and + what they can do (RBAC policies) * automation access to these roles (JWT + tokens)' properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -34,9 +43,12 @@ spec: description: AppProjectSpec is the specification of an AppProject properties: clusterResourceBlacklist: - description: ClusterResourceBlacklist contains list of blacklisted cluster level resources + description: ClusterResourceBlacklist contains list of blacklisted + cluster level resources items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types properties: group: type: string @@ -48,9 +60,12 @@ spec: type: object type: array clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted cluster level resources + description: ClusterResourceWhitelist contains list of whitelisted + cluster level resources items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types properties: group: type: string @@ -65,25 +80,34 @@ spec: description: Description contains optional project description type: string destinations: - description: Destinations contains list of destinations available for deployment + description: Destinations contains list of destinations available + for deployment items: - description: ApplicationDestination holds information about the application's destination + description: ApplicationDestination holds information about the + application's destination properties: name: - description: Name is an alternate way of specifying the target cluster by its symbolic name + description: Name is an alternate way of specifying the target + cluster by its symbolic name type: string namespace: - description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + description: Namespace specifies the target namespace for the + application's resources. The namespace will only be set for + namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster + and must be set to the Kubernetes control plane API type: string type: object type: array namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources + description: NamespaceResourceBlacklist contains list of blacklisted + namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types properties: group: type: string @@ -95,9 +119,12 @@ spec: type: object type: array namespaceResourceWhitelist: - description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources + description: NamespaceResourceWhitelist contains list of whitelisted + namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types properties: group: type: string @@ -109,12 +136,15 @@ spec: type: object type: array orphanedResources: - description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project + description: OrphanedResources specifies if controller should monitor + orphaned resources of apps in this project properties: ignore: - description: Ignore contains a list of resources that are to be excluded from orphaned resources monitoring + description: Ignore contains a list of resources that are to be + excluded from orphaned resources monitoring items: - description: OrphanedResourceKey is a reference to a resource to be ignored from + description: OrphanedResourceKey is a reference to a resource + to be ignored from properties: group: type: string @@ -125,26 +155,32 @@ spec: type: object type: array warn: - description: Warn indicates if warning condition should be created for apps which have orphaned resources + description: Warn indicates if warning condition should be created + for apps which have orphaned resources type: boolean type: object roles: - description: Roles are user defined RBAC roles associated with this project + description: Roles are user defined RBAC roles associated with this + project items: - description: ProjectRole represents a role that has access to a project + description: ProjectRole represents a role that has access to a + project properties: description: description: Description is a description of the role type: string groups: - description: Groups are a list of OIDC group claims bound to this role + description: Groups are a list of OIDC group claims bound to + this role items: type: string type: array jwtTokens: - description: JWTTokens are a list of generated JWT tokens bound to this role + description: JWTTokens are a list of generated JWT tokens bound + to this role items: - description: JWTToken holds the issuedAt and expiresAt values of a token + description: JWTToken holds the issuedAt and expiresAt values + of a token properties: exp: format: int64 @@ -162,7 +198,8 @@ spec: description: Name is a name for this role type: string policies: - description: Policies Stores a list of casbin formated strings that define access policies for the role in the project + description: Policies Stores a list of casbin formatted strings + that define access policies for the role in the project items: type: string type: array @@ -171,9 +208,11 @@ spec: type: object type: array signatureKeys: - description: SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync + description: SignatureKeys contains a list of PGP key IDs that commits + in Git must be signed with in order to be allowed for sync items: - description: SignatureKey is the specification of a key required to verify commit signatures with + description: SignatureKey is the specification of a key required + to verify commit signatures with properties: keyID: description: The ID of the key in hexadecimal notation @@ -183,47 +222,61 @@ spec: type: object type: array sourceRepos: - description: SourceRepos contains list of repository URLs which can be used for deployment + description: SourceRepos contains list of repository URLs which can + be used for deployment items: type: string type: array syncWindows: - description: SyncWindows controls when syncs can be run for apps in this project + description: SyncWindows controls when syncs can be run for apps in + this project items: - description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps + description: SyncWindow contains the kind, time, duration and attributes + that are used to assign the syncWindows to apps properties: applications: - description: Applications contains a list of applications that the window will apply to + description: Applications contains a list of applications that + the window will apply to items: type: string type: array clusters: - description: Clusters contains a list of clusters that the window will apply to + description: Clusters contains a list of clusters that the window + will apply to items: type: string type: array duration: - description: Duration is the amount of time the sync window will be open + description: Duration is the amount of time the sync window + will be open type: string kind: description: Kind defines if the window allows or blocks syncs type: string manualSync: - description: ManualSync enables manual syncs when they would otherwise be blocked + description: ManualSync enables manual syncs when they would + otherwise be blocked type: boolean namespaces: - description: Namespaces contains a list of namespaces that the window will apply to + description: Namespaces contains a list of namespaces that the + window will apply to items: type: string type: array schedule: - description: Schedule is the time the window will begin, specified in cron format + description: Schedule is the time the window will begin, specified + in cron format + type: string + timeZone: + description: TimeZone of the sync that will be applied to the + schedule type: string type: object type: array type: object status: - description: AppProjectStatus contains status information for AppProject CRs + description: AppProjectStatus contains status information for AppProject + CRs properties: jwtTokensByRole: additionalProperties: @@ -231,7 +284,8 @@ spec: properties: items: items: - description: JWTToken holds the issuedAt and expiresAt values of a token + description: JWTToken holds the issuedAt and expiresAt values + of a token properties: exp: format: int64 @@ -246,7 +300,8 @@ spec: type: object type: array type: object - description: JWTTokensByRole contains a list of JWT tokens issued for a given role + description: JWTTokensByRole contains a list of JWT tokens issued + for a given role type: object type: object required: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index dabaa105..be260cdf 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -34,6 +34,17 @@ spec: {{- if .Values.global.securityContext }} securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} {{- end }} + initContainers: + - command: + - cp + - -n + - /usr/local/bin/argocd + - /var/run/argocd/argocd-cmp-server + image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} + name: copyutil + volumeMounts: + - mountPath: /var/run/argocd + name: var-files containers: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} @@ -87,6 +98,8 @@ spec: name: argocd-repo-server-tls - mountPath: /tmp name: tmp-dir + - mountPath: /home/argocd/cmp-server/plugins + name: plugins ports: - name: repo-server containerPort: {{ .Values.repoServer.containerPort }} @@ -177,6 +190,10 @@ spec: secretName: argocd-repo-server-tls - emptyDir: {} name: tmp-dir + - emptyDir: {} + name: var-files + - emptyDir: {} + name: plugins {{- if .Values.repoServer.initContainers }} initContainers: {{- toYaml .Values.repoServer.initContainers | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 64190910..5b158d68 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -98,6 +98,8 @@ spec: - mountPath: /home/argocd/.aws name: aws-config {{- end }} + - mountPath: /home/argocd + name: plugins-home - mountPath: /tmp name: tmp-dir ports: @@ -216,6 +218,8 @@ spec: path: ca.crt optional: true secretName: argocd-repo-server-tls + - emptyDir: {} + name: plugins-home {{- if .Values.server.initContainers }} initContainers: {{- toYaml .Values.server.initContainers | nindent 6 }} From 6bea3ace8dd5ff4331468eb8c6db22df1dd15dc2 Mon Sep 17 00:00:00 2001 From: lukpep Date: Thu, 16 Dec 2021 10:58:13 +0100 Subject: [PATCH 0152/1248] bumped argocd notifications version to v1.2.1 (#1057) Signed-off-by: lukasz.peplinski Co-authored-by: lukasz.peplinski --- charts/argocd-notifications/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 51241ac3..9b1d08b2 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v1.2.0 +appVersion: v1.2.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.6.0 +version: 1.6.1 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v1.2.0" + - "[Changed]: Update to app version v1.2.1" From eb8273ecce7cf265f4d1d12d4e9aec340231e015 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Fri, 17 Dec 2021 05:05:35 -0500 Subject: [PATCH 0153/1248] feat(argo-cd): Upgrade argocd to v2.2.1 (#1061) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1572e74c..14c4398a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.2.0 +appVersion: v2.2.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.29.0 +version: 3.29.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: add argocd-extensions resources support" + - "[Changed]: Update to app version 2.2.1" From 0dc0b845a3667e043d45d15d51668402ee31b9a3 Mon Sep 17 00:00:00 2001 From: Alex Babel <13570439+AlexanderBabel@users.noreply.github.com> Date: Fri, 17 Dec 2021 19:39:07 +0100 Subject: [PATCH 0154/1248] fix(argo-cd): Merge duplicate initContainer entries introduced in 3.29.0 (#1058) * fix(repo-server): merge initContainer to one section Signed-off-by: Alex Babel * chore(argo-cd): bump version to 3.29.1 Signed-off-by: Alex Babel * Merge master into fix/repo-server-init-container Signed-off-by: Alex Babel * fix(argo-cd): add enableCopyutilInitContainer option Signed-off-by: Alex Babel * doc: update readme Signed-off-by: Alex Babel --- charts/argo-cd/Chart.yaml | 4 +-- charts/argo-cd/README.md | 1 + .../argocd-repo-server/deployment.yaml | 27 ++++++++++--------- charts/argo-cd/values.yaml | 3 +++ 4 files changed, 21 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 14c4398a..2f2186a4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.29.1 +version: 3.29.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.2.1" + - "[Fix]: repo-server: merge initContainer to one section" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index caece20b..be610e24 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -316,6 +316,7 @@ NAME: my-release | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | | repoServer.containerSecurityContext | object | `{}` | Repo server container-level security context | +| repoServer.enableCopyutilInitContainer | bool | `true` | Enable the copyutil init container | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index be260cdf..e0a8648c 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -34,17 +34,6 @@ spec: {{- if .Values.global.securityContext }} securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} {{- end }} - initContainers: - - command: - - cp - - -n - - /usr/local/bin/argocd - - /var/run/argocd/argocd-cmp-server - image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} - name: copyutil - volumeMounts: - - mountPath: /var/run/argocd - name: var-files containers: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} @@ -194,10 +183,24 @@ spec: name: var-files - emptyDir: {} name: plugins - {{- if .Values.repoServer.initContainers }} + {{- if or .Values.repoServer.initContainers .Values.repoServer.enableCopyutilInitContainer }} initContainers: + {{- if .Values.repoServer.enableCopyutilInitContainer }} + - command: + - cp + - -n + - /usr/local/bin/argocd + - /var/run/argocd/argocd-cmp-server + image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} + name: copyutil + volumeMounts: + - mountPath: /var/run/argocd + name: var-files + {{- end }} + {{- if .Values.repoServer.initContainers }} {{- toYaml .Values.repoServer.initContainers | nindent 6 }} {{- end }} + {{- end }} {{- if .Values.repoServer.priorityClassName }} priorityClassName: {{ .Values.repoServer.priorityClassName }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 58e2d52c..4fbf2a74 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1530,6 +1530,9 @@ repoServer: # name: custom-tools # subPath: helm + # -- Enable the copyutil init container + enableCopyutilInitContainer: true + ## Argo Configs configs: # -- Provide one or multiple [external cluster credentials] From e6a0802f4fe9c515aa352332083b3f174bfcfa3a Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Sat, 18 Dec 2021 22:08:57 +0000 Subject: [PATCH 0155/1248] fix(argo-cd): Revert initContainers copyUtil param (#1063) * fix(argo-cd): Revert initContainers copyUtil param Signed-off-by: Marko Bevc * Use correct keyword in annotations Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 4 ---- charts/argo-cd/values.yaml | 3 --- 4 files changed, 2 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2f2186a4..8cca168e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.29.2 +version: 3.29.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fix]: repo-server: merge initContainer to one section" + - "[Fixed]: repo-server: revert initContainer copyutil param" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index be610e24..caece20b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -316,7 +316,6 @@ NAME: my-release | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | | repoServer.containerSecurityContext | object | `{}` | Repo server container-level security context | -| repoServer.enableCopyutilInitContainer | bool | `true` | Enable the copyutil init container | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index e0a8648c..85e09fd4 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -183,9 +183,7 @@ spec: name: var-files - emptyDir: {} name: plugins - {{- if or .Values.repoServer.initContainers .Values.repoServer.enableCopyutilInitContainer }} initContainers: - {{- if .Values.repoServer.enableCopyutilInitContainer }} - command: - cp - -n @@ -196,11 +194,9 @@ spec: volumeMounts: - mountPath: /var/run/argocd name: var-files - {{- end }} {{- if .Values.repoServer.initContainers }} {{- toYaml .Values.repoServer.initContainers | nindent 6 }} {{- end }} - {{- end }} {{- if .Values.repoServer.priorityClassName }} priorityClassName: {{ .Values.repoServer.priorityClassName }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4fbf2a74..58e2d52c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1530,9 +1530,6 @@ repoServer: # name: custom-tools # subPath: helm - # -- Enable the copyutil init container - enableCopyutilInitContainer: true - ## Argo Configs configs: # -- Provide one or multiple [external cluster credentials] From ba6b528330cfe48936f2c602b8a98a8b22744e80 Mon Sep 17 00:00:00 2001 From: 66li <37136076+66li@users.noreply.github.com> Date: Mon, 20 Dec 2021 18:59:35 +0800 Subject: [PATCH 0156/1248] feat(argo-workflows): Upgrade argo-workflows to v3.2.6 (#1065) --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 742e12d7..74f552ef 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.9.3 -appVersion: v3.2.4 +version: 0.9.4 +appVersion: v3.2.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Added documentation and (default disabled) settings for dev-mode or delegated server authentication" + - "[Changed]: Update to app version v3.2.6" From dbcd02fd8d8e9a6a5a6cf2cfd5139e91469397ec Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 20 Dec 2021 18:27:04 +0100 Subject: [PATCH 0157/1248] fix(argo-cd): Add ArgoCDExtension CRD again (#1067) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/crds/crd-extension.yaml | 96 ++++++++++++++++++++++++++ 2 files changed, 98 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/crds/crd-extension.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8cca168e..bb9a9b30 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.1 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.29.3 +version: 3.29.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: repo-server: revert initContainer copyutil param" + - "[Fixed]: Add ArgoCDExtension CRD again. It was removed in chart version 3.29.0 by mistake." diff --git a/charts/argo-cd/crds/crd-extension.yaml b/charts/argo-cd/crds/crd-extension.yaml new file mode 100644 index 00000000..ddb11e70 --- /dev/null +++ b/charts/argo-cd/crds/crd-extension.yaml @@ -0,0 +1,96 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: argocdextensions.argoproj.io + app.kubernetes.io/part-of: argocd + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + name: argocdextensions.argoproj.io +spec: + group: argoproj.io + names: + kind: ArgoCDExtension + listKind: ArgoCDExtensionList + plural: argocdextensions + singular: argocdextension + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ArgoCDExtension is the Schema for the argocdextensions API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ArgoCDExtensionSpec defines the desired state of ArgoCDExtension + properties: + sources: + description: Sources specifies where the extension should come from + items: + description: ExtensionSource specifies where the extension should + be sourced from + properties: + git: + description: Git is specified if the extension should be sourced + from a git repository + properties: + revision: + description: Revision specifies the revision of the Repository + to fetch + type: string + url: + description: URL specifies the Git repository URL to fetch + type: string + type: object + web: + description: Web is specified if the extension should be sourced + from a web file + properties: + url: + description: URK specifies the remote file URL + type: string + type: object + type: object + type: array + required: + - sources + type: object + status: + description: ArgoCDExtensionStatus defines the observed state of ArgoCDExtension + properties: + conditions: + items: + properties: + message: + description: Message contains human-readable message indicating + details about condition + type: string + status: + description: Boolean status describing if the condition is currently + true + type: string + type: + description: Type is an ArgoCDExtension condition type + type: string + required: + - message + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true From 0ce72e302863304e33a04aa7718436c574864b86 Mon Sep 17 00:00:00 2001 From: Hendrik Maus Date: Mon, 20 Dec 2021 19:17:54 +0100 Subject: [PATCH 0158/1248] feat(argocd-notifications): Support new notification controller features from argoproj-labs/argocd-notifications#77 (#1066) * Support setting secret name Signed-off-by: Hendrik Maus * Support setting configmap name Signed-off-by: Hendrik Maus * Use the fullname template for secret name Signed-off-by: Hendrik Maus * Use the fullname template for configmap name Signed-off-by: Hendrik Maus * Bump chart version 1.6.1 -> 1.7.0 Signed-off-by: Hendrik Maus * Update changelog Signed-off-by: Hendrik Maus * Update README Signed-off-by: Hendrik Maus Co-authored-by: Marko Bevc --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/README.md | 2 ++ .../templates/_helpers.tpl | 23 +++++++++++++++++++ .../templates/configmap.yaml | 2 +- .../templates/deployment.yaml | 2 ++ .../templates/secret.yaml | 2 +- charts/argocd-notifications/values.yaml | 8 +++++++ 7 files changed, 39 insertions(+), 4 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 9b1d08b2..1c1fa2b5 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v1.2.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.6.1 +version: 1.7.0 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v1.2.1" + - "[Added]: Support for dynamic Secret and ConfigMap names" diff --git a/charts/argocd-notifications/README.md b/charts/argocd-notifications/README.md index bdc7af40..81bd8358 100644 --- a/charts/argocd-notifications/README.md +++ b/charts/argocd-notifications/README.md @@ -23,6 +23,7 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late | affinity | object | `{}` | Assign custom [affinity] rules | | argocdUrl | string | `nil` | ArgoCD dashboard url; used in place of {{.context.argocdUrl}} in templates | | cm.create | bool | `true` | Whether helm chart creates controller config map | +| cm.name | string | `""` | The name of the config map to use. | | containerSecurityContext | object | `{}` | Container Security Context | | context | object | `{}` | Define user-defined context | | extraArgs | list | `[]` | Extra arguments to provide to the controller | @@ -48,6 +49,7 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late | secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | secret.create | bool | `true` | Whether helm chart creates controller secret | | secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | +| secret.name | string | `""` | The name of the secret to use. | | securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | | serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | diff --git a/charts/argocd-notifications/templates/_helpers.tpl b/charts/argocd-notifications/templates/_helpers.tpl index 373c5495..fa7d89d0 100644 --- a/charts/argocd-notifications/templates/_helpers.tpl +++ b/charts/argocd-notifications/templates/_helpers.tpl @@ -113,3 +113,26 @@ Create the name of the bot service account to use {{ default "default" .Values.bots.slack.serviceAccount.name }} {{- end -}} {{- end -}} + +{{/* +Create the name of the secret to use +*/}} +{{- define "argocd-notifications.secretName" -}} +{{- if .Values.secret.create -}} + {{ default (printf "%s-secret" (include "argocd-notifications.fullname" .)) .Values.secret.name }} +{{- else -}} + {{ default "argocd-notifications-secret" .Values.secret.name }} +{{- end -}} +{{- end -}} + + +{{/* +Create the name of the configmap to use +*/}} +{{- define "argocd-notifications.configMapName" -}} +{{- if .Values.cm.create -}} + {{ default (printf "%s-cm" (include "argocd-notifications.fullname" .)) .Values.cm.name }} +{{- else -}} + {{ default "argocd-notifications-cm" .Values.cm.name }} +{{- end -}} +{{- end -}} diff --git a/charts/argocd-notifications/templates/configmap.yaml b/charts/argocd-notifications/templates/configmap.yaml index 7b5186c0..a9c00b6f 100644 --- a/charts/argocd-notifications/templates/configmap.yaml +++ b/charts/argocd-notifications/templates/configmap.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: argocd-notifications-cm + name: {{ include "argocd-notifications.configMapName" . }} labels: {{- include "argocd-notifications.labels" . | nindent 4 }} data: diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml index 0a91b0ac..b7458166 100644 --- a/charts/argocd-notifications/templates/deployment.yaml +++ b/charts/argocd-notifications/templates/deployment.yaml @@ -45,6 +45,8 @@ spec: {{- if .Values.metrics.enabled }} - --metrics-port={{ .Values.metrics.port }} {{- end }} + - --secret-name={{ include "argocd-notifications.secretName" . }} + - --config-map-name={{ include "argocd-notifications.configMapName" . }} {{- range .Values.extraArgs }} - {{ . | squote }} {{- end }} diff --git a/charts/argocd-notifications/templates/secret.yaml b/charts/argocd-notifications/templates/secret.yaml index ea1569c7..38dadadf 100644 --- a/charts/argocd-notifications/templates/secret.yaml +++ b/charts/argocd-notifications/templates/secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: argocd-notifications-secret + name: {{ include "argocd-notifications.secretName" . }} labels: {{- include "argocd-notifications.labels" . | nindent 4 }} {{- if .Values.secret.annotations }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index f3d32c66..054faffe 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -41,6 +41,10 @@ secret: # -- key:value pairs of annotations to be added to the secret annotations: {} + # -- The name of the secret to use. + ## If not set and create is true, the default name 'argocd-notifications-secret' is used + name: "" + # -- Generic key:value pairs to be inserted into the secret ## Can be used for templates, notification services etc. Some examples given below. ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ @@ -129,6 +133,10 @@ cm: # -- Whether helm chart creates controller config map create: true + # -- The name of the config map to use. + ## If not set and create is true, the default name 'argocd-notifications-cm' is used + name: "" + # -- Contains centrally managed global application subscriptions ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ subscriptions: {} From 0ee1099de92a77365823de079f2b2a463718c54f Mon Sep 17 00:00:00 2001 From: Tung Huynh <31434093+huynhsontung@users.noreply.github.com> Date: Mon, 20 Dec 2021 11:13:24 -0800 Subject: [PATCH 0159/1248] feat(argo-rollouts): Support HA mode for controller with multiple replicas (#1016) Signed-off-by: Tung Huynh <31434093+huynhsontung@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/controller/deployment.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 707b627a..12d9a3eb 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.6.0 +version: 2.7.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Ability to set the type of Service on the dashboard Service" + - "[Added]: Support high availability (HA) mode for controller with multiple replicas" diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index fc359d42..b1f80534 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -12,6 +12,7 @@ spec: {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} strategy: type: Recreate + replicas: {{ .Values.controller.replicas }} template: metadata: {{- with .Values.podAnnotations }} @@ -36,6 +37,9 @@ spec: {{- if not .Values.clusterInstall }} - --namespaced {{- end }} + {{- if gt .Values.controller.replicas 1.0 }} + - --leader-elect + {{- end }} {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index a598ad05..8988bbdb 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -11,6 +11,7 @@ controller: nodeSelector: {} tolerations: [] affinity: {} + replicas: 1 image: registry: quay.io repository: argoproj/argo-rollouts From daa6501137e99a61c580fff66e31a90e999ba433 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Tue, 4 Jan 2022 05:15:52 -0500 Subject: [PATCH 0160/1248] feat(argo-cd): Upgrade argocd to v2.2.2 (#1075) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bb9a9b30..acf3dc34 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.2.1 +appVersion: v2.2.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.29.4 +version: 3.29.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Add ArgoCDExtension CRD again. It was removed in chart version 3.29.0 by mistake." + - "[Changed]: Update to app version 2.2.2" From f518712c33d923f05f0d6978bbce3612d879b59e Mon Sep 17 00:00:00 2001 From: Maciej Lasyk Date: Wed, 5 Jan 2022 13:31:55 +0100 Subject: [PATCH 0161/1248] feat(argo-rollouts): Support LoadBalancer settings for dashboard Service (#1074) * feat(argo-rollouts): +LB service.type for dashboard svc Signed-off-by: Maciej Lasyk * Apply changes from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 5 +++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/templates/dashboard/service.yaml | 11 +++++++++++ charts/argo-rollouts/values.yaml | 6 ++++++ 4 files changed, 23 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 12d9a3eb..e389a4f5 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.7.0 +version: 2.8.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,5 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Support high availability (HA) mode for controller with multiple replicas" + - "[Added]: Ability to specify LoadBalancer settings for dashboard svc" + - "[Added]: Ability to specify external IPs for dashboard svc" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 19876ee7..77fccde7 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -72,6 +72,9 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | dashboard.extraArgs | list | `[]` | Additional arguments for the dashboard. A list of flags. | | dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | +| dashboard.service.externalIPs | list | `[]` | Dashboard service external IPs | +| dashboard.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | +| dashboard.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | | dashboard.service.type | string | `ClusterIP` | Sets the type of the Service | | dashboard.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | | dashboard.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml index b8605c58..4e3d7a65 100644 --- a/charts/argo-rollouts/templates/dashboard/service.yaml +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -11,6 +11,17 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + {{- with .Values.dashboard.service.externalIPs }} + externalIPs: {{- toYaml . | nindent 4 }} + {{- end }} + {{- if eq .Values.dashboard.service.type "LoadBalancer" }} + {{- with .Values.dashboard.service.loadBalancerIP }} + loadBalancerIP: {{ . | quote }} + {{- end }} + {{- with .Values.dashboard.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} type: {{ .Values.dashboard.service.type }} ports: - name: dashboard diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 8988bbdb..08148d85 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -128,6 +128,12 @@ dashboard: containerSecurityContext: {} service: type: ClusterIP + # -- LoadBalancer will get created with the IP specified in this field + loadBalancerIP: "" + # -- Source IP ranges to allow access to service from + loadBalancerSourceRanges: [] + # -- Dashboard service external IPs + externalIPs: [] serviceAccount: create: true annotations: {} From e7a27468b235d867929dd921f58c5fa11fb3850c Mon Sep 17 00:00:00 2001 From: Edward Nys <36994826+enys@users.noreply.github.com> Date: Thu, 6 Jan 2022 19:35:42 +0100 Subject: [PATCH 0162/1248] feat(argocd-applicationset): Update to app version v0.3.0 (#1070) --- .github/configs/ct-install.yaml | 3 +- charts/argocd-applicationset/Chart.yaml | 6 +- .../crds/crd-applicationset.yaml | 12992 ++++++++++++---- .../templates/deployment.yaml | 3 + .../templates/service.yaml | 14 + charts/argocd-applicationset/values.yaml | 2 +- 6 files changed, 10130 insertions(+), 2890 deletions(-) create mode 100644 charts/argocd-applicationset/templates/service.yaml diff --git a/.github/configs/ct-install.yaml b/.github/configs/ct-install.yaml index f2b9dc9e..e991d382 100644 --- a/.github/configs/ct-install.yaml +++ b/.github/configs/ct-install.yaml @@ -15,4 +15,5 @@ validate-chart-schema: false validate-maintainers: true validate-yaml: true exclude-deprecated: true -excluded-charts: [] +excluded-charts: + - "argocd-applicationset" diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 5185d857..387ee7ba 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.7.0 -appVersion: "v0.2.0" +version: 1.8.0 +appVersion: "v0.3.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: Add resources metrics-service and servicemonitor, not enabled by default." + - "[Changed]: Bumped argocd-applicationset to 0.3.0" diff --git a/charts/argocd-applicationset/crds/crd-applicationset.yaml b/charts/argocd-applicationset/crds/crd-applicationset.yaml index 9132148a..27b19912 100644 --- a/charts/argocd-applicationset/crds/crd-applicationset.yaml +++ b/charts/argocd-applicationset/crds/crd-applicationset.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -21,71 +20,32 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: ApplicationSet is a set of Application resources properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: ApplicationSetSpec represents a class of application set - state. properties: generators: items: - description: ApplicationSetGenerator include list item info properties: clusterDecisionResource: - description: DuckType defines a generator to match against clusters - registered with ArgoCD. properties: configMapRef: - description: ConfigMapRef is a ConfigMap with the duck type - definitions needed to retreive the data this - includes apiVersion(group/version), kind, matchKey and - validation settings Name is the resource name of the kind, - group and version, defined in the ConfigMapRef RequeueAfterSeconds - is how long before the duckType will be rechecked for - a change type: string labelSelector: - description: A label selector is a label query over a set - of resources. The result of matchLabels and matchExpressions - are ANDed. An empty label selector matches all objects. - A null label selector matches no objects. properties: matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. properties: key: - description: key is the label key that the selector - applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. items: type: string type: array @@ -97,11 +57,6 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. type: object type: object name: @@ -110,12 +65,8 @@ spec: format: int64 type: integer template: - description: ApplicationSetTemplate represents argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents the - Argo CD application fields that may be used for Applications - generated from the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -135,40 +86,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired application - state. Contains link to repository with application - definition and additional parameters link definition - revision. properties: destination: - description: Destination is a reference to the target - Kubernetes server and namespace properties: name: - description: Name is an alternate way of specifying - the target cluster by its symbolic name type: string namespace: - description: Namespace specifies the target - namespace for the application's resources. - The namespace will only be set for namespace-scoped - resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the - target cluster and must be set to the Kubernetes - control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list of resources - and their fields which should be ignored during - comparison items: - description: ResourceIgnoreDifferences contains - resource filter and list of json paths which - should be ignored during comparison with live - state. properties: group: type: string @@ -191,9 +120,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) that relates - to the application items: properties: name: @@ -206,58 +132,24 @@ spec: type: object type: array project: - description: Project is a reference to the project - this application belongs to. The empty string - means that application belongs to the 'default' - project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits the number - of items kept in the application's revision history, - which is used for informational purposes as well - as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. - Setting to zero will store no history. This will - reduce storage used. Increasing will increase - the space used to store the history, so we do - not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location - of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name, and - must be specified for applications sourced - from a Helm repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains a glob pattern - to match paths against that should be - explicitly excluded from being used during - manifest generation type: string include: - description: Include contains a glob pattern - to match paths against that should be - explicitly included during manifest generation type: string jsonnet: - description: Jsonnet holds options specific - to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet - External Variables items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -271,18 +163,11 @@ spec: type: object type: array libs: - description: Additional library search - dirs items: type: string type: array tlas: - description: TLAS is a list of Jsonnet - Top-level Arguments items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -297,91 +182,49 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to - scan a directory recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters - to the helm template items: - description: HelmFileParameter is a file - parameter that's passed to helm template - during manifest generation properties: name: - description: Name is the name of the - Helm parameter type: string path: - description: Path is the path to the - file containing the values for the - Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm - parameters which are passed to the helm - template command upon manifest generation items: - description: HelmParameter is a parameter - that's passed to helm template during - manifest generation properties: forceString: - description: ForceString determines - whether to tell Helm to interpret - booleans and numbers as strings type: boolean name: - description: Name is the name of the - Helm parameter type: string value: - description: Value is the value for - the Helm parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the Helm release - name to use. If omitted it will use the - application name type: string valueFiles: - description: ValuesFiles is a list of Helm - value files to use when generating a template items: type: string type: array values: - description: Values specifies Helm values - to be passed to helm template, typically - defined as a block type: string version: - description: Version is the Helm version - to use for templating (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet specific - options properties: environment: - description: Environment is a ksonnet application - environment name type: string parameters: - description: Parameters are a list of ksonnet - component parameter override values items: - description: KsonnetParameter is a ksonnet - component parameter properties: component: type: string @@ -396,77 +239,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize specific - options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list - of additional annotations to add to rendered - manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies - whether to force applying common labels - to resources for Kustomize apps type: boolean images: - description: Images is a list of Kustomize - image override specifications items: - description: KustomizeImage represents - a Kustomize image definition in the - format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended - to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended - to resources for Kustomize apps type: string version: - description: Version controls which version - of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within - the Git repository, and is only valid for - applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config - management plugin specific options properties: env: - description: Env is a list of environment - variable entries items: - description: EnvEntry represents an entry - in the application's environment properties: name: - description: Name is the name of the - variable, usually expressed in uppercase type: string value: - description: Value is the value of - the variable type: string required: - name @@ -477,82 +283,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application - manifests type: string targetRevision: - description: TargetRevision defines the revision - of the source to sync the application to. - In case of Git, this can be commit, tag, or - branch. If omitted, will equal to HEAD. In - case of Helm, this is a semver tag for the - Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when and how a - sync will be performed properties: automated: - description: Automated will keep an application - synced to the target revision properties: allowEmpty: - description: 'AllowEmpty allows apps have - zero live resources (default: false)' type: boolean prune: - description: 'Prune specifies whether to - delete resources from the cluster that - are not found in the sources anymore as - part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether - to revert resources back to their desired - state upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed sync retry - behavior properties: backoff: - description: Backoff controls how to backoff - on subsequent retries of failed syncs properties: duration: - description: Duration is the amount - to back off. Default unit is seconds, - but could also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor to multiply - the base duration after each failed - retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum - amount of time allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum number - of attempts for retrying a failed sync. - If set to 0, no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to specify whole - app sync-options items: type: string type: array @@ -569,46 +333,22 @@ spec: values: additionalProperties: type: string - description: Values contains key/value pairs which are passed - directly as parameters to the template type: object required: - configMapRef type: object clusters: - description: ClusterGenerator defines a generator to match against - clusters registered with ArgoCD. properties: selector: - description: Selector defines a label selector to match - against all clusters registered with ArgoCD. Clusters - today are stored as Kubernetes Secrets, thus the Secret - labels will be used for matching the selector. properties: matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. properties: key: - description: key is the label key that the selector - applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. items: type: string type: array @@ -620,20 +360,11 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. type: object type: object template: - description: ApplicationSetTemplate represents argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents the - Argo CD application fields that may be used for Applications - generated from the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -653,40 +384,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired application - state. Contains link to repository with application - definition and additional parameters link definition - revision. properties: destination: - description: Destination is a reference to the target - Kubernetes server and namespace properties: name: - description: Name is an alternate way of specifying - the target cluster by its symbolic name type: string namespace: - description: Namespace specifies the target - namespace for the application's resources. - The namespace will only be set for namespace-scoped - resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the - target cluster and must be set to the Kubernetes - control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list of resources - and their fields which should be ignored during - comparison items: - description: ResourceIgnoreDifferences contains - resource filter and list of json paths which - should be ignored during comparison with live - state. properties: group: type: string @@ -709,9 +418,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) that relates - to the application items: properties: name: @@ -724,58 +430,24 @@ spec: type: object type: array project: - description: Project is a reference to the project - this application belongs to. The empty string - means that application belongs to the 'default' - project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits the number - of items kept in the application's revision history, - which is used for informational purposes as well - as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. - Setting to zero will store no history. This will - reduce storage used. Increasing will increase - the space used to store the history, so we do - not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location - of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name, and - must be specified for applications sourced - from a Helm repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains a glob pattern - to match paths against that should be - explicitly excluded from being used during - manifest generation type: string include: - description: Include contains a glob pattern - to match paths against that should be - explicitly included during manifest generation type: string jsonnet: - description: Jsonnet holds options specific - to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet - External Variables items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -789,18 +461,11 @@ spec: type: object type: array libs: - description: Additional library search - dirs items: type: string type: array tlas: - description: TLAS is a list of Jsonnet - Top-level Arguments items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -815,91 +480,49 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to - scan a directory recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters - to the helm template items: - description: HelmFileParameter is a file - parameter that's passed to helm template - during manifest generation properties: name: - description: Name is the name of the - Helm parameter type: string path: - description: Path is the path to the - file containing the values for the - Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm - parameters which are passed to the helm - template command upon manifest generation items: - description: HelmParameter is a parameter - that's passed to helm template during - manifest generation properties: forceString: - description: ForceString determines - whether to tell Helm to interpret - booleans and numbers as strings type: boolean name: - description: Name is the name of the - Helm parameter type: string value: - description: Value is the value for - the Helm parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the Helm release - name to use. If omitted it will use the - application name type: string valueFiles: - description: ValuesFiles is a list of Helm - value files to use when generating a template items: type: string type: array values: - description: Values specifies Helm values - to be passed to helm template, typically - defined as a block type: string version: - description: Version is the Helm version - to use for templating (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet specific - options properties: environment: - description: Environment is a ksonnet application - environment name type: string parameters: - description: Parameters are a list of ksonnet - component parameter override values items: - description: KsonnetParameter is a ksonnet - component parameter properties: component: type: string @@ -914,77 +537,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize specific - options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list - of additional annotations to add to rendered - manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies - whether to force applying common labels - to resources for Kustomize apps type: boolean images: - description: Images is a list of Kustomize - image override specifications items: - description: KustomizeImage represents - a Kustomize image definition in the - format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended - to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended - to resources for Kustomize apps type: string version: - description: Version controls which version - of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within - the Git repository, and is only valid for - applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config - management plugin specific options properties: env: - description: Env is a list of environment - variable entries items: - description: EnvEntry represents an entry - in the application's environment properties: name: - description: Name is the name of the - variable, usually expressed in uppercase type: string value: - description: Value is the value of - the variable type: string required: - name @@ -995,82 +581,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application - manifests type: string targetRevision: - description: TargetRevision defines the revision - of the source to sync the application to. - In case of Git, this can be commit, tag, or - branch. If omitted, will equal to HEAD. In - case of Helm, this is a semver tag for the - Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when and how a - sync will be performed properties: automated: - description: Automated will keep an application - synced to the target revision properties: allowEmpty: - description: 'AllowEmpty allows apps have - zero live resources (default: false)' type: boolean prune: - description: 'Prune specifies whether to - delete resources from the cluster that - are not found in the sources anymore as - part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether - to revert resources back to their desired - state upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed sync retry - behavior properties: backoff: - description: Backoff controls how to backoff - on subsequent retries of failed syncs properties: duration: - description: Duration is the amount - to back off. Default unit is seconds, - but could also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor to multiply - the base duration after each failed - retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum - amount of time allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum number - of attempts for retrying a failed sync. - If set to 0, no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to specify whole - app sync-options items: type: string type: array @@ -1087,8 +631,6 @@ spec: values: additionalProperties: type: string - description: Values contains key/value pairs which are passed - directly as parameters to the template type: object type: object git: @@ -1121,12 +663,8 @@ spec: revision: type: string template: - description: ApplicationSetTemplate represents argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents the - Argo CD application fields that may be used for Applications - generated from the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -1146,40 +684,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired application - state. Contains link to repository with application - definition and additional parameters link definition - revision. properties: destination: - description: Destination is a reference to the target - Kubernetes server and namespace properties: name: - description: Name is an alternate way of specifying - the target cluster by its symbolic name type: string namespace: - description: Namespace specifies the target - namespace for the application's resources. - The namespace will only be set for namespace-scoped - resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the - target cluster and must be set to the Kubernetes - control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list of resources - and their fields which should be ignored during - comparison items: - description: ResourceIgnoreDifferences contains - resource filter and list of json paths which - should be ignored during comparison with live - state. properties: group: type: string @@ -1202,9 +718,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) that relates - to the application items: properties: name: @@ -1217,58 +730,24 @@ spec: type: object type: array project: - description: Project is a reference to the project - this application belongs to. The empty string - means that application belongs to the 'default' - project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits the number - of items kept in the application's revision history, - which is used for informational purposes as well - as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. - Setting to zero will store no history. This will - reduce storage used. Increasing will increase - the space used to store the history, so we do - not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location - of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name, and - must be specified for applications sourced - from a Helm repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains a glob pattern - to match paths against that should be - explicitly excluded from being used during - manifest generation type: string include: - description: Include contains a glob pattern - to match paths against that should be - explicitly included during manifest generation type: string jsonnet: - description: Jsonnet holds options specific - to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet - External Variables items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -1282,18 +761,11 @@ spec: type: object type: array libs: - description: Additional library search - dirs items: type: string type: array tlas: - description: TLAS is a list of Jsonnet - Top-level Arguments items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -1308,91 +780,49 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to - scan a directory recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters - to the helm template items: - description: HelmFileParameter is a file - parameter that's passed to helm template - during manifest generation properties: name: - description: Name is the name of the - Helm parameter type: string path: - description: Path is the path to the - file containing the values for the - Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm - parameters which are passed to the helm - template command upon manifest generation items: - description: HelmParameter is a parameter - that's passed to helm template during - manifest generation properties: forceString: - description: ForceString determines - whether to tell Helm to interpret - booleans and numbers as strings type: boolean name: - description: Name is the name of the - Helm parameter type: string value: - description: Value is the value for - the Helm parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the Helm release - name to use. If omitted it will use the - application name type: string valueFiles: - description: ValuesFiles is a list of Helm - value files to use when generating a template items: type: string type: array values: - description: Values specifies Helm values - to be passed to helm template, typically - defined as a block type: string version: - description: Version is the Helm version - to use for templating (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet specific - options properties: environment: - description: Environment is a ksonnet application - environment name type: string parameters: - description: Parameters are a list of ksonnet - component parameter override values items: - description: KsonnetParameter is a ksonnet - component parameter properties: component: type: string @@ -1407,77 +837,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize specific - options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list - of additional annotations to add to rendered - manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies - whether to force applying common labels - to resources for Kustomize apps type: boolean images: - description: Images is a list of Kustomize - image override specifications items: - description: KustomizeImage represents - a Kustomize image definition in the - format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended - to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended - to resources for Kustomize apps type: string version: - description: Version controls which version - of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within - the Git repository, and is only valid for - applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config - management plugin specific options properties: env: - description: Env is a list of environment - variable entries items: - description: EnvEntry represents an entry - in the application's environment properties: name: - description: Name is the name of the - variable, usually expressed in uppercase type: string value: - description: Value is the value of - the variable type: string required: - name @@ -1488,82 +881,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application - manifests type: string targetRevision: - description: TargetRevision defines the revision - of the source to sync the application to. - In case of Git, this can be commit, tag, or - branch. If omitted, will equal to HEAD. In - case of Helm, this is a semver tag for the - Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when and how a - sync will be performed properties: automated: - description: Automated will keep an application - synced to the target revision properties: allowEmpty: - description: 'AllowEmpty allows apps have - zero live resources (default: false)' type: boolean prune: - description: 'Prune specifies whether to - delete resources from the cluster that - are not found in the sources anymore as - part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether - to revert resources back to their desired - state upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed sync retry - behavior properties: backoff: - description: Backoff controls how to backoff - on subsequent retries of failed syncs properties: duration: - description: Duration is the amount - to back off. Default unit is seconds, - but could also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor to multiply - the base duration after each failed - retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum - amount of time allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum number - of attempts for retrying a failed sync. - If set to 0, no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to specify whole - app sync-options items: type: string type: array @@ -1582,19 +933,14 @@ spec: - revision type: object list: - description: ListGenerator include items info properties: elements: items: x-kubernetes-preserve-unknown-fields: true type: array template: - description: ApplicationSetTemplate represents argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents the - Argo CD application fields that may be used for Applications - generated from the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -1614,40 +960,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired application - state. Contains link to repository with application - definition and additional parameters link definition - revision. properties: destination: - description: Destination is a reference to the target - Kubernetes server and namespace properties: name: - description: Name is an alternate way of specifying - the target cluster by its symbolic name type: string namespace: - description: Namespace specifies the target - namespace for the application's resources. - The namespace will only be set for namespace-scoped - resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the - target cluster and must be set to the Kubernetes - control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list of resources - and their fields which should be ignored during - comparison items: - description: ResourceIgnoreDifferences contains - resource filter and list of json paths which - should be ignored during comparison with live - state. properties: group: type: string @@ -1670,9 +994,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) that relates - to the application items: properties: name: @@ -1685,58 +1006,24 @@ spec: type: object type: array project: - description: Project is a reference to the project - this application belongs to. The empty string - means that application belongs to the 'default' - project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits the number - of items kept in the application's revision history, - which is used for informational purposes as well - as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. - Setting to zero will store no history. This will - reduce storage used. Increasing will increase - the space used to store the history, so we do - not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location - of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name, and - must be specified for applications sourced - from a Helm repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains a glob pattern - to match paths against that should be - explicitly excluded from being used during - manifest generation type: string include: - description: Include contains a glob pattern - to match paths against that should be - explicitly included during manifest generation type: string jsonnet: - description: Jsonnet holds options specific - to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet - External Variables items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -1750,18 +1037,11 @@ spec: type: object type: array libs: - description: Additional library search - dirs items: type: string type: array tlas: - description: TLAS is a list of Jsonnet - Top-level Arguments items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -1776,91 +1056,49 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to - scan a directory recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters - to the helm template items: - description: HelmFileParameter is a file - parameter that's passed to helm template - during manifest generation properties: name: - description: Name is the name of the - Helm parameter type: string path: - description: Path is the path to the - file containing the values for the - Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm - parameters which are passed to the helm - template command upon manifest generation items: - description: HelmParameter is a parameter - that's passed to helm template during - manifest generation properties: forceString: - description: ForceString determines - whether to tell Helm to interpret - booleans and numbers as strings type: boolean name: - description: Name is the name of the - Helm parameter type: string value: - description: Value is the value for - the Helm parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the Helm release - name to use. If omitted it will use the - application name type: string valueFiles: - description: ValuesFiles is a list of Helm - value files to use when generating a template items: type: string type: array values: - description: Values specifies Helm values - to be passed to helm template, typically - defined as a block type: string version: - description: Version is the Helm version - to use for templating (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet specific - options properties: environment: - description: Environment is a ksonnet application - environment name type: string parameters: - description: Parameters are a list of ksonnet - component parameter override values items: - description: KsonnetParameter is a ksonnet - component parameter properties: component: type: string @@ -1875,77 +1113,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize specific - options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list - of additional annotations to add to rendered - manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies - whether to force applying common labels - to resources for Kustomize apps type: boolean images: - description: Images is a list of Kustomize - image override specifications items: - description: KustomizeImage represents - a Kustomize image definition in the - format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended - to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended - to resources for Kustomize apps type: string version: - description: Version controls which version - of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within - the Git repository, and is only valid for - applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config - management plugin specific options properties: env: - description: Env is a list of environment - variable entries items: - description: EnvEntry represents an entry - in the application's environment properties: name: - description: Name is the name of the - variable, usually expressed in uppercase type: string value: - description: Value is the value of - the variable type: string required: - name @@ -1956,82 +1157,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application - manifests type: string targetRevision: - description: TargetRevision defines the revision - of the source to sync the application to. - In case of Git, this can be commit, tag, or - branch. If omitted, will equal to HEAD. In - case of Helm, this is a semver tag for the - Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when and how a - sync will be performed properties: automated: - description: Automated will keep an application - synced to the target revision properties: allowEmpty: - description: 'AllowEmpty allows apps have - zero live resources (default: false)' type: boolean prune: - description: 'Prune specifies whether to - delete resources from the cluster that - are not found in the sources anymore as - part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether - to revert resources back to their desired - state upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed sync retry - behavior properties: backoff: - description: Backoff controls how to backoff - on subsequent retries of failed syncs properties: duration: - description: Duration is the amount - to back off. Default unit is seconds, - but could also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor to multiply - the base duration after each failed - retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum - amount of time allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum number - of attempts for retrying a failed sync. - If set to 0, no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to specify whole - app sync-options items: type: string type: array @@ -2049,63 +1208,24 @@ spec: - elements type: object matrix: - description: MatrixGenerator include Other generators properties: generators: items: - description: ApplicationSetBaseGenerator include list - item info CRD dosn't support recursive types so we need - a different type for the matrix generator https://github.com/kubernetes-sigs/controller-tools/issues/477 properties: clusterDecisionResource: - description: DuckType defines a generator to match - against clusters registered with ArgoCD. properties: configMapRef: - description: ConfigMapRef is a ConfigMap with - the duck type definitions needed to retreive - the data this includes apiVersion(group/version), - kind, matchKey and validation settings Name - is the resource name of the kind, group and - version, defined in the ConfigMapRef RequeueAfterSeconds - is how long before the duckType will be rechecked - for a change type: string labelSelector: - description: A label selector is a label query - over a set of resources. The result of matchLabels - and matchExpressions are ANDed. An empty label - selector matches all objects. A null label selector - matches no objects. properties: matchExpressions: - description: matchExpressions is a list of - label selector requirements. The requirements - are ANDed. items: - description: A label selector requirement - is a selector that contains values, a - key, and an operator that relates the - key and values. properties: key: - description: key is the label key that - the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -2117,12 +1237,6 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only - "value". The requirements are ANDed. type: object type: object name: @@ -2131,14 +1245,8 @@ spec: format: int64 type: integer template: - description: ApplicationSetTemplate represents - argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents - the Argo CD application fields that may - be used for Applications generated from - the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -2158,44 +1266,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired - application state. Contains link to repository - with application definition and additional - parameters link definition revision. properties: destination: - description: Destination is a reference - to the target Kubernetes server and - namespace properties: name: - description: Name is an alternate - way of specifying the target cluster - by its symbolic name type: string namespace: - description: Namespace specifies the - target namespace for the application's - resources. The namespace will only - be set for namespace-scoped resources - that have not set a value for .metadata.namespace type: string server: - description: Server specifies the - URL of the target cluster and must - be set to the Kubernetes control - plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list - of resources and their fields which - should be ignored during comparison items: - description: ResourceIgnoreDifferences - contains resource filter and list - of json paths which should be ignored - during comparison with live state. properties: group: type: string @@ -2218,9 +1300,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) - that relates to the application items: properties: name: @@ -2233,67 +1312,24 @@ spec: type: object type: array project: - description: Project is a reference to - the project this application belongs - to. The empty string means that application - belongs to the 'default' project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits - the number of items kept in the application's - revision history, which is used for - informational purposes as well as for - rollbacks to previous versions. This - should only be changed in exceptional - circumstances. Setting to zero will - store no history. This will reduce storage - used. Increasing will increase the space - used to store the history, so we do - not recommend increasing it. Default - is 10. format: int64 type: integer source: - description: Source is a reference to - the location of the application's manifests - or chart properties: chart: - description: Chart is a Helm chart - name, and must be specified for - applications sourced from a Helm - repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains - a glob pattern to match paths - against that should be explicitly - excluded from being used during - manifest generation type: string include: - description: Include contains - a glob pattern to match paths - against that should be explicitly - included during manifest generation type: string jsonnet: - description: Jsonnet holds options - specific to Jsonnet properties: extVars: - description: ExtVars is a - list of Jsonnet External - Variables items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -2307,19 +1343,11 @@ spec: type: object type: array libs: - description: Additional library - search dirs items: type: string type: array tlas: - description: TLAS is a list - of Jsonnet Top-level Arguments items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -2334,106 +1362,49 @@ spec: type: array type: object recurse: - description: Recurse specifies - whether to scan a directory - recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific - options properties: fileParameters: - description: FileParameters are - file parameters to the helm - template items: - description: HelmFileParameter - is a file parameter that's - passed to helm template during - manifest generation properties: name: - description: Name is the - name of the Helm parameter type: string path: - description: Path is the - path to the file containing - the values for the Helm - parameter type: string type: object type: array parameters: - description: Parameters is a list - of Helm parameters which are - passed to the helm template - command upon manifest generation items: - description: HelmParameter is - a parameter that's passed - to helm template during manifest - generation properties: forceString: - description: ForceString - determines whether to - tell Helm to interpret - booleans and numbers as - strings type: boolean name: - description: Name is the - name of the Helm parameter type: string value: - description: Value is the - value for the Helm parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the - Helm release name to use. If - omitted it will use the application - name type: string valueFiles: - description: ValuesFiles is a - list of Helm value files to - use when generating a template items: type: string type: array values: - description: Values specifies - Helm values to be passed to - helm template, typically defined - as a block type: string version: - description: Version is the Helm - version to use for templating - (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet - specific options properties: environment: - description: Environment is a - ksonnet application environment - name type: string parameters: - description: Parameters are a - list of ksonnet component parameter - override values items: - description: KsonnetParameter - is a ksonnet component parameter properties: component: type: string @@ -2448,88 +1419,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize - specific options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations - is a list of additional annotations - to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a - list of additional labels to - add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations - specifies whether to force applying - common annotations to resources - for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels - specifies whether to force applying - common labels to resources for - Kustomize apps type: boolean images: - description: Images is a list - of Kustomize image override - specifications items: - description: KustomizeImage - represents a Kustomize image - definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix - appended to resources for Kustomize - apps type: string nameSuffix: - description: NameSuffix is a suffix - appended to resources for Kustomize - apps type: string version: - description: Version controls - which version of Kustomize to - use for rendering manifests type: string type: object path: - description: Path is a directory path - within the Git repository, and is - only valid for applications sourced - from Git. type: string plugin: - description: ConfigManagementPlugin - holds config management plugin specific - options properties: env: - description: Env is a list of - environment variable entries items: - description: EnvEntry represents - an entry in the application's - environment properties: name: - description: Name is the - name of the variable, - usually expressed in uppercase type: string value: - description: Value is the - value of the variable type: string required: - name @@ -2540,92 +1463,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to - the repository (Git or Helm) that - contains the application manifests type: string targetRevision: - description: TargetRevision defines - the revision of the source to sync - the application to. In case of Git, - this can be commit, tag, or branch. - If omitted, will equal to HEAD. - In case of Helm, this is a semver - tag for the Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when - and how a sync will be performed properties: automated: - description: Automated will keep an - application synced to the target - revision properties: allowEmpty: - description: 'AllowEmpty allows - apps have zero live resources - (default: false)' type: boolean prune: - description: 'Prune specifies - whether to delete resources - from the cluster that are not - found in the sources anymore - as part of automated sync (default: - false)' type: boolean selfHeal: - description: 'SelfHeal specifes - whether to revert resources - back to their desired state - upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed - sync retry behavior properties: backoff: - description: Backoff controls - how to backoff on subsequent - retries of failed syncs properties: duration: - description: Duration is the - amount to back off. Default - unit is seconds, but could - also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor - to multiply the base duration - after each failed retry format: int64 type: integer maxDuration: - description: MaxDuration is - the maximum amount of time - allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum - number of attempts for retrying - a failed sync. If set to 0, - no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to - specify whole app sync-options items: type: string type: array @@ -2642,51 +1513,22 @@ spec: values: additionalProperties: type: string - description: Values contains key/value pairs which - are passed directly as parameters to the template type: object required: - configMapRef type: object clusters: - description: ClusterGenerator defines a generator - to match against clusters registered with ArgoCD. properties: selector: - description: Selector defines a label selector - to match against all clusters registered with - ArgoCD. Clusters today are stored as Kubernetes - Secrets, thus the Secret labels will be used - for matching the selector. properties: matchExpressions: - description: matchExpressions is a list of - label selector requirements. The requirements - are ANDed. items: - description: A label selector requirement - is a selector that contains values, a - key, and an operator that relates the - key and values. properties: key: - description: key is the label key that - the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -2698,23 +1540,11 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only - "value". The requirements are ANDed. type: object type: object template: - description: ApplicationSetTemplate represents - argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents - the Argo CD application fields that may - be used for Applications generated from - the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -2734,44 +1564,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired - application state. Contains link to repository - with application definition and additional - parameters link definition revision. properties: destination: - description: Destination is a reference - to the target Kubernetes server and - namespace properties: name: - description: Name is an alternate - way of specifying the target cluster - by its symbolic name type: string namespace: - description: Namespace specifies the - target namespace for the application's - resources. The namespace will only - be set for namespace-scoped resources - that have not set a value for .metadata.namespace type: string server: - description: Server specifies the - URL of the target cluster and must - be set to the Kubernetes control - plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list - of resources and their fields which - should be ignored during comparison items: - description: ResourceIgnoreDifferences - contains resource filter and list - of json paths which should be ignored - during comparison with live state. properties: group: type: string @@ -2794,9 +1598,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) - that relates to the application items: properties: name: @@ -2809,67 +1610,24 @@ spec: type: object type: array project: - description: Project is a reference to - the project this application belongs - to. The empty string means that application - belongs to the 'default' project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits - the number of items kept in the application's - revision history, which is used for - informational purposes as well as for - rollbacks to previous versions. This - should only be changed in exceptional - circumstances. Setting to zero will - store no history. This will reduce storage - used. Increasing will increase the space - used to store the history, so we do - not recommend increasing it. Default - is 10. format: int64 type: integer source: - description: Source is a reference to - the location of the application's manifests - or chart properties: chart: - description: Chart is a Helm chart - name, and must be specified for - applications sourced from a Helm - repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains - a glob pattern to match paths - against that should be explicitly - excluded from being used during - manifest generation type: string include: - description: Include contains - a glob pattern to match paths - against that should be explicitly - included during manifest generation type: string jsonnet: - description: Jsonnet holds options - specific to Jsonnet properties: extVars: - description: ExtVars is a - list of Jsonnet External - Variables items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -2883,19 +1641,11 @@ spec: type: object type: array libs: - description: Additional library - search dirs items: type: string type: array tlas: - description: TLAS is a list - of Jsonnet Top-level Arguments items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -2910,106 +1660,49 @@ spec: type: array type: object recurse: - description: Recurse specifies - whether to scan a directory - recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific - options properties: fileParameters: - description: FileParameters are - file parameters to the helm - template items: - description: HelmFileParameter - is a file parameter that's - passed to helm template during - manifest generation properties: name: - description: Name is the - name of the Helm parameter type: string path: - description: Path is the - path to the file containing - the values for the Helm - parameter type: string type: object type: array parameters: - description: Parameters is a list - of Helm parameters which are - passed to the helm template - command upon manifest generation items: - description: HelmParameter is - a parameter that's passed - to helm template during manifest - generation properties: forceString: - description: ForceString - determines whether to - tell Helm to interpret - booleans and numbers as - strings type: boolean name: - description: Name is the - name of the Helm parameter type: string value: - description: Value is the - value for the Helm parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the - Helm release name to use. If - omitted it will use the application - name type: string valueFiles: - description: ValuesFiles is a - list of Helm value files to - use when generating a template items: type: string type: array values: - description: Values specifies - Helm values to be passed to - helm template, typically defined - as a block type: string version: - description: Version is the Helm - version to use for templating - (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet - specific options properties: environment: - description: Environment is a - ksonnet application environment - name type: string parameters: - description: Parameters are a - list of ksonnet component parameter - override values items: - description: KsonnetParameter - is a ksonnet component parameter properties: component: type: string @@ -3024,88 +1717,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize - specific options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations - is a list of additional annotations - to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a - list of additional labels to - add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations - specifies whether to force applying - common annotations to resources - for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels - specifies whether to force applying - common labels to resources for - Kustomize apps type: boolean images: - description: Images is a list - of Kustomize image override - specifications items: - description: KustomizeImage - represents a Kustomize image - definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix - appended to resources for Kustomize - apps type: string nameSuffix: - description: NameSuffix is a suffix - appended to resources for Kustomize - apps type: string version: - description: Version controls - which version of Kustomize to - use for rendering manifests type: string type: object path: - description: Path is a directory path - within the Git repository, and is - only valid for applications sourced - from Git. type: string plugin: - description: ConfigManagementPlugin - holds config management plugin specific - options properties: env: - description: Env is a list of - environment variable entries items: - description: EnvEntry represents - an entry in the application's - environment properties: name: - description: Name is the - name of the variable, - usually expressed in uppercase type: string value: - description: Value is the - value of the variable type: string required: - name @@ -3116,92 +1761,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to - the repository (Git or Helm) that - contains the application manifests type: string targetRevision: - description: TargetRevision defines - the revision of the source to sync - the application to. In case of Git, - this can be commit, tag, or branch. - If omitted, will equal to HEAD. - In case of Helm, this is a semver - tag for the Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when - and how a sync will be performed properties: automated: - description: Automated will keep an - application synced to the target - revision properties: allowEmpty: - description: 'AllowEmpty allows - apps have zero live resources - (default: false)' type: boolean prune: - description: 'Prune specifies - whether to delete resources - from the cluster that are not - found in the sources anymore - as part of automated sync (default: - false)' type: boolean selfHeal: - description: 'SelfHeal specifes - whether to revert resources - back to their desired state - upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed - sync retry behavior properties: backoff: - description: Backoff controls - how to backoff on subsequent - retries of failed syncs properties: duration: - description: Duration is the - amount to back off. Default - unit is seconds, but could - also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor - to multiply the base duration - after each failed retry format: int64 type: integer maxDuration: - description: MaxDuration is - the maximum amount of time - allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum - number of attempts for retrying - a failed sync. If set to 0, - no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to - specify whole app sync-options items: type: string type: array @@ -3218,8 +1811,6 @@ spec: values: additionalProperties: type: string - description: Values contains key/value pairs which - are passed directly as parameters to the template type: object type: object git: @@ -3252,14 +1843,8 @@ spec: revision: type: string template: - description: ApplicationSetTemplate represents - argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents - the Argo CD application fields that may - be used for Applications generated from - the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -3279,44 +1864,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired - application state. Contains link to repository - with application definition and additional - parameters link definition revision. properties: destination: - description: Destination is a reference - to the target Kubernetes server and - namespace properties: name: - description: Name is an alternate - way of specifying the target cluster - by its symbolic name type: string namespace: - description: Namespace specifies the - target namespace for the application's - resources. The namespace will only - be set for namespace-scoped resources - that have not set a value for .metadata.namespace type: string server: - description: Server specifies the - URL of the target cluster and must - be set to the Kubernetes control - plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list - of resources and their fields which - should be ignored during comparison items: - description: ResourceIgnoreDifferences - contains resource filter and list - of json paths which should be ignored - during comparison with live state. properties: group: type: string @@ -3339,9 +1898,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) - that relates to the application items: properties: name: @@ -3354,67 +1910,24 @@ spec: type: object type: array project: - description: Project is a reference to - the project this application belongs - to. The empty string means that application - belongs to the 'default' project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits - the number of items kept in the application's - revision history, which is used for - informational purposes as well as for - rollbacks to previous versions. This - should only be changed in exceptional - circumstances. Setting to zero will - store no history. This will reduce storage - used. Increasing will increase the space - used to store the history, so we do - not recommend increasing it. Default - is 10. format: int64 type: integer source: - description: Source is a reference to - the location of the application's manifests - or chart properties: chart: - description: Chart is a Helm chart - name, and must be specified for - applications sourced from a Helm - repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains - a glob pattern to match paths - against that should be explicitly - excluded from being used during - manifest generation type: string include: - description: Include contains - a glob pattern to match paths - against that should be explicitly - included during manifest generation type: string jsonnet: - description: Jsonnet holds options - specific to Jsonnet properties: extVars: - description: ExtVars is a - list of Jsonnet External - Variables items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -3428,19 +1941,11 @@ spec: type: object type: array libs: - description: Additional library - search dirs items: type: string type: array tlas: - description: TLAS is a list - of Jsonnet Top-level Arguments items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -3455,106 +1960,49 @@ spec: type: array type: object recurse: - description: Recurse specifies - whether to scan a directory - recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific - options properties: fileParameters: - description: FileParameters are - file parameters to the helm - template items: - description: HelmFileParameter - is a file parameter that's - passed to helm template during - manifest generation properties: name: - description: Name is the - name of the Helm parameter type: string path: - description: Path is the - path to the file containing - the values for the Helm - parameter type: string type: object type: array parameters: - description: Parameters is a list - of Helm parameters which are - passed to the helm template - command upon manifest generation items: - description: HelmParameter is - a parameter that's passed - to helm template during manifest - generation properties: forceString: - description: ForceString - determines whether to - tell Helm to interpret - booleans and numbers as - strings type: boolean name: - description: Name is the - name of the Helm parameter type: string value: - description: Value is the - value for the Helm parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the - Helm release name to use. If - omitted it will use the application - name type: string valueFiles: - description: ValuesFiles is a - list of Helm value files to - use when generating a template items: type: string type: array values: - description: Values specifies - Helm values to be passed to - helm template, typically defined - as a block type: string version: - description: Version is the Helm - version to use for templating - (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet - specific options properties: environment: - description: Environment is a - ksonnet application environment - name type: string parameters: - description: Parameters are a - list of ksonnet component parameter - override values items: - description: KsonnetParameter - is a ksonnet component parameter properties: component: type: string @@ -3569,88 +2017,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize - specific options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations - is a list of additional annotations - to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a - list of additional labels to - add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations - specifies whether to force applying - common annotations to resources - for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels - specifies whether to force applying - common labels to resources for - Kustomize apps type: boolean images: - description: Images is a list - of Kustomize image override - specifications items: - description: KustomizeImage - represents a Kustomize image - definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix - appended to resources for Kustomize - apps type: string nameSuffix: - description: NameSuffix is a suffix - appended to resources for Kustomize - apps type: string version: - description: Version controls - which version of Kustomize to - use for rendering manifests type: string type: object path: - description: Path is a directory path - within the Git repository, and is - only valid for applications sourced - from Git. type: string plugin: - description: ConfigManagementPlugin - holds config management plugin specific - options properties: env: - description: Env is a list of - environment variable entries items: - description: EnvEntry represents - an entry in the application's - environment properties: name: - description: Name is the - name of the variable, - usually expressed in uppercase type: string value: - description: Value is the - value of the variable type: string required: - name @@ -3661,92 +2061,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to - the repository (Git or Helm) that - contains the application manifests type: string targetRevision: - description: TargetRevision defines - the revision of the source to sync - the application to. In case of Git, - this can be commit, tag, or branch. - If omitted, will equal to HEAD. - In case of Helm, this is a semver - tag for the Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when - and how a sync will be performed properties: automated: - description: Automated will keep an - application synced to the target - revision properties: allowEmpty: - description: 'AllowEmpty allows - apps have zero live resources - (default: false)' type: boolean prune: - description: 'Prune specifies - whether to delete resources - from the cluster that are not - found in the sources anymore - as part of automated sync (default: - false)' type: boolean selfHeal: - description: 'SelfHeal specifes - whether to revert resources - back to their desired state - upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed - sync retry behavior properties: backoff: - description: Backoff controls - how to backoff on subsequent - retries of failed syncs properties: duration: - description: Duration is the - amount to back off. Default - unit is seconds, but could - also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor - to multiply the base duration - after each failed retry format: int64 type: integer maxDuration: - description: MaxDuration is - the maximum amount of time - allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum - number of attempts for retrying - a failed sync. If set to 0, - no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to - specify whole app sync-options items: type: string type: array @@ -3765,21 +2113,14 @@ spec: - revision type: object list: - description: ListGenerator include items info properties: elements: items: x-kubernetes-preserve-unknown-fields: true type: array template: - description: ApplicationSetTemplate represents - argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents - the Argo CD application fields that may - be used for Applications generated from - the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -3799,44 +2140,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired - application state. Contains link to repository - with application definition and additional - parameters link definition revision. properties: destination: - description: Destination is a reference - to the target Kubernetes server and - namespace properties: name: - description: Name is an alternate - way of specifying the target cluster - by its symbolic name type: string namespace: - description: Namespace specifies the - target namespace for the application's - resources. The namespace will only - be set for namespace-scoped resources - that have not set a value for .metadata.namespace type: string server: - description: Server specifies the - URL of the target cluster and must - be set to the Kubernetes control - plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list - of resources and their fields which - should be ignored during comparison items: - description: ResourceIgnoreDifferences - contains resource filter and list - of json paths which should be ignored - during comparison with live state. properties: group: type: string @@ -3859,9 +2174,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) - that relates to the application items: properties: name: @@ -3874,67 +2186,24 @@ spec: type: object type: array project: - description: Project is a reference to - the project this application belongs - to. The empty string means that application - belongs to the 'default' project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits - the number of items kept in the application's - revision history, which is used for - informational purposes as well as for - rollbacks to previous versions. This - should only be changed in exceptional - circumstances. Setting to zero will - store no history. This will reduce storage - used. Increasing will increase the space - used to store the history, so we do - not recommend increasing it. Default - is 10. format: int64 type: integer source: - description: Source is a reference to - the location of the application's manifests - or chart properties: chart: - description: Chart is a Helm chart - name, and must be specified for - applications sourced from a Helm - repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains - a glob pattern to match paths - against that should be explicitly - excluded from being used during - manifest generation type: string include: - description: Include contains - a glob pattern to match paths - against that should be explicitly - included during manifest generation type: string jsonnet: - description: Jsonnet holds options - specific to Jsonnet properties: extVars: - description: ExtVars is a - list of Jsonnet External - Variables items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -3948,19 +2217,11 @@ spec: type: object type: array libs: - description: Additional library - search dirs items: type: string type: array tlas: - description: TLAS is a list - of Jsonnet Top-level Arguments items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -3975,106 +2236,49 @@ spec: type: array type: object recurse: - description: Recurse specifies - whether to scan a directory - recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific - options properties: fileParameters: - description: FileParameters are - file parameters to the helm - template items: - description: HelmFileParameter - is a file parameter that's - passed to helm template during - manifest generation properties: name: - description: Name is the - name of the Helm parameter type: string path: - description: Path is the - path to the file containing - the values for the Helm - parameter type: string type: object type: array parameters: - description: Parameters is a list - of Helm parameters which are - passed to the helm template - command upon manifest generation items: - description: HelmParameter is - a parameter that's passed - to helm template during manifest - generation properties: forceString: - description: ForceString - determines whether to - tell Helm to interpret - booleans and numbers as - strings type: boolean name: - description: Name is the - name of the Helm parameter type: string value: - description: Value is the - value for the Helm parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the - Helm release name to use. If - omitted it will use the application - name type: string valueFiles: - description: ValuesFiles is a - list of Helm value files to - use when generating a template items: type: string type: array values: - description: Values specifies - Helm values to be passed to - helm template, typically defined - as a block type: string version: - description: Version is the Helm - version to use for templating - (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet - specific options properties: environment: - description: Environment is a - ksonnet application environment - name type: string parameters: - description: Parameters are a - list of ksonnet component parameter - override values items: - description: KsonnetParameter - is a ksonnet component parameter properties: component: type: string @@ -4089,88 +2293,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize - specific options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations - is a list of additional annotations - to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a - list of additional labels to - add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations - specifies whether to force applying - common annotations to resources - for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels - specifies whether to force applying - common labels to resources for - Kustomize apps type: boolean images: - description: Images is a list - of Kustomize image override - specifications items: - description: KustomizeImage - represents a Kustomize image - definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix - appended to resources for Kustomize - apps type: string nameSuffix: - description: NameSuffix is a suffix - appended to resources for Kustomize - apps type: string version: - description: Version controls - which version of Kustomize to - use for rendering manifests type: string type: object path: - description: Path is a directory path - within the Git repository, and is - only valid for applications sourced - from Git. type: string plugin: - description: ConfigManagementPlugin - holds config management plugin specific - options properties: env: - description: Env is a list of - environment variable entries items: - description: EnvEntry represents - an entry in the application's - environment properties: name: - description: Name is the - name of the variable, - usually expressed in uppercase type: string value: - description: Value is the - value of the variable type: string required: - name @@ -4181,92 +2337,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to - the repository (Git or Helm) that - contains the application manifests type: string targetRevision: - description: TargetRevision defines - the revision of the source to sync - the application to. In case of Git, - this can be commit, tag, or branch. - If omitted, will equal to HEAD. - In case of Helm, this is a semver - tag for the Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when - and how a sync will be performed properties: automated: - description: Automated will keep an - application synced to the target - revision properties: allowEmpty: - description: 'AllowEmpty allows - apps have zero live resources - (default: false)' type: boolean prune: - description: 'Prune specifies - whether to delete resources - from the cluster that are not - found in the sources anymore - as part of automated sync (default: - false)' type: boolean selfHeal: - description: 'SelfHeal specifes - whether to revert resources - back to their desired state - upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed - sync retry behavior properties: backoff: - description: Backoff controls - how to backoff on subsequent - retries of failed syncs properties: duration: - description: Duration is the - amount to back off. Default - unit is seconds, but could - also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor - to multiply the base duration - after each failed retry format: int64 type: integer maxDuration: - description: MaxDuration is - the maximum amount of time - allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum - number of attempts for retrying - a failed sync. If set to 0, - no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to - specify whole app sync-options items: type: string type: array @@ -4283,62 +2387,3658 @@ spec: required: - elements type: object - scmProvider: - description: SCMProviderGenerator defines a generator - that scrapes a SCMaaS API to find candidate repos. + matrix: properties: - cloneProtocol: - description: Which protocol to use for the SCM - URL. Default is provider-specific but ssh if - possible. Not all providers necessarily support - all protocols. - type: string - filters: - description: Filters for which repos should be - considered. + generators: items: - description: SCMProviderGeneratorFilter is a - single repository filter. If multiple filter - types are set on a single struct, they will - be AND'd together. All filters must pass for - a repo to be included. properties: - branchMatch: - description: A regex which must match the - branch name. - type: string - labelMatch: - description: A regex which must match at - least one label. - type: string - pathsExist: - description: An array of paths, all of which - must exist. - items: - type: string - type: array - repositoryMatch: - description: A regex for repo names. - type: string + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + pullRequest: + properties: + github: + properties: + api: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object type: object type: array + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + pullRequest: + properties: + github: + properties: + api: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array + required: + - generators + - mergeKeys + type: object + pullRequest: + properties: github: - description: Which provider to use and config - for it. properties: - allBranches: - description: Scan all branches instead of - just the default branch. - type: boolean api: - description: The GitHub API URL to talk to. - If blank, use https://api.github.com/. type: string - organization: - description: GitHub org to scan. Required. + labels: + items: + type: string + type: array + owner: + type: string + repo: type: string tokenRef: - description: Authentication token reference. properties: key: type: string @@ -4349,56 +6049,15 @@ spec: - secretName type: object required: - - organization - type: object - gitlab: - description: SCMProviderGeneratorGitlab defines - a connection info specific to Gitlab. - properties: - allBranches: - description: Scan all branches instead of - just the default branch. - type: boolean - api: - description: The Gitlab API URL to talk to. - type: string - group: - description: Gitlab group to scan. Required. You - can use either the project id (recommended) - or the full namespaced path. - type: string - includeSubgroups: - description: Recurse through subgroups (true) - or scan only the base group (false). Defaults - to "false" - type: boolean - tokenRef: - description: Authentication token reference. - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group + - owner + - repo type: object requeueAfterSeconds: - description: Standard parameters. format: int64 type: integer template: - description: ApplicationSetTemplate represents - argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents - the Argo CD application fields that may - be used for Applications generated from - the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -4418,44 +6077,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired - application state. Contains link to repository - with application definition and additional - parameters link definition revision. properties: destination: - description: Destination is a reference - to the target Kubernetes server and - namespace properties: name: - description: Name is an alternate - way of specifying the target cluster - by its symbolic name type: string namespace: - description: Namespace specifies the - target namespace for the application's - resources. The namespace will only - be set for namespace-scoped resources - that have not set a value for .metadata.namespace type: string server: - description: Server specifies the - URL of the target cluster and must - be set to the Kubernetes control - plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list - of resources and their fields which - should be ignored during comparison items: - description: ResourceIgnoreDifferences - contains resource filter and list - of json paths which should be ignored - during comparison with live state. properties: group: type: string @@ -4478,9 +6111,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) - that relates to the application items: properties: name: @@ -4493,67 +6123,24 @@ spec: type: object type: array project: - description: Project is a reference to - the project this application belongs - to. The empty string means that application - belongs to the 'default' project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits - the number of items kept in the application's - revision history, which is used for - informational purposes as well as for - rollbacks to previous versions. This - should only be changed in exceptional - circumstances. Setting to zero will - store no history. This will reduce storage - used. Increasing will increase the space - used to store the history, so we do - not recommend increasing it. Default - is 10. format: int64 type: integer source: - description: Source is a reference to - the location of the application's manifests - or chart properties: chart: - description: Chart is a Helm chart - name, and must be specified for - applications sourced from a Helm - repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains - a glob pattern to match paths - against that should be explicitly - excluded from being used during - manifest generation type: string include: - description: Include contains - a glob pattern to match paths - against that should be explicitly - included during manifest generation type: string jsonnet: - description: Jsonnet holds options - specific to Jsonnet properties: extVars: - description: ExtVars is a - list of Jsonnet External - Variables items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -4567,19 +6154,11 @@ spec: type: object type: array libs: - description: Additional library - search dirs items: type: string type: array tlas: - description: TLAS is a list - of Jsonnet Top-level Arguments items: - description: JsonnetVar - represents a variable - to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -4594,106 +6173,382 @@ spec: type: array type: object recurse: - description: Recurse specifies - whether to scan a directory - recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific - options properties: fileParameters: - description: FileParameters are - file parameters to the helm - template items: - description: HelmFileParameter - is a file parameter that's - passed to helm template during - manifest generation properties: name: - description: Name is the - name of the Helm parameter type: string path: - description: Path is the - path to the file containing - the values for the Helm - parameter type: string type: object type: array parameters: - description: Parameters is a list - of Helm parameters which are - passed to the helm template - command upon manifest generation items: - description: HelmParameter is - a parameter that's passed - to helm template during manifest - generation properties: forceString: - description: ForceString - determines whether to - tell Helm to interpret - booleans and numbers as - strings type: boolean name: - description: Name is the - name of the Helm parameter type: string value: - description: Value is the - value for the Helm parameter type: string type: object type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the - Helm release name to use. If - omitted it will use the application - name type: string valueFiles: - description: ValuesFiles is a - list of Helm value files to - use when generating a template items: type: string type: array values: - description: Values specifies - Helm values to be passed to - helm template, typically defined - as a block type: string version: - description: Version is the Helm - version to use for templating - (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet - specific options properties: environment: - description: Environment is a - ksonnet application environment - name type: string parameters: - description: Parameters are a - list of ksonnet component parameter - override values items: - description: KsonnetParameter - is a ksonnet component parameter properties: component: type: string @@ -4708,88 +6563,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize - specific options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations - is a list of additional annotations - to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a - list of additional labels to - add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations - specifies whether to force applying - common annotations to resources - for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels - specifies whether to force applying - common labels to resources for - Kustomize apps type: boolean images: - description: Images is a list - of Kustomize image override - specifications items: - description: KustomizeImage - represents a Kustomize image - definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix - appended to resources for Kustomize - apps type: string nameSuffix: - description: NameSuffix is a suffix - appended to resources for Kustomize - apps type: string version: - description: Version controls - which version of Kustomize to - use for rendering manifests type: string type: object path: - description: Path is a directory path - within the Git repository, and is - only valid for applications sourced - from Git. type: string plugin: - description: ConfigManagementPlugin - holds config management plugin specific - options properties: env: - description: Env is a list of - environment variable entries items: - description: EnvEntry represents - an entry in the application's - environment properties: name: - description: Name is the - name of the variable, - usually expressed in uppercase type: string value: - description: Value is the - value of the variable type: string required: - name @@ -4800,92 +6607,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to - the repository (Git or Helm) that - contains the application manifests type: string targetRevision: - description: TargetRevision defines - the revision of the source to sync - the application to. In case of Git, - this can be commit, tag, or branch. - If omitted, will equal to HEAD. - In case of Helm, this is a semver - tag for the Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when - and how a sync will be performed properties: automated: - description: Automated will keep an - application synced to the target - revision properties: allowEmpty: - description: 'AllowEmpty allows - apps have zero live resources - (default: false)' type: boolean prune: - description: 'Prune specifies - whether to delete resources - from the cluster that are not - found in the sources anymore - as part of automated sync (default: - false)' type: boolean selfHeal: - description: 'SelfHeal specifes - whether to revert resources - back to their desired state - upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed - sync retry behavior properties: backoff: - description: Backoff controls - how to backoff on subsequent - retries of failed syncs properties: duration: - description: Duration is the - amount to back off. Default - unit is seconds, but could - also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor - to multiply the base duration - after each failed retry format: int64 type: integer maxDuration: - description: MaxDuration is - the maximum amount of time - allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum - number of attempts for retrying - a failed sync. If set to 0, - no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to - specify whole app sync-options items: type: string type: array @@ -4903,12 +6658,8 @@ spec: type: object type: array template: - description: ApplicationSetTemplate represents argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents the - Argo CD application fields that may be used for Applications - generated from the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -4928,40 +6679,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired application - state. Contains link to repository with application - definition and additional parameters link definition - revision. properties: destination: - description: Destination is a reference to the target - Kubernetes server and namespace properties: name: - description: Name is an alternate way of specifying - the target cluster by its symbolic name type: string namespace: - description: Namespace specifies the target - namespace for the application's resources. - The namespace will only be set for namespace-scoped - resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the - target cluster and must be set to the Kubernetes - control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list of resources - and their fields which should be ignored during - comparison items: - description: ResourceIgnoreDifferences contains - resource filter and list of json paths which - should be ignored during comparison with live - state. properties: group: type: string @@ -4984,9 +6713,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) that relates - to the application items: properties: name: @@ -4999,58 +6725,24 @@ spec: type: object type: array project: - description: Project is a reference to the project - this application belongs to. The empty string - means that application belongs to the 'default' - project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits the number - of items kept in the application's revision history, - which is used for informational purposes as well - as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. - Setting to zero will store no history. This will - reduce storage used. Increasing will increase - the space used to store the history, so we do - not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location - of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name, and - must be specified for applications sourced - from a Helm repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains a glob pattern - to match paths against that should be - explicitly excluded from being used during - manifest generation type: string include: - description: Include contains a glob pattern - to match paths against that should be - explicitly included during manifest generation type: string jsonnet: - description: Jsonnet holds options specific - to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet - External Variables items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -5064,18 +6756,11 @@ spec: type: object type: array libs: - description: Additional library search - dirs items: type: string type: array tlas: - description: TLAS is a list of Jsonnet - Top-level Arguments items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -5090,91 +6775,49 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to - scan a directory recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters - to the helm template items: - description: HelmFileParameter is a file - parameter that's passed to helm template - during manifest generation properties: name: - description: Name is the name of the - Helm parameter type: string path: - description: Path is the path to the - file containing the values for the - Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm - parameters which are passed to the helm - template command upon manifest generation items: - description: HelmParameter is a parameter - that's passed to helm template during - manifest generation properties: forceString: - description: ForceString determines - whether to tell Helm to interpret - booleans and numbers as strings type: boolean name: - description: Name is the name of the - Helm parameter type: string value: - description: Value is the value for - the Helm parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the Helm release - name to use. If omitted it will use the - application name type: string valueFiles: - description: ValuesFiles is a list of Helm - value files to use when generating a template items: type: string type: array values: - description: Values specifies Helm values - to be passed to helm template, typically - defined as a block type: string version: - description: Version is the Helm version - to use for templating (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet specific - options properties: environment: - description: Environment is a ksonnet application - environment name type: string parameters: - description: Parameters are a list of ksonnet - component parameter override values items: - description: KsonnetParameter is a ksonnet - component parameter properties: component: type: string @@ -5189,77 +6832,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize specific - options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list - of additional annotations to add to rendered - manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies - whether to force applying common labels - to resources for Kustomize apps type: boolean images: - description: Images is a list of Kustomize - image override specifications items: - description: KustomizeImage represents - a Kustomize image definition in the - format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended - to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended - to resources for Kustomize apps type: string version: - description: Version controls which version - of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within - the Git repository, and is only valid for - applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config - management plugin specific options properties: env: - description: Env is a list of environment - variable entries items: - description: EnvEntry represents an entry - in the application's environment properties: name: - description: Name is the name of the - variable, usually expressed in uppercase type: string value: - description: Value is the value of - the variable type: string required: - name @@ -5270,82 +6876,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application - manifests type: string targetRevision: - description: TargetRevision defines the revision - of the source to sync the application to. - In case of Git, this can be commit, tag, or - branch. If omitted, will equal to HEAD. In - case of Helm, this is a semver tag for the - Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when and how a - sync will be performed properties: automated: - description: Automated will keep an application - synced to the target revision properties: allowEmpty: - description: 'AllowEmpty allows apps have - zero live resources (default: false)' type: boolean prune: - description: 'Prune specifies whether to - delete resources from the cluster that - are not found in the sources anymore as - part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether - to revert resources back to their desired - state upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed sync retry - behavior properties: backoff: - description: Backoff controls how to backoff - on subsequent retries of failed syncs properties: duration: - description: Duration is the amount - to back off. Default unit is seconds, - but could also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor to multiply - the base duration after each failed - retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum - amount of time allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum number - of attempts for retrying a failed sync. - If set to 0, no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to specify whole - app sync-options items: type: string type: array @@ -5362,114 +6926,5463 @@ spec: required: - generators type: object - scmProvider: - description: SCMProviderGenerator defines a generator that scrapes - a SCMaaS API to find candidate repos. + merge: properties: - cloneProtocol: - description: Which protocol to use for the SCM URL. Default - is provider-specific but ssh if possible. Not all providers - necessarily support all protocols. - type: string - filters: - description: Filters for which repos should be considered. + generators: items: - description: SCMProviderGeneratorFilter is a single repository - filter. If multiple filter types are set on a single - struct, they will be AND'd together. All filters must - pass for a repo to be included. properties: - branchMatch: - description: A regex which must match the branch name. - type: string - labelMatch: - description: A regex which must match at least one - label. - type: string - pathsExist: - description: An array of paths, all of which must - exist. - items: - type: string - type: array - repositoryMatch: - description: A regex for repo names. - type: string + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + matrix: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + pullRequest: + properties: + github: + properties: + api: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + type: object + type: array + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + pullRequest: + properties: + github: + properties: + api: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array + required: + - generators + - mergeKeys + type: object + pullRequest: + properties: + github: + properties: + api: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object type: object type: array - github: - description: Which provider to use and config for it. - properties: - allBranches: - description: Scan all branches instead of just the default - branch. - type: boolean - api: - description: The GitHub API URL to talk to. If blank, - use https://api.github.com/. - type: string - organization: - description: GitHub org to scan. Required. - type: string - tokenRef: - description: Authentication token reference. - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - description: SCMProviderGeneratorGitlab defines a connection - info specific to Gitlab. - properties: - allBranches: - description: Scan all branches instead of just the default - branch. - type: boolean - api: - description: The Gitlab API URL to talk to. - type: string - group: - description: Gitlab group to scan. Required. You can - use either the project id (recommended) or the full - namespaced path. - type: string - includeSubgroups: - description: Recurse through subgroups (true) or scan - only the base group (false). Defaults to "false" - type: boolean - tokenRef: - description: Authentication token reference. - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - description: Standard parameters. - format: int64 - type: integer + mergeKeys: + items: + type: string + type: array template: - description: ApplicationSetTemplate represents argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents the - Argo CD application fields that may be used for Applications - generated from the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -5489,40 +12402,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired application - state. Contains link to repository with application - definition and additional parameters link definition - revision. properties: destination: - description: Destination is a reference to the target - Kubernetes server and namespace properties: name: - description: Name is an alternate way of specifying - the target cluster by its symbolic name type: string namespace: - description: Namespace specifies the target - namespace for the application's resources. - The namespace will only be set for namespace-scoped - resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the - target cluster and must be set to the Kubernetes - control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list of resources - and their fields which should be ignored during - comparison items: - description: ResourceIgnoreDifferences contains - resource filter and list of json paths which - should be ignored during comparison with live - state. properties: group: type: string @@ -5545,9 +12436,6 @@ spec: type: object type: array info: - description: Info contains a list of information - (URLs, email addresses, and plain text) that relates - to the application items: properties: name: @@ -5560,58 +12448,24 @@ spec: type: object type: array project: - description: Project is a reference to the project - this application belongs to. The empty string - means that application belongs to the 'default' - project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits the number - of items kept in the application's revision history, - which is used for informational purposes as well - as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. - Setting to zero will store no history. This will - reduce storage used. Increasing will increase - the space used to store the history, so we do - not recommend increasing it. Default is 10. format: int64 type: integer source: - description: Source is a reference to the location - of the application's manifests or chart properties: chart: - description: Chart is a Helm chart name, and - must be specified for applications sourced - from a Helm repo. type: string directory: - description: Directory holds path/directory - specific options properties: exclude: - description: Exclude contains a glob pattern - to match paths against that should be - explicitly excluded from being used during - manifest generation type: string include: - description: Include contains a glob pattern - to match paths against that should be - explicitly included during manifest generation type: string jsonnet: - description: Jsonnet holds options specific - to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet - External Variables items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -5625,18 +12479,11 @@ spec: type: object type: array libs: - description: Additional library search - dirs items: type: string type: array tlas: - description: TLAS is a list of Jsonnet - Top-level Arguments items: - description: JsonnetVar represents - a variable to be passed to jsonnet - during manifest generation properties: code: type: boolean @@ -5651,91 +12498,683 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to - scan a directory recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters - to the helm template items: - description: HelmFileParameter is a file - parameter that's passed to helm template - during manifest generation properties: name: - description: Name is the name of the - Helm parameter type: string path: - description: Path is the path to the - file containing the values for the - Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm - parameters which are passed to the helm - template command upon manifest generation items: - description: HelmParameter is a parameter - that's passed to helm template during - manifest generation properties: forceString: - description: ForceString determines - whether to tell Helm to interpret - booleans and numbers as strings type: boolean name: - description: Name is the name of the - Helm parameter type: string value: - description: Value is the value for - the Helm parameter type: string type: object type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + pullRequest: + properties: + github: + properties: + api: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the Helm release - name to use. If omitted it will use the - application name type: string valueFiles: - description: ValuesFiles is a list of Helm - value files to use when generating a template items: type: string type: array values: - description: Values specifies Helm values - to be passed to helm template, typically - defined as a block type: string version: - description: Version is the Helm version - to use for templating (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet specific - options properties: environment: - description: Environment is a ksonnet application - environment name type: string parameters: - description: Parameters are a list of ksonnet - component parameter override values items: - description: KsonnetParameter is a ksonnet - component parameter properties: component: type: string @@ -5750,77 +13189,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize specific - options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list - of additional annotations to add to rendered - manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies - whether to force applying common labels - to resources for Kustomize apps type: boolean images: - description: Images is a list of Kustomize - image override specifications items: - description: KustomizeImage represents - a Kustomize image definition in the - format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended - to resources for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended - to resources for Kustomize apps type: string version: - description: Version controls which version - of Kustomize to use for rendering manifests type: string type: object path: - description: Path is a directory path within - the Git repository, and is only valid for - applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config - management plugin specific options properties: env: - description: Env is a list of environment - variable entries items: - description: EnvEntry represents an entry - in the application's environment properties: name: - description: Name is the name of the - variable, usually expressed in uppercase type: string value: - description: Value is the value of - the variable type: string required: - name @@ -5831,82 +13233,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application - manifests type: string targetRevision: - description: TargetRevision defines the revision - of the source to sync the application to. - In case of Git, this can be commit, tag, or - branch. If omitted, will equal to HEAD. In - case of Helm, this is a semver tag for the - Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when and how a - sync will be performed properties: automated: - description: Automated will keep an application - synced to the target revision properties: allowEmpty: - description: 'AllowEmpty allows apps have - zero live resources (default: false)' type: boolean prune: - description: 'Prune specifies whether to - delete resources from the cluster that - are not found in the sources anymore as - part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether - to revert resources back to their desired - state upon modification in the cluster - (default: false)' type: boolean type: object retry: - description: Retry controls failed sync retry - behavior properties: backoff: - description: Backoff controls how to backoff - on subsequent retries of failed syncs properties: duration: - description: Duration is the amount - to back off. Default unit is seconds, - but could also be a duration (e.g. - "2m", "1h") type: string factor: - description: Factor is a factor to multiply - the base duration after each failed - retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum - amount of time allowed for the backoff - strategy type: string type: object limit: - description: Limit is the maximum number - of attempts for retrying a failed sync. - If set to 0, no retries will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to specify whole - app sync-options items: type: string type: array @@ -5924,22 +13284,13 @@ spec: type: object type: array syncPolicy: - description: ApplicationSetSyncPolicy configures how generated Applications - will relate to their ApplicationSet. properties: preserveResourcesOnDeletion: - description: PreserveResourcesOnDeletion will preserve resources - on deletion. If PreserveResourcesOnDeletion is set to true, - these Applications will not be deleted. type: boolean type: object template: - description: ApplicationSetTemplate represents argocd ApplicationSpec properties: metadata: - description: ApplicationSetTemplateMeta represents the Argo CD - application fields that may be used for Applications generated - from the ApplicationSet (based on metav1.ObjectMeta) properties: annotations: additionalProperties: @@ -5959,36 +13310,18 @@ spec: type: string type: object spec: - description: ApplicationSpec represents desired application state. - Contains link to repository with application definition and - additional parameters link definition revision. properties: destination: - description: Destination is a reference to the target Kubernetes - server and namespace properties: name: - description: Name is an alternate way of specifying the - target cluster by its symbolic name type: string namespace: - description: Namespace specifies the target namespace - for the application's resources. The namespace will - only be set for namespace-scoped resources that have - not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster - and must be set to the Kubernetes control plane API type: string type: object ignoreDifferences: - description: IgnoreDifferences is a list of resources and - their fields which should be ignored during comparison items: - description: ResourceIgnoreDifferences contains resource - filter and list of json paths which should be ignored - during comparison with live state. properties: group: type: string @@ -6011,8 +13344,6 @@ spec: type: object type: array info: - description: Info contains a list of information (URLs, email - addresses, and plain text) that relates to the application items: properties: name: @@ -6025,51 +13356,24 @@ spec: type: object type: array project: - description: Project is a reference to the project this application - belongs to. The empty string means that application belongs - to the 'default' project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits the number of items - kept in the application's revision history, which is used - for informational purposes as well as for rollbacks to previous - versions. This should only be changed in exceptional circumstances. - Setting to zero will store no history. This will reduce - storage used. Increasing will increase the space used to - store the history, so we do not recommend increasing it. - Default is 10. format: int64 type: integer source: - description: Source is a reference to the location of the - application's manifests or chart properties: chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. type: string directory: - description: Directory holds path/directory specific options properties: exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation type: string include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation type: string jsonnet: - description: Jsonnet holds options specific to Jsonnet properties: extVars: - description: ExtVars is a list of Jsonnet External - Variables items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -6083,16 +13387,11 @@ spec: type: object type: array libs: - description: Additional library search dirs items: type: string type: array tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation properties: code: type: boolean @@ -6107,84 +13406,49 @@ spec: type: array type: object recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests type: boolean type: object helm: - description: Helm holds helm specific options properties: fileParameters: - description: FileParameters are file parameters to - the helm template items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation properties: name: - description: Name is the name of the Helm parameter type: string path: - description: Path is the path to the file containing - the values for the Helm parameter type: string type: object type: array parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation properties: forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings type: boolean name: - description: Name is the name of the Helm parameter type: string value: - description: Value is the value for the Helm - parameter type: string type: object type: array + passCredentials: + type: boolean releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name type: string valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template items: type: string type: array values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block type: string version: - description: Version is the Helm version to use for - templating (either "2" or "3") type: string type: object ksonnet: - description: Ksonnet holds ksonnet specific options properties: environment: - description: Environment is a ksonnet application - environment name type: string parameters: - description: Parameters are a list of ksonnet component - parameter override values items: - description: KsonnetParameter is a ksonnet component - parameter properties: component: type: string @@ -6199,72 +13463,40 @@ spec: type: array type: object kustomize: - description: Kustomize holds kustomize specific options properties: commonAnnotations: additionalProperties: type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests type: object commonLabels: additionalProperties: type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests type: object forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps type: boolean forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps type: boolean images: - description: Images is a list of Kustomize image override - specifications items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: type: string type: array namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps type: string nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps type: string version: - description: Version controls which version of Kustomize - to use for rendering manifests type: string type: object path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options properties: env: - description: Env is a list of environment variable - entries items: - description: EnvEntry represents an entry in the - application's environment properties: name: - description: Name is the name of the variable, - usually expressed in uppercase type: string value: - description: Value is the value of the variable type: string required: - name @@ -6275,73 +13507,40 @@ spec: type: string type: object repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. type: string required: - repoURL type: object syncPolicy: - description: SyncPolicy controls when and how a sync will - be performed properties: automated: - description: Automated will keep an application synced - to the target revision properties: allowEmpty: - description: 'AllowEmpty allows apps have zero live - resources (default: false)' type: boolean prune: - description: 'Prune specifies whether to delete resources - from the cluster that are not found in the sources - anymore as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether to revert - resources back to their desired state upon modification - in the cluster (default: false)' type: boolean type: object retry: - description: Retry controls failed sync retry behavior properties: backoff: - description: Backoff controls how to backoff on subsequent - retries of failed syncs properties: duration: - description: Duration is the amount to back off. - Default unit is seconds, but could also be a - duration (e.g. "2m", "1h") type: string factor: - description: Factor is a factor to multiply the - base duration after each failed retry format: int64 type: integer maxDuration: - description: MaxDuration is the maximum amount - of time allowed for the backoff strategy type: string type: object limit: - description: Limit is the maximum number of attempts - for retrying a failed sync. If set to 0, no retries - will be performed. format: int64 type: integer type: object syncOptions: - description: Options allow you to specify whole app sync-options items: type: string type: array @@ -6360,7 +13559,28 @@ spec: - template type: object status: - description: ApplicationSetStatus defines the observed state of ApplicationSet + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - message + - reason + - status + - type + type: object + type: array type: object required: - metadata @@ -6368,6 +13588,8 @@ spec: type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index b40c94d2..34b7ee49 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -56,6 +56,9 @@ spec: - name: metrics containerPort: {{ (split ":" .Values.args.metricsAddr)._1 }} protocol: TCP + - name: webhook + containerPort: 7000 + protocol: TCP resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: diff --git a/charts/argocd-applicationset/templates/service.yaml b/charts/argocd-applicationset/templates/service.yaml new file mode 100644 index 00000000..550bfbbe --- /dev/null +++ b/charts/argocd-applicationset/templates/service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argo-applicationset.fullname" . }} + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} +spec: + ports: + - name: webhook + port: 7000 + protocol: TCP + targetPort: webhook + selector: + {{- include "argo-applicationset.selectorLabels" . | nindent 6 }} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index c493e28a..56289f77 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -56,7 +56,7 @@ metrics: # prometheus: kube-prometheus # -- Prometheus ServiceMonitor namespace - namespace: "" # monitoring + namespace: "" # monitoring # -- Prometheus ServiceMonitor labels additionalLabels: {} From 9bfd353b6b495672904775c43cb42989be62a1f8 Mon Sep 17 00:00:00 2001 From: Jos van Bakel Date: Sun, 9 Jan 2022 19:07:37 +0100 Subject: [PATCH 0163/1248] feat(argocd-applicationset): Add ingress for webhook (#1059) * feat(argocd-applicationset): Add service and ingress for webhook Signed-off-by: Jos van Bakel * Bump chart version Signed-off-by: Marco Kilchhofer * Cleanup README Signed-off-by: Marco Kilchhofer * Cleanup values.yaml Signed-off-by: Jos van Bakel * Add missing var 'kubeVersionOverride' to values and README Signed-off-by: Marco Kilchhofer * Clarify changelog Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 4 +- charts/argocd-applicationset/README.md | 13 ++- charts/argocd-applicationset/README.md.gotmpl | 3 +- .../templates/_helpers.tpl | 22 +++++ .../templates/webhook-ingress.yaml | 89 +++++++++++++++++++ charts/argocd-applicationset/values.yaml | 55 ++++++++++++ 6 files changed, 182 insertions(+), 4 deletions(-) create mode 100644 charts/argocd-applicationset/templates/webhook-ingress.yaml diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 387ee7ba..68f2b3b1 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.8.0 +version: 1.9.0 appVersion: "v0.3.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Changed]: Bumped argocd-applicationset to 0.3.0" + - "[Added]: Add ingress for webhook, not enabled by default." diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index 53fd218f..c1abad4d 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -57,6 +57,7 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | Key | Type | Default | Description | |-----|------|---------|-------------| | affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | +| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | args.argocdRepoServer | string | `"argocd-repo-server:8081"` | The default Argo CD repo server address | | args.debug | bool | `false` | Print debug logs | | args.dryRun | bool | `false` | Enable dry run mode | @@ -73,6 +74,7 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | image.repository | string | `"quay.io/argoproj/argocd-applicationset"` | The image repository | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | metrics.enabled | bool | `false` | Deploy metrics service | | metrics.service.annotations | object | `{}` | Metrics service annotations | | metrics.service.labels | object | `{}` | Metrics service labels | @@ -102,6 +104,15 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | +| webhook.ingress.annotations | object | `{}` | Additional ingress annotations | +| webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | +| webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | +| webhook.ingress.hosts | list | `[]` | List of ingress hosts | +| webhook.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | +| webhook.ingress.labels | object | `{}` | Additional ingress labels | +| webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | +| webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths | +| webhook.ingress.tls | list | `[]` | Ingress TLS configuration | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argocd-applicationset/README.md.gotmpl b/charts/argocd-applicationset/README.md.gotmpl index 62f1145e..5468053b 100644 --- a/charts/argocd-applicationset/README.md.gotmpl +++ b/charts/argocd-applicationset/README.md.gotmpl @@ -54,4 +54,5 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c {{ template "chart.valuesSection" . }} -{{ template "helm-docs.versionFooter" . }} +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argocd-applicationset/templates/_helpers.tpl b/charts/argocd-applicationset/templates/_helpers.tpl index e86139e1..5cdc123d 100644 --- a/charts/argocd-applicationset/templates/_helpers.tpl +++ b/charts/argocd-applicationset/templates/_helpers.tpl @@ -62,3 +62,25 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Return the target Kubernetes version +*/}} +{{- define "argo-applicationset.kubeVersion" -}} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} +{{- end -}} + +{{/* +Return the appropriate apiVersion for ingress +*/}} +{{- define "argo-applicationset.ingress.apiVersion" -}} +{{- if .Values.apiVersionOverrides.ingress -}} +{{- print .Values.apiVersionOverrides.ingress -}} +{{- else if semverCompare "<1.14-0" (include "argo-applicationset.kubeVersion" $) -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" (include "argo-applicationset.kubeVersion" $) -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} diff --git a/charts/argocd-applicationset/templates/webhook-ingress.yaml b/charts/argocd-applicationset/templates/webhook-ingress.yaml new file mode 100644 index 00000000..2f58d88d --- /dev/null +++ b/charts/argocd-applicationset/templates/webhook-ingress.yaml @@ -0,0 +1,89 @@ +{{- if .Values.webhook.ingress.enabled -}} +{{- $serviceName := include "argo-applicationset.fullname" . -}} +{{- $servicePort := "webhook" -}} +{{- $paths := .Values.webhook.ingress.paths -}} +{{- $extraPaths := .Values.webhook.ingress.extraPaths -}} +{{- $pathType := .Values.webhook.ingress.pathType -}} +apiVersion: {{ include "argo-applicationset.ingress.apiVersion" . }} +kind: Ingress +metadata: +{{- if .Values.webhook.ingress.annotations }} + annotations: + {{- range $key, $value := .Values.webhook.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ include "argo-applicationset.fullname" . }} + labels: + {{- include "argo-applicationset.labels" . | nindent 4 }} + {{- if .Values.webhook.ingress.labels }} + {{- toYaml .Values.webhook.ingress.labels | nindent 4 }} + {{- end }} +spec: + {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- with .Values.webhook.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + {{- end }} + rules: + {{- if .Values.webhook.ingress.hosts }} + {{- range $host := .Values.webhook.ingress.hosts }} + - host: {{ $host }} + http: + paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} + - path: {{ $p }} + {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: {{ $pathType }} + {{- end }} + backend: + {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- else }} + - http: + paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} + - path: {{ $p }} + {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: {{ $pathType }} + {{- end }} + backend: + {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- if .Values.webhook.ingress.tls }} + tls: + {{- toYaml .Values.webhook.ingress.tls | nindent 4 }} + {{- end -}} +{{- end -}} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index 56289f77..25b8fdce 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -146,3 +146,58 @@ extraVolumes: [] # -- List of extra cli args to add extraArgs: [] # - --loglevel=warn + +# -- Override the Kubernetes version, which is used to evaluate certain manifests +kubeVersionOverride: "" + +## Override APIVersions +## If you want to template helm charts but cannot access k8s API server +## you can set api versions here +apiVersionOverrides: + # -- String to override apiVersion of ingresses rendered by this helm chart + ingress: "" # networking.k8s.io/v1beta1 + +## Webhook for the Git Generator +## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) +webhook: + ingress: + # -- Enable an ingress resource for Webhooks + enabled: false + # -- Additional ingress annotations + annotations: {} + # -- Additional ingress labels + labels: {} + # -- Defines which ingress controller will implement the resource + ingressClassName: "" + + # -- List of ingress hosts + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + hosts: [] + # - argocd-applicationset.example.com + + # -- List of ingress paths + paths: + - /api/webhook + # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` + pathType: Prefix + # -- Additional ingress paths + extraPaths: [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation + ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: use-annotation + + # -- Ingress TLS configuration + tls: [] + # - secretName: argocd-applicationset-tls + # hosts: + # - argocd-applicationset.example.com From 9607e009694801c970b9301932e6128f5e447c25 Mon Sep 17 00:00:00 2001 From: Lucas Bickel <116588+hairmare@users.noreply.github.com> Date: Mon, 10 Jan 2022 19:20:41 +0100 Subject: [PATCH 0164/1248] fix(argo-rollouts): bump to v1.1.1 (#1080) Signed-off-by: Lucas Bickel --- charts/argo-rollouts/Chart.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index e389a4f5..fe2c52ce 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "v1.1.0" +appVersion: "v1.1.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.8.0 +version: 2.8.1 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,5 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Ability to specify LoadBalancer settings for dashboard svc" - - "[Added]: Ability to specify external IPs for dashboard svc" + - "[Updated]: Updated Argo Rollouts to v1.1.1" From e32f5807335282b23957dcb298a9e7dda14a28c0 Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Zaib Date: Mon, 10 Jan 2022 20:55:34 +0100 Subject: [PATCH 0165/1248] feat(argo-events): Allow specifying container security context for controllers (#1081) Signed-off-by: Muhammad Hamza Zaib Co-authored-by: Marko Bevc --- charts/argo-events/Chart.yaml | 4 ++-- .../argo-events/templates/eventbus-controller-deployment.yaml | 3 +++ .../templates/eventsource-controller-deployment.yaml | 3 +++ .../argo-events/templates/sensor-controller-deployment.yaml | 3 +++ charts/argo-events/values.yaml | 3 +++ 5 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 2d6a7fae..2220c699 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.8.0 +version: 1.9.0 keywords: - argo-events - sensor-controller @@ -17,4 +17,4 @@ icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Changed]: Update to Argo Events v1.5.0" + - "[Added]: Allow specifying container security context for controllers" diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index 834425fe..48022cf6 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -61,6 +61,9 @@ spec: initialDelaySeconds: 3 periodSeconds: 3 resources: {{- toYaml .Values.eventbusController.resources | nindent 12 }} + {{- with .Values.eventbusController.containerSecurityContext }} + securityContext: {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.eventbusController.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 2d79a4ff..9fd55776 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -59,6 +59,9 @@ spec: initialDelaySeconds: 3 periodSeconds: 3 resources: {{- toYaml .Values.eventsourceController.resources | nindent 12 }} + {{- with .Values.eventsourceController.containerSecurityContext }} + securityContext: {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.eventsourceController.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index e3590578..da678b54 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -59,6 +59,9 @@ spec: initialDelaySeconds: 3 periodSeconds: 3 resources: {{- toYaml .Values.sensorController.resources | nindent 12 }} + {{- with .Values.sensorController.containerSecurityContext }} + securityContext: {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.sensorController.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 8b75651b..1d3bb9dd 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -58,6 +58,7 @@ sensorController: tolerations: [] affinity: {} resources: {} + containerSecurityContext: {} eventsourceController: name: eventsource-controller @@ -75,6 +76,7 @@ eventsourceController: tolerations: [] affinity: {} resources: {} + containerSecurityContext: {} eventbusController: name: eventbus-controller @@ -93,6 +95,7 @@ eventbusController: resources: {} natsStreamingImage: nats-streaming:0.22.1 natsMetricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 + containerSecurityContext: {} securityContext: runAsNonRoot: true From 1794ba17bfb15b8779d4a69f1d36492cc1adeca0 Mon Sep 17 00:00:00 2001 From: Sergey Shaykhullin <46970457+sergeyshaykhullin@users.noreply.github.com> Date: Mon, 10 Jan 2022 23:44:51 +0300 Subject: [PATCH 0166/1248] feat(argo-rollouts): Add rollouts dashboard ingress support (#870) * Add rollouts dashboard ingress support Signed-off-by: Sergey Shaykhullin * Fix eol Signed-off-by: Sergey Shaykhullin * Bump version Signed-off-by: Sergey Shaykhullin * Update Chart.yaml Signed-off-by: Sergey Shaykhullin * Fix service duplication * Extend warning in terms of exposing the dashboard Signed-off-by: Marco Kilchhofer * Adapt API overrides to other charts (apiVersionOverrides) Also add missing param 'kubeVersionOverride' to README. Signed-off-by: Marco Kilchhofer * Use consistent code style for empty lists Signed-off-by: Marco Kilchhofer * Fix README `[/]` -> `["/"]` Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 +- charts/argo-rollouts/README.md | 18 +++- charts/argo-rollouts/templates/_helpers.tpl | 22 +++++ .../templates/dashboard/deployment.yaml | 2 +- .../templates/dashboard/ingress.yaml | 89 +++++++++++++++++++ .../templates/dashboard/service.yaml | 14 ++- charts/argo-rollouts/values.yaml | 64 +++++++++++++ 7 files changed, 205 insertions(+), 8 deletions(-) create mode 100644 charts/argo-rollouts/templates/dashboard/ingress.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index fe2c52ce..653ef314 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.8.1 +version: 2.9.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Updated]: Updated Argo Rollouts to v1.1.1" + - "[Added]: Dashboard ingress support" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 77fccde7..d5575c4a 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -31,12 +31,13 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | :warning: WARNING when the Service type is set to LoadBalancer or NodePort | |:---------------------------------------------------------------------------| -| The chart provides an option to change the service type (`dashboard.service.type`). Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | +| The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | ## Chart Values | Key | Type | Default | Description | |-----|------|---------|-------------| +| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | clusterInstall | bool | `true` | `false` runs controller in namespaced mode (does not require cluster RBAC) | | controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | | controller.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | @@ -56,6 +57,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | imagePullSecrets | list | `[]` | Registry secret names as an array | | installCRDs | bool | `true` | Install and upgrade CRDs | | keepCRDs | bool | `true` | Keep CRD's on helm uninstall | +| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | crdAnnotations | object | `{}` | Annotations to be added to all CRDs | | podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | @@ -84,6 +86,20 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | | dashboard.serviceAccount.annotations | object | `{}` | Annotations to add to the dashboard service account | | dashboard.serviceAccount.name | string | `""` | The name of the dashboard service account to use. If not set and create is true, a name is generated using the fullname template | +| dashboard.service.annotations | object | `{}` | Dashboard service annotations | +| dashboard.service.labels | object | `{}` | Dashboard service labels | +| dashboard.service.portName | string | `dashboard` | Dashboard service port name | +| dashboard.service.port | int | `3100` | Dashboard service port | +| dashboard.service.targetPort | int | `3100` | Dashboard service target port | +| dashboard.ingress.enabled | bool | `false` | Enable dashboard ingress support | +| dashboard.ingress.annotations | object | `{}` | Dashboard ingress annotations | +| dashboard.ingress.labels | object | `{}` | Dashboard ingress labels | +| dashboard.ingress.ingressClassName | string | `""` | Dashboard ingress class name | +| dashboard.ingress.hosts | list | `[]` | Dashboard ingress hosts | +| dashboard.ingress.paths | list | `["/"]` | Dashboard ingress paths | +| dashboard.ingress.pathType | string | `Prefix` | Dashboard ingress path type | +| dashboard.ingress.extraPaths | list | `[]` | Dashboard ingress extra paths | +| dashboard.ingress.tls | list | `[]` | Dashboard ingress tls | ## Upgrading diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index f3611889..025b709e 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -62,3 +62,25 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Return the appropriate apiVersion for ingress +*/}} +{{- define "argo-rollouts.ingress.apiVersion" -}} +{{- if .Values.apiVersionOverrides.ingress -}} +{{- print .Values.apiVersionOverrides.ingress -}} +{{- else if semverCompare "<1.14-0" (include "argo-rollouts.kubeVersion" $) -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" (include "argo-rollouts.kubeVersion" $) -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the target Kubernetes version +*/}} +{{- define "argo-rollouts.kubeVersion" -}} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} +{{- end -}} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 87fa5fd4..94c5bcb1 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -40,7 +40,7 @@ spec: {{- end }} name: argo-rollouts-dashboard ports: - - containerPort: 3100 + - containerPort: {{ .Values.dashboard.service.targetPort }} name: dashboard securityContext: {{- toYaml .Values.dashboard.containerSecurityContext | nindent 10 }} diff --git a/charts/argo-rollouts/templates/dashboard/ingress.yaml b/charts/argo-rollouts/templates/dashboard/ingress.yaml new file mode 100644 index 00000000..86dde720 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/ingress.yaml @@ -0,0 +1,89 @@ +{{- if and .Values.dashboard.enabled .Values.dashboard.ingress.enabled -}} +{{- $serviceName := include "argo-rollouts.fullname" . -}} +{{- $servicePort := .Values.dashboard.service.port -}} +{{- $paths := .Values.dashboard.ingress.paths -}} +{{- $extraPaths := .Values.dashboard.ingress.extraPaths -}} +{{- $pathType := .Values.dashboard.ingress.pathType -}} +apiVersion: {{ include "argo-rollouts.ingress.apiVersion" . }} +kind: Ingress +metadata: +{{- if .Values.dashboard.ingress.annotations }} + annotations: + {{- range $key, $value := .Values.dashboard.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ template "argo-rollouts.fullname" . }}-dashboard + labels: + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- if .Values.dashboard.ingress.labels }} + {{- toYaml .Values.dashboard.ingress.labels | nindent 4 }} + {{- end }} +spec: + {{- if eq (include "argo-rollouts.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- with .Values.dashboard.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + {{- end }} + rules: + {{- if .Values.dashboard.ingress.hosts }} + {{- range $host := .Values.dashboard.ingress.hosts }} + - host: {{ $host }} + http: + paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} + - path: {{ $p }} + {{- if eq (include "argo-rollouts.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: {{ $pathType }} + {{- end }} + backend: + {{- if eq (include "argo-rollouts.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- else }} + - http: + paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} + - path: {{ $p }} + {{- if eq (include "argo-rollouts.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: {{ $pathType }} + {{- end }} + backend: + {{- if eq (include "argo-rollouts.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- if .Values.dashboard.ingress.tls }} + tls: + {{- toYaml .Values.dashboard.ingress.tls | nindent 4 }} + {{- end -}} +{{- end -}} diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml index 4e3d7a65..92c41114 100644 --- a/charts/argo-rollouts/templates/dashboard/service.yaml +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -6,8 +6,14 @@ metadata: labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} - {{- with .Values.serviceAnnotations }} + {{- with .Values.dashboard.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} annotations: + {{- with .Values.serviceAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.dashboard.service.annotations }} {{- toYaml . | nindent 4 }} {{- end }} spec: @@ -24,10 +30,10 @@ spec: {{- end }} type: {{ .Values.dashboard.service.type }} ports: - - name: dashboard + - name: {{ .Values.dashboard.service.portName }} protocol: TCP - port: 3100 - targetPort: 3100 + port: {{ .Values.dashboard.service.port }} + targetPort: {{ .Values.dashboard.service.targetPort }} selector: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 08148d85..dbe0c2ca 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -3,6 +3,25 @@ keepCRDs: true clusterInstall: true +## String to partially override "argo-rollouts.fullname" template +## +nameOverride: + +## String to fully override "argo-rollouts.fullname" template +## +fullnameOverride: + +## Override APIVersions +## If you want to template helm charts but cannot access k8s API server +## you can set api versions here +apiVersionOverrides: + # String to override apiVersion of ingresses rendered by this helm chart + ingress: "" # networking.k8s.io/v1beta1 + +## Override the Kubernetes version, which is used to evaluate certain manifests +## +kubeVersionOverride: "" + controller: component: rollouts-controller ## Node selectors and tolerations for server scheduling to nodes with taints @@ -134,9 +153,54 @@ dashboard: loadBalancerSourceRanges: [] # -- Dashboard service external IPs externalIPs: [] + # -- Service annotations + annotations: {} + # -- Service labels + labels: {} + # -- Service port name + portName: dashboard + # -- Service port + port: 3100 + # -- Service target port + targetPort: 3100 serviceAccount: create: true annotations: {} # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" + ## Ingress configuration. + ## ref: https://kubernetes.io/docs/user-guide/ingress/ + ## + ingress: + enabled: false + annotations: {} + labels: {} + ingressClassName: "" + + ## Argo Rollouts Dashboard Ingress. + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + ## + hosts: [] + # - argorollouts.example.com + paths: + - / + pathType: Prefix + extraPaths: [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation + ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + # - path: /* + # pathType: Prefix + # backend: + # service + # name: ssl-redirect + # port: + # name: use-annotation + tls: [] + # - secretName: argorollouts-example-tls + # hosts: + # - argorollouts.example.com From ab39736b552bf79584da52a92774961e99075439 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Mon, 10 Jan 2022 23:30:31 +0100 Subject: [PATCH 0167/1248] chore(argocd): Readd my self as maintainer (#1082) --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 97cfcfb2..b59e2f21 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,7 +1,7 @@ # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners # All charts -/charts/ @mkilchhofer +/charts/ @mkilchhofer @oliverbaehler # Argo Workflows /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand From 8d55826d77d1eb3e03da40c2f100888acae8cb29 Mon Sep 17 00:00:00 2001 From: Mario Bris <38427872+mariobris@users.noreply.github.com> Date: Tue, 11 Jan 2022 23:06:26 +0100 Subject: [PATCH 0168/1248] fix(argocd-image-updater): Update to app version v0.11.2 (#1083) * argocd-image-updater bump patch iamge version Signed-off-by: Mario Bris * argocd-image-updater fix patch version to match semver Signed-off-by: Mario Bris * Fix changelog Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 9ff3361e..5c90d48b 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.6.0 -appVersion: v0.11.0 +version: 0.6.1 +appVersion: v0.11.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Mount ssh-known-hosts from argocd" + - "[Changed]: Update to app version v0.11.2" From 554d150df992d58342d4857881404d5140d1ff86 Mon Sep 17 00:00:00 2001 From: Sergey Shaykhullin <46970457+sergeyshaykhullin@users.noreply.github.com> Date: Wed, 12 Jan 2022 01:35:29 +0300 Subject: [PATCH 0169/1248] fix(argo-rollouts): Fix service name for ingress rollouts dashboard (#1084) * Fix service name for ingress rollouts dashboard Signed-off-by: Sergey Shaykhullin * Update Chart.yaml Signed-off-by: Sergey Shaykhullin * Fix it centrally Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/dashboard/ingress.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 653ef314..9fe46cc3 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.9.0 +version: 2.9.1 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Dashboard ingress support" + - "[Fixed]: Dashboard ingress service name" diff --git a/charts/argo-rollouts/templates/dashboard/ingress.yaml b/charts/argo-rollouts/templates/dashboard/ingress.yaml index 86dde720..0555d1fc 100644 --- a/charts/argo-rollouts/templates/dashboard/ingress.yaml +++ b/charts/argo-rollouts/templates/dashboard/ingress.yaml @@ -1,5 +1,5 @@ {{- if and .Values.dashboard.enabled .Values.dashboard.ingress.enabled -}} -{{- $serviceName := include "argo-rollouts.fullname" . -}} +{{- $serviceName := printf "%s-dashboard" (include "argo-rollouts.fullname" .) -}} {{- $servicePort := .Values.dashboard.service.port -}} {{- $paths := .Values.dashboard.ingress.paths -}} {{- $extraPaths := .Values.dashboard.ingress.extraPaths -}} From 79114c51226cb60150f1e32b2793f49699ef99b3 Mon Sep 17 00:00:00 2001 From: robertlindner Date: Sun, 16 Jan 2022 06:23:56 +0100 Subject: [PATCH 0170/1248] feat(argo-cd ingress): support google managed certificates for gce ingress (#1088) * Add support for Google ManagedCertificates Signed-off-by: Robert Lindner * Add support for Google FrontendConfigs I.e. for adding a http to https redirect on the load balancer. Signed-off-by: Robert Lindner * Apply changes from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 +++-- charts/argo-cd/README.md | 5 +++++ charts/argo-cd/README.md.gotmpl | 1 + .../argocd-server/frontendconfig.yaml | 10 +++++++++ .../argocd-server/managedCertificate.yaml | 11 ++++++++++ charts/argo-cd/values.yaml | 21 +++++++++++++++++++ 6 files changed, 51 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-server/frontendconfig.yaml create mode 100644 charts/argo-cd/templates/argocd-server/managedCertificate.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index acf3dc34..d4873d92 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.29.5 +version: 3.30.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.2.2" + - "[Added]: Add support for Google ManagedCertificate on GKE + - "[Added]: Add support for Google FrontendConfig on GKE diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index caece20b..f340e2a3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -374,6 +374,10 @@ NAME: my-release |-----|------|---------|-------------| | server.GKEbackendConfig.enabled | bool | `false` | Enable BackendConfig custom resource for Google Kubernetes Engine | | server.GKEbackendConfig.spec | object | `{}` | [BackendConfigSpec] | +| server.GKEfrontendConfig.enabled | bool | `false` | Enable FrontConfig custom resource for Google Kubernetes Engine | +| server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] | +| server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | +| server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | @@ -651,6 +655,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [external cluster credentials]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [General Argo CD configuration]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories [gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 2492ccea..9cd57fe5 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -285,6 +285,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [external cluster credentials]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [General Argo CD configuration]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories [gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ diff --git a/charts/argo-cd/templates/argocd-server/frontendconfig.yaml b/charts/argo-cd/templates/argocd-server/frontendconfig.yaml new file mode 100644 index 00000000..46fc43a9 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/frontendconfig.yaml @@ -0,0 +1,10 @@ +{{- if .Values.server.GKEfrontendConfig.enabled }} +apiVersion: networking.gke.io/v1beta1 +kind: FrontendConfig +metadata: + name: {{ template "argo-cd.server.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + {{- toYaml .Values.server.GKEfrontendConfig.spec | nindent 2 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/managedCertificate.yaml b/charts/argo-cd/templates/argocd-server/managedCertificate.yaml new file mode 100644 index 00000000..81e1e710 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/managedCertificate.yaml @@ -0,0 +1,11 @@ +{{- if .Values.server.GKEmanagedCertificate.enabled }} +apiVersion: networking.gke.io/v1 +kind: ManagedCertificate +metadata: + name: {{ template "argo-cd.server.fullname" . }} +spec: + domains: + {{- with .Values.server.GKEmanagedCertificate.domains }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 58e2d52c..8042e141 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1233,6 +1233,27 @@ server: # oauthclientCredentials: # secretName: argocd-secret + ## Create a Google Managed Certificate for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs + GKEmanagedCertificate: + # -- Enable ManagedCertificate custom resource for Google Kubernetes Engine. + enabled: false + # -- Domains for the Google Managed Certificate + domains: + - argocd.example.com + + ## Create a Google FrontendConfig Custom Resource, for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters + GKEfrontendConfig: + # -- Enable FrontConfig custom resource for Google Kubernetes Engine + enabled: false + # -- [FrontendConfigSpec] + spec: {} + # spec: + # redirectToHttps: + # enabled: true + # responseCodeName: RESPONSE_CODE + # -- Additional containers to be added to the server pod ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. extraContainers: [] From 71da566fb3172832bc28bc8e521d3fbc99e9d5e3 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 17 Jan 2022 15:01:41 +0100 Subject: [PATCH 0171/1248] feat(argo-events): Use helm-docs for Argo Events (#1090) Signed-off-by: Marco Kilchhofer --- .helmdocsignore | 1 - charts/argo-events/.helmignore | 1 + charts/argo-events/Chart.yaml | 4 +- charts/argo-events/README.md | 90 ++++++++++++++++++- charts/argo-events/README.md.gotmpl | 77 ++++++++++++++++ charts/argo-events/ci/test-values.yaml | 1 - .../deployment.yaml} | 0 .../deployment.yaml} | 0 .../deployment.yaml} | 0 charts/argo-events/values.yaml | 73 ++++++++++++--- 10 files changed, 231 insertions(+), 16 deletions(-) create mode 100644 charts/argo-events/README.md.gotmpl rename charts/argo-events/templates/{eventbus-controller-deployment.yaml => eventbus-controller/deployment.yaml} (100%) rename charts/argo-events/templates/{eventsource-controller-deployment.yaml => eventsource-controller/deployment.yaml} (100%) rename charts/argo-events/templates/{sensor-controller-deployment.yaml => sensor-controller/deployment.yaml} (100%) diff --git a/.helmdocsignore b/.helmdocsignore index a02fad29..61eef86a 100644 --- a/.helmdocsignore +++ b/.helmdocsignore @@ -1,2 +1 @@ -charts/argo-events charts/argo-rollouts diff --git a/charts/argo-events/.helmignore b/charts/argo-events/.helmignore index b4af6c20..a9f0b031 100644 --- a/charts/argo-events/.helmignore +++ b/charts/argo-events/.helmignore @@ -20,3 +20,4 @@ .idea/ *.tmproj ci/ +README.md.gotmpl diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 2220c699..f69047bf 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.9.0 +version: 1.10.0 keywords: - argo-events - sensor-controller @@ -17,4 +17,4 @@ icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Added]: Allow specifying container security context for controllers" + - "[Changed]: Use helm-docs to generate README.md" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 2bece9b9..7f7d41c5 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -13,8 +13,96 @@ This is a **community maintained** chart. It installs the [argo-events](https:// - Cluster Roles - Cluster Role Bindings +To regenerate this document, from the root of this chart directory run: + +```shell +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + ## Notes on CRD Installation Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. -You can install the CRDs manually from `crds` folder. \ No newline at end of file +You can install the CRDs manually from `crds` folder. + +## Values + +### General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| additionalSaNamespaces | list | `[]` | Create service accounts in additional namespaces specified The SA will always be created in the release namespaces | +| additionalServiceAccountRules | list | (See [values.yaml]) | Additional rules | +| imagePullPolicy | string | `"Always"` | The image pull policy | +| imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| registry | string | `"quay.io"` | docker registry | +| securityContext | object | `{"runAsNonRoot":true,"runAsUser":9731}` | Common PodSecurityContext for all controllers | +| serviceAccount | string | `"argo-events-sa"` | ServiceAccount to use for running controller. | +| serviceAccountAnnotations | object | `{}` | Annotations applied to created service account. Can be used to enable GKE workload identity, or other use-cases | +| singleNamespace | bool | `true` | Whether to run in namespaced scope. Set `singleNamespace` to false to have the controllers listen on all namespaces. Otherwise the controllers will listen on the namespace where the chart is installed in. | + +### Event Bus Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| eventbusController.affinity | object | `{}` | Assign custom [affinity] rules to the event bus controller | +| eventbusController.containerSecurityContext | object | `{}` | Event bus controller container-level security context | +| eventbusController.extraEnv | list | `[]` | Additional environment variables to pass to event bus controller | +| eventbusController.image | string | `"argoproj/argo-events"` | Repository to use for the event bus controller | +| eventbusController.name | string | `"eventbus-controller"` | Event bus controller name | +| eventbusController.natsMetricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.8.0"` | NATS metrics exporter container image to use for the event bus | +| eventbusController.natsStreamingImage | string | `"nats-streaming:0.22.1"` | NATS streaming container image to use for the event bus | +| eventbusController.nodeSelector | object | `{}` | [Node selector] | +| eventbusController.podAnnotations | object | `{}` | Annotations to be added to event bus controller pods | +| eventbusController.podLabels | object | `{}` | Labels to be added to event event bus controller pods | +| eventbusController.priorityClassName | string | `""` | Priority class for the event bus controller | +| eventbusController.replicaCount | int | `1` | The number of event bus controller pods to run | +| eventbusController.resources | object | `{}` | Resource limits and requests for the event bus controller pods | +| eventbusController.tag | string | `""` (default is the chart appVersion) | Overrides the image tag | +| eventbusController.tolerations | list | `[]` | [Tolerations] for use with node taints | + +### Event Source Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| eventsourceController.affinity | object | `{}` | Assign custom [affinity] rules to the event source controller | +| eventsourceController.containerSecurityContext | object | `{}` | Event source controller container-level security context | +| eventsourceController.eventsourceImage | string | `"argoproj/argo-events"` | Repository to use for the event source image | +| eventsourceController.extraEnv | list | `[]` | Additional environment variables to pass to event source controller | +| eventsourceController.image | string | `"argoproj/argo-events"` | Repository to use for the event source controller | +| eventsourceController.name | string | `"eventsource-controller"` | Event source controller name | +| eventsourceController.nodeSelector | object | `{}` | [Node selector] | +| eventsourceController.podAnnotations | object | `{}` | Annotations to be added to event source controller pods | +| eventsourceController.podLabels | object | `{}` | Labels to be added to event source controller pods | +| eventsourceController.priorityClassName | string | `""` | Priority class for the event source controller | +| eventsourceController.replicaCount | int | `1` | The number of event source controller pods to run | +| eventsourceController.resources | object | `{}` | Resource limits and requests for the event source controller pods | +| eventsourceController.tag | string | `""` (default is the chart appVersion) | Overrides the image tag | +| eventsourceController.tolerations | list | `[]` | [Tolerations] for use with node taints | + +### Sensor Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| sensorController.affinity | object | `{}` | Assign custom [affinity] rules to the sensor controller | +| sensorController.containerSecurityContext | object | `{}` | Sensor controllers container-level security context | +| sensorController.extraEnv | list | `[]` | Additional environment variables to pass to sensor controller | +| sensorController.image | string | `"argoproj/argo-events"` | Repository to use for the sensor controller | +| sensorController.name | string | `"sensor-controller"` | Sensor controller name | +| sensorController.nodeSelector | object | `{}` | [Node selector] | +| sensorController.podAnnotations | object | `{}` | Annotations to be added to sensor controller pods | +| sensorController.podLabels | object | `{}` | Labels to be added to sensor controller pods | +| sensorController.priorityClassName | string | `""` | Priority class for the sensor controller | +| sensorController.replicaCount | int | `1` | The number of sensor controller pods to run | +| sensorController.resources | object | `{}` | Resource limits and requests for the sensor controller pods | +| sensorController.sensorImage | string | `"argoproj/argo-events"` | Repository to use for the sensor image | +| sensorController.tag | string | `""` (default is the chart appVersion) | Overrides the image tag | +| sensorController.tolerations | list | `[]` | [Tolerations] for use with node taints | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[values.yaml]: values.yaml diff --git a/charts/argo-events/README.md.gotmpl b/charts/argo-events/README.md.gotmpl new file mode 100644 index 00000000..61654981 --- /dev/null +++ b/charts/argo-events/README.md.gotmpl @@ -0,0 +1,77 @@ +# Argo-Events Chart + +This is a **community maintained** chart. It installs the [argo-events](https://github.com/argoproj/argo-events) application. This application comes packaged with: +- Sensor Custom Resource Definition (See CRD Notes) +- EventSource Custom Resource Definition (See CRD Notes) +- EventBus Custom Resource Definition (See CRD Notes) +- Sensor Controller Deployment +- EventSource Controller Deployment +- EventBus Controller Deployment +- Service Account +- Roles +- Role Bindings +- Cluster Roles +- Cluster Role Bindings + +To regenerate this document, from the root of this chart directory run: + +```shell +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + +## Notes on CRD Installation + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. + +You can install the CRDs manually from `crds` folder. + +## Values + +### General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if not (or (hasPrefix "eventbusController" .Key) (hasPrefix "eventsourceController" .Key) (hasPrefix "sensorController" .Key) ) }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Event Bus Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "eventbusController" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + + +### Event Source Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "eventsourceController" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Sensor Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "sensorController" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[values.yaml]: values.yaml diff --git a/charts/argo-events/ci/test-values.yaml b/charts/argo-events/ci/test-values.yaml index 3078a2d3..a15316ef 100644 --- a/charts/argo-events/ci/test-values.yaml +++ b/charts/argo-events/ci/test-values.yaml @@ -1,3 +1,2 @@ serviceAccount: argo-events-sa-test -instanceID: test-argo-events singleNamespace: false diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller/deployment.yaml similarity index 100% rename from charts/argo-events/templates/eventbus-controller-deployment.yaml rename to charts/argo-events/templates/eventbus-controller/deployment.yaml diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller/deployment.yaml similarity index 100% rename from charts/argo-events/templates/eventsource-controller-deployment.yaml rename to charts/argo-events/templates/eventsource-controller/deployment.yaml diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller/deployment.yaml similarity index 100% rename from charts/argo-events/templates/sensor-controller-deployment.yaml rename to charts/argo-events/templates/sensor-controller/deployment.yaml diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 1d3bb9dd..b6ea4d04 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -1,23 +1,26 @@ -# docker registry +# -- docker registry registry: quay.io -# The image pull policy +# -- The image pull policy imagePullPolicy: Always -# Secrets with credentials to pull images from a private registry +# -- Secrets with credentials to pull images from a private registry imagePullSecrets: [] # - name: argo-pull-secret -# ServiceAccount to use for running controller. +# -- ServiceAccount to use for running controller. serviceAccount: argo-events-sa -# serviceAccountAnnotations can be used to enable GKE workload identity, or other use-cases +# -- Annotations applied to created service account. Can be used to enable GKE workload identity, or other use-cases serviceAccountAnnotations: {} -# Create service accounts in additional namespaces specified +# -- Create service accounts in additional namespaces specified # The SA will always be created in the release namespaces additionalSaNamespaces: [] # - argo-prod + +# -- Additional rules +# @default -- (See [values.yaml]) additionalServiceAccountRules: - apiGroups: - apiextensions.k8s.io @@ -33,70 +36,118 @@ additionalServiceAccountRules: resources: - customresourcedefinitions -instanceID: argo-events - -# set `singleNamespace` to false to have the controllers +# -- Whether to run in namespaced scope. +# Set `singleNamespace` to false to have the controllers # listen on all namespaces. Otherwise the controllers will listen -# on the namespace provided -namespace: argo-events +# on the namespace where the chart is installed in. singleNamespace: true # sensor controller sensorController: + # -- Sensor controller name name: sensor-controller + # -- Repository to use for the sensor controller image: argoproj/argo-events + # -- Overrides the image tag + # @default -- `""` (default is the chart appVersion) tag: "" + # -- The number of sensor controller pods to run replicaCount: 1 + # -- Additional environment variables to pass to sensor controller extraEnv: [] # - name: DEBUG_LOG # value: "true" + + # -- Repository to use for the sensor image sensorImage: argoproj/argo-events + # -- Annotations to be added to sensor controller pods podAnnotations: {} + # -- [Node selector] nodeSelector: {} + # -- Labels to be added to sensor controller pods podLabels: {} + # -- Priority class for the sensor controller priorityClassName: "" + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the sensor controller affinity: {} + # -- Resource limits and requests for the sensor controller pods resources: {} + # -- Sensor controllers container-level security context containerSecurityContext: {} eventsourceController: + # -- Event source controller name name: eventsource-controller + # -- Repository to use for the event source controller image: argoproj/argo-events + # -- Overrides the image tag + # @default -- `""` (default is the chart appVersion) tag: "" + # -- The number of event source controller pods to run replicaCount: 1 + # -- Additional environment variables to pass to event source controller extraEnv: [] # - name: DEBUG_LOG # value: "true" + + # -- Repository to use for the event source image eventsourceImage: argoproj/argo-events + # -- Annotations to be added to event source controller pods podAnnotations: {} + # -- [Node selector] nodeSelector: {} + # -- Labels to be added to event source controller pods podLabels: {} + # -- Priority class for the event source controller priorityClassName: "" + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the event source controller affinity: {} + # -- Resource limits and requests for the event source controller pods resources: {} + # -- Event source controller container-level security context containerSecurityContext: {} eventbusController: + # -- Event bus controller name name: eventbus-controller + # -- Repository to use for the event bus controller image: argoproj/argo-events + # -- Overrides the image tag + # @default -- `""` (default is the chart appVersion) tag: "" + # -- The number of event bus controller pods to run replicaCount: 1 + # -- Additional environment variables to pass to event bus controller extraEnv: [] # - name: DEBUG_LOG # value: "true" + + # -- Annotations to be added to event bus controller pods podAnnotations: {} + # -- [Node selector] nodeSelector: {} + # -- Labels to be added to event event bus controller pods podLabels: {} + # -- Priority class for the event bus controller priorityClassName: "" + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the event bus controller affinity: {} + # -- Resource limits and requests for the event bus controller pods resources: {} + # -- NATS streaming container image to use for the event bus natsStreamingImage: nats-streaming:0.22.1 + # -- NATS metrics exporter container image to use for the event bus natsMetricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 + # -- Event bus controller container-level security context containerSecurityContext: {} +# -- Common PodSecurityContext for all controllers securityContext: runAsNonRoot: true runAsUser: 9731 From a3c77c80d7f330fbd2735e23655387c9e0a68ad9 Mon Sep 17 00:00:00 2001 From: Oleg Date: Tue, 18 Jan 2022 23:19:41 +0100 Subject: [PATCH 0172/1248] feat(argo-events): Bump argo-events to the latest release (#1092) * Bump argo-events to the latest release Signed-off-by: Oleg Mayko * Apply changes from code review Signed-off-by: Marco Kilchhofer * Fix typo Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f69047bf..cdb0d503 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.10.0 +version: 1.10.1 keywords: - argo-events - sensor-controller @@ -12,9 +12,9 @@ sources: maintainers: - name: VaibhavPage - name: whynowy -appVersion: v1.5.0 +appVersion: v1.5.6 icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Changed]: Use helm-docs to generate README.md" + - "[Changed]: Update to Argo Events v1.5.6" From 66194fd35f68c1592fe0f67f796adac0d14d383d Mon Sep 17 00:00:00 2001 From: Sven Haardiek Date: Wed, 19 Jan 2022 20:25:58 +0100 Subject: [PATCH 0173/1248] Add resources to copyutil initContainer (#1093) Signed-off-by: Sven Haardiek Co-authored-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 1 + .../templates/argocd-repo-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 11 +++++++++++ 4 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d4873d92..55a8b9e4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.30.0 +version: 3.30.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add support for Google ManagedCertificate on GKE - - "[Added]: Add support for Google FrontendConfig on GKE + - "[Added]: Add configurable resources to copyutil initContainer" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f340e2a3..4187abbc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -316,6 +316,7 @@ NAME: my-release | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | | repoServer.containerSecurityContext | object | `{}` | Repo server container-level security context | +| repoServer.copyutil.resources | object | `{}` | Resource limits and requests for the copyutil initContainer | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 85e09fd4..a18f21b6 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -191,6 +191,8 @@ spec: - /var/run/argocd/argocd-cmp-server image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} name: copyutil + resources: + {{- toYaml .Values.repoServer.copyutil.resources | nindent 10 }} volumeMounts: - mountPath: /var/run/argocd name: var-files diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8042e141..5b08cc06 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1535,6 +1535,17 @@ repoServer: # - list # - watch + # Init container to copy argocd binary + copyutil: + # -- Resource limits and requests for the copyutil initContainer + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + # -- Init containers to add to the repo server pods initContainers: [] # - name: download-tools From 2b830deaa46aae82f8a4c45b054732c7d97365e6 Mon Sep 17 00:00:00 2001 From: Nick Fisher Date: Thu, 20 Jan 2022 05:51:57 -0500 Subject: [PATCH 0174/1248] feat(argo-cd): Added support for extra K8s manifests (#1094) Signed-off-by: Nick Fisher --- charts/argo-cd/Chart.yaml | 4 +-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/extra-manifests.yaml | 4 +++ charts/argo-cd/values.yaml | 28 +++++++++++++++++++ 4 files changed, 35 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/templates/extra-manifests.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 55a8b9e4..68477c27 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.30.1 +version: 3.31.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add configurable resources to copyutil initContainer" + - "[Added]: Add support for extra K8s manifests" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4187abbc..3d68d56e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -212,6 +212,7 @@ NAME: my-release | configs.tlsCerts | object | See [values.yaml] | TLS certificate | | configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | | createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | global.additionalLabels | object | `{}` | Additional labels to add to all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | diff --git a/charts/argo-cd/templates/extra-manifests.yaml b/charts/argo-cd/templates/extra-manifests.yaml new file mode 100644 index 00000000..a9bb3b6b --- /dev/null +++ b/charts/argo-cd/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraObjects }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5b08cc06..5b9d4233 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -58,6 +58,34 @@ apiVersionOverrides: ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: false +# -- Array of extra K8s manifests to deploy +extraObjects: [] + # - apiVersion: secrets-store.csi.x-k8s.io/v1 + # kind: SecretProviderClass + # metadata: + # name: argocd-secrets-store + # spec: + # provider: aws + # parameters: + # objects: | + # - objectName: "argocd" + # objectType: "secretsmanager" + # jmesPath: + # - path: "client_id" + # objectAlias: "client_id" + # - path: "client_secret" + # objectAlias: "client_secret" + # secretObjects: + # - data: + # - key: client_id + # objectName: client_id + # - key: client_secret + # objectName: client_secret + # secretName: argocd-secrets-store + # type: Opaque + # labels: + # app.kubernetes.io/part-of: argocd + ## Controller controller: # -- Application controller name string From 752e1c058041de9b1fc8a19486daff19ce8b3eb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20B=C3=A4hler?= Date: Mon, 24 Jan 2022 20:18:51 +0100 Subject: [PATCH 0175/1248] feat(all): Add Documentation Guidelines (#1099) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(all): Add Documentation Guidelines Signed-off-by: Oliver Bähler * Satisfy Linter Signed-off-by: Oliver Bähler * Apply changes from code review Signed-off-by: Marco Kilchhofer * fix: Also add *.gotmpl to argo-rollouts/.helmignore Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- .github/pull_request_template.md | 1 + CONTRIBUTING.md | 14 ++++++++++++++ charts/argo-cd/.helmignore | 2 +- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-events/.helmignore | 2 +- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-rollouts/.helmignore | 1 + charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-workflows/.helmignore | 1 + charts/argo-workflows/Chart.yaml | 4 ++-- charts/argocd-applicationset/.helmignore | 1 + charts/argocd-applicationset/Chart.yaml | 4 ++-- charts/argocd-image-updater/.helmignore | 2 ++ charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 2 +- charts/argocd-image-updater/README.md.gotmpl | 3 ++- charts/argocd-notifications/.helmignore | 2 ++ charts/argocd-notifications/Chart.yaml | 4 ++-- scripts/helm-docs.sh | 11 +++++++++++ 19 files changed, 52 insertions(+), 18 deletions(-) create mode 100644 scripts/helm-docs.sh diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index f614c199..67fb9833 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -5,6 +5,7 @@ If the DCO action in the integration test fails, one or more of your commits are Checklist: * [ ] I have bumped the chart version according to [versioning](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#versioning) +* [ ] I have updated the documentation according to [documentation](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#documentation) * [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#changelog). * [ ] Any new values are backwards compatible and/or have sensible default. * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/tree/master/community#contributing-to-argo). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3d6e1782..c7ea64e7 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -48,6 +48,20 @@ annotations: - "[Security]": Some Security Patch was included" ``` +## Documentation + +The documentation for each chart is done with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation. + +We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges): + +``` +bash scripts/helm-docs.sh +``` + +**NOTE**: When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file. + + + # Testing ## Testing Argo Workflows Changes diff --git a/charts/argo-cd/.helmignore b/charts/argo-cd/.helmignore index eec606dc..3a063296 100644 --- a/charts/argo-cd/.helmignore +++ b/charts/argo-cd/.helmignore @@ -1,4 +1,4 @@ /*.tgz output ci/ -README.md.gotmpl +*.gotmpl diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 68477c27..a1b013c3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.2 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.31.0 +version: 3.31.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add support for extra K8s manifests" + - "[Changed]: Consistent .helmignore" diff --git a/charts/argo-events/.helmignore b/charts/argo-events/.helmignore index a9f0b031..ec59d66d 100644 --- a/charts/argo-events/.helmignore +++ b/charts/argo-events/.helmignore @@ -20,4 +20,4 @@ .idea/ *.tmproj ci/ -README.md.gotmpl +*.gotmpl diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index cdb0d503..a1ccf6bd 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.10.1 +version: 1.10.2 keywords: - argo-events - sensor-controller @@ -17,4 +17,4 @@ icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Changed]: Update to Argo Events v1.5.6" + - "[Changed]: Consistent .helmignore" diff --git a/charts/argo-rollouts/.helmignore b/charts/argo-rollouts/.helmignore index b4af6c20..ec59d66d 100644 --- a/charts/argo-rollouts/.helmignore +++ b/charts/argo-rollouts/.helmignore @@ -20,3 +20,4 @@ .idea/ *.tmproj ci/ +*.gotmpl diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 9fe46cc3..fdc8b94d 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.9.1 +version: 2.9.2 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Fixed]: Dashboard ingress service name" + - "[Changed]: Consistent .helmignore" diff --git a/charts/argo-workflows/.helmignore b/charts/argo-workflows/.helmignore index b4af6c20..ec59d66d 100644 --- a/charts/argo-workflows/.helmignore +++ b/charts/argo-workflows/.helmignore @@ -20,3 +20,4 @@ .idea/ *.tmproj ci/ +*.gotmpl diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 74f552ef..0b737f9d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.9.4 +version: 0.9.5 appVersion: v3.2.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v3.2.6" + - "[Changed]: Consistent .helmignore" diff --git a/charts/argocd-applicationset/.helmignore b/charts/argocd-applicationset/.helmignore index 5bdaa3eb..ee9c40f0 100644 --- a/charts/argocd-applicationset/.helmignore +++ b/charts/argocd-applicationset/.helmignore @@ -22,3 +22,4 @@ *.tmproj .vscode/ ci/ +*.gotmpl diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 68f2b3b1..51ebf64b 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.9.0 +version: 1.9.1 appVersion: "v0.3.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: Add ingress for webhook, not enabled by default." + - "[Changed]: Consistent .helmignore" diff --git a/charts/argocd-image-updater/.helmignore b/charts/argocd-image-updater/.helmignore index 0e8a0eb3..ee9c40f0 100644 --- a/charts/argocd-image-updater/.helmignore +++ b/charts/argocd-image-updater/.helmignore @@ -21,3 +21,5 @@ .idea/ *.tmproj .vscode/ +ci/ +*.gotmpl diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 5c90d48b..0ace5a49 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.6.1 +version: 0.6.2 appVersion: v0.11.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v0.11.2" + - "[Changed]: Consistent .helmignore" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index e1223139..0f246edd 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -105,7 +105,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | tolerations | list | `[]` | Kubernetes toleration settings for the deployment | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config diff --git a/charts/argocd-image-updater/README.md.gotmpl b/charts/argocd-image-updater/README.md.gotmpl index afefdafe..7e39f7a6 100644 --- a/charts/argocd-image-updater/README.md.gotmpl +++ b/charts/argocd-image-updater/README.md.gotmpl @@ -57,7 +57,8 @@ The `config.registries` value can be used exactly as it looks in the documentati {{ template "chart.valuesSection" . }} -{{ template "helm-docs.versionFooter" . }} +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config diff --git a/charts/argocd-notifications/.helmignore b/charts/argocd-notifications/.helmignore index 50af0317..26179658 100644 --- a/charts/argocd-notifications/.helmignore +++ b/charts/argocd-notifications/.helmignore @@ -20,3 +20,5 @@ .idea/ *.tmproj .vscode/ +ci/ +*.gotmpl diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 1c1fa2b5..96825383 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v1.2.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.7.0 +version: 1.7.1 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Added]: Support for dynamic Secret and ConfigMap names" + - "[Changed]: Consistent .helmignore" diff --git a/scripts/helm-docs.sh b/scripts/helm-docs.sh new file mode 100644 index 00000000..ed4408d3 --- /dev/null +++ b/scripts/helm-docs.sh @@ -0,0 +1,11 @@ +#!/bin/bash +## Reference: https://github.com/norwoodj/helm-docs +set -eux +CHART_DIR="$(cd "$(dirname "$0")/.." && pwd)" +echo "$CHART_DIR" + +echo "Running Helm-Docs" +docker run \ + -v "$CHART_DIR:/helm-docs" \ + -u $(id -u) \ + jnorwood/helm-docs:latest From bee32880a88d3b56a702e73e8f8e9e25c9e56fca Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 25 Jan 2022 13:43:09 +0100 Subject: [PATCH 0176/1248] feat(argo-rollouts): Use helm-docs to generate README.md (#1100) Signed-off-by: Marco Kilchhofer --- .helmdocsignore | 1 - charts/argo-rollouts/Chart.yaml | 4 +- charts/argo-rollouts/README.md | 119 ++++++++++++++++---------- charts/argo-rollouts/README.md.gotmpl | 99 +++++++++++++++++++++ charts/argo-rollouts/values.yaml | 103 ++++++++++++++-------- 5 files changed, 241 insertions(+), 85 deletions(-) delete mode 100644 .helmdocsignore create mode 100644 charts/argo-rollouts/README.md.gotmpl diff --git a/.helmdocsignore b/.helmdocsignore deleted file mode 100644 index 61eef86a..00000000 --- a/.helmdocsignore +++ /dev/null @@ -1 +0,0 @@ -charts/argo-rollouts diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index fdc8b94d..3a04fca9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.9.2 +version: 2.9.3 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Changed]: Consistent .helmignore" + - "[Changed]: Use helm-docs to generate README.md" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index d5575c4a..162ddb25 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -15,7 +15,6 @@ The default installation is intended to be similar to the provided Argo Rollouts - Kubernetes 1.7+ - Helm v3.0.0+ - ## Installing the Chart To install the chart with the release name `my-release`: @@ -24,6 +23,7 @@ To install the chart with the release name `my-release`: $ helm repo add argo https://argoproj.github.io/argo-helm $ helm install my-release argo/argo-rollouts ``` + ### UI Dashboard If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-rollouts dashboard by @@ -35,71 +35,89 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r ## Chart Values +### General parameters + | Key | Type | Default | Description | |-----|------|---------|-------------| | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | clusterInstall | bool | `true` | `false` runs controller in namespaced mode (does not require cluster RBAC) | -| controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | -| controller.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | -| controller.image.registry | string | `quay.io` | Registry to use | -| controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | -| controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | -| controller.extraArgs | list | `[]` | Additional arguments for the controller. A list of flags. | -| controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | -| controller.resources | object | `{}` | Resource limits and requests for the controller pods. | -| controller.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | -| controller.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | -| controller.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | -| controller.metrics.enabled | bool | `false` | Deploy metrics service | -| controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | -| controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | -| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | -| imagePullSecrets | list | `[]` | Registry secret names as an array | +| crdAnnotations | object | `{}` | Annotations to be added to all CRDs | +| fullnameOverride | string | `nil` | String to fully override "argo-rollouts.fullname" template | +| imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Registry secret names as an array. | | installCRDs | bool | `true` | Install and upgrade CRDs | | keepCRDs | bool | `true` | Keep CRD's on helm uninstall | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | -| crdAnnotations | object | `{}` | Annotations to be added to all CRDs | +| nameOverride | string | `nil` | String to partially override "argo-rollouts.fullname" template | + +### Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| containerSecurityContext | object | `{}` | Security Context to set on container level | +| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | +| controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | +| controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | +| controller.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| controller.image.registry | string | `"quay.io"` | Registry to use | +| controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | +| controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | +| controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | +| controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | +| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | +| controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.nodeSelector | object | `{}` | [Node selector] | +| controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | +| controller.replicas | int | `1` | The number of controller pods to run | +| controller.resources | object | `{}` | Resource limits and requests for the controller pods. | +| controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | -| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | -| podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | -| containerSecurityContext | object | `{}` | Security Context to set on container level | -| dashboard.enabled | bool | `false` | Deploy dashboard server | +| serviceAnnotations | object | `{}` | Annotations to be added to the Rollout service | + +### Dashboard + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| dashboard.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` | +| dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | +| dashboard.enabled | bool | `false` | Deploy dashboard server | +| dashboard.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-dashboard. A list of flags. | | dashboard.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | -| dashboard.image.registry | string | `quay.io` | Registry to use | +| dashboard.image.registry | string | `"quay.io"` | Registry to use | | dashboard.image.repository | string | `"argoproj/kubectl-argo-rollouts"` | Repository to use | | dashboard.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | -| dashboard.extraArgs | list | `[]` | Additional arguments for the dashboard. A list of flags. | +| dashboard.ingress.annotations | object | `{}` | Dashboard ingress annotations | +| dashboard.ingress.enabled | bool | `false` | Enable dashboard ingress support | +| dashboard.ingress.extraPaths | list | `[]` | Dashboard ingress extra paths | +| dashboard.ingress.hosts | list | `[]` | Dashboard ingress hosts | +| dashboard.ingress.ingressClassName | string | `""` | Dashboard ingress class name | +| dashboard.ingress.labels | object | `{}` | Dashboard ingress labels | +| dashboard.ingress.pathType | string | `"Prefix"` | Dashboard ingress path type | +| dashboard.ingress.paths | list | `["/"]` | Dashboard ingress paths | +| dashboard.ingress.tls | list | `[]` | Dashboard ingress tls | +| dashboard.nodeSelector | object | `{}` | [Node selector] | +| dashboard.podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | +| dashboard.service.annotations | object | `{}` | Service annotations | | dashboard.service.externalIPs | list | `[]` | Dashboard service external IPs | +| dashboard.service.labels | object | `{}` | Service labels | | dashboard.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | | dashboard.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | -| dashboard.service.type | string | `ClusterIP` | Sets the type of the Service | -| dashboard.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | -| dashboard.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | -| dashboard.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | -| dashboard.podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | -| dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | -| dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | +| dashboard.service.port | int | `3100` | Service port | +| dashboard.service.portName | string | `"dashboard"` | Service port name | +| dashboard.service.targetPort | int | `3100` | Service target port | +| dashboard.service.type | string | `"ClusterIP"` | Sets the type of the Service | | dashboard.serviceAccount.annotations | object | `{}` | Annotations to add to the dashboard service account | -| dashboard.serviceAccount.name | string | `""` | The name of the dashboard service account to use. If not set and create is true, a name is generated using the fullname template | -| dashboard.service.annotations | object | `{}` | Dashboard service annotations | -| dashboard.service.labels | object | `{}` | Dashboard service labels | -| dashboard.service.portName | string | `dashboard` | Dashboard service port name | -| dashboard.service.port | int | `3100` | Dashboard service port | -| dashboard.service.targetPort | int | `3100` | Dashboard service target port | -| dashboard.ingress.enabled | bool | `false` | Enable dashboard ingress support | -| dashboard.ingress.annotations | object | `{}` | Dashboard ingress annotations | -| dashboard.ingress.labels | object | `{}` | Dashboard ingress labels | -| dashboard.ingress.ingressClassName | string | `""` | Dashboard ingress class name | -| dashboard.ingress.hosts | list | `[]` | Dashboard ingress hosts | -| dashboard.ingress.paths | list | `["/"]` | Dashboard ingress paths | -| dashboard.ingress.pathType | string | `Prefix` | Dashboard ingress path type | -| dashboard.ingress.extraPaths | list | `[]` | Dashboard ingress extra paths | -| dashboard.ingress.tls | list | `[]` | Dashboard ingress tls | +| dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | +| dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints | ## Upgrading @@ -121,3 +139,12 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r * Breaking parameters update * `securityContext` was renamed to `containerSecurityContext` * Added `controller.image.registry`. Prior to this chart version you had to override the registry via `controller.image.repository` + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.9.3/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl new file mode 100644 index 00000000..96078591 --- /dev/null +++ b/charts/argo-rollouts/README.md.gotmpl @@ -0,0 +1,99 @@ +# Argo Rollouts Chart + +A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. + +Source code can be found [here](https://github.com/argoproj/argo-rollouts) + +## Additional Information + +This is a **community maintained** chart. This chart installs [argo-rollouts](https://argoproj.github.io/argo-rollouts/), progressive delivery for Kubernetes. + +The default installation is intended to be similar to the provided Argo Rollouts [releases](https://github.com/argoproj/argo-rollouts/releases). + +## Prerequisites + +- Kubernetes 1.7+ +- Helm v3.0.0+ + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +$ helm install my-release argo/argo-rollouts +``` + +### UI Dashboard + +If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-rollouts dashboard by +`kubectl port-forward service/argo-rollouts-dashboard 31000:3100` and pointing the browser to `localhost:31000` + +| :warning: WARNING when the Service type is set to LoadBalancer or NodePort | +|:---------------------------------------------------------------------------| +| The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | + +## Chart Values + +### General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if not (or (hasPrefix "controller" .Key) (hasPrefix "dashboard" .Key) (hasPrefix "container" .Key) (hasPrefix "pod" .Key) (hasPrefix "service" .Key) ) }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} + {{- if hasPrefix "server.additional" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Controller + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if or (hasPrefix "controller" .Key) (hasPrefix "container" .Key) (hasPrefix "pod" .Key) (hasPrefix "service" .Key) }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +### Dashboard + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "dashboard" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Upgrading + +### To 2.0.0 + +* The argo-rollouts dashboard is added to the template and can be enabled by setting `dashboard.enabled=true`. +* There is a breaking change where the selector label `app.kubernetes.io/component: {{ `{{ .Values.controller.component }}` }}` is added to rollout's deployment and service in order to distinguish between the controller and the dashboard component. + To upgrade an existing installation, please **add the `--force` parameter** to the `helm upgrade` command or **delete the Deployment and Service resource** before you upgrade. This is necessary because Deployment's label selector is immutable. + +### To 1.0.0 + +* This is a breaking change which only supports Helm v3.0.0+ now. If you still use Helm v2, please consider upgrading because v2 is EOL since November 2020. + To migrate to Helm v3 please have a look at the [Helm 2to3 Plugin](https://github.com/helm/helm-2to3). This tool will convert the existing ConfigMap used for Tiller to a Secret of type `helm.sh/release.v1`. +* `quay.io` is the default registry now +* We introduce a template function for the labels here to reduce code duplication. This also affects the Deployment `matchLabels` selector. + To upgrade an existing installation, please **add the `--force` parameter** to the `helm upgrade` command or **delete the Deployment resource** before you upgrade. This is necessary because Deployment's label selector is immutable. +* All resources are now prefixed with the template `"argo-rollouts.fullname"`. + This enables the users to override resource names via the `nameOverride` and `fullnameOverride` parameters. +* Breaking parameters update + * `securityContext` was renamed to `containerSecurityContext` + * Added `controller.image.registry`. Prior to this chart version you had to override the registry via `controller.image.repository` + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes +[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-{{ .Version }}/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index dbe0c2ca..53b94bf7 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -1,50 +1,57 @@ +# -- Install and upgrade CRDs installCRDs: true +# -- Keep CRD's on helm uninstall keepCRDs: true +# -- `false` runs controller in namespaced mode (does not require cluster RBAC) clusterInstall: true -## String to partially override "argo-rollouts.fullname" template -## +# -- String to partially override "argo-rollouts.fullname" template nameOverride: -## String to fully override "argo-rollouts.fullname" template -## +# -- String to fully override "argo-rollouts.fullname" template fullnameOverride: ## Override APIVersions ## If you want to template helm charts but cannot access k8s API server ## you can set api versions here apiVersionOverrides: - # String to override apiVersion of ingresses rendered by this helm chart + # -- String to override apiVersion of ingresses rendered by this helm chart ingress: "" # networking.k8s.io/v1beta1 -## Override the Kubernetes version, which is used to evaluate certain manifests -## +# -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" controller: + # -- Value of label `app.kubernetes.io/component` component: rollouts-controller - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} + # -- The number of controller pods to run replicas: 1 image: + # -- Registry to use registry: quay.io + # -- Repository to use repository: argoproj/argo-rollouts + # -- Overrides the image tag (default is the chart appVersion) tag: "" + # -- Image pull policy pullPolicy: IfNotPresent - ## Additional command line arguments to pass to rollouts-controller - ## + # -- Additional command line arguments to pass to rollouts-controller. A list of flags. extraArgs: [] + # -- Literal yaml for extra containers to be added to controller deployment. ## Additional containers to add to the rollouts controller deployment ## This will be rendered as the literal yaml extraContainers: [] + # -- Resource limits and requests for the controller pods. resources: {} # limits: # cpu: 100m @@ -54,13 +61,18 @@ controller: # memory: 64Mi metrics: + # -- Deploy metrics service enabled: false serviceMonitor: + # -- Enable a prometheus ServiceMonitor enabled: false + # -- Labels to be added to the ServiceMonitor additionalLabels: {} + # -- Annotations to be added to the ServiceMonitor additionalAnnotations: {} - ## Readiness and liveness probes for rollouts controller + # -- Configure liveness [probe] for the controller + # @default -- See [values.yaml] livenessProbe: httpGet: path: /metrics @@ -70,6 +82,9 @@ controller: failureThreshold: 3 successThreshold: 1 timeoutSeconds: 10 + + # -- Configure readiness [probe] for the controller + # @default -- See [values.yaml] readinessProbe: httpGet: path: /metrics @@ -81,29 +96,25 @@ controller: timeoutSeconds: 4 serviceAccount: - # Specifies whether a service account should be created + # -- Specifies whether a service account should be created create: true - # Annotations to add to the service account + # -- Annotations to add to the service account annotations: {} - # The name of the service account to use. + # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" -## Annotations to be added to all CRDs -## +# -- Annotations to be added to all CRDs crdAnnotations: {} -## Annotations to be added to the Rollout pods -## +# -- Annotations to be added to the Rollout pods podAnnotations: {} -## Security Context to set on pod level -## +# -- Security Context to set on pod level podSecurityContext: runAsNonRoot: true -## Security Context to set on container level -## +# -- Security Context to set on container level containerSecurityContext: {} # capabilities: # drop: @@ -112,40 +123,47 @@ containerSecurityContext: {} # runAsNonRoot: true # runAsUser: 1000 -## Annotations to be added to the Rollout service -## +# -- Annotations to be added to the Rollout service serviceAnnotations: {} -## Labels to be added to the Rollout pods -## +# -- Labels to be added to the Rollout pods podLabels: {} -# Secrets with credentials to pull images from a private registry +# -- Secrets with credentials to pull images from a private registry. Registry secret names as an array. imagePullSecrets: [] # - name: argo-pull-secret dashboard: + # -- Deploy dashboard server enabled: false + # -- Value of label `app.kubernetes.io/component` component: rollouts-dashboard - ## Node selectors and tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} image: + # -- Registry to use registry: quay.io + # -- Repository to use repository: argoproj/kubectl-argo-rollouts + # -- Overrides the image tag (default is the chart appVersion) tag: "" + # -- Image pull policy pullPolicy: IfNotPresent - ## Additional command line arguments to pass to rollouts-dashboard - ## + # -- Additional command line arguments to pass to rollouts-dashboard. A list of flags. extraArgs: [] + # -- Resource limits and requests for the dashboard pods. resources: {} + # -- Security Context to set on pod level podSecurityContext: runAsNonRoot: true + # -- Security Context to set on container level containerSecurityContext: {} service: + # -- Sets the type of the Service type: ClusterIP # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" @@ -164,29 +182,40 @@ dashboard: # -- Service target port targetPort: 3100 serviceAccount: + # -- Specifies whether a dashboard service account should be created create: true + # -- Annotations to add to the dashboard service account annotations: {} - # The name of the service account to use. + # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" + ## Ingress configuration. ## ref: https://kubernetes.io/docs/user-guide/ingress/ ## ingress: + # -- Enable dashboard ingress support enabled: false + # -- Dashboard ingress annotations annotations: {} + # -- Dashboard ingress labels labels: {} + # -- Dashboard ingress class name ingressClassName: "" + # -- Dashboard ingress hosts ## Argo Rollouts Dashboard Ingress. ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace - ## hosts: [] # - argorollouts.example.com + + # -- Dashboard ingress paths paths: - / + # -- Dashboard ingress path type pathType: Prefix + # -- Dashboard ingress extra paths extraPaths: [] # - path: /* # backend: @@ -200,6 +229,8 @@ dashboard: # name: ssl-redirect # port: # name: use-annotation + + # -- Dashboard ingress tls tls: [] # - secretName: argorollouts-example-tls # hosts: From e00af60b391c5e86b36696c206e0d7dac36d30aa Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Wed, 26 Jan 2022 15:14:00 +0000 Subject: [PATCH 0177/1248] feat(argo-cd): Bump argo-cd to v.2.2.3 and Redis to v6.2.6 (#1102) Signed-off-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 7 ++++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a1b013c3..54972bdb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.2.2 +appVersion: v2.2.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.31.1 +version: 3.32.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Consistent .helmignore" + - "[Changed]: Update to Argo-CD v2.2.3" + - "[Changed]: Update Redis to v6.2.6" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3d68d56e..baa8ec44 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -577,7 +577,7 @@ NAME: my-release | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | | redis.image.repository | string | `"redis"` | Redis repository | -| redis.image.tag | string | `"6.2.4-alpine"` | Redis tag | +| redis.image.tag | string | `"6.2.6-alpine"` | Redis tag | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | @@ -620,7 +620,7 @@ NAME: my-release | redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"6.2.4-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"6.2.6-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `"\"\""` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5b9d4233..ece90bc5 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -550,7 +550,7 @@ redis: # -- Redis repository repository: redis # -- Redis tag - tag: 6.2.4-alpine + tag: 6.2.6-alpine # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent @@ -740,7 +740,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 6.2.4-alpine + tag: 6.2.6-alpine ## Server server: From cf57a71a154a1a8a19f5f9d3980d60eb3efd80c8 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 27 Jan 2022 11:15:05 +0100 Subject: [PATCH 0178/1248] fix(argo-cd): Add custom volume as Helm working dir (#1103) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++--- .../argocd-repo-server/deployment.yaml | 22 +++++++++++++------ 2 files changed, 17 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 54972bdb..3f125b49 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.32.0 +version: 3.32.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to Argo-CD v2.2.3" - - "[Changed]: Update Redis to v6.2.6" + - "[Fixed]: Add custom volume as Helm working dir (sync with upstream manifests)" diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index a18f21b6..8ca198af 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -54,16 +54,20 @@ spec: {{- if .Values.repoServer.containerSecurityContext }} securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} {{- end }} -{{- if or (.Values.repoServer.env) (.Values.openshift.enabled) }} env: -{{- if .Values.repoServer.env }} -{{- toYaml .Values.repoServer.env | nindent 8 }} -{{- end }} -{{- if .Values.openshift.enabled }} + - name: HELM_CACHE_HOME + value: /helm-working-dir + - name: HELM_CONFIG_HOME + value: /helm-working-dir + - name: HELM_DATA_HOME + value: /helm-working-dir + {{- if .Values.repoServer.env }} + {{- toYaml .Values.repoServer.env | nindent 8 }} + {{- end }} + {{- if .Values.openshift.enabled }} - name: USER_NAME value: argocd -{{- end }} -{{- end }} + {{- end }} {{- with .Values.repoServer.envFrom }} envFrom: {{- toYaml . | nindent 8 }} {{- end }} @@ -87,6 +91,8 @@ spec: name: argocd-repo-server-tls - mountPath: /tmp name: tmp-dir + - mountPath: /helm-working-dir + name: helm-working-dir - mountPath: /home/argocd/cmp-server/plugins name: plugins ports: @@ -166,6 +172,8 @@ spec: name: argocd-tls-certs-cm name: tls-certs {{- end }} + - name: helm-working-dir + emptyDir: {} - name: argocd-repo-server-tls secret: items: From 4c1ee93faf780b93dd8909327dcdf6ada75901f4 Mon Sep 17 00:00:00 2001 From: mugi-o <62197019+mugioka@users.noreply.github.com> Date: Fri, 28 Jan 2022 22:44:46 +0900 Subject: [PATCH 0179/1248] feat(argo-workflows): argo workflows chart to allow set the namespace of Prometheus ServiceMonitor. (#1104) * feat(argo-workflows): argo workflows chart to allow set the namespace of Prometheus ServiceMonitor. Signed-off-by: mugioka * Bump minor chart version Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-servicemonitor.yaml | 3 +++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0b737f9d..cc96ad06 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.9.5 +version: 0.10.0 appVersion: v3.2.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Consistent .helmignore" + - "[Added]: Add controller serviceMonitor.namespace parameter." diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 7a3ab5f7..f03ef190 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -110,6 +110,7 @@ Fields to note: | controller.serviceLabels | object | `{}` | Optional labels to add to the controller Service | | controller.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | controller.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | controller.serviceType | string | `"ClusterIP"` | Service type of the controller Service | | controller.telemetryConfig.enabled | bool | `false` | Enables prometheus telemetry server | | controller.telemetryConfig.path | string | `"/telemetry"` | telemetry path | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index 54cf1b31..f71d3507 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -3,6 +3,9 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-workflows.controller.fullname" . }} + {{- with .Values.controller.serviceMonitor.namespace }} + namespace: {{ . }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.serviceMonitor.additionalLabels }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8b727b67..2e07df47 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -145,6 +145,8 @@ controller: enabled: false # -- Prometheus ServiceMonitor labels additionalLabels: {} + # -- Prometheus ServiceMonitor namespace + namespace: "" # "monitoring" serviceAccount: # -- Create a service account for the controller create: true From f1995d697e765b03a6b9f37e9a9faadb50010b14 Mon Sep 17 00:00:00 2001 From: mugi-o <62197019+mugioka@users.noreply.github.com> Date: Tue, 1 Feb 2022 00:36:49 +0900 Subject: [PATCH 0180/1248] feat(argo-cd): add poddisruptionbudget template. (#1110) Signed-off-by: mugioka --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 15 +++++ .../poddisruptionbudget.yaml | 26 +++++++++ .../poddisruptionbudget.yaml | 26 +++++++++ .../argocd-server/poddisruptionbudget.yaml | 26 +++++++++ .../templates/dex/poddisruptionbudget.yaml | 26 +++++++++ .../templates/redis/poddisruptionbudget.yaml | 26 +++++++++ charts/argo-cd/values.yaml | 55 +++++++++++++++++++ 8 files changed, 202 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml create mode 100644 charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml create mode 100644 charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml create mode 100644 charts/argo-cd/templates/dex/poddisruptionbudget.yaml create mode 100644 charts/argo-cd/templates/redis/poddisruptionbudget.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3f125b49..dac4747e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.32.1 +version: 3.33.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Add custom volume as Helm working dir (sync with upstream manifests)" + - "[Added]: PodDisruptionBudget template" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index baa8ec44..d4550826 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -279,6 +279,9 @@ NAME: my-release | controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | controller.name | string | `"application-controller"` | Application controller name string | | controller.nodeSelector | object | `{}` | [Node selector] | +| controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | +| controller.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the application controller | +| controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.podLabels | object | `{}` | Labels to be added to application controller pods | | controller.priorityClassName | string | `""` | Priority class for the application controller pods | @@ -346,6 +349,9 @@ NAME: my-release | repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | repoServer.name | string | `"repo-server"` | Repo server name | | repoServer.nodeSelector | object | `{}` | [Node selector] | +| repoServer.pdb.annotations | object | `{}` | Annotations to be added to Repo server pdb | +| repoServer.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the Repo server | +| repoServer.pdb.labels | object | `{}` | Labels to be added to Repo server pdb | | repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | | repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | | repoServer.priorityClassName | string | `""` | Priority class for the repo server | @@ -456,6 +462,9 @@ NAME: my-release | server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | server.name | string | `"server"` | Argo CD server name | | server.nodeSelector | object | `{}` | [Node selector] | +| server.pdb.annotations | object | `{}` | Annotations to be added to server pdb | +| server.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the server | +| server.pdb.labels | object | `{}` | Labels to be added to server pdb | | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | | server.priorityClassName | string | `""` | Priority class for the Argo CD server | @@ -539,6 +548,9 @@ NAME: my-release | dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | dex.name | string | `"dex-server"` | Dex name | | dex.nodeSelector | object | `{}` | [Node selector] | +| dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb | +| dex.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the Dex server | +| dex.pdb.labels | object | `{}` | Labels to be added to Dex server pdb | | dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods | | dex.podLabels | object | `{}` | Labels to be added to the Dex server pods | | dex.priorityClassName | string | `""` | Priority class for dex | @@ -600,6 +612,9 @@ NAME: my-release | redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | redis.name | string | `"redis"` | Redis name | | redis.nodeSelector | object | `{}` | [Node selector] | +| redis.pdb.annotations | object | `{}` | Annotations to be added to Redis server pdb | +| redis.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the Redis server | +| redis.pdb.labels | object | `{}` | Labels to be added to Redis server pdb | | redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods | | redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | | redis.priorityClassName | string | `""` | Priority class for redis | diff --git a/charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml b/charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml new file mode 100644 index 00000000..f27e1d74 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml @@ -0,0 +1,26 @@ +{{- if .Values.controller.pdb.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-cd.controller.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- with .Values.controller.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.pdb.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.controller.pdb.minAvailable }} + minAvailable: {{ .Values.controller.pdb.minAvailable }} + {{- else if .Values.controller.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml b/charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml new file mode 100644 index 00000000..c388c263 --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml @@ -0,0 +1,26 @@ +{{- if .Values.repoServer.pdb.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-cd.repoServer.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} + {{- with .Values.repoServer.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.repoServer.pdb.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.repoServer.pdb.minAvailable }} + minAvailable: {{ .Values.repoServer.pdb.minAvailable }} + {{- else if .Values.repoServer.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.repoServer.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml b/charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml new file mode 100644 index 00000000..2342a1c6 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml @@ -0,0 +1,26 @@ +{{- if .Values.server.pdb.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-cd.server.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.server.pdb.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.server.pdb.minAvailable }} + minAvailable: {{ .Values.server.pdb.minAvailable }} + {{- else if .Values.server.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.server.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/dex/poddisruptionbudget.yaml b/charts/argo-cd/templates/dex/poddisruptionbudget.yaml new file mode 100644 index 00000000..93d952fe --- /dev/null +++ b/charts/argo-cd/templates/dex/poddisruptionbudget.yaml @@ -0,0 +1,26 @@ +{{- if .Values.dex.pdb.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-cd.dex.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} + {{- with .Values.dex.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.dex.pdb.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.dex.pdb.minAvailable }} + minAvailable: {{ .Values.dex.pdb.minAvailable }} + {{- else if .Values.dex.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.dex.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/redis/poddisruptionbudget.yaml b/charts/argo-cd/templates/redis/poddisruptionbudget.yaml new file mode 100644 index 00000000..0f19bb9f --- /dev/null +++ b/charts/argo-cd/templates/redis/poddisruptionbudget.yaml @@ -0,0 +1,26 @@ +{{- if .Values.redis.pdb.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-cd.redis.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} + {{- with .Values.redis.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.redis.pdb.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.redis.pdb.minAvailable }} + minAvailable: {{ .Values.redis.pdb.minAvailable }} + {{- else if .Values.redis.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.redis.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ece90bc5..015ed592 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -345,6 +345,17 @@ controller: # name: custom-tools # subPath: helm + pdb: + # -- Labels to be added to application controller pdb + labels: {} + # -- Annotations to be added to application controller pdb + annotations: {} + + # -- Deploy a Poddisruptionbudget for the application controller + enabled: false + # minAvailable: 1 + # maxUnavailable: 0 + ## Dex dex: # -- Enable dex @@ -539,6 +550,17 @@ dex: # name: custom-tools # subPath: helm + pdb: + # -- Labels to be added to Dex server pdb + labels: {} + # -- Annotations to be added to Dex server pdb + annotations: {} + + # -- Deploy a Poddisruptionbudget for the Dex server + enabled: false + # minAvailable: 1 + # maxUnavailable: 0 + ## Redis redis: # -- Enable redis @@ -712,6 +734,17 @@ redis: # -- Prometheus ServiceMonitor labels additionalLabels: {} + pdb: + # -- Labels to be added to Redis server pdb + labels: {} + # -- Annotations to be added to Redis server pdb + annotations: {} + + # -- Deploy a Poddisruptionbudget for the Redis server + enabled: false + # minAvailable: 1 + # maxUnavailable: 0 + # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted # Check the redis-ha chart for more properties @@ -1352,6 +1385,17 @@ server: # - name: argo-rollouts # url: https://github.com/argoproj-labs/rollout-extension/releases/download/v0.1.0/extension.tar + pdb: + # -- Labels to be added to server pdb + labels: {} + # -- Annotations to be added to server pdb + annotations: {} + + # -- Deploy a Poddisruptionbudget for the server + enabled: false + # minAvailable: 1 + # maxUnavailable: 0 + ## Repo Server repoServer: # -- Repo server name @@ -1590,6 +1634,17 @@ repoServer: # name: custom-tools # subPath: helm + pdb: + # -- Labels to be added to Repo server pdb + labels: {} + # -- Annotations to be added to Repo server pdb + annotations: {} + + # -- Deploy a Poddisruptionbudget for the Repo server + enabled: false + # minAvailable: 1 + # maxUnavailable: 0 + ## Argo Configs configs: # -- Provide one or multiple [external cluster credentials] From 08c9dffa8a506a34cd5ea3594ac59a2cf002be77 Mon Sep 17 00:00:00 2001 From: Treehopper Date: Mon, 31 Jan 2022 20:26:04 +0100 Subject: [PATCH 0181/1248] fix(argo-cd): Quote annotation values (#1107) * fix: Quote annotation values in redis service [argo-cd] (#1106) * Quote annotation values in redis * Update chart version Signed-off-by: Max Hohengger * Implement annotation quote for all other occurrences Signed-off-by: Marco Kilchhofer * Update changelog Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-application-controller/deployment.yaml | 4 +++- charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml | 4 +++- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 4 +++- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 +++- charts/argo-cd/templates/argocd-server/route.yaml | 4 +++- charts/argo-cd/templates/dex/deployment.yaml | 4 +++- charts/argo-cd/templates/redis/deployment.yaml | 4 +++- charts/argo-cd/templates/redis/metrics-service.yaml | 4 +++- charts/argo-cd/templates/redis/service.yaml | 4 +++- 10 files changed, 29 insertions(+), 11 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dac4747e..0188c7d7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.33.0 +version: 3.33.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: PodDisruptionBudget template" + - "[Fixed]: Consistent annotation quoting across all manifests" diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 3fe88f17..9c88c444 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -19,7 +19,9 @@ spec: metadata: {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.controller.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index 4fb7e883..147fab51 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -12,7 +12,9 @@ metadata: argocd.argoproj.io/secret-type: cluster {{- with .annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} type: Opaque stringData: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 8ca198af..8217d84d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -18,7 +18,9 @@ spec: metadata: {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 5b158d68..e6b3eb01 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -18,7 +18,9 @@ spec: metadata: {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.server.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-server/route.yaml b/charts/argo-cd/templates/argocd-server/route.yaml index 25cd2d8c..f1fc8012 100644 --- a/charts/argo-cd/templates/argocd-server/route.yaml +++ b/charts/argo-cd/templates/argocd-server/route.yaml @@ -7,7 +7,9 @@ metadata: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.route.annotations }} annotations: -{{ toYaml . | indent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} spec: host: {{ .Values.server.route.hostname | quote }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 41f6b3af..975ece7f 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -14,7 +14,9 @@ spec: metadata: {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.dex.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 8 }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 0c6d903a..fb0c481f 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -15,7 +15,9 @@ spec: metadata: {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.redis.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 8 }} diff --git a/charts/argo-cd/templates/redis/metrics-service.yaml b/charts/argo-cd/templates/redis/metrics-service.yaml index e799b5ea..da96a22b 100644 --- a/charts/argo-cd/templates/redis/metrics-service.yaml +++ b/charts/argo-cd/templates/redis/metrics-service.yaml @@ -6,7 +6,9 @@ metadata: name: {{ template "argo-cd.redis.fullname" . }}-metrics {{- with .Values.redis.metrics.service.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index 70b80c06..af273d71 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -11,7 +11,9 @@ metadata: {{- end }} {{- with .Values.redis.service.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} spec: ports: From ba124f2587222e69e0758bda8d0f850faac30716 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Tue, 1 Feb 2022 22:47:44 +0100 Subject: [PATCH 0182/1248] feat(argocd-notifications): Add ability to define security context (#1116) Signed-off-by: Marco Kilchhofer --- charts/argocd-notifications/Chart.yaml | 4 ++-- charts/argocd-notifications/README.md | 2 ++ .../templates/bots/slack/deployment.yaml | 6 ++++++ charts/argocd-notifications/values.yaml | 7 +++++++ 4 files changed, 17 insertions(+), 2 deletions(-) diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 96825383..27d5f907 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v1.2.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. name: argocd-notifications type: application -version: 1.7.1 +version: 1.8.0 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Changed]: Consistent .helmignore" + - "[Added]: Ability to define security context for Slack bot deployment" diff --git a/charts/argocd-notifications/README.md b/charts/argocd-notifications/README.md index 81bd8358..ec7caf6c 100644 --- a/charts/argocd-notifications/README.md +++ b/charts/argocd-notifications/README.md @@ -65,6 +65,7 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late | Key | Type | Default | Description | |-----|------|---------|-------------| | bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | +| bots.slack.containerSecurityContext | object | `{}` | Container Security Context | | bots.slack.enabled | bool | `false` | Enable slack bot | | bots.slack.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the Slack bot | | bots.slack.image.repository | string | `"argoprojlabs/argocd-notifications"` | Repository to use for the Slack bot | @@ -72,6 +73,7 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late | bots.slack.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | bots.slack.nodeSelector | object | `{}` | [Node selector] | | bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | +| bots.slack.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | | bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | | bots.slack.service.port | int | `80` | Service port for Slack bot | | bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | diff --git a/charts/argocd-notifications/templates/bots/slack/deployment.yaml b/charts/argocd-notifications/templates/bots/slack/deployment.yaml index 83efd6ba..1230034a 100644 --- a/charts/argocd-notifications/templates/bots/slack/deployment.yaml +++ b/charts/argocd-notifications/templates/bots/slack/deployment.yaml @@ -21,6 +21,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} + {{- with .Values.bots.slack.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: {{ include "argocd-notifications.name" . }}-bot image: "{{ .Values.bots.slack.image.repository }}:{{ default .Chart.AppVersion .Values.bots.slack.image.tag }}" @@ -34,6 +37,9 @@ spec: ports: - containerPort: 8080 name: http + {{- with .Values.bots.slack.containerSecurityContext }} + securityContext: {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.bots.slack.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml index 054faffe..c5e5be06 100644 --- a/charts/argocd-notifications/values.yaml +++ b/charts/argocd-notifications/values.yaml @@ -428,6 +428,13 @@ bots: # -- Annotations applied to created service account annotations: {} + # -- Pod Security Context + securityContext: + runAsNonRoot: true + + # -- Container Security Context + containerSecurityContext: {} + # -- Resource limits and requests for the Slack bot resources: {} # limits: From a0a74fb43d147073e41aadc3d88660b312d6d638 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 3 Feb 2022 10:36:26 +0100 Subject: [PATCH 0183/1248] chore(argo-cd): Convert manifests of 'kind: List' to dashes separated documents (#1120) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +- .../argocd-configs/applications.yaml | 86 +++++++------ .../templates/argocd-configs/projects.yaml | 116 +++++++++--------- 3 files changed, 99 insertions(+), 107 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0188c7d7..50b0bcd3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.3 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.33.1 +version: 3.33.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Consistent annotation quoting across all manifests" + - "[Changed]: Convert manifests of 'kind: List' to dashes separated documents." diff --git a/charts/argo-cd/templates/argocd-configs/applications.yaml b/charts/argo-cd/templates/argocd-configs/applications.yaml index d4d6171b..f40a259e 100644 --- a/charts/argo-cd/templates/argocd-configs/applications.yaml +++ b/charts/argo-cd/templates/argocd-configs/applications.yaml @@ -1,46 +1,42 @@ -{{- if .Values.server.additionalApplications }} -apiVersion: v1 -kind: List -items: - {{- range .Values.server.additionalApplications }} - - apiVersion: argoproj.io/v1alpha1 - kind: Application - metadata: - {{- with .additionalAnnotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- with .additionalLabels }} - labels: - {{- toYaml . | nindent 8 }} - {{- end }} - name: {{ .name }} - {{- with .namespace }} - namespace: {{ . }} - {{- end }} - {{- with .finalizers }} - finalizers: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - project: {{ tpl .project $ }} - source: - {{- toYaml .source | nindent 8 }} - destination: - {{- toYaml .destination | nindent 8 }} - {{- with .syncPolicy }} - syncPolicy: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .ignoreDifferences }} - ignoreDifferences: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .info }} - info: - {{- toYaml . | nindent 8 }} - {{- end }} +{{- range .Values.server.additionalApplications }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + {{- with .additionalAnnotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} \ No newline at end of file + {{- with .additionalLabels }} + labels: + {{- toYaml . | nindent 8 }} + {{- end }} + name: {{ .name }} + {{- with .namespace }} + namespace: {{ . }} + {{- end }} + {{- with .finalizers }} + finalizers: + {{- toYaml . | nindent 8 }} + {{- end }} +spec: + project: {{ tpl .project $ }} + source: + {{- toYaml .source | nindent 8 }} + destination: + {{- toYaml .destination | nindent 8 }} + {{- with .syncPolicy }} + syncPolicy: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .ignoreDifferences }} + ignoreDifferences: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .info }} + info: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/projects.yaml b/charts/argo-cd/templates/argocd-configs/projects.yaml index dd24c10f..74b674cd 100644 --- a/charts/argo-cd/templates/argocd-configs/projects.yaml +++ b/charts/argo-cd/templates/argocd-configs/projects.yaml @@ -1,62 +1,58 @@ -{{- if .Values.server.additionalProjects }} -apiVersion: v1 -kind: List -items: - {{- range .Values.server.additionalProjects }} - - apiVersion: argoproj.io/v1alpha1 - kind: AppProject - metadata: - {{- with .additionalAnnotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- with .additionalLabels }} - labels: - {{- toYaml . | nindent 8 }} - {{- end }} - name: {{ .name }} - {{- with .namespace }} - namespace: {{ . }} - {{- end }} - {{- with .finalizers }} - finalizers: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - description: {{ .description }} - sourceRepos: - {{- toYaml .sourceRepos | nindent 8 }} - destinations: - {{- toYaml .destinations | nindent 8 }} - {{- with .clusterResourceWhitelist }} - clusterResourceWhitelist: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .namespaceResourceBlacklist }} - namespaceResourceBlacklist: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .namespaceResourceWhitelist }} - namespaceResourceWhitelist: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .orphanedResources }} - orphanedResources: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .roles }} - roles: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .syncWindows }} - syncWindows: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .signatureKeys }} - signatureKeys: - {{- toYaml . | nindent 8 }} - {{- end }} +{{- range .Values.server.additionalProjects }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + {{- with .additionalAnnotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- with .additionalLabels }} + labels: + {{- toYaml . | nindent 8 }} + {{- end }} + name: {{ .name }} + {{- with .namespace }} + namespace: {{ . }} + {{- end }} + {{- with .finalizers }} + finalizers: + {{- toYaml . | nindent 8 }} + {{- end }} +spec: + description: {{ .description }} + sourceRepos: + {{- toYaml .sourceRepos | nindent 8 }} + destinations: + {{- toYaml .destinations | nindent 8 }} + {{- with .clusterResourceWhitelist }} + clusterResourceWhitelist: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .namespaceResourceBlacklist }} + namespaceResourceBlacklist: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .namespaceResourceWhitelist }} + namespaceResourceWhitelist: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .orphanedResources }} + orphanedResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .roles }} + roles: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .syncWindows }} + syncWindows: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .signatureKeys }} + signatureKeys: + {{- toYaml . | nindent 8 }} {{- end }} {{- end }} From ac4dc6df43d5c43f734bbbb4afa70b9193c8a300 Mon Sep 17 00:00:00 2001 From: Lucas Bickel <116588+hairmare@users.noreply.github.com> Date: Fri, 4 Feb 2022 10:19:18 +0100 Subject: [PATCH 0184/1248] fix(argo-cd): Update to Argo-CD v2.2.4 (#1124) Signed-off-by: Lucas Bickel --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 50b0bcd3..626264ef 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.2.3 +appVersion: v2.2.4 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.33.2 +version: 3.33.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Convert manifests of 'kind: List' to dashes separated documents." + - "[Changed]: Update to Argo-CD v2.2.4" From 7ffbe9d113f405437db2a2159b22a5e8e51e61bb Mon Sep 17 00:00:00 2001 From: Lucas Bickel <116588+hairmare@users.noreply.github.com> Date: Sat, 5 Feb 2022 13:54:45 +0100 Subject: [PATCH 0185/1248] fix(argo-cd): Update to Argo CD v2.2.5 (#1128) Signed-off-by: Lucas Bickel --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 626264ef..31d4ebf6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.2.4 +appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.33.3 +version: 3.33.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to Argo-CD v2.2.4" + - "[Changed]: Update to Argo-CD v2.2.5" From da0946d61e71a1400c23cc721b0c59287840014f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juan=20C=2E=20M=C3=BCller?= Date: Sat, 5 Feb 2022 11:32:30 -0500 Subject: [PATCH 0186/1248] fix(argo-cd): Use ingressClassName from ingressGrpc in ingress-grpc (#1127) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Juan C. Müller --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 31d4ebf6..4ba97dde 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.33.4 +version: 3.33.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to Argo-CD v2.2.5" + - "[Fixed]: Use ingressClassName from ingressGrpc for grpc ingress class name" diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 6a90445e..fb8cabae 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -21,7 +21,7 @@ metadata: {{- end }} spec: {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} - {{- with .Values.server.ingress.ingressClassName }} + {{- with .Values.server.ingressGrpc.ingressClassName }} ingressClassName: {{ . }} {{- end }} {{- end }} From 59feee1a070cb9a818f377758e6cbe606c2582cb Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Zaib Date: Thu, 10 Feb 2022 00:06:32 +0100 Subject: [PATCH 0187/1248] feat(argo-workflows): Update argo workflows to v3.2.7 (#1130) --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index cc96ad06..3793344b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.10.0 -appVersion: v3.2.6 +version: 0.10.1 +appVersion: v3.2.7 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add controller serviceMonitor.namespace parameter." + - "[Changed]: Update to app version v3.2.7" From ae13c65229f65a768ed732b767ed2dbf404fe74b Mon Sep 17 00:00:00 2001 From: Alexandre Gaudreault Date: Wed, 16 Feb 2022 13:43:46 -0500 Subject: [PATCH 0188/1248] feat(argocd-applicationset): add env variable in values (#1132) * feat(appset): add env variable in values Signed-off-by: Alexandre Gaudreault * wrong chart!!! Signed-off-by: Alexandre Gaudreault * quote Signed-off-by: Alexandre Gaudreault * update variable name Signed-off-by: Alexandre Gaudreault --- charts/argocd-applicationset/Chart.yaml | 4 ++-- charts/argocd-applicationset/README.md | 2 ++ .../argocd-applicationset/templates/deployment.yaml | 8 ++++++++ charts/argocd-applicationset/values.yaml | 13 +++++++++++++ 4 files changed, 25 insertions(+), 2 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 51ebf64b..69dfcf26 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.9.1 +version: 1.10.0 appVersion: "v0.3.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Changed]: Consistent .helmignore" + - "[Added]: Ability to define custom env variables for ArgoCD applicationset" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index c1abad4d..f3637ac7 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -67,6 +67,8 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | args.probeBindAddr | string | `":8081"` | The default health check port | | extraArgs | list | `[]` | List of extra cli args to add | +| extraEnv | list | `[]` | Environment variables to pass to the controller | +| extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | | extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | extraVolumes | list | `[]` | List of extra volumes to add | | fullnameOverride | string | `""` | Override the default fully qualified app name | diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index 34b7ee49..9d39dfa8 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -59,6 +59,14 @@ spec: - name: webhook containerPort: 7000 protocol: TCP + {{- with .Values.extraEnv }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.extraEnvFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index 25b8fdce..8ddcfee5 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -147,6 +147,19 @@ extraVolumes: [] extraArgs: [] # - --loglevel=warn +# -- Environment variables to pass to the controller +extraEnv: [] + # - name: "MY_VAR" + # value: "value" + +# -- envFrom to pass to the controller +# @default -- `[]` (See [values.yaml]) +extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + # -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" From f8803d52d1485fa734efe72c04478be3069e1325 Mon Sep 17 00:00:00 2001 From: AJ Christensen Date: Thu, 17 Feb 2022 21:19:27 +1300 Subject: [PATCH 0189/1248] fix(argo-cd applicationset): add extraContainers to deployment (#1125) Signed-off-by: AJ Christensen Co-authored-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 4 ++-- charts/argocd-applicationset/README.md | 1 + charts/argocd-applicationset/templates/deployment.yaml | 3 +++ charts/argocd-applicationset/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index 69dfcf26..e44545a6 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.10.0 +version: 1.11.0 appVersion: "v0.3.0" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: Ability to define custom env variables for ArgoCD applicationset" + - "[Added]: extraContainers support in Deployment resource" diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md index f3637ac7..7a678f83 100644 --- a/charts/argocd-applicationset/README.md +++ b/charts/argocd-applicationset/README.md @@ -67,6 +67,7 @@ kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/c | args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | args.probeBindAddr | string | `":8081"` | The default health check port | | extraArgs | list | `[]` | List of extra cli args to add | +| extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | | extraEnv | list | `[]` | Environment variables to pass to the controller | | extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | | extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index 9d39dfa8..468c21b6 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -91,6 +91,9 @@ spec: {{- with .Values.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} + {{- with .Values.extraContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} volumes: - emptyDir: {} name: tmp-dir diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml index 8ddcfee5..d51853e3 100644 --- a/charts/argocd-applicationset/values.yaml +++ b/charts/argocd-applicationset/values.yaml @@ -31,6 +31,9 @@ args: # -- Enable dry run mode dryRun: false +# -- Additional containers to be added to the applicationset controller pod +extraContainers: [] + ## Metrics service configuration metrics: # -- Deploy metrics service From 591de85984906ad5e98e4bb9785448dc4a78eb8a Mon Sep 17 00:00:00 2001 From: Hyeonmin Park Date: Thu, 17 Feb 2022 20:37:22 +0900 Subject: [PATCH 0190/1248] chore(argo-cd): Fix typo of policy.csv comment in values.yaml (#1136) Signed-off-by: Hyeonmin Park --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4ba97dde..83c499ea 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.33.5 +version: 3.33.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Use ingressClassName from ingressGrpc for grpc ingress class name" + - "[Fixed]: Fix typo of policy.csv comment in values" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 015ed592..14d17507 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1175,7 +1175,7 @@ server: ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbacConfig: {} - # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). + # policy.csv is a file containing user-defined RBAC policies and role definitions (optional). # Policy rules are in the form: # p, subject, resource, action, object, effect # Role definitions and bindings are in the form: From 39f5e2f0204eb2d1a08ebd33d9a8830630ead38a Mon Sep 17 00:00:00 2001 From: 0m1xa <43731080+0m1xa@users.noreply.github.com> Date: Sun, 20 Feb 2022 18:56:12 +0100 Subject: [PATCH 0191/1248] fix(argocd-image-updater): Update to app version v0.11.3 (#1141) * [image-updater] appVersion has been changed * Reword changelog Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 0ace5a49..35e97708 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.6.2 -appVersion: v0.11.2 +version: 0.6.3 +appVersion: v0.11.3 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Consistent .helmignore" + - "[Changed]: Update to app version v0.11.3" From 50a8cf13f55d18e61d0776836bf35e11a383c37c Mon Sep 17 00:00:00 2001 From: Muhammad Hamza Zaib Date: Sun, 20 Feb 2022 19:31:40 +0100 Subject: [PATCH 0192/1248] feat(argo-events): Bump argo-events to v1.5.6 (#1139) Signed-off-by: Muhammad Hamza Zaib Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a1ccf6bd..45930a0e 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.10.2 +version: 1.11.0 keywords: - argo-events - sensor-controller @@ -12,9 +12,9 @@ sources: maintainers: - name: VaibhavPage - name: whynowy -appVersion: v1.5.6 +appVersion: v1.6.0 icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Changed]: Consistent .helmignore" + - "[Changed]: Update to Argo Events 1.6.0" From 1aabc80985a474cc309bce920abfc5bd967ad874 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sun, 20 Feb 2022 21:57:28 +0100 Subject: [PATCH 0193/1248] feat(argo-events): Add aggregate-roles (sync with upstream manifests) (#1143) Signed-off-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 4 +- charts/argo-events/README.md | 3 + charts/argo-events/templates/_helpers.tpl | 24 ++++-- .../templates/aggregate-roles.yaml | 83 +++++++++++++++++++ charts/argo-events/values.yaml | 10 +++ 5 files changed, 115 insertions(+), 9 deletions(-) create mode 100644 charts/argo-events/templates/aggregate-roles.yaml diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 45930a0e..f5783785 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.11.0 +version: 1.12.0 keywords: - argo-events - sensor-controller @@ -17,4 +17,4 @@ icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Changed]: Update to Argo Events 1.6.0" + - "[Added]: Add aggregate-roles (sync with upstream manifests)" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 7f7d41c5..b6c9a407 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -33,8 +33,11 @@ You can install the CRDs manually from `crds` folder. |-----|------|---------|-------------| | additionalSaNamespaces | list | `[]` | Create service accounts in additional namespaces specified The SA will always be created in the release namespaces | | additionalServiceAccountRules | list | (See [values.yaml]) | Additional rules | +| createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-events CRDs. Only applies for cluster-wide installation (`singleNamespace: true`) | +| fullnameOverride | string | `""` | String to fully override "argo-events.fullname" template | | imagePullPolicy | string | `"Always"` | The image pull policy | | imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| nameOverride | string | `""` | String to partially override "argo-events.fullname" template | | registry | string | `"quay.io"` | docker registry | | securityContext | object | `{"runAsNonRoot":true,"runAsUser":9731}` | Common PodSecurityContext for all controllers | | serviceAccount | string | `"argo-events-sa"` | ServiceAccount to use for running controller. | diff --git a/charts/argo-events/templates/_helpers.tpl b/charts/argo-events/templates/_helpers.tpl index f0d83d2e..c25f9e5f 100644 --- a/charts/argo-events/templates/_helpers.tpl +++ b/charts/argo-events/templates/_helpers.tpl @@ -1,16 +1,26 @@ {{/* vim: set filetype=mustache: */}} + {{/* Expand the name of the chart. */}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} +{{- define "argo-events.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. */}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} +{{- define "argo-events.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/argo-events/templates/aggregate-roles.yaml b/charts/argo-events/templates/aggregate-roles.yaml new file mode 100644 index 00000000..6b1fc63a --- /dev/null +++ b/charts/argo-events/templates/aggregate-roles.yaml @@ -0,0 +1,83 @@ +{{- if and .Values.createAggregateRoles (not .Values.singleNamespace) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + name: {{ include "argo-events.fullname" . }}-aggregate-to-admin +rules: + - apiGroups: + - argoproj.io + resources: + - sensors + - sensors/finalizers + - sensors/status + - eventsources + - eventsources/finalizers + - eventsources/status + - eventbus + - eventbus/finalizers + - eventbus/status + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" + name: {{ include "argo-events.fullname" . }}-aggregate-to-edit +rules: + - apiGroups: + - argoproj.io + resources: + - sensors + - sensors/finalizers + - sensors/status + - eventsources + - eventsources/finalizers + - eventsources/status + - eventbus + - eventbus/finalizers + - eventbus/status + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" + name: {{ include "argo-events.fullname" . }}-aggregate-to-view +rules: + - apiGroups: + - argoproj.io + resources: + - sensors + - sensors/finalizers + - sensors/status + - eventsources + - eventsources/finalizers + - eventsources/status + - eventbus + - eventbus/finalizers + - eventbus/status + verbs: + - get + - list + - watch +{{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index b6ea4d04..074a8fdf 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -1,3 +1,9 @@ +# -- String to partially override "argo-events.fullname" template +nameOverride: "" + +# -- String to fully override "argo-events.fullname" template +fullnameOverride: "" + # -- docker registry registry: quay.io @@ -36,6 +42,10 @@ additionalServiceAccountRules: resources: - customresourcedefinitions +# -- Create clusterroles that extend existing clusterroles to interact with argo-events CRDs. +# Only applies for cluster-wide installation (`singleNamespace: true`) +createAggregateRoles: true + # -- Whether to run in namespaced scope. # Set `singleNamespace` to false to have the controllers # listen on all namespaces. Otherwise the controllers will listen From 3be6c52a64b21998ab96966eac6aafb103dba795 Mon Sep 17 00:00:00 2001 From: Jean Mainguy <9969006+jhandguy@users.noreply.github.com> Date: Mon, 21 Feb 2022 00:01:39 +0100 Subject: [PATCH 0194/1248] feat(argo-rollouts): Add ability to define dashboard service node port (#1138) * feat(argo-rollouts): Add ability to define dashboard service node port Signed-off-by: Jean Mainguy <9969006+jhandguy@users.noreply.github.com> * Apply changes from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 ++- charts/argo-rollouts/templates/dashboard/service.yaml | 3 +++ charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 3a04fca9..9acbdbd5 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.9.3 +version: 2.10.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Changed]: Use helm-docs to generate README.md" + - "[Added]: Ability to define dashboard service node port" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 162ddb25..4230a3f8 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -110,6 +110,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.service.labels | object | `{}` | Service labels | | dashboard.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | | dashboard.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | +| dashboard.service.nodePort | int | `nil` | Service nodePort | | dashboard.service.port | int | `3100` | Service port | | dashboard.service.portName | string | `"dashboard"` | Service port name | | dashboard.service.targetPort | int | `3100` | Service target port | @@ -147,4 +148,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.9.3/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.10.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml index 92c41114..58978150 100644 --- a/charts/argo-rollouts/templates/dashboard/service.yaml +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -34,6 +34,9 @@ spec: protocol: TCP port: {{ .Values.dashboard.service.port }} targetPort: {{ .Values.dashboard.service.targetPort }} + {{- if and (eq .Values.dashboard.service.type "NodePort") .Values.dashboard.service.nodePort }} + nodePort: {{ .Values.dashboard.service.nodePort }} + {{- end }} selector: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 53b94bf7..94e80379 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -181,6 +181,8 @@ dashboard: port: 3100 # -- Service target port targetPort: 3100 + # -- (int) Service nodePort + nodePort: serviceAccount: # -- Specifies whether a dashboard service account should be created create: true From 4538e57aaef1a881edde444ac3ef100c1699f79b Mon Sep 17 00:00:00 2001 From: Ken Kaizu Date: Wed, 23 Feb 2022 20:02:22 +0900 Subject: [PATCH 0195/1248] feat(argo-cd): add dex server extra args (#1146) Signed-off-by: krrrr38 --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/dex/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 83c499ea..965386e8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.33.6 +version: 3.33.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Fix typo of policy.csv comment in values" + - "[Added]: dex-server extraArgs" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d4550826..e62b00ee 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -520,6 +520,7 @@ NAME: my-release | dex.enabled | bool | `true` | Enable dex | | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | +| dex.extraArgs | list | `[]` | Additional command line arguments to pass to the Dex server | | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.extraVolumeMounts | list | `[]` | Extra volumeMounts to the dex pod | | dex.extraVolumes | list | `[]` | Extra volumes to the dex pod | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 975ece7f..1707f6fe 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -56,6 +56,9 @@ spec: command: - /shared/argocd-dex - rundex + {{- with .Values.dex.extraArgs }} + {{- . | toYaml | nindent 8 }} + {{- end }} {{- if .Values.dex.containerSecurityContext }} securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 14d17507..4f9a2c62 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -363,6 +363,9 @@ dex: # -- Dex name name: dex-server + # -- Additional command line arguments to pass to the Dex server + extraArgs: [] + metrics: # -- Deploy metrics service enabled: false From 7248992d65b6b29b4a64f08fc1f4698391ccd671 Mon Sep 17 00:00:00 2001 From: ericpdurand Date: Sat, 26 Feb 2022 21:06:59 +0100 Subject: [PATCH 0196/1248] fix(argo-cd): Adding securityContext to copyutil container in repo-server (#1149) Signed-off-by: Eric Durand --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 965386e8..e41db19a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.33.7 +version: 3.33.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: dex-server extraArgs" + - "[Fixed]: Added repo-server copyutil securityContext" diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 8217d84d..d485c613 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -203,6 +203,9 @@ spec: name: copyutil resources: {{- toYaml .Values.repoServer.copyutil.resources | nindent 10 }} + {{- if .Values.repoServer.containerSecurityContext }} + securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} + {{- end }} volumeMounts: - mountPath: /var/run/argocd name: var-files From 4464f2a5265d3f52cffc3330d323818144e7fb28 Mon Sep 17 00:00:00 2001 From: John Clark Date: Tue, 1 Mar 2022 09:52:55 +0000 Subject: [PATCH 0197/1248] feat(argo-workflows): Add volume and volumeMount parameters to controller (#1147) * feat(argo-workflows): Add controller volumes Signed-off-by: John Clark * Chart.yaml mispelling (paramaters > parameters) Signed-off-by: John Clark * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-deployment.yaml | 8 ++++++++ charts/argo-workflows/values.yaml | 4 ++++ 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3793344b..0e6f1012 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.10.1 +version: 0.11.0 appVersion: v3.2.7 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v3.2.7" + - "[Added]: Workflow Controller Volumes and VolumeMounts parameters" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index f03ef190..425db4f0 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -118,6 +118,8 @@ Fields to note: | controller.telemetryConfig.servicePort | int | `8081` | telemetry service port | | controller.telemetryConfig.servicePortName | string | `"telemetry"` | telemetry service port name | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.volumeMounts | list | `[]` | Additional volume mounts to the controller main container | +| controller.volumes | list | `[]` | Additional volumes to the controller pod | | controller.workflowDefaults | object | `{}` | Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. Only valid for 2.7+ | | controller.workflowNamespaces | list | `["default"]` | Specify all namespaces where this workflow controller instance will manage workflows. This controls where the service account and RBAC resources will be created. Only valid when singleNamespace is false. | | controller.workflowRestrictions | object | `{}` | Restricts the Workflows that the controller will process. Only valid for 2.9+ | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 1cd28df2..d2871b14 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -74,6 +74,10 @@ spec: {{- end }} resources: {{- toYaml .Values.controller.resources | nindent 12 }} + {{- with .Values.controller.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 10 }} + {{- end }} ports: - name: {{ .Values.controller.metricsConfig.portName }} containerPort: {{ .Values.controller.metricsConfig.port }} @@ -86,6 +90,10 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.volumes }} + volumes: + {{- toYaml . | nindent 6 }} + {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 2e07df47..2590d0f6 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -223,6 +223,10 @@ controller: # -- Extra arguments to be added to the controller extraArgs: [] + # -- Additional volume mounts to the controller main container + volumeMounts: [] + # -- Additional volumes to the controller pod + volumes: [] # -- The number of controller pods to run replicas: 1 From 62b5450f17c0f1710efef9163314855a1ac367d2 Mon Sep 17 00:00:00 2001 From: 0m1xa <43731080+0m1xa@users.noreply.github.com> Date: Tue, 1 Mar 2022 11:26:13 +0100 Subject: [PATCH 0198/1248] feat(argocd-image-updater): Add k8s secret generation for ArgoCD API token (#1144) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [image-updater] appVersion has been changed * Reword changelog Signed-off-by: Marco Kilchhofer * Added argocd api key secret generation option Signed-off-by: Mikhail Alekseev * changed docs Signed-off-by: Mikhail Alekseev * Fix in README Signed-off-by: Mikhail Alekseev * fix in values file Signed-off-by: Mikhail Alekseev * fix README * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Fix changelog annotation Signed-off-by: Marco Kilchhofer * Also add default labels to the newly created Secret Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer Co-authored-by: Oliver Bähler --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 18 ++++++++++++++---- charts/argocd-image-updater/README.md.gotmpl | 17 +++++++++++++---- .../argocd-image-updater/templates/secret.yaml | 11 +++++++++++ charts/argocd-image-updater/values.yaml | 2 ++ 5 files changed, 42 insertions(+), 10 deletions(-) create mode 100644 charts/argocd-image-updater/templates/secret.yaml diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 35e97708..03ff8d96 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.6.3 +version: 0.7.0 appVersion: v0.11.3 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v0.11.3" + - "[Added]: Ability to manage secret containing the ArgoCD API token" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 0f246edd..a5697096 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -16,10 +16,6 @@ helm install argocd-image-updater argo/argocd-image-updater You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). -## TODO - -- Automate setting up the ArgoCD API Authentication user/secret using a Helm Hook or something. - ## Prerequisites * Helm v3.0.0+ @@ -41,6 +37,19 @@ config: Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. +### ArgoCD API key + +If you are unable to install Argo CD Image Updater into the same Kubernetes cluster you might configure it to use API of your Argo CD installation. +Please also read [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/). + +```yaml +config: + argocd: + token: +``` + +If you specify a token value the secret will be created. + ### Registries ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): @@ -67,6 +76,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.argocd.insecure | bool | `false` | If specified, the certificate of the Argo CD API server is not verified. | | config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. | | config.argocd.serverAddress | string | `""` | Connect to the Argo CD API server at server address | +| config.argocd.token | string | `""` | If specified, the secret with ArgoCD API key will be created. | | config.disableKubeEvents | bool | `false` | Disable kubernetes events | | config.gitCommitMail | string | `""` | E-Mail address to use for Git commits | | config.gitCommitTemplate | string | `""` | Changing the Git commit message | diff --git a/charts/argocd-image-updater/README.md.gotmpl b/charts/argocd-image-updater/README.md.gotmpl index 7e39f7a6..bbd2e1b5 100644 --- a/charts/argocd-image-updater/README.md.gotmpl +++ b/charts/argocd-image-updater/README.md.gotmpl @@ -16,10 +16,6 @@ helm install argocd-image-updater argo/argocd-image-updater You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). -## TODO - -- Automate setting up the ArgoCD API Authentication user/secret using a Helm Hook or something. - ## Prerequisites * Helm v3.0.0+ @@ -41,6 +37,19 @@ config: Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. +### ArgoCD API key + +If you are unable to install Argo CD Image Updater into the same Kubernetes cluster you might configure it to use API of your Argo CD installation. +Please also read [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/). + +```yaml +config: + argocd: + token: +``` + +If you specify a token value the secret will be created. + ### Registries ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): diff --git a/charts/argocd-image-updater/templates/secret.yaml b/charts/argocd-image-updater/templates/secret.yaml new file mode 100644 index 00000000..d0e7bb24 --- /dev/null +++ b/charts/argocd-image-updater/templates/secret.yaml @@ -0,0 +1,11 @@ +{{- if .Values.config.argocd.token }} +apiVersion: v1 +kind: Secret +metadata: + name: argocd-image-updater-secret + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} +type: Opaque +data: + argocd.token: {{ .Values.config.argocd.token | b64enc }} +{{- end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 460006dc..bca186ca 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -53,6 +53,8 @@ config: insecure: false # -- If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. plaintext: false + # -- If specified, the secret with ArgoCD API key will be created. + token: "" # -- Disable kubernetes events disableKubeEvents: false From cbdcd902d75bcf95e13ab263cce76252ccd2be4d Mon Sep 17 00:00:00 2001 From: Otto Nordander Date: Tue, 1 Mar 2022 18:35:07 +0100 Subject: [PATCH 0199/1248] Always mount argocd-tls-certs-cm in server and repo-server (#1098) If the ConfigMap is not mounted Argo will not be able to use any certificates added in the CLI or the UI. Signed-off-by: Otto Nordander otto.nordander@gmail.com Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 4 ---- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ---- 3 files changed, 2 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e41db19a..1b90d81d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.33.8 +version: 3.34.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Added repo-server copyutil securityContext" + - "[Changed]: Always mount argocd-tls-certs-cm in server and repo-server" diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index d485c613..d118bd72 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -85,10 +85,8 @@ spec: - mountPath: /app/config/ssh name: ssh-known-hosts {{- end }} - {{- if .Values.configs.tlsCerts }} - mountPath: /app/config/tls name: tls-certs - {{- end }} - mountPath: /app/config/reposerver/tls name: argocd-repo-server-tls - mountPath: /tmp @@ -169,11 +167,9 @@ spec: name: argocd-ssh-known-hosts-cm name: ssh-known-hosts {{- end }} - {{- if .Values.configs.tlsCerts }} - configMap: name: argocd-tls-certs-cm name: tls-certs - {{- end }} - name: helm-working-dir emptyDir: {} - name: argocd-repo-server-tls diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index e6b3eb01..0a198dc5 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -85,10 +85,8 @@ spec: - mountPath: /app/config/ssh name: ssh-known-hosts {{- end }} - {{- if .Values.configs.tlsCerts }} - mountPath: /app/config/tls name: tls-certs - {{- end }} - mountPath: /app/config/server/tls name: argocd-repo-server-tls {{- if .Values.configs.styles }} @@ -204,11 +202,9 @@ spec: name: argocd-ssh-known-hosts-cm name: ssh-known-hosts {{- end }} - {{- if .Values.configs.tlsCerts }} - configMap: name: argocd-tls-certs-cm name: tls-certs - {{- end }} - name: argocd-repo-server-tls secret: items: From 326d87a70cae28564e30d9c6c9114376b48a1cb9 Mon Sep 17 00:00:00 2001 From: Matthias Lisin <6209465+ml-@users.noreply.github.com> Date: Tue, 1 Mar 2022 22:57:52 +0100 Subject: [PATCH 0200/1248] fix(argo-cd): Expose clusterResources in cluster secret (#1131) * fix(argo-cd): Expose clusterResources in cluster secret Signed-off-by: Matthias Lisin * Change indent Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-configs/cluster-secrets.yaml | 7 +++++-- charts/argo-cd/values.yaml | 1 + 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1b90d81d..c599ec2a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.34.0 +version: 3.35.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Always mount argocd-tls-certs-cm in server and repo-server" + - "[Added]: Expose 'clusterResources' parameter in configs.clusterCredentials" diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index 147fab51..a9f865da 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -20,8 +20,11 @@ type: Opaque stringData: name: {{ required "A valid .Values.configs.clusterCredentials[].name entry is required!" .name }} server: {{ required "A valid .Values.configs.clusterCredentials[].server entry is required!" .server }} - {{- with .namespaces }} - namespaces: {{ . }} + {{- if .namespaces }} + namespaces: {{ .namespaces }} + {{- if .clusterResources }} + clusterResources: {{ .clusterResources }} + {{- end }} {{- end }} config: | {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toPrettyJson | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4f9a2c62..f54d470a 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1670,6 +1670,7 @@ configs: # labels: {} # annotations: {} # namespaces: namespace1,namespace2 + # clusterResources: true # config: # bearerToken: "" # tlsClientConfig: From d30d85060e31b2bacc26afa01a00787950ed25b0 Mon Sep 17 00:00:00 2001 From: darklore <958690+darklore@users.noreply.github.com> Date: Thu, 3 Mar 2022 23:01:49 +0900 Subject: [PATCH 0201/1248] fix(argo-workflows): Avoid "namespace: null" when singleNamespace is true (#1154) Signed-off-by: darklore --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/controller/workflow-rb.yaml | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0e6f1012..4436d9ab 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.11.0 +version: 0.11.1 appVersion: v3.2.7 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Workflow Controller Volumes and VolumeMounts parameters" + - "[Fixed]: Avoid "namespace: null" when singleNamespace is true" diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 67f22504..41809c7c 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -5,7 +5,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-workflows.fullname" $ }}-workflow - namespace: {{ $namespace }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role From cb6ef0c31d25bfa68d76033d2d321abc8b2bfed2 Mon Sep 17 00:00:00 2001 From: darklore <958690+darklore@users.noreply.github.com> Date: Sat, 5 Mar 2022 17:51:29 +0900 Subject: [PATCH 0202/1248] fix(argo-workflows): Update argo workflows to v3.2.9 (#1156) Signed-off-by: darklore --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 4436d9ab..90a73ee3 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.11.1 -appVersion: v3.2.7 +version: 0.11.2 +appVersion: v3.2.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Avoid "namespace: null" when singleNamespace is true" + - "[Changed]: Update to app version v3.2.9" From 430bb21d24948de4bf0f021dd2adb4bf933daf63 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sat, 5 Mar 2022 10:32:47 +0100 Subject: [PATCH 0203/1248] chore: Configure issue template chooser to disallow blank issues (#1157) Signed-off-by: Marco Kilchhofer --- .github/ISSUE_TEMPLATE/config.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/config.yml diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 00000000..5a31b2c7 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,6 @@ +blank_issues_enabled: false + +contact_links: + - name: Chat on Slack + url: https://argoproj.github.io/community/join-slack + about: Maybe chatting with the community can help From f985751bb28493cddca783fee5bf1d85d05aefd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan-Otto=20Kr=C3=B6pke?= Date: Sun, 6 Mar 2022 13:07:49 +0100 Subject: [PATCH 0204/1248] fix(argo-cd): Use upstream entrypoint.sh (#1159) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jan-Otto Kröpke --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c599ec2a..4cbfff41 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.35.0 +version: 3.35.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Expose 'clusterResources' parameter in configs.clusterCredentials" + - "[Changed]: Use upstream entrypoint.sh for argocd-repo-server" diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index d118bd72..9af30af3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -40,6 +40,8 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} + command: + - entrypoint.sh args: - argocd-repo-server {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} From 0a5422f20a3853eb60614ec6c1028a85c330be49 Mon Sep 17 00:00:00 2001 From: Matthias Lisin <6209465+ml-@users.noreply.github.com> Date: Sun, 6 Mar 2022 16:53:46 +0100 Subject: [PATCH 0205/1248] fix(argo-cd): Quote clusterResources value to avoid invalid Secret manifest (#1160) Signed-off-by: Matthias Lisin --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4cbfff41..324de0b9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.35.1 +version: 3.35.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Use upstream entrypoint.sh for argocd-repo-server" + - "[Fixed]: Quote clusterResources value to avoid invalid Secret manifest" diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index a9f865da..fce3211e 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -23,7 +23,7 @@ stringData: {{- if .namespaces }} namespaces: {{ .namespaces }} {{- if .clusterResources }} - clusterResources: {{ .clusterResources }} + clusterResources: {{ .clusterResources | quote }} {{- end }} {{- end }} config: | From ec6cd35fed6551c37ad43a22e3f984c50cbe600b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?= Date: Thu, 10 Mar 2022 11:45:15 +0100 Subject: [PATCH 0206/1248] fix: create service account for repo server by default (#1161) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR enables the creation of a service account for repo server by default. Signed-off-by: Charles-Edouard Brétéché --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 324de0b9..daefad15 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.35.2 +version: 3.35.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Quote clusterResources value to avoid invalid Secret manifest" + - "[Fixed]: Create service account for repo server by default" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e62b00ee..8e075386 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -369,7 +369,7 @@ NAME: my-release | repoServer.service.portName | string | `"https-repo-server"` | Repo server service port name | | repoServer.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | repoServer.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | -| repoServer.serviceAccount.create | bool | `false` | Create repo server service account | +| repoServer.serviceAccount.create | bool | `true` | Create repo server service account | | repoServer.serviceAccount.name | string | `""` | Repo server service account name | | repoServer.tolerations | list | `[]` | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the repo server | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f54d470a..fcd2a3dc 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1588,7 +1588,7 @@ repoServer: ## If create is set to true, make sure to uncomment the name and update the rbac section below serviceAccount: # -- Create repo server service account - create: false + create: true # -- Repo server service account name name: "" # "argocd-repo-server" # -- Annotations applied to created service account From a647fbe12331c5e2c0b346c04e02d9fe63927968 Mon Sep 17 00:00:00 2001 From: Raiden Worley Date: Sat, 12 Mar 2022 12:13:42 -0500 Subject: [PATCH 0207/1248] feat(argo-workflows): Add parameter to enable or disable server and controller roles (#1166) * optional role Signed-off-by: Carl Raiden Worley * match existing setting Signed-off-by: Carl Raiden Worley * fix lint Signed-off-by: Carl Raiden Worley --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-cluster-roles.yaml | 2 ++ .../templates/controller/workflow-controller-crb.yaml | 2 ++ .../templates/server/server-cluster-roles.yaml | 2 +- charts/argo-workflows/templates/server/server-crb.yaml | 2 +- charts/argo-workflows/values.yaml | 7 +++++++ 7 files changed, 17 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 90a73ee3..45427111 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.11.2 +version: 0.12.0 appVersion: v3.2.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v3.2.9" + - "[Added]: Add parameter for enabling roles." diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 425db4f0..02e420eb 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -99,6 +99,7 @@ Fields to note: | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | | controller.podWorkers | string | `nil` | Number of pod workers | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | +| controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | | controller.replicas | int | `1` | The number of controller pods to run | | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | @@ -169,6 +170,7 @@ Fields to note: | server.podLabels | object | `{}` | Optional labels to add to the UI pods | | server.podSecurityContext | object | `{}` | SecurityContext to set on the server pods | | server.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages | +| server.rbac.create | bool | `true` | Adds Role and RoleBinding for the server. | | server.replicas | int | `1` | The number of server pods to run | | server.resources | object | `{}` | Resource limits and requests for the server | | server.secure | bool | `false` | Run the argo server in "secure" mode. Configure this value instead of `--secure` in extraArgs. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index e946f058..81d2dcbd 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -1,3 +1,4 @@ +{{- if .Values.controller.rbac.create }} apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: Role @@ -159,3 +160,4 @@ rules: - list - watch {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index acb7e514..c630bac6 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -1,3 +1,4 @@ +{{- if .Values.controller.rbac.create }} apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding @@ -38,3 +39,4 @@ subjects: name: {{ template "argo-workflows.controllerServiceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 6403bf96..9a064b93 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.enabled }} +{{- if and .Values.server.enabled .Values.server.rbac.create}} apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: Role diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index 16d55902..6ac17aef 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.server.enabled .Values.server.serviceAccount.create -}} +{{- if and .Values.server.enabled .Values.server.serviceAccount.create .Values.server.rbac.create -}} apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 2590d0f6..1a33644c 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -56,6 +56,10 @@ controller: # limit: 10 # burst: 1 + rbac: + # -- Adds Role and RoleBinding for the controller. + create: true + # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: # -- Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 @@ -293,6 +297,9 @@ server: podLabels: {} # -- SecurityContext to set on the server pods podSecurityContext: {} + rbac: + # -- Adds Role and RoleBinding for the server. + create: true # -- Servers container-level security context securityContext: readOnlyRootFilesystem: false From 8b26bed62f240c68d555508f1ab43131d76c3a68 Mon Sep 17 00:00:00 2001 From: bgeens2 Date: Sat, 12 Mar 2022 18:55:33 +0100 Subject: [PATCH 0208/1248] feat(argo-workflows): Add encryptionOptions to S3 based artifactRepository (#1122) * add encryptionOptions * fix indentation * fix typo * fix mapping * update version * document usage in comments in values.yaml * document usage in comments in values.yaml Signed-off-by: Bart Geens * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Bart Geens Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 4 ++++ charts/argo-workflows/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 45427111..052f9093 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.12.0 +version: 0.13.0 appVersion: v3.2.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add parameter for enabling roles." + - "[Added]: Add encryptionOptions for S3 based artifactRepository" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index c09a0dc9..f602d89e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -76,6 +76,10 @@ data: {{- if .Values.artifactRepository.s3.useSDKCreds }} useSDKCreds: {{ .Values.artifactRepository.s3.useSDKCreds }} {{- end }} + {{- with .Values.artifactRepository.s3.encryptionOptions }} + encryptionOptions: + {{- toYaml . | nindent 10 }} + {{- end }} {{- end }} {{- end}} {{- if .Values.controller.metricsConfig.enabled }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 1a33644c..765d5924 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -491,6 +491,8 @@ artifactRepository: # region: # roleARN: # useSDKCreds: true + # encryptionOptions: + # enableEncryption: true # -- Store artifact in a GCS object store # @default -- `{}` (See [values.yaml]) gcs: {} From dde043a055a4413ade5987c6dbfce986266218a4 Mon Sep 17 00:00:00 2001 From: Aaron Jones Date: Sat, 12 Mar 2022 18:59:04 +0000 Subject: [PATCH 0209/1248] fix(argo-cd): ArgoCD application controller - metrics application labels (#1167) * application controller metrics application labels changed from map to list. Updated templating to set the correct arguments. Signed-off-by: Aaron Jones * bring 'metrics-application-labels' outside of range block Signed-off-by: Aaron Jones * Revert "bring 'metrics-application-labels' outside of range block" This reverts commit c245db6d31bf06b681e224d3c9d75bb6b2ff16e0. Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- .../templates/argocd-application-controller/deployment.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index daefad15..be669043 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.2.5 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.35.3 +version: 3.35.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Create service account for repo server by default" + - "[Fixed]: ArgoCD application controller metric application label templating" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 8e075386..a25383d9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -263,7 +263,7 @@ NAME: my-release | controller.logFormat | string | `"text"` | Application controller log format. Either `text` or `json` | | controller.logLevel | string | `"info"` | Application controller log level | | controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | -| controller.metrics.applicationLabels.labels | object | `{}` | Additional labels | +| controller.metrics.applicationLabels.labels | list | `[]` | Additional labels | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.rules.enabled | bool | `false` | Deploy a PrometheusRule for the application controller | | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 9c88c444..cf62bb7f 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -57,9 +57,9 @@ spec: - --loglevel - {{ .Values.controller.logLevel }} {{- if .Values.controller.metrics.applicationLabels.enabled }} - - --metrics-application-labels {{- range .Values.controller.metrics.applicationLabels.labels }} - - {{- toYaml . | nindent 8 }} + - --metrics-application-labels + - {{ . }} {{- end }} {{- end }} {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fcd2a3dc..daefd898 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -251,7 +251,7 @@ controller: # -- Enables additional labels in argocd_app_labels metric enabled: false # -- Additional labels - labels: {} + labels: [] service: # -- Metrics service annotations annotations: {} From c8f0471bd0a68c2eaac3115a4aa57d3bb4966bc8 Mon Sep 17 00:00:00 2001 From: Ian Muge <13362741+ianmuge@users.noreply.github.com> Date: Mon, 14 Mar 2022 22:12:41 +0100 Subject: [PATCH 0210/1248] feat(argo-rollouts): Add notification secret and configmap (#1163) * fixing the error on the argo rollouts controller needing the notifications configmap and rollout Signed-off-by: Ian Muge * bump chart version Signed-off-by: Ian Muge * updating changelog Signed-off-by: Ian Muge * fix structure to be simialr to argocd-notification as suggested Signed-off-by: Ian Muge * Bump Minor version as we are adding a new feature Signed-off-by: Ian Muge * Updated helm docs, all tests are green, locally Signed-off-by: Ian Muge * Apply changes from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 +-- charts/argo-rollouts/README.md | 7 ++++- .../controller/notifcations-configmap.yaml | 17 ++++++++++ .../controller/notifications-secret.yaml | 14 +++++++++ charts/argo-rollouts/values.yaml | 31 +++++++++++++++++++ 5 files changed, 70 insertions(+), 3 deletions(-) create mode 100644 charts/argo-rollouts/templates/controller/notifcations-configmap.yaml create mode 100644 charts/argo-rollouts/templates/controller/notifications-secret.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 9acbdbd5..21275d94 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.1.1" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.10.0 +version: 2.11.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Ability to define dashboard service node port" + - "[Added]: Argo rollouts notification secret and configmap" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 4230a3f8..b8aa2b95 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -48,6 +48,11 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | keepCRDs | bool | `true` | Keep CRD's on helm uninstall | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | nameOverride | string | `nil` | String to partially override "argo-rollouts.fullname" template | +| notifications.notifiers | object | `{}` | Configures notification services | +| notifications.secret.create | bool | `false` | Whether to create notifications secret | +| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret | +| notifications.templates | object | `{}` | Notification templates | +| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | ### Controller @@ -148,4 +153,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.10.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.11.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml new file mode 100644 index 00000000..3008b327 --- /dev/null +++ b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: argo-rollouts-notification-configmap + labels: + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +data: + {{- with .Values.notifications.notifiers }} + {{- toYaml . | nindent 2 }} + {{- end }} + {{- with .Values.notifications.templates }} + {{- toYaml . | nindent 2 }} + {{- end }} + {{- with .Values.notifications.triggers }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/charts/argo-rollouts/templates/controller/notifications-secret.yaml b/charts/argo-rollouts/templates/controller/notifications-secret.yaml new file mode 100644 index 00000000..4e9cc64c --- /dev/null +++ b/charts/argo-rollouts/templates/controller/notifications-secret.yaml @@ -0,0 +1,14 @@ +{{ if .Values.notifications.secret.create }} +apiVersion: v1 +kind: Secret +metadata: + name: argo-rollouts-notification-secret + labels: + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +type: Opaque +stringData: + {{- with .Values.notifications.secret.items }} + {{- toYaml . | nindent 2 }} + {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 94e80379..42d32de0 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -237,3 +237,34 @@ dashboard: # - secretName: argorollouts-example-tls # hosts: # - argorollouts.example.com + +notifications: + secret: + # -- Whether to create notifications secret + create: false + # -- Generic key:value pairs to be inserted into the notifications secret + items: {} + # slack-token: + + # -- Configures notification services + notifiers: {} + # service.slack: | + # token: $slack-token + + # -- Notification templates + templates: {} + # template.my-purple-template: | + # message: | + # Rollout {{.rollout.metadata.name}} has purple image + # slack: + # attachments: | + # [{ + # "title": "{{ .rollout.metadata.name}}", + # "color": "#800080" + # }] + + # -- The trigger defines the condition when the notification should be sent + triggers: {} + # trigger.on-purple: | + # - send: [my-purple-template] + # when: rollout.spec.template.spec.containers[0].image == 'argoproj/rollouts-demo:purple' From 32a06059c352137784054d4f689df73652ea7557 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miko=C5=82aj=20Miotk?= Date: Wed, 16 Mar 2022 22:01:30 +0100 Subject: [PATCH 0211/1248] feat(argo-cd): Update to use v2.3.1 release (#1162) * feat(argo-cd): Update to use v2.3.1 release Signed-off-by: mikeeq * Move applicationSet.* and notifications.* to a dedicated location Signed-off-by: Marco Kilchhofer * Fix typo in deployment.yaml Signed-off-by: mikeeq * Fix notifications bot deployment Signed-off-by: mikeeq * Update README.md Signed-off-by: mikeeq * Update README.md and fix slack bot image Signed-off-by: mikeeq * Drop nameOverride for new components as we use the global one Signed-off-by: Marco Kilchhofer * Drop "applicationSet.args.namespace" and "applicationSet.args.argocdRepoServer" Signed-off-by: Marco Kilchhofer * Consistent use of volumes (gpg, tls, knownHosts, extra) Signed-off-by: Marco Kilchhofer * Bump major chart version and place a note in teh Upgrading section Signed-off-by: Marco Kilchhofer * Change "enableStatefulSet: true" as we are in a major release now Signed-off-by: Marco Kilchhofer * Drop PSP of applicationSet Signed-off-by: Marco Kilchhofer * Fix applicationset webhook-ingress Signed-off-by: Marco Kilchhofer * Drop unused variables in values.yaml and README Signed-off-by: Marco Kilchhofer * Also set namespace and argocd-repo-server args on notification-controller Signed-off-by: Marco Kilchhofer * Consistent use of "Argo CD" instead of "ArgoCD" Signed-off-by: Marco Kilchhofer * Trigger CI Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 9 +- charts/argo-cd/README.md | 174 +- charts/argo-cd/README.md.gotmpl | 51 +- charts/argo-cd/crds/crd-application.yaml | 55 + charts/argo-cd/crds/crd-applicationset.yaml | 6502 +++++++++++++++++ charts/argo-cd/templates/_helpers.tpl | 77 +- .../argocd-applicationset/deployment.yaml | 126 + .../metrics-service.yaml | 25 + .../templates/argocd-applicationset/role.yaml | 83 + .../argocd-applicationset/rolebinding.yaml | 14 + .../argocd-applicationset/service.yaml | 19 + .../argocd-applicationset/serviceaccount.yaml | 15 + .../argocd-applicationset/servicemonitor.yaml | 38 + .../webhook-ingress.yaml | 89 + .../bots/slack/deployment.yaml | 55 + .../argocd-notifications/bots/slack/role.yaml | 27 + .../bots/slack/rolebinding.yaml | 13 + .../bots/slack/service.yaml | 19 + .../bots/slack/serviceaccount.yaml | 15 + .../argocd-notifications/configmap.yaml | 27 + .../argocd-notifications/deployment.yaml | 106 + .../templates/argocd-notifications/role.yaml | 42 + .../argocd-notifications/rolebinding.yaml | 14 + .../argocd-notifications/secret.yaml | 19 + .../argocd-notifications/service-metrics.yaml | 22 + .../argocd-notifications/serviceaccount.yaml | 15 + .../argocd-notifications/servicemonitor.yaml | 30 + charts/argo-cd/values.yaml | 708 +- 28 files changed, 8325 insertions(+), 64 deletions(-) create mode 100644 charts/argo-cd/crds/crd-applicationset.yaml create mode 100644 charts/argo-cd/templates/argocd-applicationset/deployment.yaml create mode 100644 charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml create mode 100644 charts/argo-cd/templates/argocd-applicationset/role.yaml create mode 100644 charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml create mode 100644 charts/argo-cd/templates/argocd-applicationset/service.yaml create mode 100644 charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml create mode 100644 charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml create mode 100644 charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/configmap.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/deployment.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/role.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/rolebinding.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/secret.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/service-metrics.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index be669043..f9f10bbd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.2.5 -description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. +appVersion: v2.3.1 +description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 3.35.4 +version: 4.0.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: ArgoCD application controller metric application label templating" + - "[Changed]: Update to Argo CD v2.3.1" + - "[Changed]: Sync CRDs of Argo CD v2.3.1" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a25383d9..c8c6b6c0 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1,6 +1,6 @@ # Argo CD Chart -A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. +A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. Source code can be found [here](https://argoproj.github.io/argo-cd/) @@ -8,15 +8,15 @@ Source code can be found [here](https://argoproj.github.io/argo-cd/) This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes. -The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases). +The default installation is intended to be similar to the provided Argo CD [releases](https://github.com/argoproj/argo-cd/releases). If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative set up](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) of Argo CD. For instance, rather than adding repositories and their keys in your Helm values, you could deploy [SealedSecrets](https://github.com/bitnami-labs/sealed-secrets) with contents as seen in this [repositories section](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories) or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.). ## High Availability -This chart installs the non-HA version of ArgoCD by default. If you want to run ArgoCD in HA mode, you can use one of the example values in the next sections. -Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of ArgoCD works in detail. +This chart installs the non-HA version of Argo CD by default. If you want to run Argo CD in HA mode, you can use one of the example values in the next sections. +Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of Argo CD works in detail. > **Warning:** > You need at least 3 worker nodes as the HA mode of redis enforces Pods to run on separate nodes. @@ -62,9 +62,9 @@ repoServer: ### Synchronizing Changes from Original Repository -In the original [ArgoCD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). +In the original [Argo CD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). -When installing ArgoCD using this helm chart the user should have a similar experience and configuration rolled out. Hence, it makes sense to try to achieve a similar output of rendered `.yaml` resources when calling `helm template` using the default settings in `values.yaml`. +When installing Argo CD using this helm chart the user should have a similar experience and configuration rolled out. Hence, it makes sense to try to achieve a similar output of rendered `.yaml` resources when calling `helm template` using the default settings in `values.yaml`. To update the templates and default settings in `values.yaml` it may come in handy to look up the diff of the `manifests/install.yaml` between two versions accordingly. This can either be done directly via github and look for `manifests/install.yaml`: @@ -82,13 +82,18 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 4.0.0 and above + +This helm chart version deploys Argo CD v2.3. The Argo CD Notifications and ApplicationSet are part of Argo CD now. You no longer need to install them separately. The Notifications and ApplicationSet components **are bundled into default** Argo CD installation. +Please read the [v2.2 to 2.3 upgrade instructions] in the upstream repository. + ### 3.13.0 -This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of Argo CD, it can be passed via the `server.extraArgs` field ### 3.10.2 -ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default +Argo CD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default It can be re-enabled by setting `server.staticAssets.enabled` to true ### 3.8.1 @@ -122,7 +127,7 @@ Please check if you are affected by one of these cases **before you upgrade**, e ### 3.2.* With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). -[Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an ArgoCD instance**, +[Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an Argo CD instance**, especially deploying on clusters running a cluster version prior to `1.19` (which misses `Ingress` on apiVersion `networking.k8s.io/v1`). If you are running a cluster version prior to `1.19` you can avoid this issue by directly installing chart version `3.6.0` and setting `kubeVersionOverride` like: @@ -139,7 +144,7 @@ Helm apiVersion switched to `v2`. Requires Helm `3.0.0` or above to install. [Re ### 2.14.7 and above -The `matchLabels` key in the ArgoCD Application Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. +The `matchLabels` key in the Argo CD Application Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. ### 2.10.x to 2.11.0 @@ -216,9 +221,9 @@ NAME: my-release | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | global.additionalLabels | object | `{}` | Additional labels to add to all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | -| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all ArgoCD deployments | -| global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all ArgoCD deployments | -| global.image.tag | string | `""` | Overrides the global ArgoCD image tag whose default is the chart appVersion | +| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | +| global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | +| global.image.tag | string | `""` | Overrides the global Argo CD image tag whose default is the chart appVersion | | global.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository | | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | @@ -228,10 +233,10 @@ NAME: my-release | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | nameOverride | string | `"argocd"` | Provide a name in place of `argocd` | | openshift.enabled | bool | `false` | enables using arbitrary uid for argo repo server | -| server.additionalApplications | list | `[]` (See [values.yaml]) | Deploy ArgoCD Applications within this helm release | -| server.additionalProjects | list | `[]` (See [values.yaml]) | Deploy ArgoCD Projects within this helm release | +| server.additionalApplications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | +| server.additionalProjects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | -## ArgoCD Controller +## Argo CD Controller | Key | Type | Default | Description | |-----|------|---------|-------------| @@ -246,7 +251,7 @@ NAME: my-release | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPort | int | `8082` | Application controller listening port | | controller.containerSecurityContext | object | `{}` | Application controller container-level security context | -| controller.enableStatefulSet | bool | `false` | Deploy the application controller as a StatefulSet instead of a Deployment, this is required for HA capability. This is a feature flag that will become the default in chart version 3.x | +| controller.enableStatefulSet | bool | `true` | Deploy the application controller as a StatefulSet instead of a Deployment, this is required for HA capability. | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | @@ -400,8 +405,8 @@ NAME: my-release | server.certificate.secretName | string | `"argocd-server-tls"` | Certificate manager secret name | | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.config | object | See [values.yaml] | [General Argo CD configuration] | -| server.configAnnotations | object | `{}` | Annotations to be added to ArgoCD ConfigMap | -| server.configEnabled | bool | `true` | Manage ArgoCD configmap (Declarative Setup) | +| server.configAnnotations | object | `{}` | Annotations to be added to Argo CD ConfigMap | +| server.configEnabled | bool | `true` | Manage Argo CD configmap (Declarative Setup) | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | `{}` | Servers container-level security context | | server.env | list | `[]` | Environment variables to pass to Argo CD server | @@ -468,9 +473,9 @@ NAME: my-release | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | | server.priorityClassName | string | `""` | Priority class for the Argo CD server | -| server.rbacConfig | object | `{}` | ArgoCD rbac config ([ArgoCD RBAC policy]) | -| server.rbacConfigAnnotations | object | `{}` | Annotations to be added to ArgoCD rbac ConfigMap | -| server.rbacConfigCreate | bool | `true` | Whether or not to create the configmap. If false, it is expected the configmap will be created by something else. ArgoCD will not work if there is no configMap created with the name above. | +| server.rbacConfig | object | `{}` | Argo CD rbac config ([Argo CD RBAC policy]) | +| server.rbacConfigAnnotations | object | `{}` | Annotations to be added to Argo CD rbac ConfigMap | +| server.rbacConfigCreate | bool | `true` | Whether or not to create the configmap. If false, it is expected the configmap will be created by something else. Argo CD will not work if there is no configMap created with the name above. | | server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | @@ -642,6 +647,128 @@ NAME: my-release | redis-ha.redis.config.save | string | `"\"\""` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | +## ApplicationSet + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | +| applicationSet.args.debug | bool | `false` | Print debug logs | +| applicationSet.args.dryRun | bool | `false` | Enable dry run mode | +| applicationSet.args.enableLeaderElection | bool | `false` | The default leader election setting | +| applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | +| applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | +| applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | +| applicationSet.extraArgs | list | `[]` | List of extra cli args to add | +| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | +| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the controller | +| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | +| applicationSet.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | +| applicationSet.extraVolumes | list | `[]` | List of extra volumes to add | +| applicationSet.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the application set controller | +| applicationSet.image.repository | string | `"quay.io/argoproj/argocd-applicationset"` | Repository to use for the application set controller | +| applicationSet.image.tag | string | `"v0.4.1"` | Tag to use for the application set controller | +| applicationSet.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | +| applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | +| applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | +| applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | +| applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| applicationSet.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| applicationSet.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| applicationSet.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| applicationSet.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| applicationSet.name | string | `"applicationset-controller"` | Application Set controller name string | +| applicationSet.nodeSelector | object | `{}` | [Node selector] | +| applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods | +| applicationSet.podLabels | object | `{}` | Labels for the controller pods | +| applicationSet.podSecurityContext | object | `{}` | Pod Security Context | +| applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | +| applicationSet.replicaCount | int | `1` | The number of controller pods to run | +| applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. | +| applicationSet.securityContext | object | `{}` | Security Context | +| applicationSet.service.annotations | object | `{}` | Application set service annotations | +| applicationSet.service.labels | object | `{}` | Application set service labels | +| applicationSet.service.port | int | `7000` | Application set service port | +| applicationSet.service.portName | string | `"webhook"` | Application set service port name | +| applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| applicationSet.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | +| applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | +| applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | +| applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | +| applicationSet.webhook.ingress.hosts | list | `[]` | List of ingress hosts | +| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | +| applicationSet.webhook.ingress.labels | object | `{}` | Additional ingress labels | +| applicationSet.webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | +| applicationSet.webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths | +| applicationSet.webhook.ingress.tls | list | `[]` | Ingress TLS configuration | + +## Notifications + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| notifications.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | +| notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.bots.slack.containerSecurityContext | object | `{}` | Container Security Context | +| notifications.bots.slack.enabled | bool | `false` | Enable slack bot | +| notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | +| notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | +| notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | +| notifications.bots.slack.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | +| notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | +| notifications.bots.slack.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | +| notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | +| notifications.bots.slack.service.port | int | `80` | Service port for Slack bot | +| notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | +| notifications.bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | +| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | +| notifications.bots.slack.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | +| notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | +| notifications.cm.name | string | `""` | The name of the config map to use. | +| notifications.containerSecurityContext | object | `{}` | Container Security Context | +| notifications.context | object | `{}` | Define user-defined context | +| notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | +| notifications.extraEnv | list | `[]` | Additional container environment variables | +| notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | +| notifications.extraVolumes | list | `[]` | List of extra volumes to add | +| notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller | +| notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | +| notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | +| notifications.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| notifications.logLevel | string | `"info"` | Set the logging level. (One of: `debug`, `info`, `warn`, `error`) | +| notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | +| notifications.metrics.port | int | `9001` | Metrics port | +| notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | +| notifications.metrics.service.labels | object | `{}` | Metrics service labels | +| notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| notifications.name | string | `"notifications-controller"` | Notifications controller name string | +| notifications.nodeSelector | object | `{}` | [Node selector] | +| notifications.notifiers | object | See [values.yaml] | Configures notification services | +| notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods | +| notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods | +| notifications.resources | object | `{}` | Resource limits and requests for the controller | +| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | +| notifications.secret.create | bool | `true` | Whether helm chart creates controller secret | +| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | +| notifications.secret.name | string | `""` | The name of the secret to use. | +| notifications.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | +| notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | +| notifications.subscriptions | object | `{}` | Contains centrally managed global application subscriptions | +| notifications.templates | object | `{}` | The notification template is used to generate the notification content | +| notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | +| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | +| notifications.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | + ### Using AWS ALB Ingress Controller With GRPC If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. @@ -668,7 +795,7 @@ server: ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -[ArgoCD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ +[Argo CD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ @@ -684,3 +811,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml +[v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 9cd57fe5..0c7eee9f 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -1,6 +1,6 @@ # Argo CD Chart -A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. +A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. Source code can be found [here](https://argoproj.github.io/argo-cd/) @@ -8,15 +8,15 @@ Source code can be found [here](https://argoproj.github.io/argo-cd/) This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes. -The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases). +The default installation is intended to be similar to the provided Argo CD [releases](https://github.com/argoproj/argo-cd/releases). If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative set up](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) of Argo CD. For instance, rather than adding repositories and their keys in your Helm values, you could deploy [SealedSecrets](https://github.com/bitnami-labs/sealed-secrets) with contents as seen in this [repositories section](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories) or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.). ## High Availability -This chart installs the non-HA version of ArgoCD by default. If you want to run ArgoCD in HA mode, you can use one of the example values in the next sections. -Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of ArgoCD works in detail. +This chart installs the non-HA version of Argo CD by default. If you want to run Argo CD in HA mode, you can use one of the example values in the next sections. +Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of Argo CD works in detail. > **Warning:** > You need at least 3 worker nodes as the HA mode of redis enforces Pods to run on separate nodes. @@ -62,9 +62,9 @@ repoServer: ### Synchronizing Changes from Original Repository -In the original [ArgoCD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). +In the original [Argo CD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). -When installing ArgoCD using this helm chart the user should have a similar experience and configuration rolled out. Hence, it makes sense to try to achieve a similar output of rendered `.yaml` resources when calling `helm template` using the default settings in `values.yaml`. +When installing Argo CD using this helm chart the user should have a similar experience and configuration rolled out. Hence, it makes sense to try to achieve a similar output of rendered `.yaml` resources when calling `helm template` using the default settings in `values.yaml`. To update the templates and default settings in `values.yaml` it may come in handy to look up the diff of the `manifests/install.yaml` between two versions accordingly. This can either be done directly via github and look for `manifests/install.yaml`: @@ -82,13 +82,18 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 4.0.0 and above + +This helm chart version deploys Argo CD v2.3. The Argo CD Notifications and ApplicationSet are part of Argo CD now. You no longer need to install them separately. The Notifications and ApplicationSet components **are bundled into default** Argo CD installation. +Please read the [v2.2 to 2.3 upgrade instructions] in the upstream repository. + ### 3.13.0 -This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of Argo CD, it can be passed via the `server.extraArgs` field ### 3.10.2 -ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default +Argo CD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default It can be re-enabled by setting `server.staticAssets.enabled` to true ### 3.8.1 @@ -122,7 +127,7 @@ Please check if you are affected by one of these cases **before you upgrade**, e ### 3.2.* With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). -[Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an ArgoCD instance**, +[Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an Argo CD instance**, especially deploying on clusters running a cluster version prior to `1.19` (which misses `Ingress` on apiVersion `networking.k8s.io/v1`). If you are running a cluster version prior to `1.19` you can avoid this issue by directly installing chart version `3.6.0` and setting `kubeVersionOverride` like: @@ -140,7 +145,7 @@ Helm apiVersion switched to `v2`. Requires Helm `3.0.0` or above to install. [Re ### 2.14.7 and above -The `matchLabels` key in the ArgoCD Application Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. +The `matchLabels` key in the Argo CD Application Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. ### 2.10.x to 2.11.0 @@ -189,7 +194,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if not (or (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) ) }} + {{- if not (or (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) ) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- if hasPrefix "server.additional" .Key }} @@ -197,7 +202,7 @@ NAME: my-release {{- end }} {{- end }} -## ArgoCD Controller +## Argo CD Controller | Key | Type | Default | Description | |-----|------|---------|-------------| @@ -252,6 +257,25 @@ NAME: my-release {{- end }} {{- end }} +## ApplicationSet + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "applicationSet" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Notifications + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "notifications" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} ### Using AWS ALB Ingress Controller With GRPC @@ -280,7 +304,7 @@ server: ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -[ArgoCD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ +[Argo CD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ @@ -296,3 +320,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml +[v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md diff --git a/charts/argo-cd/crds/crd-application.yaml b/charts/argo-cd/crds/crd-application.yaml index cb3d1ba0..e455a628 100644 --- a/charts/argo-cd/crds/crd-application.yaml +++ b/charts/argo-cd/crds/crd-application.yaml @@ -233,6 +233,11 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by + not appending them to helm template --values + type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest @@ -261,6 +266,10 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -598,6 +607,11 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation @@ -625,6 +639,10 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -966,6 +984,11 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -995,6 +1018,10 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1349,6 +1376,12 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles do + not exist locally by not appending them to helm + template --values + type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command @@ -1381,6 +1414,10 @@ spec: to use. If omitted it will use the application name type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1714,6 +1751,11 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -1744,6 +1786,10 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -2065,6 +2111,11 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -2095,6 +2146,10 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template diff --git a/charts/argo-cd/crds/crd-applicationset.yaml b/charts/argo-cd/crds/crd-applicationset.yaml new file mode 100644 index 00000000..08d5e94e --- /dev/null +++ b/charts/argo-cd/crds/crd-applicationset.yaml @@ -0,0 +1,6502 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: applicationsets.argoproj.io + app.kubernetes.io/part-of: argocd + annotations: + controller-gen.kubebuilder.io/version: v0.3.0 + name: applicationsets.argoproj.io +spec: + group: argoproj.io + names: + kind: ApplicationSet + listKind: ApplicationSetList + plural: applicationsets + shortNames: + - appset + - appsets + singular: applicationset + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + matrix: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + pullRequest: + properties: + github: + properties: + api: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + properties: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + pullRequest: + properties: + github: + properties: + api: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + pullRequest: + properties: + github: + properties: + api: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + github: + properties: + allBranches: + type: boolean + api: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + type: object + type: object + type: array + syncPolicy: + properties: + preserveResourcesOnDeletion: + type: boolean + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + ksonnet: + properties: + environment: + type: string + parameters: + items: + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - generators + - template + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - message + - reason + - status + - type + type: object + type: array + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 523f6a92..197a78d7 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -67,6 +67,20 @@ Create argocd repo-server name and version as used by the chart label. {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Create argocd application set name and version as used by the chart label. +*/}} +{{- define "argo-cd.applicationSet.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create argocd notifications name and version as used by the chart label. +*/}} +{{- define "argo-cd.notifications.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the controller service account to use */}} @@ -101,7 +115,7 @@ Create the name of the redis service account to use {{- end -}} {{/* -Create the name of the ArgoCD server service account to use +Create the name of the Argo CD server service account to use */}} {{- define "argo-cd.serverServiceAccountName" -}} {{- if .Values.server.serviceAccount.create -}} @@ -122,6 +136,39 @@ Create the name of the repo-server service account to use {{- end -}} {{- end -}} +{{/* +Create the name of the application set service account to use +*/}} +{{- define "argo-cd.applicationSetServiceAccountName" -}} +{{- if .Values.applicationSet.serviceAccount.create -}} + {{ default (include "argo-cd.applicationSet.fullname" .) .Values.applicationSet.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.applicationSet.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the notifications service account to use +*/}} +{{- define "argo-cd.notificationsServiceAccountName" -}} +{{- if .Values.notifications.serviceAccount.create -}} + {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.notifications.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the notifications bots slack service account to use +*/}} +{{- define "argo-cd.notificationsBotsSlackServiceAccountName" -}} +{{- if .Values.notifications.bots.slack.serviceAccount.create -}} + {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.bots.slack.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.notifications.bots.slack.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create chart name and version as used by the chart label. */}} @@ -177,7 +224,7 @@ Return the target Kubernetes version {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} {{- end -}} -{{/* +{{/* Argo Configuration Preset Values (Incluenced by Values configuration) */}} {{- define "argo-cd.config.presets" -}} @@ -186,7 +233,7 @@ ui.cssurl: "./custom/custom.styles.css" {{- end }} {{- end -}} -{{/* +{{/* Merge Argo Configuration with Preset Configuration */}} {{- define "argo-cd.config" -}} @@ -196,8 +243,30 @@ Merge Argo Configuration with Preset Configuration {{- end -}} {{/* -Return the default ArgoCD app version +Return the default Argo CD app version */}} {{- define "argo-cd.defaultTag" -}} {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} + +{{/* +Create the name of the notifications controller secret to use +*/}} +{{- define "argo-cd.notifications.secretName" -}} +{{- if .Values.notifications.secret.create -}} + {{ default (printf "%s-secret" (include "argo-cd.notifications.fullname" .)) .Values.notifications.secret.name }} +{{- else -}} + {{ default "argocd-notifications-secret" .Values.notifications.secret.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the configmap to use +*/}} +{{- define "argo-cd.notifications.configMapName" -}} +{{- if .Values.notifications.cm.create -}} + {{ default (printf "%s-cm" (include "argo-cd.notifications.fullname" .)) .Values.notifications.cm.name }} +{{- else -}} + {{ default "argocd-notifications-cm" .Values.notifications.cm.name }} +{{- end -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml new file mode 100644 index 00000000..83ad1834 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -0,0 +1,126 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }} +spec: + replicas: {{ .Values.applicationSet.replicaCount }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} + template: + metadata: + {{- with .Values.applicationSet.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.applicationSet.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} + securityContext: + {{- toYaml .Values.applicationSet.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Values.applicationSet.name }} + securityContext: + {{- toYaml .Values.applicationSet.securityContext | nindent 12 }} + command: + - applicationset-controller + - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} + - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} + {{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }} + - --enable-leader-election=true + {{- end }} + - --namespace={{ .Release.Namespace }} + - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --policy={{ .Values.applicationSet.args.policy }} + - --debug={{ .Values.applicationSet.args.debug }} + - --dry-run={{ .Values.applicationSet.args.dryRun }} + {{- with .Values.applicationSet.extraArgs }} + {{- toYaml . | nindent 12 }} + {{- end }} + image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} + ports: + - name: http + containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }} + protocol: TCP + - name: metrics + containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }} + protocol: TCP + - name: webhook + containerPort: 7000 + protocol: TCP + {{- with .Values.applicationSet.extraEnv }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.applicationSet.extraEnvFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.applicationSet.resources | nindent 12 }} + volumeMounts: + - mountPath: /tmp + name: tmp-dir + {{- if .Values.configs.knownHosts }} + - mountPath: /app/config/ssh + name: ssh-known-hosts + {{- end }} + - mountPath: /app/config/tls + name: tls-certs + - mountPath: /app/config/gpg/source + name: gpg-keys + - mountPath: /app/config/gpg/keys + name: gpg-keyring + {{- with .Values.applicationSet.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.applicationSet.extraContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - emptyDir: {} + name: tmp-dir + {{- if .Values.configs.knownHosts }} + - configMap: + name: argocd-ssh-known-hosts-cm + name: ssh-known-hosts + {{- end }} + - configMap: + name: argocd-tls-certs-cm + name: tls-certs + - configMap: + name: argocd-gpg-keys-cm + name: gpg-keys + - emptyDir: {} + name: gpg-keyring + {{- with .Values.applicationSet.extraVolumes }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.applicationSet.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml new file mode 100644 index 00000000..ba9a630a --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml @@ -0,0 +1,25 @@ +{{- if .Values.applicationSet.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + {{- if .Values.applicationSet.metrics.service.annotations }} + annotations: + {{- range $key, $value := .Values.applicationSet.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }} +{{- if .Values.applicationSet.metrics.service.labels }} +{{- toYaml .Values.applicationSet.metrics.service.labels | nindent 4 }} +{{- end }} + name: {{ template "argo-cd.applicationSet.fullname" . }}-metrics +spec: + ports: + - name: metrics + protocol: TCP + port: {{ .Values.applicationSet.metrics.service.servicePort }} + targetPort: metrics + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml new file mode 100644 index 00000000..7e2a2c89 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -0,0 +1,83 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +rules: + - apiGroups: + - argoproj.io + resources: + - applications + - appprojects + - applicationsets + - applicationsets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - applicationsets/status + verbs: + - get + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + - extensions + resources: + - deployments + verbs: + - get + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch diff --git a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml new file mode 100644 index 00000000..7bc5e055 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "argo-cd.applicationSet.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "argo-cd.applicationSetServiceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml new file mode 100644 index 00000000..fc116fb1 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.applicationSet.service.annotations }} + annotations: + {{- range $key, $value := .Values.applicationSet.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ template "argo-cd.applicationSet.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +spec: + ports: + - name: {{ .Values.applicationSet.service.portName }} + port: {{ .Values.applicationSet.service.port }} + targetPort: {{ .Values.applicationSet.containerPort }} + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml new file mode 100644 index 00000000..9a690efe --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if .Values.applicationSet.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "argo-cd.applicationSetServiceAccountName" . }} +{{- if .Values.applicationSet.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.applicationSet.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml new file mode 100644 index 00000000..2e89c759 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -0,0 +1,38 @@ +{{- if and .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + {{- with .Values.applicationSet.metrics.serviceMonitor.namespace }} + namespace: {{ . }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- with .Values.applicationSet.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + {{- with .Values.applicationSet.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + path: /metrics + {{- with .Values.applicationSet.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml new file mode 100644 index 00000000..3413a8f3 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml @@ -0,0 +1,89 @@ +{{- if .Values.applicationSet.webhook.ingress.enabled -}} +{{- $serviceName := include "argo-cd.applicationSet.fullname" . -}} +{{- $servicePort := .Values.applicationSet.service.portName -}} +{{- $paths := .Values.applicationSet.webhook.ingress.paths -}} +{{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}} +{{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}} +apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} +kind: Ingress +metadata: +{{- if .Values.applicationSet.webhook.ingress.annotations }} + annotations: + {{- range $key, $value := .Values.applicationSet.webhook.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ template "argo-cd.applicationSet.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- if .Values.applicationSet.webhook.ingress.labels }} + {{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }} + {{- end }} +spec: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- with .Values.applicationSet.webhook.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + {{- end }} + rules: + {{- if .Values.applicationSet.webhook.ingress.hosts }} + {{- range $host := .Values.applicationSet.webhook.ingress.hosts }} + - host: {{ $host }} + http: + paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} + - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: {{ $pathType }} + {{- end }} + backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- else }} + - http: + paths: + {{- if $extraPaths }} + {{- toYaml $extraPaths | nindent 10 }} + {{- end }} + {{- range $p := $paths }} + - path: {{ $p }} + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: {{ $pathType }} + {{- end }} + backend: + {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $serviceName }} + port: + {{- if kindIs "float64" $servicePort }} + number: {{ $servicePort }} + {{- else }} + name: {{ $servicePort }} + {{- end }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- if .Values.applicationSet.webhook.ingress.tls }} + tls: + {{- toYaml .Values.applicationSet.webhook.ingress.tls | nindent 4 }} + {{- end -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml new file mode 100644 index 00000000..d223a539 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -0,0 +1,55 @@ +{{ if .Values.notifications.bots.slack.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-cd.notifications.fullname" . }}-bot + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} +spec: + strategy: + {{- .Values.notifications.bots.slack.updateStrategy | toYaml | nindent 4 }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} + template: + metadata: + labels: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 8 }} + spec: + {{- with .Values.notifications.bots.slack.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} + {{- with .Values.notifications.bots.slack.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ template "argo-cd.notifications.fullname" . }}-bot + image: {{ default .Values.global.image.repository .Values.notifications.bots.slack.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.bots.slack.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.bots.slack.image.pullPolicy }} + resources: + {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} + command: + - argocd-notifications + - bot + workingDir: /app + ports: + - containerPort: 8080 + name: http + {{- with .Values.notifications.bots.slack.containerSecurityContext }} + securityContext: {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.notifications.bots.slack.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.bots.slack.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.bots.slack.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml new file mode 100644 index 00000000..edc77213 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml @@ -0,0 +1,27 @@ +{{ if .Values.notifications.bots.slack.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "argo-cd.notifications.fullname" . }}-bot +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - get + - list + - watch + - update + - patch +{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml new file mode 100644 index 00000000..340a8850 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml @@ -0,0 +1,13 @@ +{{ if .Values.notifications.bots.slack.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-cd.notifications.fullname" . }}-bot +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "argo-cd.notifications.fullname" . }}-bot +subjects: +- kind: ServiceAccount + name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} +{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml new file mode 100644 index 00000000..631576f5 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml @@ -0,0 +1,19 @@ +{{ if .Values.notifications.bots.slack.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "argo-cd.notifications.fullname" . }}-bot + {{- if .Values.notifications.bots.slack.service.annotations }} + annotations: + {{- toYaml .Values.notifications.bots.slack.service.annotations | nindent 4 }} + {{- end }} +spec: + ports: + - name: http + port: {{ .Values.notifications.bots.slack.service.port }} + protocol: TCP + targetPort: http + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} + type: {{ .Values.notifications.bots.slack.service.type }} +{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml new file mode 100644 index 00000000..c2d54310 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if .Values.notifications.bots.slack.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.notifications.bots.slack.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} +{{- if .Values.notifications.bots.slack.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.notifications.bots.slack.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/configmap.yaml b/charts/argo-cd/templates/argocd-notifications/configmap.yaml new file mode 100644 index 00000000..5806e54b --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/configmap.yaml @@ -0,0 +1,27 @@ +{{ if .Values.notifications.cm.create }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "argo-cd.notifications.configMapName" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +data: + context: | + argocdUrl: {{ .Values.notifications.argocdUrl | quote }} + {{- with .Values.notifications.context }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.notifications.notifiers }} + {{- toYaml . | nindent 2 }} + {{- end }} + {{- with .Values.notifications.subscriptions }} + subscriptions: | + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.notifications.templates }} + {{- toYaml . | nindent 2 }} + {{- end }} + {{- with .Values.notifications.triggers }} + {{- toYaml . | nindent 2 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml new file mode 100644 index 00000000..23354f89 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -0,0 +1,106 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | quote }} +spec: + strategy: + {{- .Values.notifications.updateStrategy | toYaml | nindent 4 }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} + template: + metadata: + {{- if .Values.notifications.podAnnotations }} + annotations: + {{- range $key, $value := .Values.notifications.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 8 }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | quote }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.notifications.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.notifications.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} + {{- if .Values.notifications.securityContext }} + securityContext: {{- toYaml .Values.notifications.securityContext | nindent 8 }} + {{- end }} + containers: + - name: {{ .Values.notifications.name }} + image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }} + resources: + {{- toYaml .Values.notifications.resources | nindent 12 }} + command: + - argocd-notifications + - --loglevel={{ .Values.notifications.logLevel }} + {{- if .Values.notifications.metrics.enabled }} + - --metrics-port={{ .Values.notifications.metrics.port }} + {{- end }} + - --namespace={{ .Release.Namespace }} + - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --secret-name={{ include "argo-cd.notifications.secretName" . }} + - --config-map-name={{ include "argo-cd.notifications.configMapName" . }} + {{- range .Values.notifications.extraArgs }} + - {{ . | squote }} + {{- end }} + workingDir: /app + ports: + {{- if .Values.notifications.metrics.enabled }} + - containerPort: {{ .Values.notifications.metrics.port }} + name: metrics + protocol: TCP + {{- end }} + {{- if .Values.notifications.containerSecurityContext }} + securityContext: {{- toYaml .Values.notifications.containerSecurityContext | nindent 12 }} + {{- end }} + {{- with .Values.notifications.extraEnv }} + env: {{ toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: tls-certs + mountPath: /app/config/tls + - name: argocd-repo-server-tls + mountPath: /app/config/reposerver/tls + {{- with .Values.notifications.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - configMap: + name: argocd-tls-certs-cm + name: tls-certs + - name: argocd-repo-server-tls + secret: + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + optional: true + secretName: argocd-repo-server-tls + {{- with .Values.notifications.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/role.yaml b/charts/argo-cd/templates/argocd-notifications/role.yaml new file mode 100644 index 00000000..7e487309 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/role.yaml @@ -0,0 +1,42 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +rules: +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - list + - watch +- apiGroups: + - "" + resourceNames: + - {{ template "argo-cd.notifications.fullname" . }}-cm + resources: + - configmaps + verbs: + - get +- apiGroups: + - "" + resourceNames: + - {{ template "argo-cd.notifications.fullname" . }}-secret + resources: + - secrets + verbs: + - get diff --git a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml new file mode 100644 index 00000000..a7e81f6e --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "argo-cd.notifications.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "argo-cd.notificationsServiceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-notifications/secret.yaml b/charts/argo-cd/templates/argocd-notifications/secret.yaml new file mode 100644 index 00000000..c0b33e74 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/secret.yaml @@ -0,0 +1,19 @@ +{{ if .Values.notifications.secret.create }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "argo-cd.notifications.secretName" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- if .Values.notifications.secret.annotations }} + annotations: + {{- range $key, $value := .Values.notifications.secret.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +type: Opaque +stringData: + {{- with .Values.notifications.secret.items }} + {{ toYaml . | nindent 2 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml new file mode 100644 index 00000000..9804afe1 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml @@ -0,0 +1,22 @@ +{{- if .Values.notifications.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "argo-cd.notifications.fullname" . }}-metrics + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- with .Values.notifications.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.notifications.metrics.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 6 }} + ports: + - name: metrics + port: {{ .Values.notifications.metrics.port }} + targetPort: {{ .Values.notifications.metrics.port }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml new file mode 100644 index 00000000..6b573fd2 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if .Values.notifications.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "argo-cd.notificationsServiceAccountName" . }} +{{- if .Values.notifications.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.notifications.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml new file mode 100644 index 00000000..069b4f67 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -0,0 +1,30 @@ +{{- if and .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.notifications.fullname" . }}-metrics + {{- if .Values.notifications.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.notifications.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- if .Values.notifications.metrics.serviceMonitor.additionalLabels }} + {{- toYaml .Values.notifications.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + path: /metrics + {{- if .Values.notifications.metrics.serviceMonitor.interval }} + interval: {{ .Values.notifications.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.notifications.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.notifications.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index daefd898..8eb949bf 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1,4 +1,4 @@ -## ArgoCD configuration +## Argo CD configuration ## Ref: https://github.com/argoproj/argo-cd ## @@ -11,11 +11,11 @@ kubeVersionOverride: "" global: image: - # -- If defined, a repository applied to all ArgoCD deployments + # -- If defined, a repository applied to all Argo CD deployments repository: quay.io/argoproj/argocd - # -- Overrides the global ArgoCD image tag whose default is the chart appVersion + # -- Overrides the global Argo CD image tag whose default is the chart appVersion tag: "" - # -- If defined, a imagePullPolicy applied to all ArgoCD deployments + # -- If defined, a imagePullPolicy applied to all Argo CD deployments imagePullPolicy: IfNotPresent # -- Annotations for the all deployed pods podAnnotations: {} @@ -107,8 +107,7 @@ controller: replicas: 1 # -- Deploy the application controller as a StatefulSet instead of a Deployment, this is required for HA capability. - # This is a feature flag that will become the default in chart version 3.x - enableStatefulSet: false + enableStatefulSet: true ## Application controller commandline flags args: @@ -288,9 +287,9 @@ controller: # labels: # severity: critical # annotations: - # summary: "[ArgoCD] No reported applications" + # summary: "[Argo CD] No reported applications" # description: > - # ArgoCD has not reported any applications data for the past 15 minutes which + # Argo CD has not reported any applications data for the past 15 minutes which # means that it must be down or not functioning properly. This needs to be # resolved for this cloud to continue to maintain state. # - alert: ArgoAppNotSynced @@ -310,7 +309,7 @@ controller: # namespace: monitoring # additionalLabels: {} - ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. + ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. clusterAdminAccess: # -- Enable RBAC for local cluster deployments enabled: true @@ -329,7 +328,7 @@ controller: # -- Init containers to add to the application controller pod ## If your target Kubernetes cluster(s) require a custom auth provider executable ## you could use this (and the same in the server pod) to bootstrap - ## that executable into your ArgoCD container + ## that executable into your Argo CD container initContainers: [] # - name: download-tools # image: alpine:3.8 @@ -1134,7 +1133,7 @@ server: # -- Termination policy of Openshift Route termination_policy: None - # -- Manage ArgoCD configmap (Declarative Setup) + # -- Manage Argo CD configmap (Declarative Setup) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml configEnabled: true # -- [General Argo CD configuration] @@ -1171,10 +1170,10 @@ server: # - profile # - email - # -- Annotations to be added to ArgoCD ConfigMap + # -- Annotations to be added to Argo CD ConfigMap configAnnotations: {} - # -- ArgoCD rbac config ([ArgoCD RBAC policy]) + # -- Argo CD rbac config ([Argo CD RBAC policy]) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbacConfig: {} @@ -1197,14 +1196,14 @@ server: # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. # scopes: '[cognito:groups, email]' - # -- Annotations to be added to ArgoCD rbac ConfigMap + # -- Annotations to be added to Argo CD rbac ConfigMap rbacConfigAnnotations: {} # -- Whether or not to create the configmap. If false, it is expected the configmap will be created - # by something else. ArgoCD will not work if there is no configMap created with the name above. + # by something else. Argo CD will not work if there is no configMap created with the name above. rbacConfigCreate: true - # -- Deploy ArgoCD Applications within this helm release + # -- Deploy Argo CD Applications within this helm release # @default -- `[]` (See [values.yaml]) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ additionalApplications: [] @@ -1237,7 +1236,7 @@ server: # - name: url # value: https://argoproj.github.io/ - # -- Deploy ArgoCD Projects within this helm release + # -- Deploy Argo CD Projects within this helm release # @default -- `[]` (See [values.yaml]) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ additionalProjects: [] @@ -1281,7 +1280,7 @@ server: # - keyID: ABCDEF1234567890 ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. + ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. clusterAdminAccess: # -- Enable RBAC for local cluster deployments enabled: true @@ -1345,7 +1344,7 @@ server: # -- Init containers to add to the server pod ## If your target Kubernetes cluster(s) require a custom auth provider executable ## you could use this (and the same in the application controller pod) to bootstrap - ## that executable into your ArgoCD container + ## that executable into your Argo CD container initContainers: [] # - name: download-tools # image: alpine:3.8 @@ -1571,7 +1570,7 @@ repoServer: additionalLabels: {} ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant cluster rights to ArgoCD repo server. + ## Enable if you would like to grant cluster rights to Argo CD repo server. clusterAdminAccess: # -- Enable RBAC for local cluster deployments enabled: false @@ -1861,3 +1860,672 @@ configs: openshift: # -- enables using arbitrary uid for argo repo server enabled: false + +applicationSet: + # -- Application Set controller name string + name: applicationset-controller + + # -- The number of controller pods to run + replicaCount: 1 + + image: + # -- Repository to use for the application set controller + repository: quay.io/argoproj/argocd-applicationset + # -- Image pull policy for the application set controller + pullPolicy: IfNotPresent + # -- Tag to use for the application set controller + tag: "v0.4.1" + + args: + # -- The default metric address + metricsAddr: :8080 + # -- The default health check port + probeBindAddr: :8081 + # -- The default leader election setting + enableLeaderElection: false + # -- How application is synced between the generator and the cluster + policy: sync + # -- Print debug logs + debug: false + # -- Enable dry run mode + dryRun: false + + # -- Additional containers to be added to the applicationset controller pod + extraContainers: [] + + ## Metrics service configuration + metrics: + # -- Deploy metrics service + enabled: false + service: + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 8085 + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: false + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "" # monitoring + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + + # -- If defined, uses a Secret to pull an image from a private Docker registry or repository. + imagePullSecrets: [] + + ## Application set service configuration + service: + # -- Application set service annotations + annotations: {} + # -- Application set service labels + labels: {} + # -- Application set service port + port: 7000 + # -- Application set service port name + portName: webhook + + serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + # -- Annotations for the controller pods + podAnnotations: {} + + # -- Labels for the controller pods + podLabels: {} + + # -- Pod Security Context + podSecurityContext: {} + # fsGroup: 2000 + + # -- Security Context + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + # -- Resource limits and requests for the controller pods. + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + # -- [Node selector] + nodeSelector: {} + + # -- [Tolerations] for use with node taints + tolerations: [] + + # -- Assign custom [affinity] rules + affinity: {} + + # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. + priorityClassName: "" + + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + # - mountPath: /tmp/foobar + # name: foobar + + # -- List of extra volumes to add + extraVolumes: [] + # - name: foobar + # emptyDir: {} + + # -- List of extra cli args to add + extraArgs: [] + # - --loglevel=warn + + # -- Environment variables to pass to the controller + extraEnv: [] + # - name: "MY_VAR" + # value: "value" + + # -- envFrom to pass to the controller + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + + ## Webhook for the Git Generator + ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) + webhook: + ingress: + # -- Enable an ingress resource for Webhooks + enabled: false + # -- Additional ingress annotations + annotations: {} + # -- Additional ingress labels + labels: {} + # -- Defines which ingress controller will implement the resource + ingressClassName: "" + + # -- List of ingress hosts + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + hosts: [] + # - argocd-applicationset.example.com + + # -- List of ingress paths + paths: + - /api/webhook + # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` + pathType: Prefix + # -- Additional ingress paths + extraPaths: [] + # - path: /* + # backend: + # serviceName: ssl-redirect + # servicePort: use-annotation + ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: use-annotation + + # -- Ingress TLS configuration + tls: [] + # - secretName: argocd-applicationset-tls + # hosts: + # - argocd-applicationset.example.com + +notifications: + # -- Notifications controller name string + name: notifications-controller + + # -- Assign custom [affinity] rules + affinity: {} + + # -- Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates + argocdUrl: + + image: + # -- Repository to use for the notifications controller + # @default -- `""` (defaults to global.image.repository) + repository: "" + # -- Tag to use for the notifications controller + # @default -- `""` (defaults to global.image.tag) + tag: "" + # -- Image pull policy for the notifications controller + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- Secrets with credentials to pull images from a private registry + imagePullSecrets: [] + + # -- [Node selector] + nodeSelector: {} + + # -- The deployment strategy to use to replace existing pods with new ones + updateStrategy: + type: Recreate + + # -- Define user-defined context + ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/#defining-user-defined-context + context: {} + # region: east + # environmentName: staging + + secret: + # -- Whether helm chart creates controller secret + create: true + + # -- key:value pairs of annotations to be added to the secret + annotations: {} + + # -- The name of the secret to use. + ## If not set and create is true, the default name 'argocd-notifications-secret' is used + name: "" + + # -- Generic key:value pairs to be inserted into the secret + ## Can be used for templates, notification services etc. Some examples given below. + ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ + items: {} + # slack-token: + # # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/slack/ + + # grafana-apiKey: + # # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/grafana/ + + # webhooks-github-token: + + # email-username: + # email-password: + # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ + + # -- Set the logging level. (One of: `debug`, `info`, `warn`, `error`) + logLevel: info + + # -- Extra arguments to provide to the controller + extraArgs: [] + + # -- Additional container environment variables + extraEnv: [] + + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + # - mountPath: /tmp/foobar + # name: foobar + + # -- List of extra volumes to add + extraVolumes: [] + # - name: foobar + # emptyDir: {} + + metrics: + # -- Enables prometheus metrics server + enabled: false + # -- Metrics port + port: 9001 + service: + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: false + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + # namespace: monitoring + # interval: 30s + # scrapeTimeout: 10s + + # -- Configures notification services + # @default -- See [values.yaml] + ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ + notifiers: + service.slack: | + token: $slack-token + + # -- Annotations to be applied to the controller Pods + podAnnotations: {} + + # -- Labels to be applied to the controller Pods + podLabels: {} + + # -- Pod Security Context + securityContext: + runAsNonRoot: true + + # -- Container Security Context + containerSecurityContext: {} + + # -- Resource limits and requests for the controller + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + serviceAccount: + # -- Specifies whether a service account should be created + create: true + + # -- The name of the service account to use. + ## If not set and create is true, a name is generated using the fullname template + name: argocd-notifications-controller + + # -- Annotations applied to created service account + annotations: {} + + cm: + # -- Whether helm chart creates controller config map + create: true + + # -- The name of the config map to use. + ## If not set and create is true, the default name 'argocd-notifications-cm' is used + name: "" + + # -- Contains centrally managed global application subscriptions + ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ + subscriptions: {} + # # subscription for on-sync-status-unknown trigger notifications + # - recipients: + # - slack:test2 + # - email:test@gmail.com + # triggers: + # - on-sync-status-unknown + # # subscription restricted to applications with matching labels only + # - recipients: + # - slack:test3 + # selector: test=true + # triggers: + # - on-sync-status-unknown + + # -- The notification template is used to generate the notification content + ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/ + templates: {} + # template.app-deployed: | + # email: + # subject: New version of an application {{.app.metadata.name}} is up and running. + # message: | + # {{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} is now running new version of deployments manifests. + # slack: + # attachments: | + # [{ + # "title": "{{ .app.metadata.name}}", + # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + # "color": "#18be52", + # "fields": [ + # { + # "title": "Sync Status", + # "value": "{{.app.status.sync.status}}", + # "short": true + # }, + # { + # "title": "Repository", + # "value": "{{.app.spec.source.repoURL}}", + # "short": true + # }, + # { + # "title": "Revision", + # "value": "{{.app.status.sync.revision}}", + # "short": true + # } + # {{range $index, $c := .app.status.conditions}} + # {{if not $index}},{{end}} + # {{if $index}},{{end}} + # { + # "title": "{{$c.type}}", + # "value": "{{$c.message}}", + # "short": true + # } + # {{end}} + # ] + # }] + # template.app-health-degraded: | + # email: + # subject: Application {{.app.metadata.name}} has degraded. + # message: | + # {{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} has degraded. + # Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. + # slack: + # attachments: |- + # [{ + # "title": "{{ .app.metadata.name}}", + # "title_link": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + # "color": "#f4c030", + # "fields": [ + # { + # "title": "Sync Status", + # "value": "{{.app.status.sync.status}}", + # "short": true + # }, + # { + # "title": "Repository", + # "value": "{{.app.spec.source.repoURL}}", + # "short": true + # } + # {{range $index, $c := .app.status.conditions}} + # {{if not $index}},{{end}} + # {{if $index}},{{end}} + # { + # "title": "{{$c.type}}", + # "value": "{{$c.message}}", + # "short": true + # } + # {{end}} + # ] + # }] + # template.app-sync-failed: | + # email: + # subject: Failed to sync application {{.app.metadata.name}}. + # message: | + # {{if eq .serviceType "slack"}}:exclamation:{{end}} The sync operation of application {{.app.metadata.name}} has failed at {{.app.status.operationState.finishedAt}} with the following error: {{.app.status.operationState.message}} + # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . + # slack: + # attachments: |- + # [{ + # "title": "{{ .app.metadata.name}}", + # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + # "color": "#E96D76", + # "fields": [ + # { + # "title": "Sync Status", + # "value": "{{.app.status.sync.status}}", + # "short": true + # }, + # { + # "title": "Repository", + # "value": "{{.app.spec.source.repoURL}}", + # "short": true + # } + # {{range $index, $c := .app.status.conditions}} + # {{if not $index}},{{end}} + # {{if $index}},{{end}} + # { + # "title": "{{$c.type}}", + # "value": "{{$c.message}}", + # "short": true + # } + # {{end}} + # ] + # }] + # template.app-sync-running: | + # email: + # subject: Start syncing application {{.app.metadata.name}}. + # message: | + # The sync operation of application {{.app.metadata.name}} has started at {{.app.status.operationState.startedAt}}. + # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . + # slack: + # attachments: |- + # [{ + # "title": "{{ .app.metadata.name}}", + # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + # "color": "#0DADEA", + # "fields": [ + # { + # "title": "Sync Status", + # "value": "{{.app.status.sync.status}}", + # "short": true + # }, + # { + # "title": "Repository", + # "value": "{{.app.spec.source.repoURL}}", + # "short": true + # } + # {{range $index, $c := .app.status.conditions}} + # {{if not $index}},{{end}} + # {{if $index}},{{end}} + # { + # "title": "{{$c.type}}", + # "value": "{{$c.message}}", + # "short": true + # } + # {{end}} + # ] + # }] + # template.app-sync-status-unknown: | + # email: + # subject: Application {{.app.metadata.name}} sync status is 'Unknown' + # message: | + # {{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} sync is 'Unknown'. + # Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. + # {{if ne .serviceType "slack"}} + # {{range $c := .app.status.conditions}} + # * {{$c.message}} + # {{end}} + # {{end}} + # slack: + # attachments: |- + # [{ + # "title": "{{ .app.metadata.name}}", + # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + # "color": "#E96D76", + # "fields": [ + # { + # "title": "Sync Status", + # "value": "{{.app.status.sync.status}}", + # "short": true + # }, + # { + # "title": "Repository", + # "value": "{{.app.spec.source.repoURL}}", + # "short": true + # } + # {{range $index, $c := .app.status.conditions}} + # {{if not $index}},{{end}} + # {{if $index}},{{end}} + # { + # "title": "{{$c.type}}", + # "value": "{{$c.message}}", + # "short": true + # } + # {{end}} + # ] + # }] + # template.app-sync-succeeded: | + # email: + # subject: Application {{.app.metadata.name}} has been successfully synced. + # message: | + # {{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} has been successfully synced at {{.app.status.operationState.finishedAt}}. + # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . + # slack: + # attachments: "[{\n \"title\": \"{{ .app.metadata.name}}\",\n \"title_link\":\"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}\",\n \"color\": \"#18be52\",\n \"fields\": [\n {\n \"title\": \"Sync Status\",\n \"value\": \"{{.app.status.sync.status}}\",\n \"short\": true\n },\n {\n \"title\": \"Repository\",\n \"value\": \"{{.app.spec.source.repoURL}}\",\n \"short\": true\n }\n {{range $index, $c := .app.status.conditions}}\n {{if not $index}},{{end}}\n {{if $index}},{{end}}\n {\n \"title\": \"{{$c.type}}\",\n \"value\": \"{{$c.message}}\",\n \"short\": true\n }\n {{end}}\n ]\n}] " + + # -- [Tolerations] for use with node taints + tolerations: [] + + # -- The trigger defines the condition when the notification should be sent + ## For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/ + triggers: {} + # trigger.on-deployed: | + # - description: Application is synced and healthy. Triggered once per commit. + # oncePer: app.status.sync.revision + # send: + # - app-deployed + # when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy' + # trigger.on-health-degraded: | + # - description: Application has degraded + # send: + # - app-health-degraded + # when: app.status.health.status == 'Degraded' + # trigger.on-sync-failed: | + # - description: Application syncing has failed + # send: + # - app-sync-failed + # when: app.status.operationState.phase in ['Error', 'Failed'] + # trigger.on-sync-running: | + # - description: Application is being synced + # send: + # - app-sync-running + # when: app.status.operationState.phase in ['Running'] + # trigger.on-sync-status-unknown: | + # - description: Application status is 'Unknown' + # send: + # - app-sync-status-unknown + # when: app.status.sync.status == 'Unknown' + # trigger.on-sync-succeeded: | + # - description: Application syncing has succeeded + # send: + # - app-sync-succeeded + # when: app.status.operationState.phase in ['Succeeded'] + # + # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers + # defaultTriggers: | + # - on-sync-status-unknown + + ## The optional bot component simplifies managing subscriptions + ## For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ + bots: + slack: + # -- Enable slack bot + ## You have to set secret.notifiers.slack.signingSecret + enabled: false + + # -- The deployment strategy to use to replace existing pods with new ones + updateStrategy: + type: Recreate + + image: + # -- Repository to use for the Slack bot + # @default -- `""` (defaults to global.image.repository) + repository: "" + # -- Tag to use for the Slack bot + # @default -- `""` (defaults to global.image.tag) + tag: "" + # -- Image pull policy for the Slack bot + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- Secrets with credentials to pull images from a private registry + imagePullSecrets: [] + + service: + # -- Service annotations for Slack bot + annotations: {} + # -- Service port for Slack bot + port: 80 + # -- Service type for Slack bot + type: LoadBalancer + + serviceAccount: + # -- Specifies whether a service account should be created + create: true + + # -- The name of the service account to use. + ## If not set and create is true, a name is generated using the fullname template + name: argocd-notifications-bot + + # -- Annotations applied to created service account + annotations: {} + + # -- Pod Security Context + securityContext: + runAsNonRoot: true + + # -- Container Security Context + containerSecurityContext: {} + + # -- Resource limits and requests for the Slack bot + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + # -- Assign custom [affinity] rules + affinity: {} + + # -- [Tolerations] for use with node taints + tolerations: [] + + # -- [Node selector] + nodeSelector: {} From 8e51693a826b923322a3d251e459ff1cc3e1a563 Mon Sep 17 00:00:00 2001 From: Lucas Bickel <116588+hairmare@users.noreply.github.com> Date: Thu, 17 Mar 2022 13:53:53 +0100 Subject: [PATCH 0212/1248] fix(argo-cd): proper selectors for notifications metrics (#1176) * fix(argo-cd): proper selectors for notifications metrics Signed-off-by: Lucas Bickel * fix(argo-cd): harmonize selectors with appset Signed-off-by: Lucas Bickel * fix(argo-cd): simplify selector in service Signed-off-by: Lucas Bickel * fix(argo-cd): proper label for servicemonitor and suffixed service name Signed-off-by: Lucas Bickel --- charts/argo-cd/Chart.yaml | 6 +++--- .../templates/argocd-notifications/service-metrics.yaml | 4 ++-- .../templates/argocd-notifications/servicemonitor.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f9f10bbd..2af74255 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.1 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.0.0 +version: 4.0.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to Argo CD v2.3.1" - - "[Changed]: Sync CRDs of Argo CD v2.3.1" + - "[Fixed]: make notification-metrics service target pods properly" + - "[Fixed]: make notification-metrics servicemonitor target service properly" diff --git a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml index 9804afe1..89ccae39 100644 --- a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml @@ -4,7 +4,7 @@ kind: Service metadata: name: {{ template "argo-cd.notifications.fullname" . }}-metrics labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 4 }} {{- with .Values.notifications.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} @@ -14,7 +14,7 @@ metadata: {{- end }} spec: selector: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 6 }} + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} ports: - name: metrics port: {{ .Values.notifications.metrics.port }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 069b4f67..7d0c0476 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -2,7 +2,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-metrics + name: {{ template "argo-cd.notifications.fullname" . }} {{- if .Values.notifications.metrics.serviceMonitor.namespace }} namespace: {{ .Values.notifications.metrics.serviceMonitor.namespace }} {{- end }} From 1ff008d64a89d15d56b6d8114ad60e0afb2df95b Mon Sep 17 00:00:00 2001 From: Lucas Bickel <116588+hairmare@users.noreply.github.com> Date: Thu, 17 Mar 2022 18:15:20 +0100 Subject: [PATCH 0213/1248] feat(argo-cd): add notifications.metrics.serviceMonitor.selector for consistency (#1177) Signed-off-by: Lucas Bickel --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 1 + .../templates/argocd-notifications/servicemonitor.yaml | 3 +++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2af74255..89ee7bae 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.1 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.0.1 +version: 4.1.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: make notification-metrics service target pods properly" - - "[Fixed]: make notification-metrics servicemonitor target service properly" + - "[Changed]: added notifications.metrics.serviceMonitor.selector value" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c8c6b6c0..daa7e5c1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -749,6 +749,7 @@ NAME: my-release | notifications.metrics.service.labels | object | `{}` | Metrics service labels | | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | notifications.name | string | `"notifications-controller"` | Notifications controller name string | | notifications.nodeSelector | object | `{}` | [Node selector] | | notifications.notifiers | object | See [values.yaml] | Configures notification services | diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 7d0c0476..d4554421 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -8,6 +8,9 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- with .Values.notifications.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- if .Values.notifications.metrics.serviceMonitor.additionalLabels }} {{- toYaml .Values.notifications.metrics.serviceMonitor.additionalLabels | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8eb949bf..3ebef289 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2157,6 +2157,9 @@ notifications: serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus # -- Prometheus ServiceMonitor labels additionalLabels: {} # namespace: monitoring From 48bf6d4a3808636b76ff793a68b50e613e6f009f Mon Sep 17 00:00:00 2001 From: Jan Christoph Beyer <34127121+BeyerJC@users.noreply.github.com> Date: Thu, 17 Mar 2022 20:34:21 +0100 Subject: [PATCH 0214/1248] feat(argo-image-updater): Update to use version 0.12 (#1173) Signed-off-by: Jan Christoph Beyer Co-authored-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 6 +++--- charts/argocd-image-updater/README.md | 4 +++- .../templates/configmap-sshconfig.yaml | 10 ++++++++++ .../argocd-image-updater/templates/deployment.yaml | 10 +++++++++- charts/argocd-image-updater/values.yaml | 13 ++++++++++++- 5 files changed, 37 insertions(+), 6 deletions(-) create mode 100644 charts/argocd-image-updater/templates/configmap-sshconfig.yaml diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 03ff8d96..a5b2ecd7 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.7.0 -appVersion: v0.11.3 +version: 0.8.0 +appVersion: v0.12.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Ability to manage secret containing the ArgoCD API token" + - "[Changed]: Update to argocd-image-updater v0.12" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index a5697096..7d80daac 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -83,11 +83,12 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.gitCommitUser | string | `""` | Username to use for Git commits | | config.logLevel | string | `"info"` | ArgoCD Image Update log level | | config.registries | list | `[]` | ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | +| config.sshConfig | object | `{}` | ArgoCD Image Updater ssh client parameter configuration. | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | | extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | | image.pullPolicy | string | `"Always"` | Default image pull policy | -| image.repository | string | `"argoprojlabs/argocd-image-updater"` | Default image repository | +| image.repository | string | `"quay.io/argoprojlabs/argocd-image-updater"` | Default image repository | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | | imagePullSecrets | list | `[]` | ImagePullSecrets for the image updater deployment | | metrics.enabled | bool | `false` | Deploy metrics service | @@ -113,6 +114,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | tolerations | list | `[]` | Kubernetes toleration settings for the deployment | +| updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml new file mode 100644 index 00000000..548f3100 --- /dev/null +++ b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + name: argocd-image-updater-ssh-config +data: + {{- with .Values.config.sshConfig }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 9c414072..a80d26be 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -9,6 +9,8 @@ spec: selector: matchLabels: {{- include "argocd-image-updater.selectorLabels" . | nindent 6 }} + strategy: + {{- .Values.updateStrategy | toYaml | nindent 4 }} template: metadata: annotations: @@ -28,7 +30,7 @@ spec: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} - command: + command: - /usr/local/bin/argocd-image-updater - run {{- with .Values.extraArgs }} @@ -130,6 +132,8 @@ spec: name: tmp-dir - mountPath: /app/config/ssh name: ssh-known-hosts + - mountPath: /app/.ssh + name: ssh-config {{- if .Values.authScripts.enabled }} - mountPath: /scripts name: authscripts @@ -156,6 +160,10 @@ spec: name: argocd-ssh-known-hosts-cm optional: true name: ssh-known-hosts + - configMap: + name: argocd-image-updater-ssh-config + optional: true + name: ssh-config {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index bca186ca..d6ebd232 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -2,12 +2,15 @@ replicaCount: 1 image: # -- Default image repository - repository: argoprojlabs/argocd-image-updater + repository: quay.io/argoprojlabs/argocd-image-updater # -- Default image pull policy pullPolicy: Always # -- Overrides the image tag whose default is the chart appVersion tag: "" +# -- The deployment strategy to use to replace existing pods with new ones +updateStrategy: + type: Recreate # -- ImagePullSecrets for the image updater deployment imagePullSecrets: [] # -- Global name (argocd-image-updater.name in _helpers.tpl) override @@ -96,6 +99,14 @@ config: # credentials: ext:/scripts/auth1.sh # credsexpire: 10h + # -- ArgoCD Image Updater ssh client parameter configuration. + sshConfig: + {} + # config: | + # Host * + # PubkeyAcceptedAlgorithms +ssh-rsa + # HostkeyAlgorithms +ssh-rsa + # whether to mount authentication scripts, if enabled, the authentication scripts will be mounted on /scripts that can be used to authenticate with registries (ECR) # refer to https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/#specifying-credentials-for-accessing-container-registries for more info authScripts: From 3a2858aa98f607b495d34db0da2a7a3ecad3eaa0 Mon Sep 17 00:00:00 2001 From: ericpdurand Date: Fri, 18 Mar 2022 17:41:56 +0100 Subject: [PATCH 0215/1248] feat(argo-cd): Adding applicationSet.enable and notifications.enable (#1181) * feat(argo-cd) Adding applicationSet.enable and notifications.enable to allow to disable them Signed-off-by: Eric Durand * Fixing Chart version and redudant ifs Signed-off-by: Eric Durand eric_p_durand@yahoo.com Signed-off-by: Eric Durand * Detail the change Signed-off-by: Eric Durand * Drop one more redundant if Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 ++ .../templates/argocd-applicationset/metrics-service.yaml | 2 +- charts/argo-cd/templates/argocd-applicationset/role.yaml | 2 ++ .../templates/argocd-applicationset/rolebinding.yaml | 2 ++ charts/argo-cd/templates/argocd-applicationset/service.yaml | 2 ++ .../templates/argocd-applicationset/serviceaccount.yaml | 2 +- .../templates/argocd-applicationset/servicemonitor.yaml | 2 ++ .../templates/argocd-applicationset/webhook-ingress.yaml | 2 +- .../argo-cd/templates/argocd-notifications/configmap.yaml | 2 +- .../argo-cd/templates/argocd-notifications/deployment.yaml | 2 ++ charts/argo-cd/templates/argocd-notifications/role.yaml | 2 ++ .../argo-cd/templates/argocd-notifications/rolebinding.yaml | 2 ++ charts/argo-cd/templates/argocd-notifications/secret.yaml | 2 +- .../templates/argocd-notifications/service-metrics.yaml | 2 +- .../templates/argocd-notifications/serviceaccount.yaml | 2 +- .../templates/argocd-notifications/servicemonitor.yaml | 2 +- charts/argo-cd/values.yaml | 6 ++++++ 19 files changed, 34 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 89ee7bae..e9ef680c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.1 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.1.0 +version: 4.2.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: added notifications.metrics.serviceMonitor.selector value" + - "[Added]: added applicationSet.enabled and notifications.enabled to allow to disable them" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index daa7e5c1..d2d61dec 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -658,6 +658,7 @@ NAME: my-release | applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | +| applicationSet.enabled | bool | `true` | Enable Application Set controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | | applicationSet.extraEnv | list | `[]` | Environment variables to pass to the controller | @@ -734,6 +735,7 @@ NAME: my-release | notifications.cm.name | string | `""` | The name of the config map to use. | | notifications.containerSecurityContext | object | `{}` | Container Security Context | | notifications.context | object | `{}` | Define user-defined context | +| notifications.enabled | bool | `true` | Enable Notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | | notifications.extraEnv | list | `[]` | Additional container environment variables | | notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 83ad1834..80b0bf5a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -1,3 +1,4 @@ +{{- if .Values.applicationSet.enabled }} apiVersion: apps/v1 kind: Deployment metadata: @@ -124,3 +125,4 @@ spec: {{- with .Values.applicationSet.priorityClassName }} priorityClassName: {{ . }} {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml index ba9a630a..bba26e4c 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml @@ -1,4 +1,4 @@ -{{- if .Values.applicationSet.metrics.enabled }} +{{- if and .Values.applicationSet.enabled .Values.applicationSet.metrics.enabled }} apiVersion: v1 kind: Service metadata: diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index 7e2a2c89..dc83f06a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -1,3 +1,4 @@ +{{- if .Values.applicationSet.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -81,3 +82,4 @@ rules: - patch - update - watch +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml index 7bc5e055..91cddeae 100644 --- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml @@ -1,3 +1,4 @@ +{{- if .Values.applicationSet.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: @@ -12,3 +13,4 @@ subjects: - kind: ServiceAccount name: {{ template "argo-cd.applicationSetServiceAccountName" . }} namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index fc116fb1..db836f04 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -1,3 +1,4 @@ +{{- if .Values.applicationSet.enabled }} apiVersion: v1 kind: Service metadata: @@ -17,3 +18,4 @@ spec: targetPort: {{ .Values.applicationSet.containerPort }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml index 9a690efe..4fafac8d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -1,4 +1,4 @@ -{{- if .Values.applicationSet.serviceAccount.create }} +{{- if and .Values.applicationSet.enabled .Values.applicationSet.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index 2e89c759..1ad3f765 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -1,3 +1,4 @@ +{{- if .Values.applicationSet.enabled }} {{- if and .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor @@ -36,3 +37,4 @@ spec: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 6 }} {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml index 3413a8f3..4d1291ba 100644 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.applicationSet.webhook.ingress.enabled -}} +{{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}} {{- $serviceName := include "argo-cd.applicationSet.fullname" . -}} {{- $servicePort := .Values.applicationSet.service.portName -}} {{- $paths := .Values.applicationSet.webhook.ingress.paths -}} diff --git a/charts/argo-cd/templates/argocd-notifications/configmap.yaml b/charts/argo-cd/templates/argocd-notifications/configmap.yaml index 5806e54b..df1c9a6c 100644 --- a/charts/argo-cd/templates/argocd-notifications/configmap.yaml +++ b/charts/argo-cd/templates/argocd-notifications/configmap.yaml @@ -1,4 +1,4 @@ -{{ if .Values.notifications.cm.create }} +{{- if and .Values.notifications.enabled .Values.notifications.cm.create }} apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 23354f89..a6371a66 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -1,3 +1,4 @@ +{{- if .Values.notifications.enabled }} apiVersion: apps/v1 kind: Deployment metadata: @@ -104,3 +105,4 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/role.yaml b/charts/argo-cd/templates/argocd-notifications/role.yaml index 7e487309..75a88e5f 100644 --- a/charts/argo-cd/templates/argocd-notifications/role.yaml +++ b/charts/argo-cd/templates/argocd-notifications/role.yaml @@ -1,3 +1,4 @@ +{{- if .Values.notifications.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -40,3 +41,4 @@ rules: - secrets verbs: - get +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml index a7e81f6e..e78ac5c6 100644 --- a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml @@ -1,3 +1,4 @@ +{{- if .Values.notifications.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: @@ -12,3 +13,4 @@ subjects: - kind: ServiceAccount name: {{ template "argo-cd.notificationsServiceAccountName" . }} namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/secret.yaml b/charts/argo-cd/templates/argocd-notifications/secret.yaml index c0b33e74..342bf79f 100644 --- a/charts/argo-cd/templates/argocd-notifications/secret.yaml +++ b/charts/argo-cd/templates/argocd-notifications/secret.yaml @@ -1,4 +1,4 @@ -{{ if .Values.notifications.secret.create }} +{{- if and .Values.notifications.enabled .Values.notifications.secret.create }} apiVersion: v1 kind: Secret metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml index 89ccae39..cdae581c 100644 --- a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml @@ -1,4 +1,4 @@ -{{- if .Values.notifications.metrics.enabled }} +{{- if and .Values.notifications.enabled .Values.notifications.metrics.enabled }} apiVersion: v1 kind: Service metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml index 6b573fd2..48c6967f 100644 --- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml @@ -1,4 +1,4 @@ -{{- if .Values.notifications.serviceAccount.create }} +{{- if and .Values.notifications.enabled .Values.notifications.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index d4554421..d61b3b56 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} +{{- if and .Values.notifications.enabled .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3ebef289..8bc81b8c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1862,6 +1862,9 @@ openshift: enabled: false applicationSet: + # -- Enable Application Set controller + enabled: true + # -- Application Set controller name string name: applicationset-controller @@ -2062,6 +2065,9 @@ applicationSet: # - argocd-applicationset.example.com notifications: + # -- Enable Notifications controller + enabled: true + # -- Notifications controller name string name: notifications-controller From b9193965741061c2d3c32a164555cfd73d2fcf36 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 18 Mar 2022 22:25:23 +0100 Subject: [PATCH 0216/1248] fix(argo-cd): Add missing NetworkPolicy for ApplicationSet and Notifications (#1184) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 +-- .../argocd-applicationset/networkpolicy.yaml | 25 +++++++++++++++++++ .../argocd-notifications/networkpolicy.yaml | 19 ++++++++++++++ .../argocd-repo-server/networkpolicy.yaml | 10 ++++++++ 4 files changed, 56 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e9ef680c..eaf426c4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.1 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.2.0 +version: 4.2.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: added applicationSet.enabled and notifications.enabled to allow to disable them" + - "[Fixed]: Add missing NetworkPolicy for ApplicationSet and Notifications" diff --git a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml new file mode 100644 index 00000000..176de64b --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml @@ -0,0 +1,25 @@ +{{- if and .Values.applicationSet.enabled .Values.global.networkPolicy.create (or .Values.applicationSet.metrics.enabled .Values.applicationSet.webhook.ingress.enabled) }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +spec: + ingress: + {{- if .Values.applicationSet.webhook.ingress.enabled }} + - ports: + - port: webhook + {{- end }} + {{- if .Values.applicationSet.metrics.enabled }} + - from: + - namespaceSelector: {} + ports: + - port: metrics + {{- end }} + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml new file mode 100644 index 00000000..6bd0c04e --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.notifications.enabled .Values.global.networkPolicy.create .Values.notifications.metrics.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +spec: + ingress: + - from: + - namespaceSelector: {} + ports: + - port: metrics + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml index 0d9274ed..619a65ca 100644 --- a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -14,6 +14,16 @@ spec: - podSelector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }} + {{- if .Values.notifications.enabled }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 10 }} + {{- end }} + {{- if .Values.applicationSet.enabled }} + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 10 }} + {{- end }} ports: - port: repo-server protocol: TCP From de3643805bc17826408658dd017308955605113c Mon Sep 17 00:00:00 2001 From: Michael Crenshaw Date: Wed, 23 Mar 2022 05:53:09 -0400 Subject: [PATCH 0217/1248] feat(argo-cd): Update to v2.3.2 release (#1191) * feat(argo-cd): Update to v2.3.2 release Signed-off-by: Michael Crenshaw * chore: empty commit to retry CI Signed-off-by: Michael Crenshaw Co-authored-by: Michael Crenshaw --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index eaf426c4..6dc9aeb5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.3.1 +appVersion: v2.3.2 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.2.1 +version: 4.2.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing NetworkPolicy for ApplicationSet and Notifications" + - "[Changed]: Update to Argo CD v2.3.2" From 86faeec867c9081b2db93fdf76c287f993e636ac Mon Sep 17 00:00:00 2001 From: Frank Bagherzadeh Date: Wed, 23 Mar 2022 09:18:22 -0400 Subject: [PATCH 0218/1248] fix(argo-workflows): Add missing list verb to secret (#1186) * Add list Signed-off-by: Frank Bagherzadeh * bump version and add change log Signed-off-by: Frank Bagherzadeh * fix changelog Signed-off-by: Frank Bagherzadeh --- charts/argo-workflows/Chart.yaml | 4 ++-- .../argo-workflows/templates/server/server-cluster-roles.yaml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 052f9093..aeaaa148 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.13.0 +version: 0.13.1 appVersion: v3.2.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add encryptionOptions for S3 based artifactRepository" + - "[Fixed]: Add missing list verb to secret" diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 9a064b93..94c86e27 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -62,6 +62,7 @@ rules: - secrets verbs: - get + - list {{- if .Values.server.sso }} {{- if .Values.server.sso.rbac }} {{- with .Values.server.sso.rbac.secretWhitelist }} From 0d2d0243a5cefc84d060f2f838448ec09d3c4a30 Mon Sep 17 00:00:00 2001 From: cskh Date: Wed, 23 Mar 2022 17:11:46 -0400 Subject: [PATCH 0219/1248] feat(argo-rollouts): upgrade to v1.2.0 (#1135) * feat(argo-rollouts): upgrade to v1.2.0-rc1 Signed-off-by: Hui Kang * [argo-rollouts]:bump minor version and add release version Signed-off-by: Hui Kang --- charts/argo-rollouts/Chart.yaml | 6 +- charts/argo-rollouts/README.md | 4 +- .../templates/controller/clusterrole.yaml | 24 +- .../templates/controller/deployment.yaml | 2 + .../templates/crds/analysis-run-crd.yaml | 308 ++++++++++++- .../templates/crds/analysis-template-crd.yaml | 269 ++++++++++- .../crds/cluster-analysis-template-crd.yaml | 269 ++++++++++- .../templates/crds/experiment-crd.yaml | 259 ++++++++++- .../templates/crds/rollout-crd.yaml | 417 +++++++++++++++++- charts/argo-rollouts/values.yaml | 8 +- 10 files changed, 1547 insertions(+), 19 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 21275d94..64b29329 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "v1.1.1" +appVersion: "v1.2.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.11.0 +version: 2.12.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Argo rollouts notification secret and configmap" + - "[Added]: Upgrade argo-rollouts to v1.2.0" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index b8aa2b95..51d798c0 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -74,7 +74,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | -| controller.replicas | int | `1` | The number of controller pods to run | +| controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | @@ -153,4 +153,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.11.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.12.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 18318e44..9581ef96 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -68,7 +68,7 @@ rules: - list - watch # services patch needed to update selector of canary/stable/active/preview services -# services create needed to create services for experiments +# services create needed to create and delete services for experiments - apiGroups: - "" resources: @@ -79,6 +79,7 @@ rules: - watch - patch - create + - delete # leases create/get/update needed for leader election - apiGroups: - coordination.k8s.io @@ -198,4 +199,25 @@ rules: verbs: - list - get +# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualservices + verbs: + - watch + - get + - list +# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualnodes + - virtualrouters + verbs: + - watch + - get + - list + - update + - patch {{- end }} diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index b1f80534..46795b98 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -48,6 +48,8 @@ spec: ports: - containerPort: 8090 name: metrics + - containerPort: 8080 + name: healthz livenessProbe: {{- toYaml .Values.controller.livenessProbe | nindent 10 }} readinessProbe: diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 42496b96..f5cba997 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -31,6 +31,10 @@ spec: jsonPath: .status.phase name: Status type: string + - description: Time since resource was created + jsonPath: .metadata.creationTimestamp + name: Age + type: date name: v1alpha1 schema: openAPIV3Schema: @@ -74,6 +78,28 @@ spec: - name type: object type: array + dryRun: + items: + properties: + metricName: + type: string + required: + - metricName + type: object + type: array + measurementRetention: + items: + properties: + limit: + format: int32 + type: integer + metricName: + type: string + required: + - limit + - metricName + type: object + type: array metrics: items: properties: @@ -197,6 +223,8 @@ spec: backoffLimit: format: int32 type: integer + completionMode: + type: string completions: format: int32 type: integer @@ -228,6 +256,8 @@ spec: type: string type: object type: object + suspend: + type: boolean template: properties: metadata: @@ -369,6 +399,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -412,6 +465,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -453,6 +529,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -496,6 +595,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -721,6 +843,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -770,6 +902,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -812,6 +947,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -861,6 +1006,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -927,6 +1075,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -943,6 +1093,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -992,6 +1152,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1279,6 +1442,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1328,6 +1501,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1354,6 +1530,10 @@ spec: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1366,6 +1546,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1415,6 +1605,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1481,6 +1674,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -1497,6 +1692,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1546,6 +1751,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1837,6 +2045,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1886,6 +2104,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1928,6 +2149,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1977,6 +2208,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2043,6 +2277,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -2059,6 +2295,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -2108,6 +2354,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2166,6 +2415,14 @@ spec: additionalProperties: type: string type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object overhead: additionalProperties: anyOf: @@ -2254,6 +2511,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -2457,6 +2716,8 @@ spec: type: object web: properties: + body: + type: string headers: items: properties: @@ -2473,6 +2734,8 @@ spec: type: boolean jsonPath: type: string + method: + type: string timeoutSeconds: format: int64 type: integer @@ -2496,6 +2759,24 @@ spec: type: object status: properties: + dryRunSummary: + properties: + count: + format: int32 + type: integer + error: + format: int32 + type: integer + failed: + format: int32 + type: integer + inconclusive: + format: int32 + type: integer + successful: + format: int32 + type: integer + type: object message: type: string metricResults: @@ -2507,6 +2788,8 @@ spec: count: format: int32 type: integer + dryRun: + type: boolean error: format: int32 type: integer @@ -2544,6 +2827,10 @@ spec: type: array message: type: string + metadata: + additionalProperties: + type: string + type: object name: type: string phase: @@ -2558,6 +2845,24 @@ spec: type: array phase: type: string + runSummary: + properties: + count: + format: int32 + type: integer + error: + format: int32 + type: integer + failed: + format: int32 + type: integer + inconclusive: + format: int32 + type: integer + successful: + format: int32 + type: integer + type: object startedAt: format: date-time type: string @@ -2570,4 +2875,5 @@ spec: served: true storage: true subresources: {} + {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index f81efd4d..7b23b54d 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -26,7 +26,12 @@ spec: preserveUnknownFields: false scope: Namespaced versions: - - name: v1alpha1 + - additionalPrinterColumns: + - description: Time since resource was created + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 schema: openAPIV3Schema: properties: @@ -69,6 +74,28 @@ spec: - name type: object type: array + dryRun: + items: + properties: + metricName: + type: string + required: + - metricName + type: object + type: array + measurementRetention: + items: + properties: + limit: + format: int32 + type: integer + metricName: + type: string + required: + - limit + - metricName + type: object + type: array metrics: items: properties: @@ -192,6 +219,8 @@ spec: backoffLimit: format: int32 type: integer + completionMode: + type: string completions: format: int32 type: integer @@ -223,6 +252,8 @@ spec: type: string type: object type: object + suspend: + type: boolean template: properties: metadata: @@ -364,6 +395,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -407,6 +461,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -448,6 +525,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -491,6 +591,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -716,6 +839,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -765,6 +898,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -807,6 +943,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -856,6 +1002,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -922,6 +1071,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -938,6 +1089,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -987,6 +1148,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1274,6 +1438,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1323,6 +1497,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1349,6 +1526,10 @@ spec: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1361,6 +1542,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1410,6 +1601,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1476,6 +1670,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -1492,6 +1688,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1541,6 +1747,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1832,6 +2041,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1881,6 +2100,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1923,6 +2145,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1972,6 +2204,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2038,6 +2273,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -2054,6 +2291,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -2103,6 +2350,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2161,6 +2411,14 @@ spec: additionalProperties: type: string type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object overhead: additionalProperties: anyOf: @@ -2249,6 +2507,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -2452,6 +2712,8 @@ spec: type: object web: properties: + body: + type: string headers: items: properties: @@ -2468,6 +2730,8 @@ spec: type: boolean jsonPath: type: string + method: + type: string timeoutSeconds: format: int64 type: integer @@ -2492,4 +2756,5 @@ spec: type: object served: true storage: true + subresources: {} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index d8435bda..8ea109f7 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -26,7 +26,12 @@ spec: preserveUnknownFields: false scope: Cluster versions: - - name: v1alpha1 + - additionalPrinterColumns: + - description: Time since resource was created + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 schema: openAPIV3Schema: properties: @@ -69,6 +74,28 @@ spec: - name type: object type: array + dryRun: + items: + properties: + metricName: + type: string + required: + - metricName + type: object + type: array + measurementRetention: + items: + properties: + limit: + format: int32 + type: integer + metricName: + type: string + required: + - limit + - metricName + type: object + type: array metrics: items: properties: @@ -192,6 +219,8 @@ spec: backoffLimit: format: int32 type: integer + completionMode: + type: string completions: format: int32 type: integer @@ -223,6 +252,8 @@ spec: type: string type: object type: object + suspend: + type: boolean template: properties: metadata: @@ -364,6 +395,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -407,6 +461,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -448,6 +525,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -491,6 +591,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -716,6 +839,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -765,6 +898,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -807,6 +943,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -856,6 +1002,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -922,6 +1071,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -938,6 +1089,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -987,6 +1148,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1274,6 +1438,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1323,6 +1497,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1349,6 +1526,10 @@ spec: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1361,6 +1542,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1410,6 +1601,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1476,6 +1670,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -1492,6 +1688,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1541,6 +1747,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1832,6 +2041,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1881,6 +2100,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1923,6 +2145,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1972,6 +2204,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2038,6 +2273,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -2054,6 +2291,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -2103,6 +2350,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2161,6 +2411,14 @@ spec: additionalProperties: type: string type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object overhead: additionalProperties: anyOf: @@ -2249,6 +2507,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -2452,6 +2712,8 @@ spec: type: object web: properties: + body: + type: string headers: items: properties: @@ -2468,6 +2730,8 @@ spec: type: boolean jsonPath: type: string + method: + type: string timeoutSeconds: format: int64 type: integer @@ -2492,4 +2756,5 @@ spec: type: object served: true storage: true + subresources: {} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 634b03f3..90b4b499 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -31,6 +31,10 @@ spec: jsonPath: .status.phase name: Status type: string + - description: Time since resource was created + jsonPath: .metadata.creationTimestamp + name: Age + type: date name: v1alpha1 schema: openAPIV3Schema: @@ -90,8 +94,30 @@ spec: - templateName type: object type: array + dryRun: + items: + properties: + metricName: + type: string + required: + - metricName + type: object + type: array duration: type: string + measurementRetention: + items: + properties: + limit: + format: int32 + type: integer + metricName: + type: string + required: + - limit + - metricName + type: object + type: array progressDeadlineSeconds: format: int32 type: integer @@ -275,6 +301,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -318,6 +367,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -359,6 +431,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -402,6 +497,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -627,6 +745,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -676,6 +804,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -718,6 +849,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -767,6 +908,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -833,6 +977,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -849,6 +995,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -898,6 +1054,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1185,6 +1344,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1234,6 +1403,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1260,6 +1432,10 @@ spec: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1272,6 +1448,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1321,6 +1507,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1387,6 +1576,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -1403,6 +1594,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1452,6 +1653,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1743,6 +1947,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1792,6 +2006,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1834,6 +2051,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1883,6 +2110,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1949,6 +2179,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -1965,6 +2197,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -2014,6 +2256,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2072,6 +2317,14 @@ spec: additionalProperties: type: string type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object overhead: additionalProperties: anyOf: @@ -2160,6 +2413,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -2351,4 +2606,4 @@ spec: served: true storage: true subresources: {} -{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index cbde1256..596f55ca 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -45,6 +45,10 @@ spec: jsonPath: .status.availableReplicas name: Available type: integer + - description: Time since resource was created + jsonPath: .metadata.creationTimestamp + name: Age + type: date name: v1alpha1 schema: openAPIV3Schema: @@ -176,6 +180,28 @@ spec: - name type: object type: array + dryRun: + items: + properties: + metricName: + type: string + required: + - metricName + type: object + type: array + measurementRetention: + items: + properties: + limit: + format: int32 + type: integer + metricName: + type: string + required: + - limit + - metricName + type: object + type: array templates: items: properties: @@ -211,6 +237,28 @@ spec: - name type: object type: array + dryRun: + items: + properties: + metricName: + type: string + required: + - metricName + type: object + type: array + measurementRetention: + items: + properties: + limit: + format: int32 + type: integer + metricName: + type: string + required: + - limit + - metricName + type: object + type: array templates: items: properties: @@ -276,6 +324,28 @@ spec: - name type: object type: array + dryRun: + items: + properties: + metricName: + type: string + required: + - metricName + type: object + type: array + measurementRetention: + items: + properties: + limit: + format: int32 + type: integer + metricName: + type: string + required: + - limit + - metricName + type: object + type: array startingStep: format: int32 type: integer @@ -327,6 +397,16 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + pingPong: + properties: + pingService: + type: string + pongService: + type: string + required: + - pingService + - pongService + type: object scaleDownDelayRevisionLimit: format: int32 type: integer @@ -374,6 +454,28 @@ spec: - name type: object type: array + dryRun: + items: + properties: + metricName: + type: string + required: + - metricName + type: object + type: array + measurementRetention: + items: + properties: + limit: + format: int32 + type: integer + metricName: + type: string + required: + - limit + - metricName + type: object + type: array templates: items: properties: @@ -519,6 +621,17 @@ spec: servicePort: format: int32 type: integer + stickinessConfig: + properties: + durationSeconds: + format: int64 + type: integer + enabled: + type: boolean + required: + - durationSeconds + - enabled + type: object required: - ingress - servicePort @@ -532,6 +645,40 @@ spec: required: - mappings type: object + appMesh: + properties: + virtualNodeGroup: + properties: + canaryVirtualNodeRef: + properties: + name: + type: string + required: + - name + type: object + stableVirtualNodeRef: + properties: + name: + type: string + required: + - name + type: object + required: + - canaryVirtualNodeRef + - stableVirtualNodeRef + type: object + virtualService: + properties: + name: + type: string + routes: + items: + type: string + type: array + required: + - name + type: object + type: object istio: properties: destinationRule: @@ -760,6 +907,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -803,6 +973,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -844,6 +1037,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -887,6 +1103,29 @@ spec: type: string type: object type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object namespaces: items: type: string @@ -1112,6 +1351,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1161,6 +1410,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1203,6 +1455,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1252,6 +1514,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1318,6 +1583,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -1334,6 +1601,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1383,6 +1660,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1670,6 +1950,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1719,6 +2009,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1745,6 +2038,10 @@ spec: - containerPort type: object type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map readinessProbe: properties: exec: @@ -1757,6 +2054,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1806,6 +2113,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -1872,6 +2182,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -1888,6 +2200,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -1937,6 +2259,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2228,6 +2553,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -2277,6 +2612,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2319,6 +2657,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -2368,6 +2716,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2434,6 +2785,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -2450,6 +2803,16 @@ spec: failureThreshold: format: int32 type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object httpGet: properties: host: @@ -2499,6 +2862,9 @@ spec: required: - port type: object + terminationGracePeriodSeconds: + format: int64 + type: integer timeoutSeconds: format: int32 type: integer @@ -2557,6 +2923,14 @@ spec: additionalProperties: type: string type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object overhead: additionalProperties: anyOf: @@ -2645,6 +3019,8 @@ spec: type: string gmsaCredentialSpecName: type: string + hostProcess: + type: boolean runAsUserName: type: string type: object @@ -2722,7 +3098,9 @@ spec: - whenUnsatisfiable x-kubernetes-list-type: map volumes: - x-kubernetes-preserve-unknown-fields: true + items: + x-kubernetes-preserve-unknown-fields: true + type: array required: - containers type: object @@ -2747,6 +3125,39 @@ spec: abortedAt: format: date-time type: string + alb: + properties: + canaryTargetGroup: + properties: + arn: + type: string + name: + type: string + required: + - arn + - name + type: object + loadBalancer: + properties: + arn: + type: string + name: + type: string + required: + - arn + - name + type: object + stableTargetGroup: + properties: + arn: + type: string + name: + type: string + required: + - arn + - name + type: object + type: object availableReplicas: format: int32 type: integer @@ -2811,6 +3222,8 @@ spec: - name - status type: object + stablePingPong: + type: string weights: properties: additional: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 42d32de0..f99af0bb 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -32,7 +32,7 @@ controller: # -- Assign custom [affinity] rules to the deployment affinity: {} # -- The number of controller pods to run - replicas: 1 + replicas: 2 image: # -- Registry to use registry: quay.io @@ -75,8 +75,8 @@ controller: # @default -- See [values.yaml] livenessProbe: httpGet: - path: /metrics - port: 8090 + path: /healthz + port: healthz initialDelaySeconds: 30 periodSeconds: 20 failureThreshold: 3 @@ -88,7 +88,7 @@ controller: readinessProbe: httpGet: path: /metrics - port: 8090 + port: metrics initialDelaySeconds: 15 periodSeconds: 5 failureThreshold: 3 From abea0338a3df9bc0ca7ea5df886c5bde1bb730d2 Mon Sep 17 00:00:00 2001 From: yanyx Date: Mon, 28 Mar 2022 21:17:43 +0800 Subject: [PATCH 0220/1248] fix(argo-cd): fix subscriptions default value (#1197) * fix subscriptions default value Signed-off-by: Yixing Yan * update changelog Signed-off-by: Yixing Yan * update argo-cd readme Signed-off-by: Yixing Yan --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6dc9aeb5..591f4655 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.2 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.2.2 +version: 4.2.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to Argo CD v2.3.2" + - "[Fixed]: Correct ArgoCD notification subscriptions type" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d2d61dec..86b6ec1e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -766,7 +766,7 @@ NAME: my-release | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | -| notifications.subscriptions | object | `{}` | Contains centrally managed global application subscriptions | +| notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | | notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8bc81b8c..ca34549e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2222,7 +2222,7 @@ notifications: # -- Contains centrally managed global application subscriptions ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ - subscriptions: {} + subscriptions: [] # # subscription for on-sync-status-unknown trigger notifications # - recipients: # - slack:test2 From 45ed060c2b1c986a0f60e937e9d3f255fe902fdd Mon Sep 17 00:00:00 2001 From: amaury ravanel Date: Mon, 28 Mar 2022 23:01:54 +0200 Subject: [PATCH 0221/1248] fix(argo-cd): Correct ApplicationSet controller port (#1200) * Add default value for the applicationSet controller container port Signed-off-by: amaury ravanel * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-applicationset/service.yaml | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 591f4655..bc32a964 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.2 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.2.3 +version: 4.2.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Correct ArgoCD notification subscriptions type" + - "[Fixed]: Correct ArgoCD applicationset controller port" diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index db836f04..4d2fd4eb 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -15,7 +15,7 @@ spec: ports: - name: {{ .Values.applicationSet.service.portName }} port: {{ .Values.applicationSet.service.port }} - targetPort: {{ .Values.applicationSet.containerPort }} + targetPort: webhook selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ca34549e..2a207250 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1896,7 +1896,7 @@ applicationSet: # -- Additional containers to be added to the applicationset controller pod extraContainers: [] - ## Metrics service configuration + ## Metrics service configuration metrics: # -- Deploy metrics service enabled: false From 82f0a66fc6ee324035dc64b6fdf6a1c41698e16e Mon Sep 17 00:00:00 2001 From: yanyx Date: Tue, 29 Mar 2022 19:24:04 +0800 Subject: [PATCH 0222/1248] refactor(argo-cd)!: Remove Argo CD notification default notifier (#1201) * remove argocd notification default notifier Signed-off-by: Yixing Yan * format notification template comment Signed-off-by: Yixing Yan * Update the argo-cd chart to version 4.3.0 Signed-off-by: Yixing Yan * update changelog Signed-off-by: Yixing Yan * update readme Signed-off-by: Yixing Yan --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++++ charts/argo-cd/README.md.gotmpl | 4 ++++ charts/argo-cd/values.yaml | 34 +++++++++++++++++++++++++++++---- 4 files changed, 40 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bc32a964..e69c70c8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.2 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.2.4 +version: 4.3.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Correct ArgoCD applicationset controller port" + - "[Removed]: Remove Argo CD notification default notifier" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 86b6ec1e..ede6960b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -82,6 +82,10 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 4.3.* + +With this minor version, the notification notifier's `service.slack` is no longer configured by default. + ### 4.0.0 and above This helm chart version deploys Argo CD v2.3. The Argo CD Notifications and ApplicationSet are part of Argo CD now. You no longer need to install them separately. The Notifications and ApplicationSet components **are bundled into default** Argo CD installation. diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 0c7eee9f..2ec386c7 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -82,6 +82,10 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### 4.3.* + +With this minor version, the notification notifier's `service.slack` is no longer configured by default. + ### 4.0.0 and above This helm chart version deploys Argo CD v2.3. The Argo CD Notifications and ApplicationSet are part of Argo CD now. You no longer need to install them separately. The Notifications and ApplicationSet components **are bundled into default** Argo CD installation. diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2a207250..cce0c24b 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2175,9 +2175,9 @@ notifications: # -- Configures notification services # @default -- See [values.yaml] ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ - notifiers: - service.slack: | - token: $slack-token + notifiers: {} + # service.slack: | + # token: $slack-token # -- Annotations to be applied to the controller Pods podAnnotations: {} @@ -2425,7 +2425,33 @@ notifications: # {{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} has been successfully synced at {{.app.status.operationState.finishedAt}}. # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . # slack: - # attachments: "[{\n \"title\": \"{{ .app.metadata.name}}\",\n \"title_link\":\"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}\",\n \"color\": \"#18be52\",\n \"fields\": [\n {\n \"title\": \"Sync Status\",\n \"value\": \"{{.app.status.sync.status}}\",\n \"short\": true\n },\n {\n \"title\": \"Repository\",\n \"value\": \"{{.app.spec.source.repoURL}}\",\n \"short\": true\n }\n {{range $index, $c := .app.status.conditions}}\n {{if not $index}},{{end}}\n {{if $index}},{{end}}\n {\n \"title\": \"{{$c.type}}\",\n \"value\": \"{{$c.message}}\",\n \"short\": true\n }\n {{end}}\n ]\n}] " + # attachments: |- + # [{ + # "title": "{{ .app.metadata.name}}", + # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + # "color": "#18be52", + # "fields": [ + # { + # "title": "Sync Status", + # "value": "{{.app.status.sync.status}}", + # "short": true + # }, + # { + # "title": "Repository", + # "value": "{{.app.spec.source.repoURL}}", + # "short": true + # } + # {{range $index, $c := .app.status.conditions}} + # {{if not $index}},{{end}} + # {{if $index}},{{end}} + # { + # "title": "{{$c.type}}", + # "value": "{{$c.message}}", + # "short": true + # } + # {{end}} + # ] + # }] # -- [Tolerations] for use with node taints tolerations: [] From b179665dc8a74026b37ec4058aa8f1dc4050528a Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 30 Mar 2022 15:39:44 +0200 Subject: [PATCH 0223/1248] fix(argo-cd): Update to Argo CD v2.3.3 (#1204) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e69c70c8..49f6ddcb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.3.2 +appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.3.0 +version: 4.3.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: Remove Argo CD notification default notifier" + - "[Changed]: Update to Argo CD v2.3.3" From f47bab3acc81ef72832d508ab41447c0d2dd4442 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 31 Mar 2022 13:58:55 +0200 Subject: [PATCH 0224/1248] fix(argo-cd): Upgrade dex to v2.30.2 (#1205) This was missing during Argo CD upgrade 2.2 -> 2.3 Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 49f6ddcb..ca734ecc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.3.1 +version: 4.3.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to Argo CD v2.3.3" + - "[Fixed]: Upgrade dex to v2.30.2" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ede6960b..94cdc9a0 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -535,7 +535,7 @@ NAME: my-release | dex.extraVolumes | list | `[]` | Extra volumes to the dex pod | | dex.image.imagePullPolicy | string | `"IfNotPresent"` | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.30.0"` | Dex image tag | +| dex.image.tag | string | `"v2.30.2"` | Dex image tag | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cce0c24b..e41a3d56 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -395,7 +395,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.30.0 + tag: v2.30.2 # -- Dex imagePullPolicy imagePullPolicy: IfNotPresent initImage: From 58926e3d790f7c4c42ea082269cb921fb9afaeb5 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 31 Mar 2022 14:18:54 +0200 Subject: [PATCH 0225/1248] feat(argo-cd): Add ability to use an external redis instance (#1150) Signed-off-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 7 +++++++ charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++++ charts/argo-cd/README.md.gotmpl | 7 ++++++- charts/argo-cd/ci/external-redis-values.yaml | 9 +++++++++ charts/argo-cd/templates/_helpers.tpl | 14 ++++++++++++++ .../argocd-application-controller/deployment.yaml | 10 ++++++++-- .../argocd-configs/externalredis-secret.yaml | 11 +++++++++++ .../templates/argocd-repo-server/deployment.yaml | 10 +++++++--- .../templates/argocd-server/deployment.yaml | 10 ++++++++-- charts/argo-cd/values.yaml | 12 ++++++++++++ 11 files changed, 88 insertions(+), 10 deletions(-) create mode 100644 charts/argo-cd/ci/external-redis-values.yaml create mode 100644 charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 7dd576cf..a658e4e6 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -62,6 +62,13 @@ jobs: ## Metrics API not available in kind cluster rm charts/argo-cd/ci/ha-autoscaling-values.yaml + - name: Create an external redis for ArgoCD externalRedis feature + if: contains(steps.list-changed.outputs.changed_charts, 'argo-cd') + run: | + kubectl create namespace redis + helm repo add bitnami https://charts.bitnami.com/bitnami + helm install redis bitnami/redis --wait --namespace redis --set auth.password=argocd --set architecture=standalone + - name: Run chart-testing (install) run: ct install --config ./.github/configs/ct-install.yaml if: steps.list-changed.outputs.changed == 'true' diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ca734ecc..c1a6b3ac 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.3.2 +version: 4.4.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Upgrade dex to v2.30.2" + - "[Added]: Ability to use external/existing Redis (eg. a managed cloud service)" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 94cdc9a0..f127299d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -650,6 +650,10 @@ NAME: my-release | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `"\"\""` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | +| externalRedis.existingSecret | string | `""` | The name of an existing secret with Redis credentials (must contain key `redis-password`). When it's set, the `externalRedis.password` parameter is ignored | +| externalRedis.host | string | `""` | External Redis server host | +| externalRedis.password | string | `""` | External Redis password | +| externalRedis.port | int | `6379` | External Redis server port | ## ApplicationSet diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 2ec386c7..3f58e445 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -198,7 +198,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if not (or (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) ) }} + {{- if not (or (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) ) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- if hasPrefix "server.additional" .Key }} @@ -260,6 +260,11 @@ NAME: my-release | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} +{{- range .Values }} + {{- if hasPrefix "externalRedis" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} ## ApplicationSet diff --git a/charts/argo-cd/ci/external-redis-values.yaml b/charts/argo-cd/ci/external-redis-values.yaml new file mode 100644 index 00000000..2bc126a0 --- /dev/null +++ b/charts/argo-cd/ci/external-redis-values.yaml @@ -0,0 +1,9 @@ +redis: + enabled: false + +redis-ha: + enabled: false + +externalRedis: + host: "redis-master.redis.svc.cluster.local" + password: "argocd" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 197a78d7..5bc4a49c 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -270,3 +270,17 @@ Create the name of the configmap to use {{ default "argocd-notifications-cm" .Values.notifications.cm.name }} {{- end -}} {{- end -}} + +{{- define "argo-cd.redisPasswordEnv" -}} + {{- if or .Values.externalRedis.password .Values.externalRedis.existingSecret }} +- name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + {{- if .Values.externalRedis.existingSecret }} + name: {{ .Values.externalRedis.existingSecret }} + {{- else }} + name: {{ template "argo-cd.redis.fullname" . }} + {{- end }} + key: redis-password + {{- end }} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index cf62bb7f..c4370aee 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -65,6 +65,9 @@ spec: {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} + {{- else if and .Values.externalRedis.host .Values.externalRedis.port }} + - --redis + - {{ .Values.externalRedis.host }}:{{ .Values.externalRedis.port }} {{- end }} {{- with .Values.controller.extraArgs }} {{- . | toYaml | nindent 8 }} @@ -75,9 +78,12 @@ spec: {{- if .Values.controller.containerSecurityContext }} securityContext: {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }} {{- end }} - {{- if .Values.controller.env }} + {{- if or .Values.controller.env .Values.externalRedis.password .Values.externalRedis.existingSecret }} env: -{{- toYaml .Values.controller.env | nindent 8 }} + {{- include "argo-cd.redisPasswordEnv" . | nindent 8 }} + {{- with .Values.controller.env }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml new file mode 100644 index 00000000..3d806902 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.externalRedis.password (not .Values.externalRedis.existingSecret) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "argo-cd.redis.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} +type: Opaque +data: + redis-password: {{ .Values.externalRedis.password | b64enc }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 9af30af3..5e796cc0 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -47,6 +47,9 @@ spec: {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} + {{- else if and .Values.externalRedis.host .Values.externalRedis.port }} + - --redis + - {{ .Values.externalRedis.host }}:{{ .Values.externalRedis.port }} {{- end }} - --logformat - {{ .Values.repoServer.logFormat }} @@ -65,9 +68,10 @@ spec: value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir - {{- if .Values.repoServer.env }} - {{- toYaml .Values.repoServer.env | nindent 8 }} - {{- end }} + {{- include "argo-cd.redisPasswordEnv" . | nindent 8 }} + {{- with .Values.repoServer.env }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- if .Values.openshift.enabled }} - name: USER_NAME value: argocd diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 0a198dc5..2c04f5df 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -59,6 +59,9 @@ spec: {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} + {{- else if and .Values.externalRedis.host .Values.externalRedis.port }} + - --redis + - {{ .Values.externalRedis.host }}:{{ .Values.externalRedis.port }} {{- end }} {{- with .Values.server.extraArgs }} {{- . | toYaml | nindent 8 }} @@ -66,9 +69,12 @@ spec: {{- if .Values.server.containerSecurityContext }} securityContext: {{- toYaml .Values.server.containerSecurityContext | nindent 10 }} {{- end }} - {{- if .Values.server.env }} + {{- if or .Values.server.env .Values.externalRedis.password .Values.externalRedis.existingSecret }} env: -{{- toYaml .Values.server.env | nindent 8 }} + {{- include "argo-cd.redisPasswordEnv" . | nindent 8 }} + {{- with .Values.server.env }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- with .Values.server.envFrom }} envFrom: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e41a3d56..8a54cf4c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -777,6 +777,18 @@ redis-ha: # -- Redis tag tag: 6.2.6-alpine +# External Redis parameters +externalRedis: + # -- External Redis server host + host: "" + # -- External Redis password + password: "" + # -- External Redis server port + port: 6379 + # -- The name of an existing secret with Redis credentials (must contain key `redis-password`). + # When it's set, the `externalRedis.password` parameter is ignored + existingSecret: "" + ## Server server: # -- Argo CD server name From 4b80adcfd875fe9e919e8b0df24b00fdd3cc0606 Mon Sep 17 00:00:00 2001 From: Ben Poland <24273909+bpoland@users.noreply.github.com> Date: Thu, 31 Mar 2022 13:31:43 -0400 Subject: [PATCH 0226/1248] feat(argo-rollouts): add dashboard permission on Deployments (#1202) * feat(argo-rollouts): add dashboard permission on Deployments - needed for Rollouts with workload referencing Signed-off-by: Ben Poland * Add podtemplates to match controller role Signed-off-by: Ben Poland --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 2 +- .../templates/dashboard/clusterrole.yaml | 11 +++++++++++ 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 64b29329..16568d83 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.2.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.12.0 +version: 2.13.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Upgrade argo-rollouts to v1.2.0" + - "[Added]: dashboard permission on Deployments" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 51d798c0..01533ed0 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -153,4 +153,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.12.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.13.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 071ba962..20a3376c 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -40,6 +40,17 @@ rules: - get - list - watch + # deployments and podtemplates read access needed for workload reference support + - apiGroups: + - "" + - apps + resources: + - deployments + - podtemplates + verbs: + - get + - list + - watch - apiGroups: - apps resources: From d542b1e426145ad50790364f78c86dbef9df9380 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sat, 2 Apr 2022 20:44:48 +0200 Subject: [PATCH 0227/1248] fix(argo-cd): Fix server.config.url and slack service account (#1208) * fix(argo-cd): Set 'server.config.url' to empty string Signed-off-by: Marco Kilchhofer * fix(argo-cd): Do not create slack service account Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 +++-- .../argocd-notifications/bots/slack/deployment.yaml | 2 +- .../templates/argocd-notifications/bots/slack/role.yaml | 2 +- .../argocd-notifications/bots/slack/rolebinding.yaml | 2 +- .../templates/argocd-notifications/bots/slack/service.yaml | 2 +- .../argocd-notifications/bots/slack/serviceaccount.yaml | 2 +- charts/argo-cd/values.yaml | 2 +- 7 files changed, 9 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c1a6b3ac..7b0020fb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.4.0 +version: 4.4.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to use external/existing Redis (eg. a managed cloud service)" + - "[Fixed]: Set 'server.config.url' to empty string so logout function can calculate the right redirect URL" + - "[Fixed]: Do not create slack service account when notifications controller is disabled" diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index d223a539..0741d2b3 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -1,4 +1,4 @@ -{{ if .Values.notifications.bots.slack.enabled }} +{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} apiVersion: apps/v1 kind: Deployment metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml index edc77213..26df5b9c 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml @@ -1,4 +1,4 @@ -{{ if .Values.notifications.bots.slack.enabled }} +{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml index 340a8850..80813f5e 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml @@ -1,4 +1,4 @@ -{{ if .Values.notifications.bots.slack.enabled }} +{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml index 631576f5..5cbbd2b1 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml @@ -1,4 +1,4 @@ -{{ if .Values.notifications.bots.slack.enabled }} +{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} apiVersion: v1 kind: Service metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml index c2d54310..bdffa2cf 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml @@ -1,4 +1,4 @@ -{{- if .Values.notifications.bots.slack.serviceAccount.create }} +{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.notifications.bots.slack.serviceAccount.automountServiceAccountToken }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8a54cf4c..14cdf057 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1152,7 +1152,7 @@ server: # @default -- See [values.yaml] config: # Argo CD's externally facing base URL (optional). Required when configuring SSO - url: https://argocd.example.com + url: "" # Argo CD instance label key application.instanceLabelKey: argocd.argoproj.io/instance From 3befa82210ea2c77dcc722c1582503700f66ae4c Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sun, 3 Apr 2022 11:13:56 +0200 Subject: [PATCH 0228/1248] feat(argo-cd): Add params to override Certificate duration and renewBefore (#1209) * feat(argo-cd): New params to override Certificate duration and renewBefore Signed-off-by: Marco Kilchhofer * chore(argo-cd): Clarify existing certificate params Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 12 +++++++----- .../templates/argocd-server/certificate.yaml | 8 +++++++- charts/argo-cd/values.yaml | 18 +++++++++++------- 4 files changed, 27 insertions(+), 16 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7b0020fb..db0820a2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.4.1 +version: 4.5.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Set 'server.config.url' to empty string so logout function can calculate the right redirect URL" - - "[Fixed]: Do not create slack service account when notifications controller is disabled" + - "[Added]: New parameters to override Certificate duration and renewBefore" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f127299d..1933754c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -402,11 +402,13 @@ NAME: my-release | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | | server.certificate.additionalHosts | list | `[]` | Certificate manager additional hosts | -| server.certificate.domain | string | `"argocd.example.com"` | Certificate manager domain | -| server.certificate.enabled | bool | `false` | Enables a certificate manager certificate | -| server.certificate.issuer.kind | string | `nil` | Certificate manager issuer | -| server.certificate.issuer.name | string | `nil` | Certificate manager name | -| server.certificate.secretName | string | `"argocd-server-tls"` | Certificate manager secret name | +| server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | +| server.certificate.duration | string | `""` | The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration | +| server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | +| server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | +| server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` | +| server.certificate.renewBefore | string | `""` | How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration | +| server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.config | object | See [values.yaml] | [General Argo CD configuration] | | server.configAnnotations | object | `{}` | Annotations to be added to Argo CD ConfigMap | diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 64241bfe..50780560 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -19,11 +19,17 @@ spec: commonName: {{ .Values.server.certificate.domain | quote }} dnsNames: - {{ .Values.server.certificate.domain | quote }} - {{- range .Values.server.certificate.additionalHosts }} + {{- range .Values.server.certificate.additionalHosts }} - {{ . | quote }} + {{- end }} + {{- with .Values.server.certificate.duration }} + duration: {{ . | quote }} {{- end }} issuerRef: kind: {{ .Values.server.certificate.issuer.kind | quote }} name: {{ .Values.server.certificate.issuer.name | quote }} + {{- with .Values.server.certificate.renewBefore }} + renewBefore: {{ . | quote }} + {{- end }} secretName: {{ .Values.server.certificate.secretName | quote }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 14cdf057..a52611c3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -926,18 +926,22 @@ server: ## Certificate configuration certificate: - # -- Enables a certificate manager certificate + # -- Deploy a Certificate resource (requires cert-manager) enabled: false - # -- Certificate manager domain + # -- Certificate primary domain (commonName) domain: argocd.example.com + # -- The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration + duration: "" + # -- How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration + renewBefore: "" issuer: - # -- Certificate manager issuer - kind: # ClusterIssuer - # -- Certificate manager name - name: # letsencrypt + # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` + kind: "" + # -- Certificate isser name. Eg. `letsencrypt` + name: "" # -- Certificate manager additional hosts additionalHosts: [] - # -- Certificate manager secret name + # -- The name of the Secret that will be automatically created and managed by this Certificate resource secretName: argocd-server-tls ## Server service configuration From 6ff050f6f57edda1e6912ef0bb17d085684e103e Mon Sep 17 00:00:00 2001 From: amirschw <24677563+amirschw@users.noreply.github.com> Date: Tue, 5 Apr 2022 14:38:02 +0300 Subject: [PATCH 0229/1248] feat(argo-rollouts): Allow defining priorityClassName (#1212) * feat(argo-rollouts): allow defining controller.priorityClassName Signed-off-by: amirschw <24677563+amirschw@users.noreply.github.com> * add priorityClassName to the dashbaord pods Signed-off-by: amirschw <24677563+amirschw@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 5 ++++- charts/argo-rollouts/README.md.gotmpl | 1 + charts/argo-rollouts/templates/controller/deployment.yaml | 3 +++ charts/argo-rollouts/templates/dashboard/deployment.yaml | 3 +++ charts/argo-rollouts/values.yaml | 4 ++++ 6 files changed, 17 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 16568d83..ef6fd97d 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.2.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.13.0 +version: 2.14.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: dashboard permission on Deployments" + - "[Added]: ability to define priorityClassName for the controller and dashboard" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 01533ed0..54806e67 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -73,6 +73,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.nodeSelector | object | `{}` | [Node selector] | +| controller.priorityClassName | string | `""` | [priorityClassName] for the controller | | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | @@ -109,6 +110,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.ingress.tls | list | `[]` | Dashboard ingress tls | | dashboard.nodeSelector | object | `{}` | [Node selector] | | dashboard.podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | +| dashboard.priorityClassName | string | `""` | [priorityClassName] for the dashboard server | | dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | | dashboard.service.annotations | object | `{}` | Service annotations | | dashboard.service.externalIPs | list | `[]` | Dashboard service external IPs | @@ -153,4 +155,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.13.0/charts/argo-rollouts/values.yaml +[priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.14.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 96078591..37305b9e 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -96,4 +96,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-{{ .Version }}/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 46795b98..ed0d4ebf 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -75,3 +75,6 @@ spec: affinity: {{- toYaml .Values.controller.affinity | nindent 8 }} {{- end }} + {{- with .Values.controller.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 94c5bcb1..e45f1acf 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -60,4 +60,7 @@ spec: affinity: {{- toYaml .Values.dashboard.affinity | nindent 8 }} {{- end }} + {{- with .Values.dashboard.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f99af0bb..b5c9f576 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -31,6 +31,8 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + # -- [priorityClassName] for the controller + priorityClassName: "" # -- The number of controller pods to run replicas: 2 image: @@ -144,6 +146,8 @@ dashboard: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + # -- [priorityClassName] for the dashboard server + priorityClassName: "" image: # -- Registry to use registry: quay.io From 2cced0487060bcae5f8fd27b8dc333f564af8399 Mon Sep 17 00:00:00 2001 From: Moustafa Baiou Date: Mon, 11 Apr 2022 10:33:16 -0400 Subject: [PATCH 0230/1248] fix(argo-cd): remove unneeded status from CRD (#1217) The CRD status field prevents certain tools from using the CRD as is. It should be populated by the api-server. Signed-off-by: Moustafa Baiou --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/crds/crd-applicationset.yaml | 6 ------ 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index db0820a2..32a2d645 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.0 +version: 4.5.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: New parameters to override Certificate duration and renewBefore" + - "[Fixed]: Removed status field from ApplicationSet CRD" diff --git a/charts/argo-cd/crds/crd-applicationset.yaml b/charts/argo-cd/crds/crd-applicationset.yaml index 08d5e94e..d2eb86c0 100644 --- a/charts/argo-cd/crds/crd-applicationset.yaml +++ b/charts/argo-cd/crds/crd-applicationset.yaml @@ -6494,9 +6494,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] From 7932e5a460890fc116a887db9c53270546dc3e42 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 12 Apr 2022 21:31:39 +0900 Subject: [PATCH 0231/1248] feat(argo-cd): Add ability to set Notification Services (#1220) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + .../argo-cd/templates/argocd-notifications/configmap.yaml | 3 +++ charts/argo-cd/values.yaml | 6 ++++++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 32a2d645..7dbf4364 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.1 +version: 4.5.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Removed status field from ApplicationSet CRD" + - "[Feat]: Add ability to set Notification Services" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1933754c..a8ef799a 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -776,6 +776,7 @@ NAME: my-release | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | +| notifications.services | object | `{}` | The notification services such as slack, email or custom webhook. This will be stored on `notifications.cm.name` ConfigMap. | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | | notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | diff --git a/charts/argo-cd/templates/argocd-notifications/configmap.yaml b/charts/argo-cd/templates/argocd-notifications/configmap.yaml index df1c9a6c..aa129895 100644 --- a/charts/argo-cd/templates/argocd-notifications/configmap.yaml +++ b/charts/argo-cd/templates/argocd-notifications/configmap.yaml @@ -24,4 +24,7 @@ data: {{- with .Values.notifications.triggers }} {{- toYaml . | nindent 2 }} {{- end }} + {{- with .Values.notifications.services }} + {{- toYaml . | nindent 2 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a52611c3..58fb5dfe 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2580,3 +2580,9 @@ notifications: # -- [Node selector] nodeSelector: {} + + # -- The notification services such as slack, email or custom webhook. This will be stored on `notifications.cm.name` ConfigMap. + ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ + services: {} + # service.slack: | + # token: $slack-token From 3c2ca2cdbe4ea6f6a93b7399bbe9fe5d6b5c136d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 12 Apr 2022 23:28:04 +0900 Subject: [PATCH 0232/1248] chore(argocd): update notification notifiers' comment (#1222) * Revert "feat(argo-cd): Add ability to set Notification Services (#1220)" This reverts commit 7932e5a460890fc116a887db9c53270546dc3e42. Signed-off-by: yu-croco * chore(argocd): update comment to clarify usecase Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 3 +-- .../argo-cd/templates/argocd-notifications/configmap.yaml | 3 --- charts/argo-cd/values.yaml | 8 +------- 4 files changed, 4 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7dbf4364..a0f22751 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.2 +version: 4.5.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Feat]: Add ability to set Notification Services" + - "[Changed]: update comment to clarify usecase" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a8ef799a..05c0dd5d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -764,7 +764,7 @@ NAME: my-release | notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | notifications.name | string | `"notifications-controller"` | Notifications controller name string | | notifications.nodeSelector | object | `{}` | [Node selector] | -| notifications.notifiers | object | See [values.yaml] | Configures notification services | +| notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods | | notifications.resources | object | `{}` | Resource limits and requests for the controller | @@ -776,7 +776,6 @@ NAME: my-release | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | -| notifications.services | object | `{}` | The notification services such as slack, email or custom webhook. This will be stored on `notifications.cm.name` ConfigMap. | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | | notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | diff --git a/charts/argo-cd/templates/argocd-notifications/configmap.yaml b/charts/argo-cd/templates/argocd-notifications/configmap.yaml index aa129895..df1c9a6c 100644 --- a/charts/argo-cd/templates/argocd-notifications/configmap.yaml +++ b/charts/argo-cd/templates/argocd-notifications/configmap.yaml @@ -24,7 +24,4 @@ data: {{- with .Values.notifications.triggers }} {{- toYaml . | nindent 2 }} {{- end }} - {{- with .Values.notifications.services }} - {{- toYaml . | nindent 2 }} - {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 58fb5dfe..91fdb231 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2188,7 +2188,7 @@ notifications: # interval: 30s # scrapeTimeout: 10s - # -- Configures notification services + # -- Configures notification services such as slack, email or custom webhook # @default -- See [values.yaml] ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ notifiers: {} @@ -2580,9 +2580,3 @@ notifications: # -- [Node selector] nodeSelector: {} - - # -- The notification services such as slack, email or custom webhook. This will be stored on `notifications.cm.name` ConfigMap. - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ - services: {} - # service.slack: | - # token: $slack-token From 5d6442b4bebd62a80bffbf701262c2c756fe186b Mon Sep 17 00:00:00 2001 From: Kevin Franklin Kim Date: Tue, 19 Apr 2022 13:01:45 +0200 Subject: [PATCH 0233/1248] feat(argo-cd): add ImagePullPolicy to repo server init container (#1228) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a0f22751..88c09e83 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.3 +version: 4.5.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: update comment to clarify usecase" + - "[Added]: added ImagePullPolicy to repo server's init containers" diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 5e796cc0..c16bd1a8 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -202,6 +202,7 @@ spec: - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} name: copyutil resources: {{- toYaml .Values.repoServer.copyutil.resources | nindent 10 }} From 21b9f14889dcc50620fa2aa2e2da0f761ec59e92 Mon Sep 17 00:00:00 2001 From: crabique Date: Fri, 22 Apr 2022 01:02:13 +0300 Subject: [PATCH 0234/1248] fix(argo-cd): redis-exporter image was migrated from quay.io to docker hub (#1235) * change quay.io to docker.io as bitnami migrated all images there Signed-off-by: crabique * Apply suggestions from code review Co-authored-by: Marko Bevc Signed-off-by: crabique Co-authored-by: crabique Co-authored-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 88c09e83..8bfeb05e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.4 +version: 4.5.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: added ImagePullPolicy to repo server's init containers" + - "[Changed]: changed redis-exporter repository to docker hub as bitami migrated their images off quay" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 05c0dd5d..44495436 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -606,7 +606,7 @@ NAME: my-release | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | | redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | -| redis.metrics.image.repository | string | `"quay.io/bitnami/redis-exporter"` | redis-exporter image repository | +| redis.metrics.image.repository | string | `"bitnami/redis-exporter"` | redis-exporter image repository | | redis.metrics.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | | redis.metrics.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.metrics.service.annotations | object | `{}` | Metrics service annotations | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 91fdb231..3b33c376 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -690,7 +690,7 @@ redis: enabled: false image: # -- redis-exporter image repository - repository: quay.io/bitnami/redis-exporter + repository: bitnami/redis-exporter # -- redis-exporter image tag tag: 1.26.0-debian-10-r2 # -- redis-exporter image PullPolicy From 99623fac0c495ad100ec494f42fad0c08e1c2798 Mon Sep 17 00:00:00 2001 From: "Ira W. Snyder" Date: Fri, 22 Apr 2022 00:09:17 -0700 Subject: [PATCH 0235/1248] feat(argo-workflows): update to Argo Workflows version 3.3.2 (#1214) * argo-workflows: update to Argo Workflows version 3.3.1 * Add WorkflowTaskResult CRD * Add associated permissions to Workflow Controller Role Signed-off-by: Ira W. Snyder * Address review comments Signed-off-by: Ira W. Snyder * Update to Argo Workflows v3.3.2 A new release is out. Signed-off-by: Ira W. Snyder --- charts/argo-workflows/Chart.yaml | 6 +- .../crds/argoproj.io_workflowtaskresults.yaml | 425 ++++++++++++++++++ .../crds/argoproj.io_workflowtasksets.yaml | 2 + .../workflow-controller-cluster-roles.yaml | 12 + 4 files changed, 442 insertions(+), 3 deletions(-) create mode 100644 charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index aeaaa148..41da5278 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.13.1 -appVersion: v3.2.9 +version: 0.14.0 +appVersion: v3.3.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing list verb to secret" + - "[Changed]: Upgraded to Argo Workflows v3.3.2" diff --git a/charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml b/charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml new file mode 100644 index 00000000..84d60f3e --- /dev/null +++ b/charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml @@ -0,0 +1,425 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workflowtaskresults.argoproj.io +spec: + group: argoproj.io + names: + kind: WorkflowTaskResult + listKind: WorkflowTaskResultList + plural: workflowtaskresults + singular: workflowtaskresult + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + message: + type: string + metadata: + type: object + outputs: + properties: + artifacts: + items: + properties: + archive: + properties: + none: + type: object + tar: + properties: + compressionLevel: + format: int32 + type: integer + type: object + zip: + type: object + type: object + archiveLogs: + type: boolean + artifactory: + properties: + passwordSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + url: + type: string + usernameSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + required: + - url + type: object + from: + type: string + fromExpression: + type: string + gcs: + properties: + bucket: + type: string + key: + type: string + serviceAccountKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + required: + - key + type: object + git: + properties: + depth: + format: int64 + type: integer + disableSubmodules: + type: boolean + fetch: + items: + type: string + type: array + insecureIgnoreHostKey: + type: boolean + passwordSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + repo: + type: string + revision: + type: string + sshPrivateKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + usernameSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + required: + - repo + type: object + globalName: + type: string + hdfs: + properties: + addresses: + items: + type: string + type: array + force: + type: boolean + hdfsUser: + type: string + krbCCacheSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + krbConfigConfigMap: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + krbKeytabSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + krbRealm: + type: string + krbServicePrincipalName: + type: string + krbUsername: + type: string + path: + type: string + required: + - path + type: object + http: + properties: + headers: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + url: + type: string + required: + - url + type: object + mode: + format: int32 + type: integer + name: + type: string + optional: + type: boolean + oss: + properties: + accessKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + bucket: + type: string + createBucketIfNotPresent: + type: boolean + endpoint: + type: string + key: + type: string + lifecycleRule: + properties: + markDeletionAfterDays: + format: int32 + type: integer + markInfrequentAccessAfterDays: + format: int32 + type: integer + type: object + secretKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + securityToken: + type: string + required: + - key + type: object + path: + type: string + raw: + properties: + data: + type: string + required: + - data + type: object + recurseMode: + type: boolean + s3: + properties: + accessKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + bucket: + type: string + createBucketIfNotPresent: + properties: + objectLocking: + type: boolean + type: object + encryptionOptions: + properties: + enableEncryption: + type: boolean + kmsEncryptionContext: + type: string + kmsKeyId: + type: string + serverSideCustomerKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + endpoint: + type: string + insecure: + type: boolean + key: + type: string + region: + type: string + roleARN: + type: string + secretKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + useSDKCreds: + type: boolean + type: object + subPath: + type: string + required: + - name + type: object + type: array + exitCode: + type: string + parameters: + items: + properties: + default: + type: string + description: + type: string + enum: + items: + type: string + type: array + globalName: + type: string + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + default: + type: string + event: + type: string + expression: + type: string + jqFilter: + type: string + jsonPath: + type: string + parameter: + type: string + path: + type: string + supplied: + type: object + type: object + required: + - name + type: object + type: array + result: + type: string + type: object + phase: + type: string + progress: + type: string + required: + - metadata + type: object + served: true + storage: true diff --git a/charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml b/charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml index 2d3c2dfa..22cf52b1 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml @@ -37,3 +37,5 @@ spec: type: object served: true storage: true + subresources: + status: {} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 81d2dcbd..a726dd4b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -35,9 +35,12 @@ rules: - "" resources: - persistentvolumeclaims + - persistentvolumeclaims/finalizers verbs: - create + - update - delete + - get - apiGroups: - argoproj.io resources: @@ -62,6 +65,15 @@ rules: - get - list - watch +- apiGroups: + - argoproj.io + resources: + - workflowtaskresults + - workflowtaskresults/finalizers + verbs: + - list + - watch + - deletecollection - apiGroups: - argoproj.io resources: From 608e39696492f137efea656b163987f1e6db56b3 Mon Sep 17 00:00:00 2001 From: Philippe Date: Fri, 22 Apr 2022 09:23:24 +0200 Subject: [PATCH 0236/1248] feat(argo-applicationset): update appVersion to 0.4.1 (#1223) * feat: update appVersion to 0.4.1 Signed-off-by: Philippe * Update changelog Signed-off-by: Philippe * fix: Also sync entrypoint.sh change from upstream Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 6 +- .../crds/crd-applicationset.yaml | 7513 +---------------- .../templates/deployment.yaml | 1 + 3 files changed, 247 insertions(+), 7273 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index e44545a6..c1d16219 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet type: application -version: 1.11.0 -appVersion: "v0.3.0" +version: 1.12.0 +appVersion: "v0.4.1" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Added]: extraContainers support in Deployment resource" + - "[Changed]: updated application version for v0.4.1 and its CRD for support of skipCrds in applications" diff --git a/charts/argocd-applicationset/crds/crd-applicationset.yaml b/charts/argocd-applicationset/crds/crd-applicationset.yaml index 27b19912..eefc196d 100644 --- a/charts/argocd-applicationset/crds/crd-applicationset.yaml +++ b/charts/argocd-applicationset/crds/crd-applicationset.yaml @@ -1,3 +1,5 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -111,6 +113,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -195,6 +201,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -210,6 +218,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -409,6 +419,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -493,6 +507,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -508,6 +524,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -709,6 +727,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -793,6 +815,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -808,6 +832,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -985,6 +1011,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -1069,6 +1099,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -1084,6 +1116,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -1291,6 +1325,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -1375,6 +1413,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -1390,6 +1430,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -1589,6 +1631,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -1673,6 +1719,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -1688,6 +1736,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -1889,6 +1939,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -1973,6 +2027,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -1988,6 +2044,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -2165,6 +2223,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -2249,6 +2311,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -2264,6 +2328,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -2388,3642 +2454,9 @@ spec: - elements type: object matrix: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - pullRequest: - properties: - github: - properties: - api: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - github: - properties: - allBranches: - type: boolean - api: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSubgroups: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - type: object - type: array - required: - - generators - type: object + x-kubernetes-preserve-unknown-fields: true merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - pullRequest: - properties: - github: - properties: - api: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - github: - properties: - allBranches: - type: boolean - api: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSubgroups: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array - required: - - generators - - mergeKeys - type: object + x-kubernetes-preserve-unknown-fields: true pullRequest: properties: github: @@ -6102,6 +2535,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -6186,6 +2623,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -6201,6 +2640,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -6324,6 +2765,29 @@ spec: type: object scmProvider: properties: + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object cloneProtocol: type: string filters: @@ -6435,6 +2899,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -6519,6 +2987,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -6534,6 +3004,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -6704,6 +3176,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -6788,6 +3264,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -6803,6 +3281,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -7010,6 +3490,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -7094,6 +3578,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -7109,6 +3595,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -7308,6 +3796,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -7392,6 +3884,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -7407,6 +3901,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -7608,6 +4104,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -7692,6 +4192,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -7707,6 +4209,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -7884,6 +4388,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -7968,6 +4476,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -7983,6 +4493,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -8107,3642 +4619,9 @@ spec: - elements type: object matrix: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - pullRequest: - properties: - github: - properties: - api: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - github: - properties: - allBranches: - type: boolean - api: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSubgroups: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - type: object - type: array - required: - - generators - type: object + x-kubernetes-preserve-unknown-fields: true merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - pullRequest: - properties: - github: - properties: - api: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - github: - properties: - allBranches: - type: boolean - api: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSubgroups: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array - required: - - generators - - mergeKeys - type: object + x-kubernetes-preserve-unknown-fields: true pullRequest: properties: github: @@ -11821,6 +4700,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -11905,6 +4788,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -11920,6 +4805,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -12043,6 +4930,29 @@ spec: type: object scmProvider: properties: + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object cloneProtocol: type: string filters: @@ -12154,6 +5064,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -12238,6 +5152,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -12253,6 +5169,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -12427,6 +5345,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -12511,6 +5433,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -12526,6 +5450,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -12728,6 +5654,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -12812,6 +5742,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -12827,6 +5759,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -12950,6 +5884,29 @@ spec: type: object scmProvider: properties: + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object cloneProtocol: type: string filters: @@ -13061,6 +6018,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -13145,6 +6106,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -13160,6 +6123,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string @@ -13335,6 +6300,10 @@ spec: type: array kind: type: string + managedFieldsManagers: + items: + type: string + type: array name: type: string namespace: @@ -13419,6 +6388,8 @@ spec: type: string type: object type: array + ignoreMissingValueFiles: + type: boolean parameters: items: properties: @@ -13434,6 +6405,8 @@ spec: type: boolean releaseName: type: string + skipCrds: + type: boolean valueFiles: items: type: string diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml index 468c21b6..309e1cfe 100644 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ b/charts/argocd-applicationset/templates/deployment.yaml @@ -33,6 +33,7 @@ spec: securityContext: {{- toYaml .Values.securityContext | nindent 12 }} command: + - entrypoint.sh - applicationset-controller - --metrics-addr={{ .Values.args.metricsAddr }} - --probe-addr={{ .Values.args.probeBindAddr }} From a90beacd485010e7e0386ae320f062bf4d2b9c5d Mon Sep 17 00:00:00 2001 From: Cameron McAvoy Date: Fri, 22 Apr 2022 03:33:46 -0500 Subject: [PATCH 0237/1248] fix(argo-cd): Include applicationset resources in aggregated ClusterRoles (#1230) Signed-off-by: Cameron McAvoy --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-aggregate-roles.yaml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8bfeb05e..860174eb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.5 +version: 4.5.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: changed redis-exporter repository to docker hub as bitami migrated their images off quay" + - "[Fixed]: applicationset resources were not included in aggregate argo cluster roles" diff --git a/charts/argo-cd/templates/argocd-aggregate-roles.yaml b/charts/argo-cd/templates/argocd-aggregate-roles.yaml index d11329a3..12d0e006 100644 --- a/charts/argo-cd/templates/argocd-aggregate-roles.yaml +++ b/charts/argo-cd/templates/argocd-aggregate-roles.yaml @@ -11,6 +11,7 @@ rules: - argoproj.io resources: - applications + - applicationsets - appprojects verbs: - get @@ -30,6 +31,7 @@ rules: - argoproj.io resources: - applications + - applicationsets - appprojects verbs: - create @@ -54,6 +56,7 @@ rules: - argoproj.io resources: - applications + - applicationsets - appprojects verbs: - create From f9fe628f86dcb6482a99e8a42007ae13c1398d9a Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 22 Apr 2022 11:42:27 +0200 Subject: [PATCH 0238/1248] chore!: Deprecate argocd-applicationset and argocd-notifications (#1236) Signed-off-by: Marco Kilchhofer --- charts/argocd-applicationset/Chart.yaml | 5 +++-- charts/argocd-notifications/Chart.yaml | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml index c1d16219..a5c7cda2 100644 --- a/charts/argocd-applicationset/Chart.yaml +++ b/charts/argocd-applicationset/Chart.yaml @@ -1,8 +1,9 @@ apiVersion: v2 name: argocd-applicationset description: A Helm chart for installing ArgoCD ApplicationSet +deprecated: true type: application -version: 1.12.0 +version: 1.12.1 appVersion: "v0.4.1" home: https://github.com/argoproj/argo-helm icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png @@ -14,4 +15,4 @@ maintainers: - name: maruina annotations: artifacthub.io/changes: | - - "[Changed]: updated application version for v0.4.1 and its CRD for support of skipCrds in applications" + - "[Deprecated]: This chart is now deprecated and will be removed soon. Please upgrade to Argo CD 2.3+ (chart version 4.x) which includes ApplicationSet." diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml index 27d5f907..7ea1d8f4 100644 --- a/charts/argocd-notifications/Chart.yaml +++ b/charts/argocd-notifications/Chart.yaml @@ -1,9 +1,10 @@ apiVersion: v2 appVersion: v1.2.1 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. +deprecated: true name: argocd-notifications type: application -version: 1.8.0 +version: 1.8.1 home: https://github.com/argoproj/argo-helm icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,4 +16,4 @@ maintainers: - name: andyfeller annotations: artifacthub.io/changes: | - - "[Added]: Ability to define security context for Slack bot deployment" + - "[Deprecated]: This chart is now deprecated and will be removed soon. Please upgrade to Argo CD 2.3+ (chart version 4.x) which includes Argo CD Notifications." From 93274f59ae83608f0527f8fbb4e25dd37e0666c0 Mon Sep 17 00:00:00 2001 From: Domonkos Cinke Date: Fri, 22 Apr 2022 11:54:54 +0200 Subject: [PATCH 0239/1248] fix(argo-cd): Remove unneeded static-files volume (#1213) * Remove unneeded static-files volume Signed-off-by: Domonkos Cinke Signed-off-by: Domonkos Cinke * Bump chart version and add changelog Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 -- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 860174eb..56bbf6d8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.6 +version: 4.5.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: applicationset resources were not included in aggregate argo cluster roles" + - "[Removed]: Drop unneeded static-files volume from argocd-server" diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 2c04f5df..4395120d 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -190,8 +190,6 @@ spec: - name: extensions emptyDir: {} {{- end }} - - emptyDir: {} - name: static-files - emptyDir: {} name: tmp-dir {{- if .Values.server.containerSecurityContext.readOnlyRootFilesystem }} From 39bd0e1b30647a87ec67e1538205a6f3f1ab54f4 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 22 Apr 2022 12:28:56 +0200 Subject: [PATCH 0240/1248] chore!: Remove deprecated argocd-applicationset and argocd-notifications (#1237) Signed-off-by: Marco Kilchhofer --- .github/ISSUE_TEMPLATE/bug_report.yaml | 2 - .github/ISSUE_TEMPLATE/feature_request.yaml | 2 - .github/configs/ct-install.yaml | 3 +- .github/workflows/lint-and-test.yml | 4 +- CODEOWNERS | 3 - CONTRIBUTING.md | 10 - charts/argocd-applicationset/.helmignore | 25 - charts/argocd-applicationset/Chart.yaml | 18 - charts/argocd-applicationset/README.md | 121 - charts/argocd-applicationset/README.md.gotmpl | 58 - .../ci/default-values.yaml | 6 - .../ci/leader-election-values.yaml | 9 - .../ci/servicemonitor-values.yaml | 7 - .../crds/crd-applicationset.yaml | 6571 ----------------- .../templates/_helpers.tpl | 86 - .../templates/deployment.yaml | 137 - .../templates/metrics-service.yaml | 25 - .../argocd-applicationset/templates/psp.yaml | 57 - .../argocd-applicationset/templates/rbac.yaml | 97 - .../templates/service.yaml | 14 - .../templates/serviceaccount.yaml | 12 - .../templates/servicemonitor.yaml | 38 - .../templates/webhook-ingress.yaml | 89 - charts/argocd-applicationset/values.yaml | 219 - charts/argocd-notifications/.helmignore | 24 - charts/argocd-notifications/Chart.yaml | 19 - charts/argocd-notifications/README.md | 92 - charts/argocd-notifications/README.md.gotmpl | 45 - .../templates/_helpers.tpl | 138 - .../templates/bots/slack/deployment.yaml | 55 - .../templates/bots/slack/role.yaml | 27 - .../templates/bots/slack/rolebinding.yaml | 13 - .../templates/bots/slack/service.yaml | 19 - .../templates/bots/slack/serviceaccount.yaml | 12 - .../templates/configmap.yaml | 27 - .../templates/deployment.yaml | 77 - .../argocd-notifications/templates/role.yaml | 42 - .../templates/rolebinding.yaml | 13 - .../templates/secret.yaml | 19 - .../templates/service-metrics.yaml | 22 - .../templates/serviceaccount.yaml | 12 - .../templates/servicemonitor.yaml | 30 - charts/argocd-notifications/values.yaml | 454 -- 43 files changed, 2 insertions(+), 8751 deletions(-) delete mode 100644 charts/argocd-applicationset/.helmignore delete mode 100644 charts/argocd-applicationset/Chart.yaml delete mode 100644 charts/argocd-applicationset/README.md delete mode 100644 charts/argocd-applicationset/README.md.gotmpl delete mode 100644 charts/argocd-applicationset/ci/default-values.yaml delete mode 100644 charts/argocd-applicationset/ci/leader-election-values.yaml delete mode 100644 charts/argocd-applicationset/ci/servicemonitor-values.yaml delete mode 100644 charts/argocd-applicationset/crds/crd-applicationset.yaml delete mode 100644 charts/argocd-applicationset/templates/_helpers.tpl delete mode 100644 charts/argocd-applicationset/templates/deployment.yaml delete mode 100644 charts/argocd-applicationset/templates/metrics-service.yaml delete mode 100644 charts/argocd-applicationset/templates/psp.yaml delete mode 100644 charts/argocd-applicationset/templates/rbac.yaml delete mode 100644 charts/argocd-applicationset/templates/service.yaml delete mode 100644 charts/argocd-applicationset/templates/serviceaccount.yaml delete mode 100644 charts/argocd-applicationset/templates/servicemonitor.yaml delete mode 100644 charts/argocd-applicationset/templates/webhook-ingress.yaml delete mode 100644 charts/argocd-applicationset/values.yaml delete mode 100644 charts/argocd-notifications/.helmignore delete mode 100644 charts/argocd-notifications/Chart.yaml delete mode 100644 charts/argocd-notifications/README.md delete mode 100644 charts/argocd-notifications/README.md.gotmpl delete mode 100644 charts/argocd-notifications/templates/_helpers.tpl delete mode 100644 charts/argocd-notifications/templates/bots/slack/deployment.yaml delete mode 100644 charts/argocd-notifications/templates/bots/slack/role.yaml delete mode 100644 charts/argocd-notifications/templates/bots/slack/rolebinding.yaml delete mode 100644 charts/argocd-notifications/templates/bots/slack/service.yaml delete mode 100644 charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml delete mode 100644 charts/argocd-notifications/templates/configmap.yaml delete mode 100644 charts/argocd-notifications/templates/deployment.yaml delete mode 100644 charts/argocd-notifications/templates/role.yaml delete mode 100644 charts/argocd-notifications/templates/rolebinding.yaml delete mode 100644 charts/argocd-notifications/templates/secret.yaml delete mode 100644 charts/argocd-notifications/templates/service-metrics.yaml delete mode 100644 charts/argocd-notifications/templates/serviceaccount.yaml delete mode 100644 charts/argocd-notifications/templates/servicemonitor.yaml delete mode 100644 charts/argocd-notifications/values.yaml diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml index 168f8edb..f69de536 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yaml +++ b/.github/ISSUE_TEMPLATE/bug_report.yaml @@ -21,9 +21,7 @@ body: - argo-events - argo-rollouts - argo-workflows - - argocd-applicationset - argocd-image-updater - - argocd-notifications - other validations: required: true diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml index 2fa38441..b755e584 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yaml +++ b/.github/ISSUE_TEMPLATE/feature_request.yaml @@ -23,9 +23,7 @@ body: - argo-events - argo-rollouts - argo-workflows - - argocd-applicationset - argocd-image-updater - - argocd-notifications - other validations: required: true diff --git a/.github/configs/ct-install.yaml b/.github/configs/ct-install.yaml index e991d382..f2b9dc9e 100644 --- a/.github/configs/ct-install.yaml +++ b/.github/configs/ct-install.yaml @@ -15,5 +15,4 @@ validate-chart-schema: false validate-maintainers: true validate-yaml: true exclude-deprecated: true -excluded-charts: - - "argocd-applicationset" +excluded-charts: [] diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index a658e4e6..6343c8eb 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -50,9 +50,7 @@ jobs: - name: Deploy latest ArgoCD CRDs when testing ArgoCD extensions if: | - contains(steps.list-changed.outputs.changed_charts, 'argocd-applicationset') || - contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') || - contains(steps.list-changed.outputs.changed_charts, 'argocd-notifications') + contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') run: | kubectl apply -f charts/argo-cd/crds diff --git a/CODEOWNERS b/CODEOWNERS index b59e2f21..acd42f9b 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -14,6 +14,3 @@ # Argo Rollouts /charts/argo-rollouts/ - -# Argo CD Notifications -/charts/argocd-notifications/ @alexmt @andyfeller @mbevc1 diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c7ea64e7..d5873f86 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -119,16 +119,6 @@ argocd app create guestbook --dest-namespace default --dest-server https://kuber argocd app sync guestbook ``` -## Testing Argo CD Notification Changes - -Thorough testing of argocd-notifications would require one or more notification services (Slack, OpsGenie, etc), however -minimal testing mostly consists of successful Helm chart installation and the argocd-notifications controller having -access to the `Application` resources in the same namespace that Argo CD is installed. - -``` -helm install argocd-notifications charts/argocd-notifications --namespace argocd -``` - ## New Application Versions When raising application versions ensure you make the following changes: diff --git a/charts/argocd-applicationset/.helmignore b/charts/argocd-applicationset/.helmignore deleted file mode 100644 index ee9c40f0..00000000 --- a/charts/argocd-applicationset/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -ci/ -*.gotmpl diff --git a/charts/argocd-applicationset/Chart.yaml b/charts/argocd-applicationset/Chart.yaml deleted file mode 100644 index a5c7cda2..00000000 --- a/charts/argocd-applicationset/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v2 -name: argocd-applicationset -description: A Helm chart for installing ArgoCD ApplicationSet -deprecated: true -type: application -version: 1.12.1 -appVersion: "v0.4.1" -home: https://github.com/argoproj/argo-helm -icon: https://argocd-applicationset.readthedocs.io/en/stable/assets/logo.png -keywords: - - argoproj - - appset - - gitops -maintainers: - - name: maruina -annotations: - artifacthub.io/changes: | - - "[Deprecated]: This chart is now deprecated and will be removed soon. Please upgrade to Argo CD 2.3+ (chart version 4.x) which includes ApplicationSet." diff --git a/charts/argocd-applicationset/README.md b/charts/argocd-applicationset/README.md deleted file mode 100644 index 7a678f83..00000000 --- a/charts/argocd-applicationset/README.md +++ /dev/null @@ -1,121 +0,0 @@ -# Argo CD ApplicationSet Chart - -A Helm chart for Argo CD ApplicationSet, a controller to programmatically generate Argo CD Application. - -Source code can be found [here](https://github.com/argoproj-labs/applicationset/) - -## Additional Information - -This is a **community maintained** chart. This chart installs the [applicationset](https://github.com/argoproj-labs/applicationset) controller. - -This chart currently installs the non-HA version of Argo CD ApplicationSet. - -## Prerequisites - -- Helm v3.0.0+ -- The ApplicationSet controller **must** be installed into the same namespace as the Argo CD it is targetting. - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -$ helm repo add argo https://argoproj.github.io/argo-helm -"argo" has been added to your repositories - -$ helm install --name my-release argo/argocd-applicationset -NAME: my-release -... -``` - -### Testing - -Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing). - -```console -kind create cluster -kubectl create namespace argocd -kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml -ct install --namespace argocd -``` - -## Notes on CRD Installation - -Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. - -You then can install the CRDs manually from `crds` folder or via the manifests from the upstream project repo: - -```console -kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref= - -# Eg. version v0.1.0 -kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=v0.1.0 -``` - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | -| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | -| args.argocdRepoServer | string | `"argocd-repo-server:8081"` | The default Argo CD repo server address | -| args.debug | bool | `false` | Print debug logs | -| args.dryRun | bool | `false` | Enable dry run mode | -| args.enableLeaderElection | bool | `false` | The default leader election setting | -| args.metricsAddr | string | `":8080"` | The default metric address | -| args.namespace | string | `""` | Namespace where ArgoCD is deployed to (defaults to .Release.Namespace) | -| args.policy | string | `"sync"` | How application is synced between the generator and the cluster | -| args.probeBindAddr | string | `":8081"` | The default health check port | -| extraArgs | list | `[]` | List of extra cli args to add | -| extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | -| extraEnv | list | `[]` | Environment variables to pass to the controller | -| extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | -| extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | -| extraVolumes | list | `[]` | List of extra volumes to add | -| fullnameOverride | string | `""` | Override the default fully qualified app name | -| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | -| image.repository | string | `"quay.io/argoproj/argocd-applicationset"` | The image repository | -| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | -| imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | -| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | -| metrics.enabled | bool | `false` | Deploy metrics service | -| metrics.service.annotations | object | `{}` | Metrics service annotations | -| metrics.service.labels | object | `{}` | Metrics service labels | -| metrics.service.servicePort | int | `8085` | Metrics service port | -| metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | -| metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | -| metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | -| metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | -| metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | -| metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | -| metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | -| mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` | -| mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume | -| mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume | -| mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume | -| nameOverride | string | `""` | Provide a name in place of `argocd-applicationset` | -| nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | -| podAnnotations | object | `{}` | Annotations for the controller pods | -| podLabels | object | `{}` | Labels for the controller pods | -| podSecurityContext | object | `{}` | Pod Security Context | -| priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | -| rbac.pspEnabled | bool | `true` | Enable Pod Security Policy | -| replicaCount | int | `1` | The number of controller pods to run | -| resources | object | `{}` | Resource limits and requests for the controller pods. | -| securityContext | object | `{}` | Security Context | -| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | -| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | -| tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | -| webhook.ingress.annotations | object | `{}` | Additional ingress annotations | -| webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | -| webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | -| webhook.ingress.hosts | list | `[]` | List of ingress hosts | -| webhook.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | -| webhook.ingress.labels | object | `{}` | Additional ingress labels | -| webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | -| webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths | -| webhook.ingress.tls | list | `[]` | Ingress TLS configuration | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argocd-applicationset/README.md.gotmpl b/charts/argocd-applicationset/README.md.gotmpl deleted file mode 100644 index 5468053b..00000000 --- a/charts/argocd-applicationset/README.md.gotmpl +++ /dev/null @@ -1,58 +0,0 @@ -# Argo CD ApplicationSet Chart - -A Helm chart for Argo CD ApplicationSet, a controller to programmatically generate Argo CD Application. - -Source code can be found [here](https://github.com/argoproj-labs/applicationset/) - -## Additional Information - -This is a **community maintained** chart. This chart installs the [applicationset](https://github.com/argoproj-labs/applicationset) controller. - -This chart currently installs the non-HA version of Argo CD ApplicationSet. - -## Prerequisites - -- Helm v3.0.0+ -- The ApplicationSet controller **must** be installed into the same namespace as the Argo CD it is targetting. - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -$ helm repo add argo https://argoproj.github.io/argo-helm -"argo" has been added to your repositories - -$ helm install --name my-release argo/argocd-applicationset -NAME: my-release -... -``` - -### Testing - -Users can test the chart with [kind](https://kind.sigs.k8s.io/) and [ct](https://github.com/helm/chart-testing). - -```console -kind create cluster -kubectl create namespace argocd -kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml -ct install --namespace argocd -``` - -## Notes on CRD Installation - -Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. - -You then can install the CRDs manually from `crds` folder or via the manifests from the upstream project repo: - -```console -kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref= - -# Eg. version v0.1.0 -kubectl apply -k https://github.com/argoproj-labs/applicationset.git/manifests/crds?ref=v0.1.0 -``` - -{{ template "chart.valuesSection" . }} - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argocd-applicationset/ci/default-values.yaml b/charts/argocd-applicationset/ci/default-values.yaml deleted file mode 100644 index adb55437..00000000 --- a/charts/argocd-applicationset/ci/default-values.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# Test with default values - -# Disable mounts of ArgoCD related ConfigMaps as ArgoCD isn't installed during chart testing -mountSSHKnownHostsVolume: false -mountTLSCertsVolume: false -mountGPGKeysVolume: false diff --git a/charts/argocd-applicationset/ci/leader-election-values.yaml b/charts/argocd-applicationset/ci/leader-election-values.yaml deleted file mode 100644 index 8baa26dc..00000000 --- a/charts/argocd-applicationset/ci/leader-election-values.yaml +++ /dev/null @@ -1,9 +0,0 @@ -args: - enableLeaderElection: true - -replicaCount: 3 - -# Disable mounts of ArgoCD related ConfigMaps as ArgoCD isn't installed during chart testing -mountSSHKnownHostsVolume: false -mountTLSCertsVolume: false -mountGPGKeysVolume: false diff --git a/charts/argocd-applicationset/ci/servicemonitor-values.yaml b/charts/argocd-applicationset/ci/servicemonitor-values.yaml deleted file mode 100644 index 61bc0901..00000000 --- a/charts/argocd-applicationset/ci/servicemonitor-values.yaml +++ /dev/null @@ -1,7 +0,0 @@ -metrics: - enabled: true - -# Disable mounts of ArgoCD related ConfigMaps as ArgoCD isn't installed during chart testing -mountSSHKnownHostsVolume: false -mountTLSCertsVolume: false -mountGPGKeysVolume: false diff --git a/charts/argocd-applicationset/crds/crd-applicationset.yaml b/charts/argocd-applicationset/crds/crd-applicationset.yaml deleted file mode 100644 index eefc196d..00000000 --- a/charts/argocd-applicationset/crds/crd-applicationset.yaml +++ /dev/null @@ -1,6571 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.3.0 - creationTimestamp: null - name: applicationsets.argoproj.io -spec: - group: argoproj.io - names: - kind: ApplicationSet - listKind: ApplicationSetList - plural: applicationsets - shortNames: - - appset - - appsets - singular: applicationset - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - pullRequest: - properties: - github: - properties: - api: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - github: - properties: - allBranches: - type: boolean - api: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSubgroups: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - pullRequest: - properties: - github: - properties: - api: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - github: - properties: - allBranches: - type: boolean - api: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSubgroups: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - pullRequest: - properties: - github: - properties: - api: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - github: - properties: - allBranches: - type: boolean - api: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSubgroups: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - type: object - type: object - type: array - syncPolicy: - properties: - preserveResourcesOnDeletion: - type: boolean - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - ksonnet: - properties: - environment: - type: string - parameters: - items: - properties: - component: - type: string - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - generators - - template - type: object - status: - properties: - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - message - - reason - - status - - type - type: object - type: array - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/charts/argocd-applicationset/templates/_helpers.tpl b/charts/argocd-applicationset/templates/_helpers.tpl deleted file mode 100644 index 5cdc123d..00000000 --- a/charts/argocd-applicationset/templates/_helpers.tpl +++ /dev/null @@ -1,86 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "argo-applicationset.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "argo-applicationset.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "argo-applicationset.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "argo-applicationset.labels" -}} -helm.sh/chart: {{ include "argo-applicationset.chart" . }} -{{ include "argo-applicationset.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/part-of: argo-cd-applicationset -app.kubernetes.io/component: controller -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "argo-applicationset.selectorLabels" -}} -app.kubernetes.io/name: {{ include "argo-applicationset.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "argo-applicationset.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "argo-applicationset.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Return the target Kubernetes version -*/}} -{{- define "argo-applicationset.kubeVersion" -}} - {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} -{{- end -}} - -{{/* -Return the appropriate apiVersion for ingress -*/}} -{{- define "argo-applicationset.ingress.apiVersion" -}} -{{- if .Values.apiVersionOverrides.ingress -}} -{{- print .Values.apiVersionOverrides.ingress -}} -{{- else if semverCompare "<1.14-0" (include "argo-applicationset.kubeVersion" $) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "argo-applicationset.kubeVersion" $) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} diff --git a/charts/argocd-applicationset/templates/deployment.yaml b/charts/argocd-applicationset/templates/deployment.yaml deleted file mode 100644 index 309e1cfe..00000000 --- a/charts/argocd-applicationset/templates/deployment.yaml +++ /dev/null @@ -1,137 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "argo-applicationset.fullname" . }} - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - {{- include "argo-applicationset.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "argo-applicationset.selectorLabels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "argo-applicationset.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - command: - - entrypoint.sh - - applicationset-controller - - --metrics-addr={{ .Values.args.metricsAddr }} - - --probe-addr={{ .Values.args.probeBindAddr }} - {{- if or (gt ( .Values.replicaCount | int64) 1) .Values.args.enableLeaderElection }} - - --enable-leader-election=true - {{- end }} - - --namespace={{ .Values.args.namespace | default .Release.Namespace }} - - --argocd-repo-server={{ .Values.args.argocdRepoServer }} - - --policy={{ .Values.args.policy }} - - --debug={{ .Values.args.debug }} - - --dry-run={{ .Values.args.dryRun }} - {{- with .Values.extraArgs }} - {{- toYaml . | nindent 12 }} - {{- end }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - name: http - containerPort: {{ (split ":" .Values.args.probeBindAddr)._1 }} - protocol: TCP - - name: metrics - containerPort: {{ (split ":" .Values.args.metricsAddr)._1 }} - protocol: TCP - - name: webhook - containerPort: 7000 - protocol: TCP - {{- with .Values.extraEnv }} - env: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.extraEnvFrom }} - envFrom: - {{- toYaml . | nindent 12 }} - {{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - - mountPath: /tmp - name: tmp-dir - {{- if .Values.mountSSHKnownHostsVolume }} - - mountPath: /app/config/ssh - name: ssh-known-hosts - {{- end }} - {{- if .Values.mountTLSCertsVolume }} - - mountPath: /app/config/tls - name: tls-certs - {{- end }} - {{- if .Values.mountGPGKeysVolume }} - - mountPath: /app/config/gpg/source - name: gpg-keys - {{- end }} - {{- if .Values.mountGPGKeyringVolume }} - - mountPath: /app/config/gpg/keys - name: gpg-keyring - {{- end }} - {{- with .Values.extraVolumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.extraContainers }} - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - emptyDir: {} - name: tmp-dir - {{- if .Values.mountSSHKnownHostsVolume }} - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - {{- end }} - {{- if .Values.mountTLSCertsVolume }} - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - {{- end }} - {{- if .Values.mountGPGKeysVolume }} - - configMap: - name: argocd-gpg-keys-cm - name: gpg-keys - {{- end }} - {{- if .Values.mountGPGKeyringVolume }} - - emptyDir: {} - name: gpg-keyring - {{- end }} - {{- with .Values.extraVolumes }} - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} diff --git a/charts/argocd-applicationset/templates/metrics-service.yaml b/charts/argocd-applicationset/templates/metrics-service.yaml deleted file mode 100644 index b929dfc1..00000000 --- a/charts/argocd-applicationset/templates/metrics-service.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: - {{- if .Values.metrics.service.annotations }} - annotations: - {{- range $key, $value := .Values.metrics.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} - {{- with .Values.metrics.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - name: {{ template "argo-applicationset.fullname" . }}-metrics -spec: - ports: - - name: metrics - protocol: TCP - port: {{ .Values.metrics.service.servicePort }} - targetPort: metrics - selector: - {{- include "argo-applicationset.selectorLabels" . | nindent 4 }} -{{- end }} diff --git a/charts/argocd-applicationset/templates/psp.yaml b/charts/argocd-applicationset/templates/psp.yaml deleted file mode 100644 index dbb75854..00000000 --- a/charts/argocd-applicationset/templates/psp.yaml +++ /dev/null @@ -1,57 +0,0 @@ -{{- if .Values.rbac.pspEnabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "argo-applicationset.fullname" . }} - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} - annotations: - seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*' -spec: - privileged: false - hostIPC: false - hostNetwork: false - hostPID: false - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - allowedCapabilities: - - '*' - fsGroup: - rule: RunAsAny - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - '*' ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "argo-applicationset.fullname" . }}-psp - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} -rules: - - apiGroups: ['policy'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "argo-applicationset.fullname" . }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "argo-applicationset.fullname" . }}-psp - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "argo-applicationset.fullname" . }}-psp -subjects: - - kind: ServiceAccount - name: {{ template "argo-applicationset.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -{{- end }} diff --git a/charts/argocd-applicationset/templates/rbac.yaml b/charts/argocd-applicationset/templates/rbac.yaml deleted file mode 100644 index 1181e3d2..00000000 --- a/charts/argocd-applicationset/templates/rbac.yaml +++ /dev/null @@ -1,97 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "argo-applicationset.fullname" . }} - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} -rules: - - apiGroups: - - argoproj.io - resources: - - applications - - appprojects - - applicationsets - - applicationsets/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - argoproj.io - resources: - - applicationsets/status - verbs: - - get - - patch - - update - - apiGroups: - - "" - resources: - - events - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps - - extensions - resources: - - deployments - verbs: - - get - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - delete - - get - - list - - patch - - update - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "argo-applicationset.fullname" . }} - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "argo-applicationset.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ include "argo-applicationset.serviceAccountName" . }} diff --git a/charts/argocd-applicationset/templates/service.yaml b/charts/argocd-applicationset/templates/service.yaml deleted file mode 100644 index 550bfbbe..00000000 --- a/charts/argocd-applicationset/templates/service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "argo-applicationset.fullname" . }} - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} -spec: - ports: - - name: webhook - port: 7000 - protocol: TCP - targetPort: webhook - selector: - {{- include "argo-applicationset.selectorLabels" . | nindent 6 }} diff --git a/charts/argocd-applicationset/templates/serviceaccount.yaml b/charts/argocd-applicationset/templates/serviceaccount.yaml deleted file mode 100644 index 1e3c2eaa..00000000 --- a/charts/argocd-applicationset/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "argo-applicationset.serviceAccountName" . }} - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/argocd-applicationset/templates/servicemonitor.yaml b/charts/argocd-applicationset/templates/servicemonitor.yaml deleted file mode 100644 index fe3a614c..00000000 --- a/charts/argocd-applicationset/templates/servicemonitor.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "argo-applicationset.fullname" . }} - {{- if .Values.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.metrics.serviceMonitor.namespace }} - {{- end }} - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} - {{- with .Values.metrics.serviceMonitor.selector }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.metrics.serviceMonitor.additionalLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - {{- with .Values.metrics.serviceMonitor.interval }} - interval: {{ . }} - {{- end }} - path: /metrics - {{- with .Values.metrics.serviceMonitor.relabelings }} - relabelings: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: - {{- toYaml . | nindent 8 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{- include "argo-applicationset.selectorLabels" . | nindent 6 }} -{{- end }} diff --git a/charts/argocd-applicationset/templates/webhook-ingress.yaml b/charts/argocd-applicationset/templates/webhook-ingress.yaml deleted file mode 100644 index 2f58d88d..00000000 --- a/charts/argocd-applicationset/templates/webhook-ingress.yaml +++ /dev/null @@ -1,89 +0,0 @@ -{{- if .Values.webhook.ingress.enabled -}} -{{- $serviceName := include "argo-applicationset.fullname" . -}} -{{- $servicePort := "webhook" -}} -{{- $paths := .Values.webhook.ingress.paths -}} -{{- $extraPaths := .Values.webhook.ingress.extraPaths -}} -{{- $pathType := .Values.webhook.ingress.pathType -}} -apiVersion: {{ include "argo-applicationset.ingress.apiVersion" . }} -kind: Ingress -metadata: -{{- if .Values.webhook.ingress.annotations }} - annotations: - {{- range $key, $value := .Values.webhook.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - name: {{ include "argo-applicationset.fullname" . }} - labels: - {{- include "argo-applicationset.labels" . | nindent 4 }} - {{- if .Values.webhook.ingress.labels }} - {{- toYaml .Values.webhook.ingress.labels | nindent 4 }} - {{- end }} -spec: - {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} - {{- with .Values.webhook.ingress.ingressClassName }} - ingressClassName: {{ . }} - {{- end }} - {{- end }} - rules: - {{- if .Values.webhook.ingress.hosts }} - {{- range $host := .Values.webhook.ingress.hosts }} - - host: {{ $host }} - http: - paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end }} - {{- range $p := $paths }} - - path: {{ $p }} - {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: {{ $pathType }} - {{- end }} - backend: - {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} - service: - name: {{ $serviceName }} - port: - {{- if kindIs "float64" $servicePort }} - number: {{ $servicePort }} - {{- else }} - name: {{ $servicePort }} - {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} - {{- end -}} - {{- end -}} - {{- else }} - - http: - paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end }} - {{- range $p := $paths }} - - path: {{ $p }} - {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} - pathType: {{ $pathType }} - {{- end }} - backend: - {{- if eq (include "argo-applicationset.ingress.apiVersion" $) "networking.k8s.io/v1" }} - service: - name: {{ $serviceName }} - port: - {{- if kindIs "float64" $servicePort }} - number: {{ $servicePort }} - {{- else }} - name: {{ $servicePort }} - {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} - {{- end -}} - {{- end -}} - {{- if .Values.webhook.ingress.tls }} - tls: - {{- toYaml .Values.webhook.ingress.tls | nindent 4 }} - {{- end -}} -{{- end -}} diff --git a/charts/argocd-applicationset/values.yaml b/charts/argocd-applicationset/values.yaml deleted file mode 100644 index d51853e3..00000000 --- a/charts/argocd-applicationset/values.yaml +++ /dev/null @@ -1,219 +0,0 @@ -# Default values for argo-applicationset. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# -- The number of controller pods to run -replicaCount: 1 - -image: - # -- The image repository - repository: quay.io/argoproj/argocd-applicationset - # -- Image pull policy - pullPolicy: IfNotPresent - # -- Overrides the image tag whose default is the chart appVersion. - tag: "" - -args: - # -- The default metric address - metricsAddr: :8080 - # -- The default health check port - probeBindAddr: :8081 - # -- The default leader election setting - enableLeaderElection: false - # -- Namespace where ArgoCD is deployed to (defaults to .Release.Namespace) - namespace: "" - # -- The default Argo CD repo server address - argocdRepoServer: argocd-repo-server:8081 - # -- How application is synced between the generator and the cluster - policy: sync - # -- Print debug logs - debug: false - # -- Enable dry run mode - dryRun: false - -# -- Additional containers to be added to the applicationset controller pod -extraContainers: [] - - ## Metrics service configuration -metrics: - # -- Deploy metrics service - enabled: false - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 8085 - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: false - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: {} - # prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "" # monitoring - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - -# -- If defined, uses a Secret to pull an image from a private Docker registry or repository. -imagePullSecrets: [] -# -- Provide a name in place of `argocd-applicationset` -nameOverride: "" -# -- Override the default fully qualified app name -fullnameOverride: "" - -serviceAccount: - # -- Specifies whether a service account should be created - create: true - # -- Annotations to add to the service account - annotations: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -# -- Annotations for the controller pods -podAnnotations: {} - -# -- Labels for the controller pods -podLabels: {} - -rbac: - # -- Enable Pod Security Policy - pspEnabled: true - -# -- Pod Security Context -podSecurityContext: {} - # fsGroup: 2000 - -# -- Security Context -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -# -- Resource limits and requests for the controller pods. -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -# -- [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) -nodeSelector: {} - -# -- [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) -tolerations: [] - -# -- [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) -affinity: {} - -# -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. -priorityClassName: "" - -# -- Mount the `argocd-ssh-known-hosts-cm` volume -mountSSHKnownHostsVolume: true -# -- Mount the `argocd-tls-certs-cm` volume -mountTLSCertsVolume: true -# -- Mount the `argocd-gpg-keys-cm` volume -mountGPGKeysVolume: false -# -- Mount an emptyDir volume for `gpg-keyring` -mountGPGKeyringVolume: true - -# -- List of extra mounts to add (normally used with extraVolumes) -extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - -# -- List of extra volumes to add -extraVolumes: [] - # - name: foobar - # emptyDir: {} - -# -- List of extra cli args to add -extraArgs: [] - # - --loglevel=warn - -# -- Environment variables to pass to the controller -extraEnv: [] - # - name: "MY_VAR" - # value: "value" - -# -- envFrom to pass to the controller -# @default -- `[]` (See [values.yaml]) -extraEnvFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name - -# -- Override the Kubernetes version, which is used to evaluate certain manifests -kubeVersionOverride: "" - -## Override APIVersions -## If you want to template helm charts but cannot access k8s API server -## you can set api versions here -apiVersionOverrides: - # -- String to override apiVersion of ingresses rendered by this helm chart - ingress: "" # networking.k8s.io/v1beta1 - -## Webhook for the Git Generator -## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) -webhook: - ingress: - # -- Enable an ingress resource for Webhooks - enabled: false - # -- Additional ingress annotations - annotations: {} - # -- Additional ingress labels - labels: {} - # -- Defines which ingress controller will implement the resource - ingressClassName: "" - - # -- List of ingress hosts - ## Hostnames must be provided if Ingress is enabled. - ## Secrets must be manually created in the namespace - hosts: [] - # - argocd-applicationset.example.com - - # -- List of ingress paths - paths: - - /api/webhook - # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` - pathType: Prefix - # -- Additional ingress paths - extraPaths: [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: use-annotation - - # -- Ingress TLS configuration - tls: [] - # - secretName: argocd-applicationset-tls - # hosts: - # - argocd-applicationset.example.com diff --git a/charts/argocd-notifications/.helmignore b/charts/argocd-notifications/.helmignore deleted file mode 100644 index 26179658..00000000 --- a/charts/argocd-notifications/.helmignore +++ /dev/null @@ -1,24 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -ci/ -*.gotmpl diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml deleted file mode 100644 index 7ea1d8f4..00000000 --- a/charts/argocd-notifications/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v2 -appVersion: v1.2.1 -description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. -deprecated: true -name: argocd-notifications -type: application -version: 1.8.1 -home: https://github.com/argoproj/argo-helm -icon: https://argocd-notifications.readthedocs.io/en/stable/assets/logo.png -keywords: - - argoproj - - argocd - - argocd-notifications -maintainers: - - name: alexmt - - name: andyfeller -annotations: - artifacthub.io/changes: | - - "[Deprecated]: This chart is now deprecated and will be removed soon. Please upgrade to Argo CD 2.3+ (chart version 4.x) which includes Argo CD Notifications." diff --git a/charts/argocd-notifications/README.md b/charts/argocd-notifications/README.md deleted file mode 100644 index ec7caf6c..00000000 --- a/charts/argocd-notifications/README.md +++ /dev/null @@ -1,92 +0,0 @@ -## ArgoCD Notifications Chart - -This is a **community maintained** chart. It installs the [argocd-notifications](https://github.com/argoproj-labs/argocd-notifications) application. This application comes packaged with: -- Notifications Controller Deployment -- Notifications Controller ConfigMap -- Notifications Controller Secret -- Service Account -- Roles -- Role Bindings - -To regenerate this document, from the root of this chart directory run: - -```console -docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest -``` - -## Values - -### General parameters - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| affinity | object | `{}` | Assign custom [affinity] rules | -| argocdUrl | string | `nil` | ArgoCD dashboard url; used in place of {{.context.argocdUrl}} in templates | -| cm.create | bool | `true` | Whether helm chart creates controller config map | -| cm.name | string | `""` | The name of the config map to use. | -| containerSecurityContext | object | `{}` | Container Security Context | -| context | object | `{}` | Define user-defined context | -| extraArgs | list | `[]` | Extra arguments to provide to the controller | -| extraEnv | list | `[]` | Additional container environment variables | -| fullnameOverride | string | `""` | String to partially override "argocd-notifications.fullname" template | -| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the controller | -| image.repository | string | `"argoprojlabs/argocd-notifications"` | Repository to use for the controller | -| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | -| imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | -| logLevel | string | `"info"` | Set the logging level. (One of: `debug`, `info`, `warn`, `error`) | -| metrics.enabled | bool | `false` | Enables prometheus metrics server | -| metrics.port | int | `9001` | Metrics port | -| metrics.service.annotations | object | `{}` | Metrics service annotations | -| metrics.service.labels | object | `{}` | Metrics service labels | -| metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | -| metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | -| nameOverride | string | `"argocd-notifications"` | String to partially override "argocd-notifications.fullname" template | -| nodeSelector | object | `{}` | [Node selector] | -| notifiers | object | See [values.yaml] | Configures notification services | -| podAnnotations | object | `{}` | Annotations to be applied to the controller Pods | -| podLabels | object | `{}` | Labels to be applied to the controller Pods | -| resources | object | `{}` | Resource limits and requests for the controller | -| secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | -| secret.create | bool | `true` | Whether helm chart creates controller secret | -| secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | -| secret.name | string | `""` | The name of the secret to use. | -| securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | -| serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | -| subscriptions | object | `{}` | Contains centrally managed global application subscriptions | -| templates | object | `{}` | The notification template is used to generate the notification content | -| tolerations | list | `[]` | [Tolerations] for use with node taints | -| triggers | object | `{}` | The trigger defines the condition when the notification should be sent | -| updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | - -### Bots - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | -| bots.slack.containerSecurityContext | object | `{}` | Container Security Context | -| bots.slack.enabled | bool | `false` | Enable slack bot | -| bots.slack.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the Slack bot | -| bots.slack.image.repository | string | `"argoprojlabs/argocd-notifications"` | Repository to use for the Slack bot | -| bots.slack.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | -| bots.slack.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | -| bots.slack.nodeSelector | object | `{}` | [Node selector] | -| bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | -| bots.slack.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | -| bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | -| bots.slack.service.port | int | `80` | Service port for Slack bot | -| bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | -| bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | -| bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | -| bots.slack.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) - -[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ -[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[values.yaml]: values.yaml diff --git a/charts/argocd-notifications/README.md.gotmpl b/charts/argocd-notifications/README.md.gotmpl deleted file mode 100644 index de0184ec..00000000 --- a/charts/argocd-notifications/README.md.gotmpl +++ /dev/null @@ -1,45 +0,0 @@ -## ArgoCD Notifications Chart - -This is a **community maintained** chart. It installs the [argocd-notifications](https://github.com/argoproj-labs/argocd-notifications) application. This application comes packaged with: -- Notifications Controller Deployment -- Notifications Controller ConfigMap -- Notifications Controller Secret -- Service Account -- Roles -- Role Bindings - -To regenerate this document, from the root of this chart directory run: - -```console -docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest -``` - -## Values - -### General parameters - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -{{- range .Values }} - {{- if not (hasPrefix "bots" .Key) }} -| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | - {{- end }} -{{- end }} - -### Bots - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -{{- range .Values }} - {{- if hasPrefix "bots" .Key }} -| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | - {{- end }} -{{- end }} - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) - -[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ -[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[values.yaml]: values.yaml diff --git a/charts/argocd-notifications/templates/_helpers.tpl b/charts/argocd-notifications/templates/_helpers.tpl deleted file mode 100644 index fa7d89d0..00000000 --- a/charts/argocd-notifications/templates/_helpers.tpl +++ /dev/null @@ -1,138 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "argocd-notifications.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "argocd-notifications.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "argocd-notifications.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "argocd-notifications.labels" -}} -helm.sh/chart: {{ include "argocd-notifications.chart" . }} -{{ include "argocd-notifications.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - -{{/* -Common metrics labels -*/}} -{{- define "argocd-notifications.metrics.labels" -}} -helm.sh/chart: {{ include "argocd-notifications.chart" . }} -{{ include "argocd-notifications.metrics.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - - -{{/* -Common slack bot labels -*/}} -{{- define "argocd-notifications.bots.slack.labels" -}} -helm.sh/chart: {{ include "argocd-notifications.chart" . }} -{{ include "argocd-notifications.bots.slack.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - -{{/* -Selector labels -*/}} -{{- define "argocd-notifications.selectorLabels" -}} -app.kubernetes.io/name: {{ include "argocd-notifications.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{/* -Selector metrics labels -*/}} -{{- define "argocd-notifications.metrics.selectorLabels" -}} -app.kubernetes.io/name: {{ include "argocd-notifications.name" . }}-metrics -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{/* -Selector slack bot labels -*/}} -{{- define "argocd-notifications.bots.slack.selectorLabels" -}} -app.kubernetes.io/name: {{ include "argocd-notifications.name" . }}-bot -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "argocd-notifications.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "argocd-notifications.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the bot service account to use -*/}} -{{- define "argocd-notifications.bots.slack.serviceAccountName" -}} -{{- if .Values.bots.slack.serviceAccount.create -}} - {{ default (printf "%s-bot" (include "argocd-notifications.fullname" .)) .Values.bots.slack.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.bots.slack.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the secret to use -*/}} -{{- define "argocd-notifications.secretName" -}} -{{- if .Values.secret.create -}} - {{ default (printf "%s-secret" (include "argocd-notifications.fullname" .)) .Values.secret.name }} -{{- else -}} - {{ default "argocd-notifications-secret" .Values.secret.name }} -{{- end -}} -{{- end -}} - - -{{/* -Create the name of the configmap to use -*/}} -{{- define "argocd-notifications.configMapName" -}} -{{- if .Values.cm.create -}} - {{ default (printf "%s-cm" (include "argocd-notifications.fullname" .)) .Values.cm.name }} -{{- else -}} - {{ default "argocd-notifications-cm" .Values.cm.name }} -{{- end -}} -{{- end -}} diff --git a/charts/argocd-notifications/templates/bots/slack/deployment.yaml b/charts/argocd-notifications/templates/bots/slack/deployment.yaml deleted file mode 100644 index 1230034a..00000000 --- a/charts/argocd-notifications/templates/bots/slack/deployment.yaml +++ /dev/null @@ -1,55 +0,0 @@ -{{ if .Values.bots.slack.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "argocd-notifications.name" . }}-bot - labels: - {{- include "argocd-notifications.bots.slack.labels" . | nindent 4 }} -spec: - strategy: - {{- .Values.bots.slack.updateStrategy | toYaml | nindent 4 }} - selector: - matchLabels: - {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.bots.slack.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} - {{- with .Values.bots.slack.securityContext }} - securityContext: {{- toYaml . | nindent 8 }} - {{- end }} - containers: - - name: {{ include "argocd-notifications.name" . }}-bot - image: "{{ .Values.bots.slack.image.repository }}:{{ default .Chart.AppVersion .Values.bots.slack.image.tag }}" - imagePullPolicy: {{ .Values.bots.slack.image.pullPolicy }} - resources: - {{- toYaml .Values.bots.slack.resources | nindent 12 }} - command: - - /app/argocd-notifications-backend - - bot - workingDir: /app - ports: - - containerPort: 8080 - name: http - {{- with .Values.bots.slack.containerSecurityContext }} - securityContext: {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.bots.slack.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.bots.slack.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.bots.slack.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} -{{ end }} diff --git a/charts/argocd-notifications/templates/bots/slack/role.yaml b/charts/argocd-notifications/templates/bots/slack/role.yaml deleted file mode 100644 index 5193a109..00000000 --- a/charts/argocd-notifications/templates/bots/slack/role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{ if .Values.bots.slack.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "argocd-notifications.name" . }}-bot -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - get - - list - - watch - - update - - patch -{{ end }} diff --git a/charts/argocd-notifications/templates/bots/slack/rolebinding.yaml b/charts/argocd-notifications/templates/bots/slack/rolebinding.yaml deleted file mode 100644 index 6a87bb49..00000000 --- a/charts/argocd-notifications/templates/bots/slack/rolebinding.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{ if .Values.bots.slack.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "argocd-notifications.name" . }}-bot -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "argocd-notifications.name" . }}-bot -subjects: -- kind: ServiceAccount - name: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} -{{ end }} diff --git a/charts/argocd-notifications/templates/bots/slack/service.yaml b/charts/argocd-notifications/templates/bots/slack/service.yaml deleted file mode 100644 index c31ad935..00000000 --- a/charts/argocd-notifications/templates/bots/slack/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{ if .Values.bots.slack.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "argocd-notifications.name" . }}-bot - {{- if .Values.bots.slack.service.annotations }} - annotations: - {{- toYaml .Values.bots.slack.service.annotations | nindent 4 }} - {{- end }} -spec: - ports: - - name: http - port: {{ .Values.bots.slack.service.port }} - protocol: TCP - targetPort: http - selector: - {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 4 }} - type: {{ .Values.bots.slack.service.type }} -{{ end }} diff --git a/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml b/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml deleted file mode 100644 index f888811c..00000000 --- a/charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.bots.slack.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} - labels: - {{- include "argocd-notifications.bots.slack.labels" . | nindent 4 }} - {{- with .Values.bots.slack.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{ end }} -{{ end }} diff --git a/charts/argocd-notifications/templates/configmap.yaml b/charts/argocd-notifications/templates/configmap.yaml deleted file mode 100644 index a9c00b6f..00000000 --- a/charts/argocd-notifications/templates/configmap.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{ if .Values.cm.create }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "argocd-notifications.configMapName" . }} - labels: - {{- include "argocd-notifications.labels" . | nindent 4 }} -data: - context: | - argocdUrl: {{ .Values.argocdUrl | quote }} - {{- with .Values.context }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.notifiers }} - {{- toYaml . | nindent 2 }} - {{- end }} - {{- with .Values.subscriptions }} - subscriptions: | - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.templates }} - {{- toYaml . | nindent 2 }} - {{- end }} - {{- with .Values.triggers }} - {{- toYaml . | nindent 2 }} - {{- end }} -{{- end }} diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml deleted file mode 100644 index b7458166..00000000 --- a/charts/argocd-notifications/templates/deployment.yaml +++ /dev/null @@ -1,77 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "argocd-notifications.name" . }}-controller - labels: - {{- include "argocd-notifications.labels" . | nindent 4 }} -spec: - strategy: - {{- .Values.updateStrategy | toYaml | nindent 4 }} - selector: - matchLabels: - {{- include "argocd-notifications.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- if .Values.podAnnotations }} - annotations: - {{- range $key, $value := .Values.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - labels: - {{- include "argocd-notifications.selectorLabels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "argocd-notifications.serviceAccountName" . }} - {{- if .Values.securityContext }} - securityContext: {{- toYaml .Values.securityContext | nindent 8 }} - {{- end }} - containers: - - name: {{ include "argocd-notifications.name" . }}-controller - image: "{{ .Values.image.repository }}:{{ default .Chart.AppVersion .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - command: - - /app/argocd-notifications-backend - - controller - - --loglevel={{ .Values.logLevel }} - {{- if .Values.metrics.enabled }} - - --metrics-port={{ .Values.metrics.port }} - {{- end }} - - --secret-name={{ include "argocd-notifications.secretName" . }} - - --config-map-name={{ include "argocd-notifications.configMapName" . }} - {{- range .Values.extraArgs }} - - {{ . | squote }} - {{- end }} - workingDir: /app - ports: - {{- if .Values.metrics.enabled }} - - containerPort: {{ .Values.metrics.port }} - name: metrics - protocol: TCP - {{- end }} - {{- if .Values.containerSecurityContext }} - securityContext: {{- toYaml .Values.containerSecurityContext | nindent 12 }} - {{- end }} - {{- with .Values.extraEnv }} - env: {{ toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/argocd-notifications/templates/role.yaml b/charts/argocd-notifications/templates/role.yaml deleted file mode 100644 index 0b07afd7..00000000 --- a/charts/argocd-notifications/templates/role.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "argocd-notifications.name" . }}-controller - labels: - {{- include "argocd-notifications.labels" . | nindent 4 }} -rules: -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - - secrets - verbs: - - list - - watch -- apiGroups: - - "" - resourceNames: - - {{ include "argocd-notifications.name" . }}-cm - resources: - - configmaps - verbs: - - get -- apiGroups: - - "" - resourceNames: - - {{ include "argocd-notifications.name" . }}-secret - resources: - - secrets - verbs: - - get \ No newline at end of file diff --git a/charts/argocd-notifications/templates/rolebinding.yaml b/charts/argocd-notifications/templates/rolebinding.yaml deleted file mode 100644 index d3be3f9d..00000000 --- a/charts/argocd-notifications/templates/rolebinding.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "argocd-notifications.name" . }}-controller - labels: - {{- include "argocd-notifications.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "argocd-notifications.name" . }}-controller -subjects: -- kind: ServiceAccount - name: {{ include "argocd-notifications.serviceAccountName" . }} diff --git a/charts/argocd-notifications/templates/secret.yaml b/charts/argocd-notifications/templates/secret.yaml deleted file mode 100644 index 38dadadf..00000000 --- a/charts/argocd-notifications/templates/secret.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{ if .Values.secret.create }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "argocd-notifications.secretName" . }} - labels: - {{- include "argocd-notifications.labels" . | nindent 4 }} - {{- if .Values.secret.annotations }} - annotations: - {{- range $key, $value := .Values.secret.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -type: Opaque -stringData: - {{- with .Values.secret.items }} - {{ toYaml . | nindent 2 }} - {{- end }} -{{- end }} diff --git a/charts/argocd-notifications/templates/service-metrics.yaml b/charts/argocd-notifications/templates/service-metrics.yaml deleted file mode 100644 index aea5d90e..00000000 --- a/charts/argocd-notifications/templates/service-metrics.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "argocd-notifications.name" . }}-metrics - labels: - {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} - {{- with .Values.metrics.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.metrics.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - selector: - {{- include "argocd-notifications.selectorLabels" . | nindent 4 }} - ports: - - name: metrics - port: {{ .Values.metrics.port }} - targetPort: {{ .Values.metrics.port }} -{{- end }} diff --git a/charts/argocd-notifications/templates/serviceaccount.yaml b/charts/argocd-notifications/templates/serviceaccount.yaml deleted file mode 100644 index 418b6800..00000000 --- a/charts/argocd-notifications/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "argocd-notifications.serviceAccountName" . }} - labels: - {{- include "argocd-notifications.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/argocd-notifications/templates/servicemonitor.yaml b/charts/argocd-notifications/templates/servicemonitor.yaml deleted file mode 100644 index b04851f3..00000000 --- a/charts/argocd-notifications/templates/servicemonitor.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "argocd-notifications.name" . }}-metrics - {{- if .Values.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.metrics.serviceMonitor.namespace }} - {{- end }} - labels: - {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} - {{- if .Values.metrics.serviceMonitor.additionalLabels }} - {{- toYaml .Values.metrics.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - path: /metrics - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{- include "argocd-notifications.metrics.selectorLabels" . | nindent 6 }} -{{- end }} diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml deleted file mode 100644 index c5e5be06..00000000 --- a/charts/argocd-notifications/values.yaml +++ /dev/null @@ -1,454 +0,0 @@ -# -- Assign custom [affinity] rules -affinity: {} - -# -- ArgoCD dashboard url; used in place of {{.context.argocdUrl}} in templates -argocdUrl: - -# -- String to partially override "argocd-notifications.fullname" template -fullnameOverride: "" - -image: - # -- Repository to use for the controller - repository: argoprojlabs/argocd-notifications - # -- Overrides the image tag whose default is the chart appVersion - tag: "" - # -- Image pull policy for the controller - pullPolicy: IfNotPresent - -# -- Secrets with credentials to pull images from a private registry -imagePullSecrets: [] - -# -- String to partially override "argocd-notifications.fullname" template -nameOverride: "argocd-notifications" - -# -- [Node selector] -nodeSelector: {} - -# -- The deployment strategy to use to replace existing pods with new ones -updateStrategy: - type: Recreate - -# -- Define user-defined context -## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/#defining-user-defined-context -context: {} - # region: east - # environmentName: staging - -secret: - # -- Whether helm chart creates controller secret - create: true - - # -- key:value pairs of annotations to be added to the secret - annotations: {} - - # -- The name of the secret to use. - ## If not set and create is true, the default name 'argocd-notifications-secret' is used - name: "" - - # -- Generic key:value pairs to be inserted into the secret - ## Can be used for templates, notification services etc. Some examples given below. - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ - items: {} - # slack-token: - # # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/slack/ - - # grafana-apiKey: - # # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/grafana/ - - # webhooks-github-token: - - # email-username: - # email-password: - # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ - -# -- Set the logging level. (One of: `debug`, `info`, `warn`, `error`) -logLevel: info - -# -- Extra arguments to provide to the controller -extraArgs: [] - -metrics: - # -- Enables prometheus metrics server - enabled: false - # -- Metrics port - port: 9001 - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: false - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - # namespace: monitoring - # interval: 30s - # scrapeTimeout: 10s - -# -- Additional container environment variables -extraEnv: [] - -# -- Configures notification services -# @default -- See [values.yaml] -## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ -notifiers: - service.slack: | - token: $slack-token - -# -- Annotations to be applied to the controller Pods -podAnnotations: {} - -# -- Labels to be applied to the controller Pods -podLabels: {} - -# -- Pod Security Context -securityContext: - runAsNonRoot: true - -# -- Container Security Context -containerSecurityContext: {} - -# -- Resource limits and requests for the controller -resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -serviceAccount: - # -- Specifies whether a service account should be created - create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template - name: argocd-notifications-controller - - # -- Annotations applied to created service account - annotations: {} - -cm: - # -- Whether helm chart creates controller config map - create: true - - # -- The name of the config map to use. - ## If not set and create is true, the default name 'argocd-notifications-cm' is used - name: "" - -# -- Contains centrally managed global application subscriptions -## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ -subscriptions: {} - # # subscription for on-sync-status-unknown trigger notifications - # - recipients: - # - slack:test2 - # - email:test@gmail.com - # triggers: - # - on-sync-status-unknown - # # subscription restricted to applications with matching labels only - # - recipients: - # - slack:test3 - # selector: test=true - # triggers: - # - on-sync-status-unknown - -# -- The notification template is used to generate the notification content -## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/ -templates: {} - # template.app-deployed: | - # email: - # subject: New version of an application {{.app.metadata.name}} is up and running. - # message: | - # {{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} is now running new version of deployments manifests. - # slack: - # attachments: | - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#18be52", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # }, - # { - # "title": "Revision", - # "value": "{{.app.status.sync.revision}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-health-degraded: | - # email: - # subject: Application {{.app.metadata.name}} has degraded. - # message: | - # {{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} has degraded. - # Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. - # slack: - # attachments: |- - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#f4c030", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-sync-failed: | - # email: - # subject: Failed to sync application {{.app.metadata.name}}. - # message: | - # {{if eq .serviceType "slack"}}:exclamation:{{end}} The sync operation of application {{.app.metadata.name}} has failed at {{.app.status.operationState.finishedAt}} with the following error: {{.app.status.operationState.message}} - # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . - # slack: - # attachments: |- - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#E96D76", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-sync-running: | - # email: - # subject: Start syncing application {{.app.metadata.name}}. - # message: | - # The sync operation of application {{.app.metadata.name}} has started at {{.app.status.operationState.startedAt}}. - # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . - # slack: - # attachments: |- - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#0DADEA", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-sync-status-unknown: | - # email: - # subject: Application {{.app.metadata.name}} sync status is 'Unknown' - # message: | - # {{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} sync is 'Unknown'. - # Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. - # {{if ne .serviceType "slack"}} - # {{range $c := .app.status.conditions}} - # * {{$c.message}} - # {{end}} - # {{end}} - # slack: - # attachments: |- - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#E96D76", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-sync-succeeded: | - # email: - # subject: Application {{.app.metadata.name}} has been successfully synced. - # message: | - # {{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} has been successfully synced at {{.app.status.operationState.finishedAt}}. - # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . - # slack: - # attachments: "[{\n \"title\": \"{{ .app.metadata.name}}\",\n \"title_link\":\"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}\",\n \"color\": \"#18be52\",\n \"fields\": [\n {\n \"title\": \"Sync Status\",\n \"value\": \"{{.app.status.sync.status}}\",\n \"short\": true\n },\n {\n \"title\": \"Repository\",\n \"value\": \"{{.app.spec.source.repoURL}}\",\n \"short\": true\n }\n {{range $index, $c := .app.status.conditions}}\n {{if not $index}},{{end}}\n {{if $index}},{{end}}\n {\n \"title\": \"{{$c.type}}\",\n \"value\": \"{{$c.message}}\",\n \"short\": true\n }\n {{end}}\n ]\n}] " - -# -- [Tolerations] for use with node taints -tolerations: [] - -# -- The trigger defines the condition when the notification should be sent -## For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/ -triggers: {} - # trigger.on-deployed: | - # - description: Application is synced and healthy. Triggered once per commit. - # oncePer: app.status.sync.revision - # send: - # - app-deployed - # when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy' - # trigger.on-health-degraded: | - # - description: Application has degraded - # send: - # - app-health-degraded - # when: app.status.health.status == 'Degraded' - # trigger.on-sync-failed: | - # - description: Application syncing has failed - # send: - # - app-sync-failed - # when: app.status.operationState.phase in ['Error', 'Failed'] - # trigger.on-sync-running: | - # - description: Application is being synced - # send: - # - app-sync-running - # when: app.status.operationState.phase in ['Running'] - # trigger.on-sync-status-unknown: | - # - description: Application status is 'Unknown' - # send: - # - app-sync-status-unknown - # when: app.status.sync.status == 'Unknown' - # trigger.on-sync-succeeded: | - # - description: Application syncing has succeeded - # send: - # - app-sync-succeeded - # when: app.status.operationState.phase in ['Succeeded'] - # - # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers - # defaultTriggers: | - # - on-sync-status-unknown - -## The optional bot component simplifies managing subscriptions -## For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ -bots: - slack: - # -- Enable slack bot - ## You have to set secret.notifiers.slack.signingSecret - enabled: false - - # -- The deployment strategy to use to replace existing pods with new ones - updateStrategy: - type: Recreate - - image: - # -- Repository to use for the Slack bot - repository: argoprojlabs/argocd-notifications - # -- Overrides the image tag whose default is the chart appVersion - tag: "" - # -- Image pull policy for the Slack bot - pullPolicy: IfNotPresent - - # -- Secrets with credentials to pull images from a private registry - imagePullSecrets: [] - - service: - # -- Service annotations for Slack bot - annotations: {} - # -- Service port for Slack bot - port: 80 - # -- Service type for Slack bot - type: LoadBalancer - - serviceAccount: - # -- Specifies whether a service account should be created - create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template - name: argocd-notifications-bot - - # -- Annotations applied to created service account - annotations: {} - - # -- Pod Security Context - securityContext: - runAsNonRoot: true - - # -- Container Security Context - containerSecurityContext: {} - - # -- Resource limits and requests for the Slack bot - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - # -- Assign custom [affinity] rules - affinity: {} - - # -- [Tolerations] for use with node taints - tolerations: [] - - # -- [Node selector] - nodeSelector: {} From 9279b6133123ed5bb5c7010325f00d722cbe69b8 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 22 Apr 2022 15:54:01 +0200 Subject: [PATCH 0241/1248] chore(CODEOWNERS): Move mkilchhofer from generic to argo-cd (#1238) Signed-off-by: Marco Kilchhofer --- CODEOWNERS | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index acd42f9b..7627dc16 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,13 +1,13 @@ # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners -# All charts -/charts/ @mkilchhofer @oliverbaehler +# Other and new charts +/charts/ @oliverbaehler # Argo Workflows /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 +/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer # Argo Events /charts/argo-events/ @jbehling @VaibhavPage From 9b2cffea093a3bfd8fe95044d557bc605c2c74ed Mon Sep 17 00:00:00 2001 From: David Collom Date: Sat, 23 Apr 2022 08:25:34 +0100 Subject: [PATCH 0242/1248] feat(argo-events): Adding additional RBAC for leader election (#1242) * Issue 1565: Adding additional RBAC for leader election Signed-off-by: David Collom * Adding Additional RBAC for Events Signed-off-by: David Collom * Use consistent indent style Signed-off-by: Marco Kilchhofer * Bump minor chart version and add changelog Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 4 ++-- .../templates/argo-events-cluster-roles.yaml | 19 +++++++++++++++++++ .../templates/argo-events-roles.yaml | 19 +++++++++++++++++++ 3 files changed, 40 insertions(+), 2 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f5783785..977749af 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: A Helm chart to install Argo-Events in k8s Cluster name: argo-events -version: 1.12.0 +version: 1.13.0 keywords: - argo-events - sensor-controller @@ -17,4 +17,4 @@ icon: https://argoproj.github.io/argo-events/assets/logo.png home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Added]: Add aggregate-roles (sync with upstream manifests)" + - "[Added]: Additional RBAC for leader election" diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index cef1ad2e..efdd6101 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -28,6 +28,25 @@ rules: {{- with .Values.additionalServiceAccountRules }} {{- toYaml . | nindent 2 }} {{- end }} + - apiGroups: + - "" + resources: + - "events" + verbs: + - "create" + - "patch" + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - argoproj.io verbs: diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml index 7406073c..b8e81eff 100644 --- a/charts/argo-events/templates/argo-events-roles.yaml +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -30,6 +30,25 @@ rules: {{- with .Values.additionalServiceAccountRules }} {{- toYaml . | nindent 2 }} {{- end }} + - apiGroups: + - "" + resources: + - "events" + verbs: + - "create" + - "patch" + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - argoproj.io verbs: From d869c8fc686d1b90de14313bf6669c3c84859538 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 30 Apr 2022 14:30:56 +0200 Subject: [PATCH 0243/1248] chore(argo-cd): Document how to upgrade CRDs (#1251) * chore(argo-cd): Document how to upgrade CRDs Signed-off-by: Petr Drastil * feat(argo-cd): Update chart version and changelog Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 13 +++++++++++++ charts/argo-cd/README.md.gotmpl | 13 +++++++++++++ 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 56bbf6d8..71067d29 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.7 +version: 4.5.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: Drop unneeded static-files volume from argocd-server" + - "[Added]: Document how to upgrade CRDs" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 44495436..33fff9bf 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -82,6 +82,19 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### Custom resource definitions + +Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). + +Please use `kubectl` to upgrade CRDs manually: + +```sh +kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-4.5.8/charts/argo-cd/crds/crd-application.yaml +kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-4.5.8/charts/argo-cd/crds/crd-applicationset.yaml +kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-4.5.8/charts/argo-cd/crds/crd-extension.yaml +kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-4.5.8/charts/argo-cd/crds/crd-project.yaml +``` + ### 4.3.* With this minor version, the notification notifier's `service.slack` is no longer configured by default. diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 3f58e445..494db478 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -82,6 +82,19 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading +### Custom resource definitions + +Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). + +Please use `kubectl` to upgrade CRDs manually: + +```sh +kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-{{ template "chart.version" . }}/charts/argo-cd/crds/crd-application.yaml +kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-{{ template "chart.version" . }}/charts/argo-cd/crds/crd-applicationset.yaml +kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-{{ template "chart.version" . }}/charts/argo-cd/crds/crd-extension.yaml +kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-{{ template "chart.version" . }}/charts/argo-cd/crds/crd-project.yaml +``` + ### 4.3.* With this minor version, the notification notifier's `service.slack` is no longer configured by default. From 0869e629f49b6540b8c793467a92a0f9c126fc5d Mon Sep 17 00:00:00 2001 From: sondre engen Date: Sun, 1 May 2022 13:44:32 +0200 Subject: [PATCH 0244/1248] fix(argo-workflows): Add missing workflow permission (#1247) * feat(argo-events): Adding additional RBAC for leader election (#1242) * Issue 1565: Adding additional RBAC for leader election Signed-off-by: David Collom * Adding Additional RBAC for Events Signed-off-by: David Collom * Use consistent indent style Signed-off-by: Marco Kilchhofer * Bump minor chart version and add changelog Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer Signed-off-by: Sondre Engen * Add missing permission to workflow sa Signed-off-by: Sondre Engen * chore(argo-cd): Document how to upgrade CRDs (#1251) * chore(argo-cd): Document how to upgrade CRDs Signed-off-by: Petr Drastil * feat(argo-cd): Update chart version and changelog Signed-off-by: Petr Drastil Signed-off-by: Sondre Engen * Update chart version Signed-off-by: Sondre Engen * Added changelog Signed-off-by: Sondre Engen Co-authored-by: David Collom Co-authored-by: Marco Kilchhofer Co-authored-by: Petr Drastil --- charts/argo-workflows/Chart.yaml | 4 ++-- .../argo-workflows/templates/controller/workflow-role.yaml | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 41da5278..025d1f5a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.14.0 +version: 0.14.1 appVersion: v3.3.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Upgraded to Argo Workflows v3.3.2" + - "[Fixed]: Add missing create verb to workflowtaskresults for the workflow role" diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 66ad9328..fc227ea6 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -24,6 +24,12 @@ rules: verbs: - get - watch + - apiGroups: + - argoproj.io + resources: + - workflowtaskresults + verbs: + - create {{- end }} {{- end }} From b4dbec9994ff512bfe887af040d4b1a0e9763314 Mon Sep 17 00:00:00 2001 From: Marko Bevc Date: Wed, 4 May 2022 17:39:10 +0100 Subject: [PATCH 0245/1248] docs(argo-cd): Update README and remove template deps (#1258) * Update README and remove template deps Signed-off-by: Marko Bevc * Update Chart version and amend changelog Signed-off-by: Marko Bevc * Update Chart docs and use upstream CDRs Signed-off-by: Marko Bevc --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 12 ++++++------ charts/argo-cd/README.md.gotmpl | 12 ++++++------ 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 71067d29..d67ddee2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.8 +version: 4.5.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Document how to upgrade CRDs" + - "[Fix]: Remove version dependencies in README for CRD paths" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 33fff9bf..bfc7327f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -86,13 +86,13 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). -Please use `kubectl` to upgrade CRDs manually: +Please use `kubectl` to upgrade CRDs manually from [crds](crds/) folder or via the manifests from the upstream project repo: -```sh -kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-4.5.8/charts/argo-cd/crds/crd-application.yaml -kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-4.5.8/charts/argo-cd/crds/crd-applicationset.yaml -kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-4.5.8/charts/argo-cd/crds/crd-extension.yaml -kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-4.5.8/charts/argo-cd/crds/crd-project.yaml +```bash +kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref= + +# Eg. version v2.3.3 +kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref=v2.3.3 ``` ### 4.3.* diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 494db478..7ab487cc 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -86,13 +86,13 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). -Please use `kubectl` to upgrade CRDs manually: +Please use `kubectl` to upgrade CRDs manually from [crds](crds/) folder or via the manifests from the upstream project repo: -```sh -kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-{{ template "chart.version" . }}/charts/argo-cd/crds/crd-application.yaml -kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-{{ template "chart.version" . }}/charts/argo-cd/crds/crd-applicationset.yaml -kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-{{ template "chart.version" . }}/charts/argo-cd/crds/crd-extension.yaml -kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-helm/argo-cd-{{ template "chart.version" . }}/charts/argo-cd/crds/crd-project.yaml +```bash +kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref= + +# Eg. version v2.3.3 +kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref=v2.3.3 ``` ### 4.3.* From 4a55fbef290eab1c210d1c28d3a31641350b138c Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 5 May 2022 23:59:18 +0200 Subject: [PATCH 0246/1248] fix(argo-cd): Use global imagePullPolicy for Dex (#1250) * fix(argo-cd): Use global imagePullPolicy for Dex Signed-off-by: Petr Drastil * fix(argo-cd): Fix imagePullPolicy for ApplicationSet Signed-off-by: Petr Drastil * Use default image pull policy for applicationset Signed-off-by: Petr Drastil * Bump chart version Signed-off-by: Petr Drastil * Update documentatioj Signed-off-by: Petr Drastil * Update changelog Signed-off-by: Petr Drastil * Update changelog Signed-off-by: Petr Drastil * Remove default comments Signed-off-by: Petr Drastil * Bump chart version Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 8 +++++--- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d67ddee2..d2f2bf75 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.9 +version: 4.5.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fix]: Remove version dependencies in README for CRD paths" + - "[Fixed]: Use global imagePullPolicy for Dex by default" + - "[Fixed]: ApplicationSet imagePullPolicy variable in values.yaml" + - "[Fixed]: Use global imagePullPolicy for ApplicationSet by default" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bfc7327f..e60f1789 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -548,7 +548,7 @@ NAME: my-release | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.extraVolumeMounts | list | `[]` | Extra volumeMounts to the dex pod | | dex.extraVolumes | list | `[]` | Extra volumes to the dex pod | -| dex.image.imagePullPolicy | string | `"IfNotPresent"` | Dex imagePullPolicy | +| dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | | dex.image.tag | string | `"v2.30.2"` | Dex image tag | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | @@ -688,7 +688,7 @@ NAME: my-release | applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | | applicationSet.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | applicationSet.extraVolumes | list | `[]` | List of extra volumes to add | -| applicationSet.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the application set controller | +| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application set controller | | applicationSet.image.repository | string | `"quay.io/argoproj/argocd-applicationset"` | Repository to use for the application set controller | | applicationSet.image.tag | string | `"v0.4.1"` | Tag to use for the application set controller | | applicationSet.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 1707f6fe..b23aeb63 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -52,7 +52,7 @@ spec: containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} - imagePullPolicy: {{ .Values.dex.image.imagePullPolicy }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.image.imagePullPolicy }} command: - /shared/argocd-dex - rundex diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3b33c376..e2db1edc 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -397,7 +397,8 @@ dex: # -- Dex image tag tag: v2.30.2 # -- Dex imagePullPolicy - imagePullPolicy: IfNotPresent + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" initImage: # -- Argo CD init image repository # @default -- `""` (defaults to global.image.repository) @@ -1890,10 +1891,11 @@ applicationSet: image: # -- Repository to use for the application set controller repository: quay.io/argoproj/argocd-applicationset - # -- Image pull policy for the application set controller - pullPolicy: IfNotPresent # -- Tag to use for the application set controller tag: "v0.4.1" + # -- Image pull policy for the application set controller + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" args: # -- The default metric address From 021a5a0c1f88df846d60f5c6628411626f4836d1 Mon Sep 17 00:00:00 2001 From: Lukas Date: Sat, 7 May 2022 22:58:33 +0200 Subject: [PATCH 0247/1248] fix(argo-cd): use global imagePullSecret value for notifications deployment (#1253) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(argo-cd): use global imagePullSecret value for notifications deployment Signed-off-by: Höhl, Lukas * chore(argo-cd): rerun helm docs Signed-off-by: Höhl, Lukas * chore(argo-cd): bump version Signed-off-by: Höhl, Lukas * Drop unnecessary newline Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 ++---- .../argo-cd/templates/argocd-notifications/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d2f2bf75..805d249d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.10 +version: 4.5.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,6 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Use global imagePullPolicy for Dex by default" - - "[Fixed]: ApplicationSet imagePullPolicy variable in values.yaml" - - "[Fixed]: Use global imagePullPolicy for ApplicationSet by default" + - "[Fixed]: Use global imagePullSecret value for notfications deployment" diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index a6371a66..faae4d3d 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -27,7 +27,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.notifications.imagePullSecrets }} + {{- with .Values.notifications.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} From ef70ad9eddfff2c93a4545034bfc4d63d9463dc4 Mon Sep 17 00:00:00 2001 From: Lukas Date: Mon, 9 May 2022 21:18:11 +0200 Subject: [PATCH 0248/1248] fix(argo-cd): global.securityContext merging (#1255) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(argo-cd): global.securityContext merging merge global.securityContext into local (applicationset, notifications) values Signed-off-by: Höhl, Lukas * chore(argo-cd): bump version and add artifacthub changes Signed-off-by: Höhl, Lukas * fix(argo-cd): wrong value for applicationSet podSecurityContext Signed-off-by: Höhl, Lukas * fix(argo-cd): rerun helm-docs Signed-off-by: Höhl, Lukas * chore(argo-cd): bump version Signed-off-by: Höhl, Lukas Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- .../templates/argocd-notifications/bots/slack/deployment.yaml | 4 +--- charts/argo-cd/templates/argocd-notifications/deployment.yaml | 4 +--- 4 files changed, 5 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 805d249d..43ea6731 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.11 +version: 4.5.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Use global imagePullSecret value for notfications deployment" + - "[Fixed]: Consider global securityContext for notifications and applicationset deployment" diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 80b0bf5a..131e7504 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -30,7 +30,7 @@ spec: {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} securityContext: - {{- toYaml .Values.applicationSet.podSecurityContext | nindent 8 }} + {{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.applicationSet.podSecurityContext) | nindent 8 }} containers: - name: {{ .Values.applicationSet.name }} securityContext: diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index 0741d2b3..8561406e 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -21,9 +21,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} - {{- with .Values.notifications.bots.slack.securityContext }} - securityContext: {{- toYaml . | nindent 8 }} - {{- end }} + securityContext: {{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.notifications.securityContext) | nindent 8 }} containers: - name: {{ template "argo-cd.notifications.fullname" . }}-bot image: {{ default .Values.global.image.repository .Values.notifications.bots.slack.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.bots.slack.image.tag }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index faae4d3d..b2594a59 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -32,9 +32,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} - {{- if .Values.notifications.securityContext }} - securityContext: {{- toYaml .Values.notifications.securityContext | nindent 8 }} - {{- end }} + securityContext: {{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.notifications.securityContext) | nindent 8 }} containers: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} From b849ee97750355de0e3dfa46a105c62b501f3a5e Mon Sep 17 00:00:00 2001 From: Lieven Govaerts Date: Mon, 9 May 2022 21:37:11 +0200 Subject: [PATCH 0249/1248] docs(argo-workflows): Fix typos and add missing words in README (#1248) * Fix typos and add missing words in README.md No real content changes, just textual improvements. * Bump version and add changelog Signed-off-by: Marco Kilchhofer * Sync changes README.md -> README.md.gotmpl Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 10 +++++----- charts/argo-workflows/README.md.gotmpl | 10 +++++----- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 025d1f5a..df7abbc4 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.14.1 +version: 0.14.2 appVersion: v3.3.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing create verb to workflowtaskresults for the workflow role" + - "[Fixed]: Fix typos and add missing words in README" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 02e420eb..ac032034 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -1,23 +1,23 @@ # Argo Workflows Chart -This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). +This is a **community maintained** chart. It is used to set up argo and its needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo-workflows), you should deploy it in the `kube-system` namespace. ## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to do create these. +This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to create these. A few options are: -- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec +- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions ## Usage Notes ### Workflow controller -This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. +This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. ### Workflow server authentication @@ -217,7 +217,7 @@ Fields to note: 1. switched to quay.io as the default registry for all images 1. removed any included usage of Minio 1. aligned the configuration of serviceAccounts with the argo-cd chart, ie: what used to be `server.createServiceAccount` is now `server.serviceAccount.create` -1. moved the previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` +1. moved the field previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [links]: https://argoproj.github.io/argo-workflows/links/ diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 3f9a0121..4f5fe410 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -1,23 +1,23 @@ # Argo Workflows Chart -This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). +This is a **community maintained** chart. It is used to set up argo and its needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo-workflows), you should deploy it in the `kube-system` namespace. ## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to do create these. +This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to create these. A few options are: -- Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec +- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions ## Usage Notes ### Workflow controller -This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. +This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. ### Workflow server authentication @@ -115,7 +115,7 @@ Fields to note: 1. switched to quay.io as the default registry for all images 1. removed any included usage of Minio 1. aligned the configuration of serviceAccounts with the argo-cd chart, ie: what used to be `server.createServiceAccount` is now `server.serviceAccount.create` -1. moved the previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` +1. moved the field previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [links]: https://argoproj.github.io/argo-workflows/links/ From bfad95fe775d62ff35fdf8a6780de3a186f6bc56 Mon Sep 17 00:00:00 2001 From: Bikramdeep Singh Date: Mon, 9 May 2022 12:51:05 -0700 Subject: [PATCH 0250/1248] fix(argo-workflows): Setting default `ContainerRuntimeExecutor` to emissary (#1243) * set default ContainerRuntimeExecutor to emissary bumping argo-workflows helm chart to 0.14.1 Signed-off-by: Bikram * Update docs Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index df7abbc4..4e172e45 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.14.2 +version: 0.14.3 appVersion: v3.3.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Fix typos and add missing words in README" + - "[Fixed]: Setting default ContainerRuntimeExecutor to emissary" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index ac032034..db550341 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -65,7 +65,7 @@ Fields to note: |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | -| controller.containerRuntimeExecutor | string | `"docker"` | Specifies the container runtime interface to use (one of: `docker`, `kubelet`, `k8sapi`, `pns`, `emissary`) | +| controller.containerRuntimeExecutor | string | `"emissary"` | Specifies the container runtime interface to use (one of: `docker`, `kubelet`, `k8sapi`, `pns`, `emissary`) | | controller.containerRuntimeExecutors | list | `[]` | Specifies the executor to use. This has precedence over `controller.containerRuntimeExecutor`. | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 765d5924..1fae66e5 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -170,7 +170,7 @@ controller: # -- Specifies the container runtime interface to use (one of: `docker`, `kubelet`, `k8sapi`, `pns`, `emissary`) ## Ref: https://argoproj.github.io/argo-workflows/workflow-executors/ - containerRuntimeExecutor: docker + containerRuntimeExecutor: emissary # -- Specifies the executor to use. This has precedence over `controller.containerRuntimeExecutor`. containerRuntimeExecutors: [] # - name: emissary From 645f70ff98aefe6aa690fad727e9851471995125 Mon Sep 17 00:00:00 2001 From: John Clark Date: Mon, 9 May 2022 21:24:14 +0100 Subject: [PATCH 0251/1248] fix(argo-workflows): Quick fix for failing deployment when using image digests (#1206) * Added short tag function and updated templates Signed-off-by: John Clark * Chart.yaml update (version, changes) Signed-off-by: John Clark * Removed unnecessary conditional logic Signed-off-by: John Clark * Final newline to _helpers Signed-off-by: John Clark * Rework without template function Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-deployment.yaml | 4 ++-- .../templates/controller/workflow-controller-service.yaml | 2 +- charts/argo-workflows/templates/server/server-deployment.yaml | 4 ++-- charts/argo-workflows/templates/server/server-service.yaml | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 4e172e45..49d5b4a8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.14.3 +version: 0.14.4 appVersion: v3.3.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Setting default ContainerRuntimeExecutor to emissary" + - "[Fixed]: Fixed failing when digests and tags longer than 63 characters" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index d2871b14..5fff5eba 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -4,7 +4,7 @@ metadata: name: {{ template "argo-workflows.controller.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | quote }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | trunc 63 | quote }} spec: replicas: {{ .Values.controller.replicas }} selector: @@ -14,7 +14,7 @@ spec: metadata: labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | quote }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | trunc 63 | quote }} {{- with.Values.controller.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 5c248f49..37d4658d 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-workflows.controller.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | quote }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | trunc 63 | quote }} {{- with .Values.controller.serviceLabels }} {{ toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 21917c43..77d0c0a7 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-workflows.server.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | quote }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | trunc 63 | quote }} spec: replicas: {{ .Values.server.replicas }} selector: @@ -15,7 +15,7 @@ spec: metadata: labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | quote }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | trunc 63 | quote }} {{- with .Values.server.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 49314e6e..9161aaef 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-workflows.server.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | quote }} + app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | trunc 63 | quote }} {{- with .Values.server.serviceAnnotations }} annotations: {{- toYaml . | nindent 4 }} From e9a8cd6420918838e1c35de2c69c04e85a00ab23 Mon Sep 17 00:00:00 2001 From: Hironori Yamamoto Date: Tue, 10 May 2022 05:36:15 +0900 Subject: [PATCH 0252/1248] Add missing create verb to pod/exec for the workflow role (#1231) Signed-off-by: Hironori Yamamoto Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 4 ++-- .../argo-workflows/templates/controller/workflow-role.yaml | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 49d5b4a8..c8fd0491 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.14.4 +version: 0.14.5 appVersion: v3.3.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Fixed failing when digests and tags longer than 63 characters" + - "[Fixed]: Add missing create verb to pod/exec for the workflow role" diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index fc227ea6..8ad52ee6 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -24,6 +24,12 @@ rules: verbs: - get - watch + - apiGroups: + - "" + resources: + - pods/exec + verbs: + - create - apiGroups: - argoproj.io resources: From 0cf7cad2c2a6bd04c086cfa7e4e2cb4750c04755 Mon Sep 17 00:00:00 2001 From: Sean Nguyen Date: Mon, 9 May 2022 13:45:28 -0700 Subject: [PATCH 0253/1248] feat(argo-workflows): add support for Deployment annotations (#1198) * feat(argo-workflows): add support for Deployment annotations bump version and add changelog update documentation Signed-off-by: snooyen * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 5 +++-- charts/argo-workflows/README.md | 2 ++ .../templates/controller/workflow-controller-deployment.yaml | 4 ++++ .../argo-workflows/templates/server/server-deployment.yaml | 4 ++++ charts/argo-workflows/values.yaml | 4 ++++ 5 files changed, 17 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c8fd0491..3f920a69 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.14.5 +version: 0.15.0 appVersion: v3.3.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,5 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing create verb to pod/exec for the workflow role" + - "[Added]: Add support for controller Deployment annotations via controller.deploymentAnnotations chart value." + - "[Added]: Add support for server Deployment annotations via server.deploymentAnnotations chart value." diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index db550341..c07258d8 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -67,6 +67,7 @@ Fields to note: | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | | controller.containerRuntimeExecutor | string | `"emissary"` | Specifies the container runtime interface to use (one of: `docker`, `kubelet`, `k8sapi`, `pns`, `emissary`) | | controller.containerRuntimeExecutors | list | `[]` | Specifies the executor to use. This has precedence over `controller.containerRuntimeExecutor`. | +| controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | | controller.extraEnv | list | `[]` | Extra environment variables to provide to the controller container | @@ -145,6 +146,7 @@ Fields to note: | server.baseHref | string | `"/"` | Value for base href in index.html. Used if the server is running behind reverse proxy under subpath different from /. | | server.clusterWorkflowTemplates.enableEditing | bool | `true` | Give the server permissions to edit ClusterWorkflowTemplates. | | server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. | +| server.deploymentAnnotations | object | `{}` | optional map of annotations to be applied to the ui Deployment | | server.enabled | bool | `true` | Deploy the Argo Server | | server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary, such as for disabling authentication. | | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 5fff5eba..153efeef 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -5,6 +5,10 @@ metadata: labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | trunc 63 | quote }} + {{- with .Values.controller.deploymentAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.controller.replicas }} selector: diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 77d0c0a7..f80ff838 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -6,6 +6,10 @@ metadata: labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | trunc 63 | quote }} + {{- with .Values.server.deploymentAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.server.replicas }} selector: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 1fae66e5..361386d5 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -64,6 +64,8 @@ controller: namespaceParallelism: # -- Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 initialDelay: + # -- deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment + deploymentAnnotations: {} # -- podAnnotations is an optional map of annotations to be applied to the controller Pods podAnnotations: {} # -- Optional labels to add to the controller pods @@ -291,6 +293,8 @@ server: repository: argoproj/argocli # -- Overrides the image tag whose default is the chart appVersion. tag: "" + # -- optional map of annotations to be applied to the ui Deployment + deploymentAnnotations: {} # -- optional map of annotations to be applied to the ui Pods podAnnotations: {} # -- Optional labels to add to the UI pods From 57e1cd69602dd52c6e4d0d009a3794482b506978 Mon Sep 17 00:00:00 2001 From: Christian Brauchli Date: Tue, 10 May 2022 09:40:49 +0200 Subject: [PATCH 0254/1248] feat(argo-cd): Make metrics and serviceMonitors usable on an istio service mesh (#1270) * feat(argo-cd): Make metrics and serviceMonitors usable on an istio service mesh Signed-off-by: Christian Brauchli * change back default values Signed-off-by: Christian Brauchli * update README Signed-off-by: Christian Brauchli * change values to the values they where before Signed-off-by: Christian Brauchli * fix lint Signed-off-by: Christian Brauchli * adjust default portName to be istio compatible Signed-off-by: Christian Brauchli * update docs Signed-off-by: Christian Brauchli * Resolve copy-paste errors Signed-off-by: Marco Kilchhofer * Restore dex/deployment.yaml and adapt dex/service.yaml Signed-off-by: Marco Kilchhofer * Bump minor chart version and add port renaming to changelog Signed-off-by: Marco Kilchhofer Co-authored-by: Christian Brauchli Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 ++- charts/argo-cd/README.md | 20 ++++++++++ .../metrics-service.yaml | 2 +- .../servicemonitor.yaml | 9 ++++- .../metrics-service.yaml | 2 +- .../argocd-applicationset/servicemonitor.yaml | 9 ++++- .../argocd-notifications/service-metrics.yaml | 2 +- .../argocd-notifications/servicemonitor.yaml | 9 ++++- .../argocd-repo-server/metrics-service.yaml | 2 +- .../argocd-repo-server/servicemonitor.yaml | 9 ++++- .../argocd-server/metrics-service.yaml | 2 +- .../argocd-server/servicemonitor.yaml | 9 ++++- charts/argo-cd/templates/dex/service.yaml | 2 +- .../argo-cd/templates/dex/servicemonitor.yaml | 9 ++++- .../templates/redis/servicemonitor.yaml | 7 ++++ charts/argo-cd/values.yaml | 40 +++++++++++++++++++ 16 files changed, 125 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 43ea6731..2f357f8d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.5.12 +version: 4.6.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Consider global securityContext for notifications and applicationset deployment" + - "[Added]: Metrics service name can now be changed" + - "[Added]: ServiceMonitor now support tlsConfig" + - "[Changed]: All metrics Service ports were renamed from 'metrics' to 'http-metrics' (istio compatibility)" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e60f1789..bb2bfd2c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -291,6 +291,7 @@ NAME: my-release | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | | controller.metrics.service.annotations | object | `{}` | Metrics service annotations | | controller.metrics.service.labels | object | `{}` | Metrics service labels | +| controller.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | controller.metrics.service.servicePort | int | `8082` | Metrics service port | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -298,7 +299,9 @@ NAME: my-release | controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | controller.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | controller.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| controller.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| controller.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | controller.name | string | `"application-controller"` | Application controller name string | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | @@ -361,6 +364,7 @@ NAME: my-release | repoServer.metrics.enabled | bool | `false` | Deploy metrics service | | repoServer.metrics.service.annotations | object | `{}` | Metrics service annotations | | repoServer.metrics.service.labels | object | `{}` | Metrics service labels | +| repoServer.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | repoServer.metrics.service.servicePort | int | `8084` | Metrics service port | | repoServer.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | repoServer.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -368,7 +372,9 @@ NAME: my-release | repoServer.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | repoServer.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | repoServer.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| repoServer.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | repoServer.name | string | `"repo-server"` | Repo server name | | repoServer.nodeSelector | object | `{}` | [Node selector] | | repoServer.pdb.annotations | object | `{}` | Annotations to be added to Repo server pdb | @@ -476,6 +482,7 @@ NAME: my-release | server.metrics.enabled | bool | `false` | Deploy metrics service | | server.metrics.service.annotations | object | `{}` | Metrics service annotations | | server.metrics.service.labels | object | `{}` | Metrics service labels | +| server.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | server.metrics.service.servicePort | int | `8083` | Metrics service port | | server.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | server.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -483,7 +490,9 @@ NAME: my-release | server.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | server.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | server.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| server.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | server.name | string | `"server"` | Argo CD server name | | server.nodeSelector | object | `{}` | [Node selector] | | server.pdb.annotations | object | `{}` | Annotations to be added to server pdb | @@ -564,13 +573,16 @@ NAME: my-release | dex.metrics.enabled | bool | `false` | Deploy metrics service | | dex.metrics.service.annotations | object | `{}` | Metrics service annotations | | dex.metrics.service.labels | object | `{}` | Metrics service labels | +| dex.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | dex.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | dex.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | dex.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | dex.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | dex.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | dex.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| dex.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| dex.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | dex.name | string | `"dex-server"` | Dex name | | dex.nodeSelector | object | `{}` | [Node selector] | | dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb | @@ -634,7 +646,9 @@ NAME: my-release | redis.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | redis.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | redis.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| redis.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| redis.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | redis.name | string | `"redis"` | Redis name | | redis.nodeSelector | object | `{}` | [Node selector] | | redis.pdb.annotations | object | `{}` | Annotations to be added to Redis server pdb | @@ -695,6 +709,7 @@ NAME: my-release | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | +| applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -702,7 +717,9 @@ NAME: my-release | applicationSet.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | applicationSet.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | applicationSet.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| applicationSet.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | applicationSet.name | string | `"applicationset-controller"` | Application Set controller name string | | applicationSet.nodeSelector | object | `{}` | [Node selector] | | applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods | @@ -772,9 +789,12 @@ NAME: my-release | notifications.metrics.port | int | `9001` | Metrics port | | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | | notifications.metrics.service.labels | object | `{}` | Metrics service labels | +| notifications.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| notifications.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | notifications.name | string | `"notifications-controller"` | Notifications controller name string | | notifications.nodeSelector | object | `{}` | [Node selector] | | notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook | diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml index 7331765d..44e8eff3 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml @@ -16,7 +16,7 @@ metadata: name: {{ template "argo-cd.controller.fullname" . }}-metrics spec: ports: - - name: metrics + - name: {{ .Values.controller.metrics.service.portName }} protocol: TCP port: {{ .Values.controller.metrics.service.servicePort }} targetPort: controller diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 249d4e38..28b230db 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} spec: endpoints: - - port: metrics + - port: {{ .Values.controller.metrics.service.portName }} {{- with .Values.controller.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} @@ -29,6 +29,13 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml index bba26e4c..a6ce523f 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml @@ -16,7 +16,7 @@ metadata: name: {{ template "argo-cd.applicationSet.fullname" . }}-metrics spec: ports: - - name: metrics + - name: {{ .Values.applicationSet.metrics.service.portName }} protocol: TCP port: {{ .Values.applicationSet.metrics.service.servicePort }} targetPort: metrics diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index 1ad3f765..10c950da 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -17,7 +17,7 @@ metadata: {{- end }} spec: endpoints: - - port: metrics + - port: {{ .Values.applicationSet.metrics.service.portName }} {{- with .Values.applicationSet.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} @@ -30,6 +30,13 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml index cdae581c..118fc428 100644 --- a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml @@ -16,7 +16,7 @@ spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} ports: - - name: metrics + - name: {{ .Values.notifications.metrics.service.portName }} port: {{ .Values.notifications.metrics.port }} targetPort: {{ .Values.notifications.metrics.port }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index d61b3b56..7ed6237a 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} spec: endpoints: - - port: metrics + - port: {{ .Values.notifications.metrics.service.portName }} path: /metrics {{- if .Values.notifications.metrics.serviceMonitor.interval }} interval: {{ .Values.notifications.metrics.serviceMonitor.interval }} @@ -24,6 +24,13 @@ spec: {{- if .Values.notifications.metrics.serviceMonitor.scrapeTimeout }} scrapeTimeout: {{ .Values.notifications.metrics.serviceMonitor.scrapeTimeout }} {{- end }} + {{- with .Values.notifications.metrics.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.notifications.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml index 99061736..14ca18d9 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml @@ -16,7 +16,7 @@ metadata: name: {{ template "argo-cd.repoServer.fullname" . }}-metrics spec: ports: - - name: metrics + - name: {{ .Values.repoServer.metrics.service.portName }} protocol: TCP port: {{ .Values.repoServer.metrics.service.servicePort }} targetPort: metrics diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 2c353479..8f6bf9c8 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} spec: endpoints: - - port: metrics + - port: {{ .Values.repoServer.metrics.service.portName }} {{- with .Values.repoServer.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} @@ -29,6 +29,13 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.repoServer.metrics.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.repoServer.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-server/metrics-service.yaml b/charts/argo-cd/templates/argocd-server/metrics-service.yaml index 3c1f4077..4d19dc07 100644 --- a/charts/argo-cd/templates/argocd-server/metrics-service.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics-service.yaml @@ -16,7 +16,7 @@ metadata: name: {{ template "argo-cd.server.fullname" . }}-metrics spec: ports: - - name: metrics + - name: {{ .Values.server.metrics.service.portName }} protocol: TCP port: {{ .Values.server.metrics.service.servicePort }} targetPort: metrics diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index ab97acc2..61d31390 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} spec: endpoints: - - port: metrics + - port: {{ .Values.server.metrics.service.portName }} {{- with .Values.server.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} @@ -29,6 +29,13 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.metrics.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.server.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index c93b085e..9661c7e0 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -25,7 +25,7 @@ spec: port: {{ .Values.dex.servicePortGrpc }} targetPort: grpc {{- if .Values.dex.metrics.enabled }} - - name: metrics + - name: {{ .Values.dex.metrics.service.portName }} protocol: TCP port: {{ .Values.dex.servicePortMetrics }} targetPort: metrics diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index ca1d54b0..ec98991a 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} spec: endpoints: - - port: metrics + - port: {{ .Values.dex.metrics.service.portName }} {{- with .Values.dex.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} @@ -29,6 +29,13 @@ spec: metricRelabelings: {{- toYaml . |nindent 8 }} {{- end }} + {{- with .Values.dex.metrics.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.dex.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index b7029b74..8cd9a111 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -30,6 +30,13 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.redis.metrics.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.redis.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e2db1edc..652e912c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -258,6 +258,8 @@ controller: labels: {} # -- Metrics service port servicePort: 8082 + # -- Metrics service port name + portName: http-metrics serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false @@ -271,6 +273,10 @@ controller: selector: {} # prometheus: kube-prometheus + # -- Prometheus ServiceMonitor scheme + scheme: "" + # -- Prometheus ServiceMonitor tlsConfig + tlsConfig: {} # -- Prometheus ServiceMonitor namespace namespace: "" # "monitoring" # -- Prometheus ServiceMonitor labels @@ -373,6 +379,8 @@ dex: annotations: {} # -- Metrics service labels labels: {} + # -- Metrics service port name + portName: http-metrics serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false @@ -386,6 +394,10 @@ dex: selector: {} # prometheus: kube-prometheus + # -- Prometheus ServiceMonitor scheme + scheme: "" + # -- Prometheus ServiceMonitor tlsConfig + tlsConfig: {} # -- Prometheus ServiceMonitor namespace namespace: "" # "monitoring" # -- Prometheus ServiceMonitor labels @@ -732,6 +744,10 @@ redis: selector: {} # prometheus: kube-prometheus + # -- Prometheus ServiceMonitor scheme + scheme: "" + # -- Prometheus ServiceMonitor tlsConfig + tlsConfig: {} # -- Prometheus ServiceMonitor namespace namespace: "" # "monitoring" # -- Prometheus ServiceMonitor labels @@ -991,6 +1007,8 @@ server: labels: {} # -- Metrics service port servicePort: 8083 + # -- Metrics service port name + portName: http-metrics serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false @@ -1004,6 +1022,10 @@ server: selector: {} # prometheus: kube-prometheus + # -- Prometheus ServiceMonitor scheme + scheme: "" + # -- Prometheus ServiceMonitor tlsConfig + tlsConfig: {} # -- Prometheus ServiceMonitor namespace namespace: "" # monitoring # -- Prometheus ServiceMonitor labels @@ -1568,6 +1590,8 @@ repoServer: labels: {} # -- Metrics service port servicePort: 8084 + # -- Metrics service port name + portName: http-metrics serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false @@ -1581,6 +1605,10 @@ repoServer: selector: {} # prometheus: kube-prometheus + # -- Prometheus ServiceMonitor scheme + scheme: "" + # -- Prometheus ServiceMonitor tlsConfig + tlsConfig: {} # -- Prometheus ServiceMonitor namespace namespace: "" # "monitoring" # -- Prometheus ServiceMonitor labels @@ -1925,6 +1953,8 @@ applicationSet: labels: {} # -- Metrics service port servicePort: 8085 + # -- Metrics service port name + portName: http-metrics serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false @@ -1938,6 +1968,10 @@ applicationSet: selector: {} # prometheus: kube-prometheus + # -- Prometheus ServiceMonitor scheme + scheme: "" + # -- Prometheus ServiceMonitor tlsConfig + tlsConfig: {} # -- Prometheus ServiceMonitor namespace namespace: "" # monitoring # -- Prometheus ServiceMonitor labels @@ -2178,6 +2212,8 @@ notifications: annotations: {} # -- Metrics service labels labels: {} + # -- Metrics service port name + portName: http-metrics serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false @@ -2189,6 +2225,10 @@ notifications: # namespace: monitoring # interval: 30s # scrapeTimeout: 10s + # -- Prometheus ServiceMonitor scheme + scheme: "" + # -- Prometheus ServiceMonitor tlsConfig + tlsConfig: {} # -- Configures notification services such as slack, email or custom webhook # @default -- See [values.yaml] From 20924aced32bf53228876753ac879bef5c5f0c3e Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 19 May 2022 12:26:37 +0200 Subject: [PATCH 0255/1248] fix: Workaround helm-docs v1.10.0 breaking change (#1285) Signed-off-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 14 ++++++++++---- scripts/helm-docs.sh | 2 +- 2 files changed, 11 insertions(+), 5 deletions(-) mode change 100644 => 100755 scripts/helm-docs.sh diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 6343c8eb..b5bf57f3 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -37,10 +37,16 @@ jobs: run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml - name: Run docs-testing (helm-docs) - uses: buttahtoast/helm-release-action@v2.0.1 - with: - charts: "${{ steps.list-changed.outputs.changed_charts }}" - if: steps.list-changed.outputs.changed == 'true' + id: helm-docs + run: | + ./scripts/helm-docs.sh + if [[ $(git diff --stat) != '' ]]; then + echo -e '\033[0;31mDocumentation outdated!\033[0m ❌' + git diff --color + exit 1 + else + echo -e '\033[0;32mDocumentation up to date\033[0m ✔' + fi - name: Create kind cluster uses: helm/kind-action@v1.2.0 diff --git a/scripts/helm-docs.sh b/scripts/helm-docs.sh old mode 100644 new mode 100755 index ed4408d3..e8ade437 --- a/scripts/helm-docs.sh +++ b/scripts/helm-docs.sh @@ -8,4 +8,4 @@ echo "Running Helm-Docs" docker run \ -v "$CHART_DIR:/helm-docs" \ -u $(id -u) \ - jnorwood/helm-docs:latest + jnorwood/helm-docs:v1.9.1 From ec31320b2e391321ead44d01f216186644992de1 Mon Sep 17 00:00:00 2001 From: Alex <3712883+w3irdrobot@users.noreply.github.com> Date: Thu, 19 May 2022 07:51:00 -0400 Subject: [PATCH 0256/1248] fix(argo-cd): Fix indent on Argo CD applications and projects (#1283) * fix(argo-cd): Fix indent on Argo CD application creation Signed-off-by: Alex Sears * Version bump Signed-off-by: Alex Sears * Add ArtifactHub change annotation Signed-off-by: Alex Sears * Helm docs run Signed-off-by: Alex Sears * Fix indent also on 'server.additionalProjects' Signed-off-by: Marco Kilchhofer * Reword changelog Signed-off-by: Marco Kilchhofer * Restore README (use helm-docs v1.9.1 Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +++--- .../argocd-configs/applications.yaml | 14 ++++++------ .../templates/argocd-configs/projects.yaml | 22 +++++++++---------- 3 files changed, 21 insertions(+), 22 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2f357f8d..589f0792 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.6.0 +version: 4.6.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,6 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Metrics service name can now be changed" - - "[Added]: ServiceMonitor now support tlsConfig" - - "[Changed]: All metrics Service ports were renamed from 'metrics' to 'http-metrics' (istio compatibility)" + - "[Fixed]: Fix indent on 'additionalApplications'" + - "[Fixed]: Fix indent on 'additionalProjects'" diff --git a/charts/argo-cd/templates/argocd-configs/applications.yaml b/charts/argo-cd/templates/argocd-configs/applications.yaml index f40a259e..cdde790d 100644 --- a/charts/argo-cd/templates/argocd-configs/applications.yaml +++ b/charts/argo-cd/templates/argocd-configs/applications.yaml @@ -11,7 +11,7 @@ metadata: {{- end }} {{- with .additionalLabels }} labels: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} name: {{ .name }} {{- with .namespace }} @@ -19,24 +19,24 @@ metadata: {{- end }} {{- with .finalizers }} finalizers: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} spec: project: {{ tpl .project $ }} source: - {{- toYaml .source | nindent 8 }} + {{- toYaml .source | nindent 4 }} destination: - {{- toYaml .destination | nindent 8 }} + {{- toYaml .destination | nindent 4 }} {{- with .syncPolicy }} syncPolicy: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- with .ignoreDifferences }} ignoreDifferences: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- with .info }} info: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/projects.yaml b/charts/argo-cd/templates/argocd-configs/projects.yaml index 74b674cd..54a232c1 100644 --- a/charts/argo-cd/templates/argocd-configs/projects.yaml +++ b/charts/argo-cd/templates/argocd-configs/projects.yaml @@ -11,7 +11,7 @@ metadata: {{- end }} {{- with .additionalLabels }} labels: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} name: {{ .name }} {{- with .namespace }} @@ -19,40 +19,40 @@ metadata: {{- end }} {{- with .finalizers }} finalizers: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} spec: description: {{ .description }} sourceRepos: - {{- toYaml .sourceRepos | nindent 8 }} + {{- toYaml .sourceRepos | nindent 4 }} destinations: - {{- toYaml .destinations | nindent 8 }} + {{- toYaml .destinations | nindent 4 }} {{- with .clusterResourceWhitelist }} clusterResourceWhitelist: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- with .namespaceResourceBlacklist }} namespaceResourceBlacklist: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- with .namespaceResourceWhitelist }} namespaceResourceWhitelist: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- with .orphanedResources }} orphanedResources: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- with .roles }} roles: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- with .syncWindows }} syncWindows: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- with .signatureKeys }} signatureKeys: - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- end }} From 6967136f57a70c2edf64f2096dd5890d0c6ba8ce Mon Sep 17 00:00:00 2001 From: Michael Crenshaw Date: Thu, 19 May 2022 13:53:53 -0400 Subject: [PATCH 0257/1248] fix(argo-cd): Update to Argo CD v2.3.4 (#1284) * fix(argo-cd): Update to Argo CD v2.3.4 Signed-off-by: Michael Crenshaw * update readme Signed-off-by: Michael Crenshaw * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Michael Crenshaw Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 589f0792..d1f96578 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.3.3 +appVersion: v2.3.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.6.1 +version: 4.6.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Fix indent on 'additionalApplications'" - - "[Fixed]: Fix indent on 'additionalProjects'" + - "[Changed]: Update Argo CD to v2.3.4" From 1492575ee07aebdbdc22ff4d16da7455fe3e1b1e Mon Sep 17 00:00:00 2001 From: Greg Date: Fri, 20 May 2022 14:10:35 -0400 Subject: [PATCH 0258/1248] feat(argo-cd): Add support for external issuers in server Certificate resource (#1279) * Add cert-manager issuer group support for external issuers Signed-off-by: Greg Sidelinger * Bumping chart version and adding changelog Signed-off-by: Greg Sidelinger * Fixing documentation. Signed-off-by: Greg Sidelinger * Retrigger CI pipeline Signed-off-by: Greg Sidelinger * Making server.certificate.issuer.group optional Signed-off-by: Greg Sidelinger * Apply suggestions from code review Signed-off-by: Marco Kilchhofer * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Greg Sidelinger Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-server/certificate.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d1f96578..b480d0d1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.6.2 +version: 4.6.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.3.4" + - "[Added]: Add support for external issuers in server Certificate resource" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bb2bfd2c..00ac29b6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -424,6 +424,7 @@ NAME: my-release | server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | | server.certificate.duration | string | `""` | The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration | | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | +| server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | | server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` | | server.certificate.renewBefore | string | `""` | How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration | diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 50780560..80f89b03 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -26,6 +26,9 @@ spec: duration: {{ . | quote }} {{- end }} issuerRef: + {{- with .Values.server.certificate.issuer.group }} + group: {{ . | quote }} + {{- end }} kind: {{ .Values.server.certificate.issuer.kind | quote }} name: {{ .Values.server.certificate.issuer.name | quote }} {{- with .Values.server.certificate.renewBefore }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 652e912c..3e3fb234 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -952,6 +952,8 @@ server: # -- How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration renewBefore: "" issuer: + # -- Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` + group: "" # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` kind: "" # -- Certificate isser name. Eg. `letsencrypt` From 72d29611b790991d7d5ec0f201541071e5d8e383 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 21 May 2022 04:19:07 +0900 Subject: [PATCH 0259/1248] fix(argo-workflows): Add missing verbs on argo-workflows-server (#1278) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 ++--- .../templates/server/server-cluster-roles.yaml | 2 ++ 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3f920a69..3ac8bf98 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.15.0 +version: 0.15.1 appVersion: v3.3.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,5 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add support for controller Deployment annotations via controller.deploymentAnnotations chart value." - - "[Added]: Add support for server Deployment annotations via server.deploymentAnnotations chart value." + - "[Fixed]: Add missing verbs on argo-workflows-server." diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 94c86e27..66944647 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -54,6 +54,7 @@ rules: verbs: - get - list + - watch {{- end }} {{- end }} - apiGroups: @@ -63,6 +64,7 @@ rules: verbs: - get - list + - watch {{- if .Values.server.sso }} {{- if .Values.server.sso.rbac }} {{- with .Values.server.sso.rbac.secretWhitelist }} From c314fc112c5b753a2548be0f2b55ae0b8039aab0 Mon Sep 17 00:00:00 2001 From: 66li <37136076+66li@users.noreply.github.com> Date: Sat, 21 May 2022 05:14:08 +0800 Subject: [PATCH 0260/1248] feat(argo-workflows): Upgrade argo-workflows to v3.3.5 (#1262) * upgrade Signed-off-by: 66li <928946189@qq.com> * add version Signed-off-by: 66li <928946189@qq.com> * fix redme Signed-off-by: 66li <928946189@qq.com> --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3ac8bf98..abaa5811 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.15.1 -appVersion: v3.3.2 +version: 0.15.2 +appVersion: v3.3.5 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing verbs on argo-workflows-server." + - "[Changed]: Update to app version v3.3.5" From 0e090ef85406d1653bb9e81e8623dcedfe6d397d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 22 May 2022 16:43:12 +0900 Subject: [PATCH 0261/1248] fix(argo-workflows): adjust api version of pod disruption budget by referring to k8s version (#1288) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/_helpers.tpl | 11 +++++++++++ .../workflow-controller-deployment-pdb.yaml | 2 +- .../templates/server/server-deployment-pdb.yaml | 2 +- 4 files changed, 15 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index abaa5811..bb73226f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.15.2 +version: 0.15.3 appVersion: v3.3.5 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v3.3.5" + - "[Fixed]: Adjust api version of pod disruption budget by referring to k8s version" diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 18eae994..2289951d 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -103,6 +103,17 @@ Return the appropriate apiVersion for ingress {{- end -}} {{- end -}} +{{/* +Return the appropriate apiVersion for pod disruption budget +*/}} +{{- define "argo-workflows.podDisruptionBudget.apiVersion" -}} +{{- if semverCompare "<1.21-0" (include "argo-workflows.kubeVersion" $) -}} +{{- print "policy/v1beta1" -}} +{{- else -}} +{{- print "policy/v1" -}} +{{- end -}} +{{- end -}} + {{/* Return the target Kubernetes version */}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml index 564ba412..deef3de1 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: policy/v1beta1 +apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.controller.fullname" . }} diff --git a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml index aeba6547..47be0dd1 100644 --- a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.server.enabled .Values.server.pdb.enabled -}} -apiVersion: policy/v1beta1 +apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.server.fullname" . }} From 3332dc2e12b177f8ed19e59876765d825bb7fceb Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 22 May 2022 20:51:41 +0900 Subject: [PATCH 0262/1248] fix(argo-cd): adjust api version of pod disruption budget by referring to k8s version (#1289) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 11 +++++++++++ .../poddisruptionbudget.yaml | 2 +- .../argocd-repo-server/poddisruptionbudget.yaml | 2 +- .../templates/argocd-server/poddisruptionbudget.yaml | 2 +- charts/argo-cd/templates/dex/poddisruptionbudget.yaml | 2 +- .../argo-cd/templates/redis/poddisruptionbudget.yaml | 2 +- 7 files changed, 18 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b480d0d1..6ee9ba90 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.6.3 +version: 4.6.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add support for external issuers in server Certificate resource" + - "[Fixed]: Adjust api version of pod disruption budget by referring to k8s version" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 5bc4a49c..44af06dd 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -284,3 +284,14 @@ Create the name of the configmap to use key: redis-password {{- end }} {{- end -}} + +{{/* +Return the appropriate apiVersion for pod disruption budget +*/}} +{{- define "argo-cd.podDisruptionBudget.apiVersion" -}} +{{- if semverCompare "<1.21-0" (include "argo-cd.kubeVersion" $) -}} +{{- print "policy/v1beta1" -}} +{{- else -}} +{{- print "policy/v1" -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml b/charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml index f27e1d74..536294f1 100644 --- a/charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: policy/v1beta1 +apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.controller.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml b/charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml index c388c263..d4a4c93a 100644 --- a/charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml @@ -1,5 +1,5 @@ {{- if .Values.repoServer.pdb.enabled }} -apiVersion: policy/v1beta1 +apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.repoServer.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml b/charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml index 2342a1c6..29784ce6 100644 --- a/charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml +++ b/charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.pdb.enabled }} -apiVersion: policy/v1beta1 +apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.server.fullname" . }} diff --git a/charts/argo-cd/templates/dex/poddisruptionbudget.yaml b/charts/argo-cd/templates/dex/poddisruptionbudget.yaml index 93d952fe..7a16d8bf 100644 --- a/charts/argo-cd/templates/dex/poddisruptionbudget.yaml +++ b/charts/argo-cd/templates/dex/poddisruptionbudget.yaml @@ -1,5 +1,5 @@ {{- if .Values.dex.pdb.enabled }} -apiVersion: policy/v1beta1 +apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.dex.fullname" . }} diff --git a/charts/argo-cd/templates/redis/poddisruptionbudget.yaml b/charts/argo-cd/templates/redis/poddisruptionbudget.yaml index 0f19bb9f..4de55b7e 100644 --- a/charts/argo-cd/templates/redis/poddisruptionbudget.yaml +++ b/charts/argo-cd/templates/redis/poddisruptionbudget.yaml @@ -1,5 +1,5 @@ {{- if .Values.redis.pdb.enabled }} -apiVersion: policy/v1beta1 +apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.redis.fullname" . }} From 0682a7e8ee39bad2b58e97f0a22092270d12d6ad Mon Sep 17 00:00:00 2001 From: smcavallo Date: Mon, 23 May 2022 00:47:03 -0400 Subject: [PATCH 0263/1248] fix(argo-cd): Update redis-ha dependency for haproxy CVEs (#1290) Signed-off-by: smcavallo --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index fe323d72..d39adc27 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.12.17 -digest: sha256:ad1833436031e3578165d48646c90323040fa1bc00d9235fe7ba7c67b20094ec -generated: "2021-07-27T16:35:27.2509236-04:00" + version: 4.15.0 +digest: sha256:dbe1d621ce62ce8cf42eb1b60b8d35667beb8920bc3dbf7417f77081c8ed5f2d +generated: "2022-05-21T12:28:08.0813269-04:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6ee9ba90..b917c6b2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.6.4 +version: 4.6.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -16,9 +16,9 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.12.17 + version: 4.15.0 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Adjust api version of pod disruption budget by referring to k8s version" + - "[Changed]: Updated redis-ha dependency chart" From c7b3331d7b062d57d7bb3205e864a61529f2864e Mon Sep 17 00:00:00 2001 From: Vlad Voloshyn Date: Mon, 23 May 2022 08:05:11 +0300 Subject: [PATCH 0264/1248] feat(argo-rollouts): Add replicas option to dashboard (#1286) * feat(argo-rollouts): Add replicas option to dashboard Signed-off-by: Vlad Voloshyn * Update README Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 ++- charts/argo-rollouts/templates/dashboard/deployment.yaml | 3 ++- charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index ef6fd97d..83e75ad3 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.2.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.14.0 +version: 2.14.1 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: ability to define priorityClassName for the controller and dashboard" + - "[Added]: option to set dashboard replicas count" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 54806e67..47386dad 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -111,6 +111,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.nodeSelector | object | `{}` | [Node selector] | | dashboard.podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | dashboard.priorityClassName | string | `""` | [priorityClassName] for the dashboard server | +| dashboard.replicas | int | `1` | The number of dashboard pods to run | | dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | | dashboard.service.annotations | object | `{}` | Service annotations | | dashboard.service.externalIPs | list | `[]` | Dashboard service external IPs | @@ -156,4 +157,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.14.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.14.1/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index e45f1acf..33310ef5 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -13,6 +13,7 @@ spec: app.kubernetes.io/component: {{ .Values.dashboard.component }} strategy: type: Recreate + replicas: {{ .Values.dashboard.replicas }} template: metadata: {{- with .Values.podAnnotations }} @@ -63,4 +64,4 @@ spec: {{- with .Values.dashboard.priorityClassName }} priorityClassName: {{ . }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index b5c9f576..c9ec9a99 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -148,6 +148,8 @@ dashboard: affinity: {} # -- [priorityClassName] for the dashboard server priorityClassName: "" + # -- The number of dashboard pods to run + replicas: 1 image: # -- Registry to use registry: quay.io From ba87cfc50115f8b6655ab4323534349aab50d778 Mon Sep 17 00:00:00 2001 From: Alexander Matyushentsev Date: Tue, 24 May 2022 08:29:40 -0700 Subject: [PATCH 0265/1248] chore: get ready to rename master branch to main (#1292) Signed-off-by: Alexander Matyushentsev --- .github/pull_request_template.md | 10 +++++----- .github/workflows/publish.yml | 2 +- CONTRIBUTING.md | 2 +- README.md | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 67fb9833..741d56a9 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -4,11 +4,11 @@ If the DCO action in the integration test fails, one or more of your commits are Checklist: -* [ ] I have bumped the chart version according to [versioning](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#versioning) -* [ ] I have updated the documentation according to [documentation](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#documentation) -* [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#changelog). +* [ ] I have bumped the chart version according to [versioning](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#versioning) +* [ ] I have updated the documentation according to [documentation](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#documentation) +* [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). * [ ] Any new values are backwards compatible and/or have sensible default. -* [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/tree/master/community#contributing-to-argo). +* [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/tree/main/community#contributing-to-argo). * [ ] My build is green ([troubleshooting builds](https://argoproj.github.io/argo-cd/developer-guide/ci/)). -Changes are automatically published when merged to `master`. They are not published on branches. +Changes are automatically published when merged to `main`. They are not published on branches. diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index f01702a6..f3b502e0 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -3,7 +3,7 @@ name: Chart Publish on: push: branches: - - master + - main - rewrite-build jobs: publish: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d5873f86..36ef70b6 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -148,4 +148,4 @@ The linting can be invoked manually with the following command: ## Publishing Changes -Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`). +Changes are automatically publish whenever a commit is merged to main. The CI job (see `./.github/workflows/publish.yml`). diff --git a/README.md b/README.md index 6e1aaf2c..a5bbf0d9 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # Argo Helm Charts [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) -[![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=master)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) +[![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. The charts can be added using following command: From ebf7a784a934e130bb4578ac4c696387eb05bf7e Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 25 May 2022 08:38:49 +0200 Subject: [PATCH 0266/1248] fix: chart-testing defaults to `master`, set it to `main` now (#1295) Signed-off-by: Marco Kilchhofer --- .github/configs/ct-install.yaml | 1 + .github/configs/ct-lint.yaml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/configs/ct-install.yaml b/.github/configs/ct-install.yaml index f2b9dc9e..ff56c21c 100644 --- a/.github/configs/ct-install.yaml +++ b/.github/configs/ct-install.yaml @@ -2,6 +2,7 @@ # Don't add the 'debug' attribute, otherwise the workflow won't work anymore # Only Used for the CT Install Stage remote: origin +target-branch: main chart-dirs: - charts chart-repos: diff --git a/.github/configs/ct-lint.yaml b/.github/configs/ct-lint.yaml index e7188eb1..16d01791 100644 --- a/.github/configs/ct-lint.yaml +++ b/.github/configs/ct-lint.yaml @@ -2,6 +2,7 @@ # Don't add the 'debug' attribute, otherwise the workflow won't work anymore # Only Used for the CT Lint Stage remote: origin +target-branch: main chart-dirs: - charts chart-repos: From 5f33394042e8ea27d0fe95187534a410a35541ee Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 25 May 2022 17:51:50 +0900 Subject: [PATCH 0267/1248] fix(argo-workflows): add missing rules for workflow role to run HTTP templates (#1291) * fix(argo-workflows): add missing rules for workflow role to run HTTP/plugin templates Signed-off-by: yu-croco * chore(argo-workflows): refactor role rules simpler Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-role.yaml | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index bb73226f..b746e41a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.15.3 +version: 0.15.4 appVersion: v3.3.5 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Adjust api version of pod disruption budget by referring to k8s version" + - "[Fixed]: Add missing rules for workflow role to run HTTP/plugin templates" diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 8ad52ee6..75913b90 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -36,6 +36,21 @@ rules: - workflowtaskresults verbs: - create + - apiGroups: + - argoproj.io + resources: + - workflowtasksets + verbs: + - list + - watch + - apiGroups: + - argoproj.io + resources: + - workflowtasksets/status + {{/* TODO: This resource is for app version <= v3.2, so please remove it when app version v3.2 is no more used. */}} + - workflowtasksets + verbs: + - patch {{- end }} {{- end }} From 760fe39dc96070dab9ca72206615c89970457536 Mon Sep 17 00:00:00 2001 From: Ken Kaizu Date: Wed, 25 May 2022 18:30:08 +0900 Subject: [PATCH 0268/1248] feat(argo-workflows): add support workflow-controller-configmap navColor (#1276) Signed-off-by: krrrr38 --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../templates/controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b746e41a..bbb47cfe 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.15.4 +version: 0.16.0 appVersion: v3.3.5 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing rules for workflow role to run HTTP/plugin templates" + - "[Added]: Add support for workflow-controller-configmap navColor." diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index c07258d8..0592f827 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -91,6 +91,7 @@ Fields to note: | controller.metricsConfig.servicePortName | string | `"metrics"` | Service metrics port name | | controller.name | string | `"workflow-controller"` | Workflow controller name string | | controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace | +| controller.navColor | string | `""` | Set ui navigation bar background color | | controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | | controller.parallelism | string | `nil` | parallelism dictates how many workflows can be running at the same time | | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index f602d89e..5cdb7f50 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -103,3 +103,6 @@ data: {{- with .Values.controller.links }} links: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.navColor }} + navColor: {{ . }} + {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 361386d5..e94ba575 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -256,6 +256,8 @@ controller: # -- Configure Argo Server to show custom [links] ## Ref: https://argoproj.github.io/argo-workflows/links/ links: [] + # -- Set ui navigation bar background color + navColor: "" clusterWorkflowTemplates: # -- Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. enabled: true From c10fd657d0453f9bdf14531ae9a3883d6ea2feec Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 25 May 2022 13:06:37 +0200 Subject: [PATCH 0269/1248] chore(argo-cd): Update redis-ha to 4.16.0 (#1296) * chore(argo-cd): Update redis-ha to 4.16.0 Signed-off-by: Marco Kilchhofer * docs: Add some more imported redis-ha options to README Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 29 ++++++++++++++++++++++++++++- charts/argo-cd/README.md.gotmpl | 18 ++++++++++++++++++ charts/argo-cd/values.yaml | 31 +++++++++++++++++++++++++++++++ 5 files changed, 83 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index d39adc27..932ea555 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.15.0 -digest: sha256:dbe1d621ce62ce8cf42eb1b60b8d35667beb8920bc3dbf7417f77081c8ed5f2d -generated: "2022-05-21T12:28:08.0813269-04:00" + version: 4.16.0 +digest: sha256:fa6a784ee32cc11fbc1bbbbaafcb179e447bc984e898ae35a1cd4408dbed7ccb +generated: "2022-05-25T11:44:28.53802+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b917c6b2..45908bad 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.6.5 +version: 4.7.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -16,9 +16,9 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.15.0 + version: 4.16.0 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Updated redis-ha dependency chart" + - "[Changed]: Updated redis-ha dependency chart to 4.16.0" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 00ac29b6..7abb37c9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -615,6 +615,8 @@ NAME: my-release ## Redis +### Option 1 - Single Redis instance (default option) + | Key | Type | Default | Description | |-----|------|---------|-------------| | redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | @@ -671,15 +673,40 @@ NAME: my-release | redis.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to redis | | redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | | redis.volumes | list | `[]` | Additional volumes to the redis pod | + +### Option 2 - Redis HA + +This option uses the following third-party chart to bootstrap a clustered Redis: https://github.com/DandyDeveloper/charts/tree/master/charts/redis-ha. +For all available configuration options, please read upstream README and/or chart source. +The main options are listed here: + +| Key | Type | Default | Description | +|-----|------|---------|-------------| | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | +| redis-ha.exporter.image | string | `nil` (follows subchart default) | Exporter image | +| redis-ha.exporter.tag | string | `nil` (follows subchart default) | Exporter tag | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | +| redis-ha.haproxy.image.repository | string | `nil` (follows subchart default) | HAProxy Image Repository | +| redis-ha.haproxy.image.tag | string | `nil` (follows subchart default) | HAProxy Image Tag | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | +| redis-ha.image.repository | string | `nil` (follows subchart default) | Redis image repository | | redis-ha.image.tag | string | `"6.2.6-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | -| redis-ha.redis.config.save | string | `"\"\""` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | +| redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | +| redis-ha.topologySpreadConstraints.enabled | bool | `false` | Enable Redis HA topology spread constraints | +| redis-ha.topologySpreadConstraints.maxSkew | string | `""` (defaults to `1`) | Max skew of pods tolerated | +| redis-ha.topologySpreadConstraints.topologyKey | string | `""` (defaults to `topology.kubernetes.io/zone`) | Topology key for spread | +| redis-ha.topologySpreadConstraints.whenUnsatisfiable | string | `""` (defaults to `ScheduleAnyway`) | Enforcement policy, hard or soft | + +### Option 3 - External Redis + +If you want to use an existing Redis (eg. a managed service from a cloud provider), you can use these parameters: + +| Key | Type | Default | Description | +|-----|------|---------|-------------| | externalRedis.existingSecret | string | `""` | The name of an existing secret with Redis credentials (must contain key `redis-password`). When it's set, the `externalRedis.password` parameter is ignored | | externalRedis.host | string | `""` | External Redis server host | | externalRedis.password | string | `""` | External Redis password | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 7ab487cc..d59f100f 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -261,6 +261,8 @@ NAME: my-release ## Redis +### Option 1 - Single Redis instance (default option) + | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} @@ -268,11 +270,27 @@ NAME: my-release | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} + +### Option 2 - Redis HA + +This option uses the following third-party chart to bootstrap a clustered Redis: https://github.com/DandyDeveloper/charts/tree/master/charts/redis-ha. +For all available configuration options, please read upstream README and/or chart source. +The main options are listed here: + +| Key | Type | Default | Description | +|-----|------|---------|-------------| {{- range .Values }} {{- if hasPrefix "redis-ha" .Key }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} + +### Option 3 - External Redis + +If you want to use an existing Redis (eg. a managed service from a cloud provider), you can use these parameters: + +| Key | Type | Default | Description | +|-----|------|---------|-------------| {{- range .Values }} {{- if hasPrefix "externalRedis" .Key }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3e3fb234..19bde24a 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -773,6 +773,12 @@ redis-ha: exporter: # -- If `true`, the prometheus exporter sidecar is enabled enabled: true + # -- Exporter image + # @default -- `nil` (follows subchart default) + image: ~ + # -- Exporter tag + # @default -- `nil` (follows subchart default) + tag: ~ persistentVolume: # -- Configures persistency on Redis nodes enabled: false @@ -783,17 +789,42 @@ redis-ha: # @default -- See [values.yaml] config: # -- Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled + # @default -- `'""'` save: '""' haproxy: # -- Enabled HAProxy LoadBalancing/Proxy enabled: true + image: + # -- HAProxy Image Repository + # @default -- `nil` (follows subchart default) + repository: ~ + # -- HAProxy Image Tag + # @default -- `nil` (follows subchart default) + tag: ~ metrics: # -- HAProxy enable prometheus metric scraping enabled: true image: + # -- Redis image repository + # @default -- `nil` (follows subchart default) + repository: ~ # -- Redis tag tag: 6.2.6-alpine + ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + topologySpreadConstraints: + # -- Enable Redis HA topology spread constraints + enabled: false + # -- Max skew of pods tolerated + # @default -- `""` (defaults to `1`) + maxSkew: "" + # -- Topology key for spread + # @default -- `""` (defaults to `topology.kubernetes.io/zone`) + topologyKey: "" + # -- Enforcement policy, hard or soft + # @default -- `""` (defaults to `ScheduleAnyway`) + whenUnsatisfiable: "" + # External Redis parameters externalRedis: # -- External Redis server host From 96c5c38cacf071246409023cbcd4bc3f650c9594 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 26 May 2022 13:13:26 +0200 Subject: [PATCH 0270/1248] chore: Add labeler action to automate PR labeling (#1298) Signed-off-by: Marco Kilchhofer --- .github/configs/labeler.yaml | 14 ++++++++++++++ .github/workflows/pr-sizing.yml | 18 ++++++++++++++++-- 2 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 .github/configs/labeler.yaml diff --git a/.github/configs/labeler.yaml b/.github/configs/labeler.yaml new file mode 100644 index 00000000..b00bd383 --- /dev/null +++ b/.github/configs/labeler.yaml @@ -0,0 +1,14 @@ +argo-cd: + - charts/argo-cd/**/* + +argo-events: + - charts/argo-events/**/* + +argo-rollouts: + - charts/argo-rollouts/**/* + +argo-workflows: + - charts/argo-workflows/**/* + +argocd-image-updater: + - charts/argocd-image-updater/**/* diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index d1ba98ee..4b2debef 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -1,14 +1,28 @@ ## Reference: https://github.com/pascalgn/size-label-action --- -name: 'PR Size' +name: 'PR Labeling' on: pull_request_target: types: [opened, synchronize, reopened] + +permissions: + contents: read + pull-requests: write + jobs: + triage: + runs-on: ubuntu-latest + steps: + - uses: actions/labeler@v4 + with: + configuration-path: ".github/configs/labeler.yaml" + repo-token: "${{ secrets.GITHUB_TOKEN }}" + sync-labels: true + size-label: runs-on: ubuntu-latest steps: - name: size-label uses: "pascalgn/size-label-action@v0.4.2" env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" \ No newline at end of file + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 0956363ebb0d1449e86be457e2fa96fb77ddf6d4 Mon Sep 17 00:00:00 2001 From: "JM\" (Jason Meridth)" Date: Thu, 26 May 2022 06:20:25 -0500 Subject: [PATCH 0271/1248] feat(argo-workflows): Upgrade argo-workflows to v3.3.6 (#1297) [Release Notes](https://github.com/argoproj/argo-workflows/releases/tag/v3.3.6) Includes 1 fix: - eat: Handle omitted nodes in DAG enhanced depends logic. Fixes [#8654](https://github.com/argoproj/argo-workflows/issues/8654) Signed-off-by: jmeridth Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index bbb47cfe..d2be76d9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.0 -appVersion: v3.3.5 +version: 0.16.1 +appVersion: v3.3.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Add support for workflow-controller-configmap navColor." + - "[Changed]: Update to app version v3.3.6" From dc4f6919d14dd12271fab6b842f8acddfc966eb7 Mon Sep 17 00:00:00 2001 From: Ward Loos Date: Thu, 26 May 2022 13:59:58 +0200 Subject: [PATCH 0272/1248] feat(argo-rollouts): Add PDB option to controller and dashboard (#1294) * feat(argo-rollouts): Add PodDisruptionBudget option to controller and dashboard Signed-off-by: Ward Loos * Apply changes from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Ward Loos Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 +-- charts/argo-rollouts/README.md | 13 ++++++++- charts/argo-rollouts/README.md.gotmpl | 1 + charts/argo-rollouts/templates/_helpers.tpl | 11 ++++++++ .../controller/poddisruptionbudget.yaml | 27 +++++++++++++++++++ .../dashboard/poddisruptionbudget.yaml | 27 +++++++++++++++++++ charts/argo-rollouts/values.yaml | 26 ++++++++++++++++++ 7 files changed, 106 insertions(+), 3 deletions(-) create mode 100644 charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml create mode 100644 charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 83e75ad3..97cf311b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.2.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.14.1 +version: 2.15.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: option to set dashboard replicas count" + - "[Added]: option to enable PodDisruptionBudget for controller and dashboard" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 47386dad..a39ed1e4 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -73,6 +73,11 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.nodeSelector | object | `{}` | [Node selector] | +| controller.pdb.annotations | object | `{}` | Annotations to be added to controller [Pod Disruption Budget] | +| controller.pdb.enabled | bool | `false` | Deploy a [Pod Disruption Budget] for the controller | +| controller.pdb.labels | object | `{}` | Labels to be added to controller [Pod Disruption Budget] | +| controller.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | +| controller.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | | controller.priorityClassName | string | `""` | [priorityClassName] for the controller | | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | | controller.replicas | int | `2` | The number of controller pods to run | @@ -109,6 +114,11 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.ingress.paths | list | `["/"]` | Dashboard ingress paths | | dashboard.ingress.tls | list | `[]` | Dashboard ingress tls | | dashboard.nodeSelector | object | `{}` | [Node selector] | +| dashboard.pdb.annotations | object | `{}` | Annotations to be added to dashboard [Pod Disruption Budget] | +| dashboard.pdb.enabled | bool | `false` | Deploy a [Pod Disruption Budget] for the dashboard | +| dashboard.pdb.labels | object | `{}` | Labels to be added to dashboard [Pod Disruption Budget] | +| dashboard.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | +| dashboard.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | | dashboard.podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | dashboard.priorityClassName | string | `""` | [priorityClassName] for the dashboard server | | dashboard.replicas | int | `1` | The number of dashboard pods to run | @@ -157,4 +167,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.14.1/charts/argo-rollouts/values.yaml +[Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.15.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 37305b9e..6682d168 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -97,4 +97,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ +[Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-{{ .Version }}/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 025b709e..94733603 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -84,3 +84,14 @@ Return the target Kubernetes version {{- define "argo-rollouts.kubeVersion" -}} {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} {{- end -}} + +{{/* +Return the appropriate apiVersion for pod disruption budget +*/}} +{{- define "argo-rollouts.podDisruptionBudget.apiVersion" -}} +{{- if semverCompare "<1.21-0" (include "argo-rollouts.kubeVersion" $) -}} +{{- print "policy/v1beta1" -}} +{{- else -}} +{{- print "policy/v1" -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml b/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml new file mode 100644 index 00000000..437efab9 --- /dev/null +++ b/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml @@ -0,0 +1,27 @@ +{{- if .Values.controller.pdb.enabled }} +apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-rollouts.fullname" . }} + labels: + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.controller.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.pdb.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.controller.pdb.minAvailable }} + minAvailable: {{ .Values.controller.pdb.minAvailable }} + {{- else if .Values.controller.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ .Values.controller.component }} +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml b/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml new file mode 100644 index 00000000..742b149f --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml @@ -0,0 +1,27 @@ +{{- if .Values.dashboard.pdb.enabled }} +apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-rollouts.fullname" . }}-dashboard + labels: + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.dashboard.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.dashboard.pdb.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.dashboard.pdb.minAvailable }} + minAvailable: {{ .Values.dashboard.pdb.minAvailable }} + {{- else if .Values.dashboard.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.dashboard.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ .Values.dashboard.component }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index c9ec9a99..46a64593 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -97,6 +97,19 @@ controller: successThreshold: 1 timeoutSeconds: 4 + ## Configure Pod Disruption Budget for the controller + pdb: + # -- Labels to be added to controller [Pod Disruption Budget] + labels: {} + # -- Annotations to be added to controller [Pod Disruption Budget] + annotations: {} + # -- Deploy a [Pod Disruption Budget] for the controller + enabled: false + # -- Minimum number / percentage of pods that should remain scheduled + minAvailable: # 1 + # -- Maximum number / percentage of pods that may be made unavailable + maxUnavailable: # 0 + serviceAccount: # -- Specifies whether a service account should be created create: true @@ -198,6 +211,19 @@ dashboard: # If not set and create is true, a name is generated using the fullname template name: "" + ## Configure Pod Disruption Budget for the dashboard + pdb: + # -- Labels to be added to dashboard [Pod Disruption Budget] + labels: {} + # -- Annotations to be added to dashboard [Pod Disruption Budget] + annotations: {} + # -- Deploy a [Pod Disruption Budget] for the dashboard + enabled: false + # -- Minimum number / percentage of pods that should remain scheduled + minAvailable: # 1 + # -- Maximum number / percentage of pods that may be made unavailable + maxUnavailable: # 0 + ## Ingress configuration. ## ref: https://kubernetes.io/docs/user-guide/ingress/ ## From bc5a603b2be562115139431d58ed4a27617bec3c Mon Sep 17 00:00:00 2001 From: Nicolas Lamirault Date: Mon, 30 May 2022 18:19:38 +0200 Subject: [PATCH 0273/1248] Specify logformat for Argo-CD notifications component (#1303) * Add: Specify logformat for Argo-CD notifications component Signed-off-by: Nicolas Lamirault * Update: Chart changelog Signed-off-by: Nicolas Lamirault * Fix: documentation Signed-off-by: Nicolas Lamirault --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-notifications/deployment.yaml | 1 + charts/argo-cd/values.yaml | 2 ++ 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 45908bad..37ca3d54 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.7.0 +version: 4.8.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Updated redis-ha dependency chart to 4.16.0" + - "[Changed]: Can specify log format for Argo-CD Notifications component" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 7abb37c9..9adade21 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -812,6 +812,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| notifications.logFormat | string | `"text"` | Application controller log format. Either `text` or `json` | | notifications.logLevel | string | `"info"` | Set the logging level. (One of: `debug`, `info`, `warn`, `error`) | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | | notifications.metrics.port | int | `9001` | Metrics port | diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index b2594a59..f394f82b 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -42,6 +42,7 @@ spec: command: - argocd-notifications - --loglevel={{ .Values.notifications.logLevel }} + - --logformat={{ .Values.notifications.logFormat }} {{- if .Values.notifications.metrics.enabled }} - --metrics-port={{ .Values.notifications.metrics.port }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 19bde24a..27c67d36 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2218,6 +2218,8 @@ notifications: # -- Set the logging level. (One of: `debug`, `info`, `warn`, `error`) logLevel: info + # -- Application controller log format. Either `text` or `json` + logFormat: text # -- Extra arguments to provide to the controller extraArgs: [] From 3f72172232ac6e4e1616f0634e0c26eab6584b97 Mon Sep 17 00:00:00 2001 From: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com> Date: Thu, 2 Jun 2022 03:09:51 +1000 Subject: [PATCH 0274/1248] feat(argo-rollouts): readonly dashboard (#1304) * feat-argo-rollouts-readonly-dashboard Signed-off-by: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com>" Signed-off-by: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com> * fixing readme values version link Signed-off-by: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com> Signed-off-by: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 ++- charts/argo-rollouts/templates/dashboard/clusterrole.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 97cf311b..9cf45863 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.2.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.15.0 +version: 2.16.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: option to enable PodDisruptionBudget for controller and dashboard" + - "[Added]: Argo rollouts dashboard cluster role readonly flags" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index a39ed1e4..87a26250 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -121,6 +121,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | | dashboard.podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | dashboard.priorityClassName | string | `""` | [priorityClassName] for the dashboard server | +| dashboard.readonly | bool | `false` | Set cluster role to readonly | | dashboard.replicas | int | `1` | The number of dashboard pods to run | | dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | | dashboard.service.annotations | object | `{}` | Service annotations | @@ -168,4 +169,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.15.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.16.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 20a3376c..8dd1ac6b 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -17,8 +17,10 @@ rules: - get - list - watch + {{- if not .Values.dashboard.readonly }} - update - patch + {{- end }} - apiGroups: - argoproj.io resources: @@ -27,7 +29,9 @@ rules: - experiments - experiments/finalizers verbs: + {{- if not .Values.dashboard.readonly }} - create + {{- end }} - get - list - watch diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 46a64593..99d43d4e 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -151,6 +151,8 @@ imagePullSecrets: [] dashboard: # -- Deploy dashboard server enabled: false + # -- Set cluster role to readonly + readonly: false # -- Value of label `app.kubernetes.io/component` component: rollouts-dashboard # -- [Node selector] From 35f9ea8149385b4c18ccef139a336f032afe5b3d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 2 Jun 2022 02:56:20 +0900 Subject: [PATCH 0275/1248] fix(argo-workflows): Remove unsupported value (#1302) * fix(argo-workflows): Add comment about removed flag Signed-off-by: yu-croco * fix(argo-workflows): Remove unsupported value Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 - .../templates/controller/workflow-controller-deployment.yaml | 4 ---- charts/argo-workflows/values.yaml | 2 -- 4 files changed, 2 insertions(+), 9 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index d2be76d9..7c690002 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.1 +version: 0.16.2 appVersion: v3.3.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v3.3.6" + - "[Fixed]: Remove unsupported value" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 0592f827..233af32e 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -99,7 +99,6 @@ Fields to note: | controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | -| controller.podWorkers | string | `nil` | Number of pod workers | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | | controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | | controller.replicas | int | `1` | The number of controller pods to run | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 153efeef..9f53a2e4 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -53,10 +53,6 @@ spec: - "--workflow-workers" - {{ . | quote }} {{- end }} - {{- with .Values.controller.podWorkers }} - - "--pod-workers" - - {{ . | quote }} - {{- end }} {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index e94ba575..5131be6b 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -126,8 +126,6 @@ controller: # -- Number of workflow workers workflowWorkers: # 32 - # -- Number of pod workers - podWorkers: # 32 # -- Restricts the Workflows that the controller will process. # Only valid for 2.9+ workflowRestrictions: {} From bf692f9383926ba72083800f53cfcc950533acf8 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 2 Jun 2022 14:06:16 +0200 Subject: [PATCH 0276/1248] fix(argo-cd): AppSet and Notifications respect global.podAnnotations (#1308) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 6 ++++-- .../argo-cd/templates/argocd-notifications/deployment.yaml | 6 +++--- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 37ca3d54..4de3bd76 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.8.0 +version: 4.8.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Can specify log format for Argo-CD Notifications component" + - "[Fixed]: ApplicationSet and Notification controller Pods now also respect 'global.podAnnotations'" diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 131e7504..40f4ca85 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -13,9 +13,11 @@ spec: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} template: metadata: - {{- with .Values.applicationSet.podAnnotations }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.applicationSet.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index f394f82b..96eb35cd 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -14,11 +14,11 @@ spec: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} template: metadata: - {{- if .Values.notifications.podAnnotations }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.notifications.podAnnotations) }} annotations: - {{- range $key, $value := .Values.notifications.podAnnotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} - {{- end }} + {{- end }} {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 8 }} From 05f7c6c24155f172287d6e884b105132e550a0e3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 2 Jun 2022 21:26:08 +0900 Subject: [PATCH 0277/1248] feat(argo-cd): support separate imagePullSecrets (#1311) Signed-off-by: yu-croco Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 5 +++++ .../argocd-application-controller/deployment.yaml | 2 +- .../argocd-applicationset/deployment.yaml | 2 +- .../bots/slack/deployment.yaml | 2 +- .../templates/argocd-repo-server/deployment.yaml | 2 +- .../templates/argocd-server/deployment.yaml | 2 +- charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/templates/redis/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 15 +++++++++++++++ 10 files changed, 29 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4de3bd76..541cac77 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.8.1 +version: 4.8.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: ApplicationSet and Notification controller Pods now also respect 'global.podAnnotations'" + - "[Added]: Support separate imagePullSecrets" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 9adade21..cae52658 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -276,6 +276,7 @@ NAME: my-release | controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller | | controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller | | controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | +| controller.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | controller.initContainers | list | `[]` | Init containers to add to the application controller pod | | controller.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | controller.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -353,6 +354,7 @@ NAME: my-release | repoServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the repo server | | repoServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the repo server | | repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | +| repoServer.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | repoServer.initContainers | list | `[]` | Init containers to add to the repo server pods | | repoServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | repoServer.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -448,6 +450,7 @@ NAME: my-release | server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server | | server.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Argo CD server | | server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server | +| server.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | server.ingress.annotations | object | `{}` | Additional ingress annotations | | server.ingress.enabled | bool | `false` | Enable an ingress resource for the Argo CD server | | server.ingress.extraPaths | list | `[]` | Additional ingress paths | @@ -561,6 +564,7 @@ NAME: my-release | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | | dex.image.tag | string | `"v2.30.2"` | Dex image tag | +| dex.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | @@ -630,6 +634,7 @@ NAME: my-release | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | | redis.image.repository | string | `"redis"` | Redis repository | | redis.image.tag | string | `"6.2.6-alpine"` | Redis tag | +| redis.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index c4370aee..61642ccf 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -30,7 +30,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.global.imagePullSecrets }} + {{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 40f4ca85..f09584f8 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -26,7 +26,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.applicationSet.imagePullSecrets }} + {{- with .Values.applicationSet.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index 8561406e..0ec4565e 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -16,7 +16,7 @@ spec: labels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 8 }} spec: - {{- with .Values.notifications.bots.slack.imagePullSecrets }} + {{- with .Values.notifications.bots.slack.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index c16bd1a8..f3ad2fdc 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -29,7 +29,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.global.imagePullSecrets }} + {{- with .Values.repoServer.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 4395120d..66d8381c 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -29,7 +29,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.global.imagePullSecrets }} + {{- with .Values.server.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index b23aeb63..2ca2fd6e 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -25,7 +25,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.global.imagePullSecrets }} + {{- with .Values.dex.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index fb0c481f..87d143b7 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -26,7 +26,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.global.imagePullSecrets }} + {{- with .Values.redis.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 27c67d36..6dc6342a 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -361,6 +361,9 @@ controller: # minAvailable: 1 # maxUnavailable: 0 + # -- Secrets with credentials to pull images from a private registry + imagePullSecrets: [] + ## Dex dex: # -- Enable dex @@ -576,6 +579,9 @@ dex: # minAvailable: 1 # maxUnavailable: 0 + # -- Secrets with credentials to pull images from a private registry + imagePullSecrets: [] + ## Redis redis: # -- Enable redis @@ -764,6 +770,9 @@ redis: # minAvailable: 1 # maxUnavailable: 0 + # -- Secrets with credentials to pull images from a private registry + imagePullSecrets: [] + # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted # Check the redis-ha chart for more properties @@ -1470,6 +1479,9 @@ server: # minAvailable: 1 # maxUnavailable: 0 + # -- Secrets with credentials to pull images from a private registry + imagePullSecrets: [] + ## Repo Server repoServer: # -- Repo server name @@ -1725,6 +1737,9 @@ repoServer: # minAvailable: 1 # maxUnavailable: 0 + # -- Secrets with credentials to pull images from a private registry + imagePullSecrets: [] + ## Argo Configs configs: # -- Provide one or multiple [external cluster credentials] From 43c065843595a53a4f02062539f6dc1fa799f654 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 2 Jun 2022 23:23:39 +0900 Subject: [PATCH 0278/1248] chore: Update some tools' version on GitHub Actions (#1312) Signed-off-by: yu-croco --- .github/workflows/lint-and-test.yml | 8 ++++---- .github/workflows/pr-sizing.yml | 2 +- .github/workflows/publish.yml | 4 ++-- .github/workflows/stale.yml | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index b5bf57f3..bd2bfe3f 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 @@ -15,13 +15,13 @@ jobs: uses: azure/setup-helm@v1 - name: Set up python - uses: actions/setup-python@v2 + uses: actions/setup-python@v3 with: - python-version: 3.7 + python-version: 3.8 - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.1.0 + uses: helm/chart-testing-action@v2.2.1 - name: List changed charts id: list-changed diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 4b2debef..7f35a417 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -23,6 +23,6 @@ jobs: runs-on: ubuntu-latest steps: - name: size-label - uses: "pascalgn/size-label-action@v0.4.2" + uses: "pascalgn/size-label-action@v0.4.3" env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index f3b502e0..c3089bc3 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 @@ -35,7 +35,7 @@ jobs: git checkout origin/gh-pages index.yaml - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.2.0 + uses: helm/chart-releaser-action@v1.4.0 with: config: "./.github/configs/cr.yaml" env: diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 5947dfc3..0e8a171e 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -7,7 +7,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@v4 + - uses: actions/stale@v5 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From 66638628b07bdd7312a8920b52390c93ddbba678 Mon Sep 17 00:00:00 2001 From: "JM\" (Jason Meridth)" Date: Fri, 3 Jun 2022 10:43:34 -0500 Subject: [PATCH 0279/1248] chore(CODEOWNERS): Add jmeridth as approver (#1271) Signed-off-by: jmeridth Co-authored-by: Marco Kilchhofer --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 7627dc16..abb5956c 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -4,7 +4,7 @@ /charts/ @oliverbaehler # Argo Workflows -/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand +/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth # Argo CD /charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer From 1e689a4356cb49846beafa335bbce214bf22c677 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 8 Jun 2022 15:03:58 +0900 Subject: [PATCH 0280/1248] feat(argo-cd): Support annotations in argocd-configs secrets (#1314) * feat(argo-cd): support annotations in argocd-configs secrets Signed-off-by: yu-croco * fix(argo-cd): align to exitsing format Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 3 +++ .../templates/argocd-configs/externalredis-secret.yaml | 4 ++++ .../argocd-configs/repository-credentials-secret.yaml | 4 ++++ .../templates/argocd-configs/repository-secret.yaml | 4 ++++ charts/argo-cd/values.yaml | 8 ++++++++ 6 files changed, 25 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 541cac77..f46e2921 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.8.2 +version: 4.8.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support separate imagePullSecrets" + - "[Added]: Support annotations in argocd-configs secrets" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index cae52658..d5ccf50c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -213,11 +213,13 @@ NAME: my-release | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | +| configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpgKeys | object | `{}` (See [values.yaml]) | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | | configs.gpgKeysAnnotations | object | `{}` | GnuPG key ring annotations | | configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts | | configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations | | configs.repositories | object | `{}` | Repositories list to be used by applications | +| configs.repositoriesAnnotations | object | `{}` | Annotations to be added to `configs.repositories` Secret | | configs.repositoryCredentials | object | `{}` | *DEPRECATED:* Instead, use `configs.credentialTemplates` and/or `configs.repositories` | | configs.secret.annotations | object | `{}` | Annotations to be added to argocd-secret | | configs.secret.argocdServerAdminPassword | string | `""` | Bcrypt hashed admin password | @@ -716,6 +718,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | externalRedis.host | string | `""` | External Redis server host | | externalRedis.password | string | `""` | External Redis password | | externalRedis.port | int | `6379` | External Redis server port | +| externalRedis.secretAnnotations | object | `{}` | External Redis Secret annotations | ## ApplicationSet diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml index 3d806902..d2b1887f 100644 --- a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml @@ -5,6 +5,10 @@ metadata: name: {{ template "argo-cd.redis.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} + {{- with .Values.externalRedis.secretAnnotations }} + annotations: + {{- toYaml . | nindent 4}} + {{- end }} type: Opaque data: redis-password: {{ .Values.externalRedis.password | b64enc }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index f9165d5d..060ef579 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -7,6 +7,10 @@ metadata: labels: argocd.argoproj.io/secret-type: repo-creds {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} + {{- with $.Values.configs.credentialTemplatesAnnotations }} + annotations: + {{- toYaml . | nindent 4}} + {{- end }} data: {{- range $key, $value := $repo_cred_value }} {{ $key }}: {{ $value | toString | b64enc }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index 2c0d4f08..4b49811e 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -7,6 +7,10 @@ metadata: labels: argocd.argoproj.io/secret-type: repository {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} + {{- with $.Values.configs.repositoriesAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} data: {{- range $key, $value := $repo_value }} {{ $key }}: {{ $value | b64enc }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6dc6342a..f90f362a 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -845,6 +845,8 @@ externalRedis: # -- The name of an existing secret with Redis credentials (must contain key `redis-password`). # When it's set, the `externalRedis.password` parameter is ignored existingSecret: "" + # -- External Redis Secret annotations + secretAnnotations: {} ## Server server: @@ -1878,6 +1880,9 @@ configs: # ... # -----END OPENSSH PRIVATE KEY----- + # -- Annotations to be added to `configs.credentialTemplates` Secret + credentialTemplatesAnnotations: {} + # -- Repositories list to be used by applications ## Creates a secret for each key/value specified below to create repositories ## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". @@ -1895,6 +1900,9 @@ configs: # private-repo: # url: https://github.com/argoproj/private-repo + # -- Annotations to be added to `configs.repositories` Secret + repositoriesAnnotations: {} + secret: # -- Create the argocd-secret createSecret: true From 5112c7782423349707c1c13d3da973009c53d830 Mon Sep 17 00:00:00 2001 From: Prateek Khera <34710743+prateekkhera92@users.noreply.github.com> Date: Fri, 10 Jun 2022 22:20:01 +0530 Subject: [PATCH 0281/1248] feat(argo-workflows): Add mainContainer config in configmap (#1310) * Specify logformat for Argo-CD notifications component (#1303) * Add: Specify logformat for Argo-CD notifications component Signed-off-by: Nicolas Lamirault * Update: Chart changelog Signed-off-by: Nicolas Lamirault * Fix: documentation Signed-off-by: Nicolas Lamirault Signed-off-by: Prateek Khera * feat(argo-rollouts): readonly dashboard (#1304) * feat-argo-rollouts-readonly-dashboard Signed-off-by: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com>" Signed-off-by: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com> * fixing readme values version link Signed-off-by: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com> Signed-off-by: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Signed-off-by: Prateek Khera * fix(argo-workflows): Remove unsupported value (#1302) * fix(argo-workflows): Add comment about removed flag Signed-off-by: yu-croco * fix(argo-workflows): Remove unsupported value Signed-off-by: yu-croco Signed-off-by: Prateek Khera * add mainContainer config in configmap Signed-off-by: Prateek Khera * update version Signed-off-by: Prateek Khera * add mainContainer to values Signed-off-by: Prateek Khera * add mainContainer to readme Signed-off-by: Prateek Khera * add changelog Signed-off-by: Prateek Khera * add Workflow Main Container key Signed-off-by: Prateek Khera * fix(argo-cd): AppSet and Notifications respect global.podAnnotations (#1308) Signed-off-by: Marco Kilchhofer Signed-off-by: Prateek Khera * feat(argo-cd): support separate imagePullSecrets (#1311) Signed-off-by: yu-croco Co-authored-by: Marco Kilchhofer Signed-off-by: Prateek Khera * chore: Update some tools' version on GitHub Actions (#1312) Signed-off-by: yu-croco Signed-off-by: Prateek Khera * chore(CODEOWNERS): Add jmeridth as approver (#1271) Signed-off-by: jmeridth Co-authored-by: Marco Kilchhofer Signed-off-by: Prateek Khera * feat(argo-cd): Support annotations in argocd-configs secrets (#1314) * feat(argo-cd): support annotations in argocd-configs secrets Signed-off-by: yu-croco * fix(argo-cd): align to exitsing format Signed-off-by: yu-croco Signed-off-by: Prateek Khera * add new line to fix failed liniting Signed-off-by: Prateek Khera * remove auto-generating readme Signed-off-by: Prateek Khera * match readme as per the comment in values file Signed-off-by: Prateek Khera * add image pullpolicy to values.yaml Signed-off-by: Prateek Khera * add image pullpolicy to values.yaml Signed-off-by: Prateek Khera * add image pullpolicy to readme Signed-off-by: Prateek Khera * fix ordering in readme Signed-off-by: Prateek Khera * Exclude "mainContainer" prefix from General parameters Signed-off-by: Marco Kilchhofer Co-authored-by: Nicolas Lamirault Co-authored-by: foxtel-temujincabigao <86087373+foxtel-temujincabigao@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Aikawa Co-authored-by: Prateek Khera Co-authored-by: JM" (Jason Meridth) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 9 +++++++++ charts/argo-workflows/README.md.gotmpl | 12 +++++++++++- .../controller/workflow-controller-config-map.yaml | 13 +++++++++++++ charts/argo-workflows/values.yaml | 11 +++++++++++ 5 files changed, 46 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 7c690002..62c849ff 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.2 +version: 0.16.3 appVersion: v3.3.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Remove unsupported value" + - "[Added]: Support for mainContainer config" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 233af32e..b3aae666 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -127,6 +127,15 @@ Fields to note: | controller.workflowRestrictions | object | `{}` | Restricts the Workflows that the controller will process. Only valid for 2.9+ | | controller.workflowWorkers | string | `nil` | Number of workflow workers | +### Workflow Main Container + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| mainContainer.env | object | `{}` | Adds environment variables for the Workflow main container | +| mainContainer.imagePullPolicy | string | `"Always"` | imagePullPolicy to apply to Workflow main container | +| mainContainer.resources | object | `{}` | Resource limits and requests for the Workflow main container | +| mainContainer.securityContext | object | `{}` | sets security context for the Workflow main container | + ### Workflow Executor | Key | Type | Default | Description | diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 4f5fe410..27f43013 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -42,7 +42,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if not (or (hasPrefix "workflow" .Key) (hasPrefix "controller" .Key) (hasPrefix "executor" .Key) (hasPrefix "server" .Key) (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) ) }} + {{- if not (or (hasPrefix "workflow" .Key) (hasPrefix "controller" .Key) (hasPrefix "executor" .Key) (hasPrefix "server" .Key) (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) (hasPrefix "mainContainer" .Key) ) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} @@ -67,6 +67,16 @@ Fields to note: {{- end }} {{- end }} +### Workflow Main Container + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "mainContainer" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + ### Workflow Executor | Key | Type | Default | Description | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 5cdb7f50..75b4af1a 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -30,6 +30,19 @@ data: {{- with .Values.controller.initialDelay }} initialDelay: {{ . }} {{- end }} + {{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.securityContext}} + mainContainer: + imagePullPolicy: {{ .Values.images.pullPolicy }} + {{- with .Values.mainContainer.resources }} + resources: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.mainContainer.env }} + env: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.mainContainer.securityContext }} + securityContext: {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: imagePullPolicy: {{ .Values.images.pullPolicy }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 5131be6b..70e76ceb 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -262,6 +262,17 @@ controller: # -- Extra containers to be added to the controller deployment extraContainers: [] +# mainContainer adds default config for main container that could be overriden in workflows template +mainContainer: + # -- imagePullPolicy to apply to Workflow main container + imagePullPolicy: Always + # -- Resource limits and requests for the Workflow main container + resources: {} + # -- Adds environment variables for the Workflow main container + env: {} + # -- sets security context for the Workflow main container + securityContext: {} + # executor controls how the init and wait container should be customized executor: image: From 0b8fb3ca69eafff34e8e3f47107b69d3daeb5c92 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 11 Jun 2022 03:32:48 +0900 Subject: [PATCH 0282/1248] chore(CODEOWNERS): Add yu-croco as approver (#1319) Signed-off-by: yu-croco Co-authored-by: JM" (Jason Meridth) --- CODEOWNERS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index abb5956c..e3876444 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -4,10 +4,10 @@ /charts/ @oliverbaehler # Argo Workflows -/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth +/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer +/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco # Argo Events /charts/argo-events/ @jbehling @VaibhavPage From 564029c9f3d08a6d4cc9ccb9b62b00a5b42738d2 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 11 Jun 2022 16:53:56 +0900 Subject: [PATCH 0283/1248] feat: add chart version input on bug report to help investigation (#1318) Signed-off-by: yu-croco --- .github/ISSUE_TEMPLATE/bug_report.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml index f69de536..0d692e43 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yaml +++ b/.github/ISSUE_TEMPLATE/bug_report.yaml @@ -26,6 +26,14 @@ body: validations: required: true +- type: input + attributes: + label: Helm chart version + description: Version of the Helm chart this issue relates to + placeholder: e.g. 0.16.2 + validations: + required: true + - type: textarea attributes: label: To Reproduce From 4e05fd0da1d55622d76cfe92e51ae0badf29a0c0 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 12 Jun 2022 02:43:24 +0900 Subject: [PATCH 0284/1248] chore: update old URLs on pull_request_template.md (#1323) --- .github/pull_request_template.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 741d56a9..65c36c00 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -8,7 +8,7 @@ Checklist: * [ ] I have updated the documentation according to [documentation](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#documentation) * [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). * [ ] Any new values are backwards compatible and/or have sensible default. -* [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/tree/main/community#contributing-to-argo). -* [ ] My build is green ([troubleshooting builds](https://argoproj.github.io/argo-cd/developer-guide/ci/)). +* [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/blob/master/community/CONTRIBUTING.md). +* [ ] My build is green ([troubleshooting builds](https://argo-cd.readthedocs.io/en/stable/developer-guide/ci/)). Changes are automatically published when merged to `main`. They are not published on branches. From 04f4cb0ba17c336a345120f61e71f7ce891278e8 Mon Sep 17 00:00:00 2001 From: Le Minh Thong <55283557+minhthong582000@users.noreply.github.com> Date: Tue, 14 Jun 2022 17:10:08 +0700 Subject: [PATCH 0285/1248] feat(argo-cd): Update to Argo CD v2.4.0 (#1325) * feat(argo-cd): Upgrade redis to 7.0.0 Including CVEs. Ref: https://github.com/redis/redis/blob/7.0/00-RELEASENOTES Signed-off-by: Mathieu Parent * feat(argo-cd): Use upstream applicationset binary Signed-off-by: Petr Drastil * feat(argo-cd): Update Argo CD to v2.4.0 Signed-off-by: thonglm2 * Specify logs RBAC enforcement config in server Argocd v2.4 introduced logs as a new RBAC resource. We should remind user to set the flag now for an easier upgrade experience in future releases. Signed-off-by: thonglm2 * Remove ksonnet and helm 2 support from Application and ApplicationSet CRDs KSonnet and Helm2 support is removed in v2.4. See: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#ksonnet-support-is-removed and https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#helm-2-support-is-removed Signed-off-by: thonglm2 * Specify logs RBAC enforcement config in argocd-cm Argocd v2.4 introduced logs as a new RBAC resource. We should remind user to set the flag now for an easier upgrade in future releases. Signed-off-by: thonglm2 * Add entrypoint.sh on applicationset deployment Signed-off-by: Marco Kilchhofer Co-authored-by: Mathieu Parent Co-authored-by: Petr Drastil Co-authored-by: thonglm2 Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 10 +- charts/argo-cd/README.md | 12 +- charts/argo-cd/README.md.gotmpl | 4 + charts/argo-cd/crds/crd-application.yaml | 169 +--- charts/argo-cd/crds/crd-applicationset.yaml | 833 +++++++++--------- .../argocd-applicationset/deployment.yaml | 3 +- charts/argo-cd/values.yaml | 14 +- 7 files changed, 471 insertions(+), 574 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f46e2921..e3479e75 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.3.4 +appVersion: v2.4.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.8.3 +version: 4.9.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,8 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support annotations in argocd-configs secrets" + - "[Changed]: Update Argo CD to v2.4.0" + - "[Added]: Specify logs RBAC enforcement config in server" + - "[Changed]: Remove ksonnet and helm 2 support from Application and applicationSet CRDs" + - "[Changed]: Use applicationset binary on the upstream image" + - "[Changed]: Upgrade redis to 7.0.0" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d5ccf50c..17dd8642 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -95,6 +95,10 @@ kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref= Date: Tue, 14 Jun 2022 14:31:39 +0200 Subject: [PATCH 0286/1248] fix(argo-cd): Extend K8s RBAC when using UI exec feature (#1326) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 8 ++------ .../argo-cd/templates/argocd-server/clusterrole.yaml | 10 +++++++++- charts/argo-cd/values.yaml | 4 ++++ 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e3479e75..6cd00449 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.0 +version: 4.9.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,8 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.4.0" - - "[Added]: Specify logs RBAC enforcement config in server" - - "[Changed]: Remove ksonnet and helm 2 support from Application and applicationSet CRDs" - - "[Changed]: Use applicationset binary on the upstream image" - - "[Changed]: Upgrade redis to 7.0.0" + - "[Fixed]: Extend K8s RBAC when using UI exec feature" diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 63e3ee47..caac062e 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -27,4 +27,12 @@ rules: - pods/log verbs: - get -{{- end }} \ No newline at end of file + {{- if eq (index .Values.server.config "exec.enabled") "true" }} + - apiGroups: + - "" + resources: + - pods/exec + verbs: + - create + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c5043fc1..b5672d4c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1231,6 +1231,10 @@ server: # Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement server.rbac.log.enforce.enable: "false" + # exec.enabled indicates whether the UI exec feature is enabled. It is disabled by default. + # Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/rbac/#exec-resource + exec.enabled: "false" + # DEPRECATED: Please instead use configs.credentialTemplates and configs.repositories # repositories: | # - url: git@github.com:group/repo.git From d2c2055290f30e645e38d0c6b4e7aaa5236442de Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 14 Jun 2022 17:37:47 +0200 Subject: [PATCH 0287/1248] feat(argo-events): Upgrade argo-events to v1.7.0 (#1269) * feat(argo-events) : Upgrade argo-events to v1.7.0 Signed-off-by: Petr Drastil * Fix typos Signed-off-by: Petr Drastil * Add missing braces Signed-off-by: Petr Drastil * Use templates for service account names Signed-off-by: Petr Drastil * Drop application labels Signed-off-by: Petr Drastil * Update documentation Signed-off-by: Petr Drastil * Move CRDs to template folder Signed-off-by: Petr Drastil * Disable webhook by default Signed-off-by: Petr Drastil * Fix indentation Signed-off-by: Petr Drastil * Update README Signed-off-by: Petr Drastil * Drop prefix from aggregate-roles Signed-off-by: Petr Drastil * Fix typo aggragate-roles.yaml -> aggregate-roles.yaml Signed-off-by: Marco Kilchhofer * Use helm-docs.sh Signed-off-by: Marco Kilchhofer * Fix typo REALEASE -> RELEASE Signed-off-by: Marco Kilchhofer * Use consistent wording/style Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 25 +- charts/argo-events/README.md | 216 +++++--- charts/argo-events/README.md.gotmpl | 61 ++- charts/argo-events/ci/test-values.yaml | 1 - charts/argo-events/crds/eventbus-crd.yml | 40 -- charts/argo-events/crds/eventsource-crd.yml | 40 -- charts/argo-events/crds/sensor-crd.yml | 40 -- charts/argo-events/templates/_helpers.tpl | 73 +++ .../templates/aggregate-roles.yaml | 127 ++--- .../templates/argo-events-cluster-roles.yaml | 101 ---- .../argo-events-controller/config.yaml | 41 ++ .../argo-events-controller/deployment.yaml | 137 +++++ .../templates/argo-events-controller/pdb.yaml | 28 + .../argo-events-controller/rbac.yaml | 113 ++++ .../argo-events-controller/service.yaml | 25 + .../serviceaccount.yaml | 15 + .../servicemonitor.yaml | 38 ++ .../templates/argo-events-roles.yaml | 103 ---- .../argo-events/templates/argo-events-sa.yaml | 25 - .../argo-events-webhook/clusterrole.yaml | 79 +++ .../clusterrolebinding.yaml | 16 + .../argo-events-webhook/deployment.yaml | 120 ++++ .../templates/argo-events-webhook/pdb.yaml | 28 + .../argo-events-webhook/service.yaml | 14 + .../argo-events-webhook/serviceaccount.yaml | 15 + .../templates/crds/eventbus-crd.yml | 48 ++ .../templates/crds/eventsource-crd.yml | 48 ++ .../argo-events/templates/crds/sensor-crd.yml | 48 ++ .../eventbus-controller/deployment.yaml | 85 --- .../eventsource-controller/deployment.yaml | 83 --- .../sensor-controller/deployment.yaml | 83 --- charts/argo-events/values.yaml | 513 +++++++++++++----- 32 files changed, 1520 insertions(+), 909 deletions(-) delete mode 100644 charts/argo-events/crds/eventbus-crd.yml delete mode 100644 charts/argo-events/crds/eventsource-crd.yml delete mode 100644 charts/argo-events/crds/sensor-crd.yml delete mode 100644 charts/argo-events/templates/argo-events-cluster-roles.yaml create mode 100644 charts/argo-events/templates/argo-events-controller/config.yaml create mode 100644 charts/argo-events/templates/argo-events-controller/deployment.yaml create mode 100644 charts/argo-events/templates/argo-events-controller/pdb.yaml create mode 100644 charts/argo-events/templates/argo-events-controller/rbac.yaml create mode 100644 charts/argo-events/templates/argo-events-controller/service.yaml create mode 100644 charts/argo-events/templates/argo-events-controller/serviceaccount.yaml create mode 100644 charts/argo-events/templates/argo-events-controller/servicemonitor.yaml delete mode 100644 charts/argo-events/templates/argo-events-roles.yaml delete mode 100644 charts/argo-events/templates/argo-events-sa.yaml create mode 100644 charts/argo-events/templates/argo-events-webhook/clusterrole.yaml create mode 100644 charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml create mode 100644 charts/argo-events/templates/argo-events-webhook/deployment.yaml create mode 100644 charts/argo-events/templates/argo-events-webhook/pdb.yaml create mode 100644 charts/argo-events/templates/argo-events-webhook/service.yaml create mode 100644 charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml create mode 100644 charts/argo-events/templates/crds/eventbus-crd.yml create mode 100644 charts/argo-events/templates/crds/eventsource-crd.yml create mode 100644 charts/argo-events/templates/crds/sensor-crd.yml delete mode 100644 charts/argo-events/templates/eventbus-controller/deployment.yaml delete mode 100644 charts/argo-events/templates/eventsource-controller/deployment.yaml delete mode 100644 charts/argo-events/templates/sensor-controller/deployment.yaml diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 977749af..118d287e 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,20 +1,27 @@ apiVersion: v2 -description: A Helm chart to install Argo-Events in k8s Cluster +appVersion: v1.7.0 +description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 1.13.0 +version: 2.0.0 +home: https://github.com/argoproj/argo-helm +icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: + - argoproj - argo-events - - sensor-controller - - eventsource-controller - - eventbus-controller sources: - https://github.com/argoproj/argo-events maintainers: - name: VaibhavPage - name: whynowy -appVersion: v1.6.0 -icon: https://argoproj.github.io/argo-events/assets/logo.png -home: https://github.com/argoproj/argo-helm annotations: artifacthub.io/changes: | - - "[Added]: Additional RBAC for leader election" + - "[Added]: Argo events controller for v1.7.0" + - "[Added]: Argo events addmission webhook deployment" + - "[Added]: Global configuration options for all deployments" + - "[Added]: Pod disruption budgets for HA deployments" + - "[Added]: Support for Prometheus metrics on controller deployment" + - "[Changed]: Enable cluster-wide deployment by default" + - "[Removed]: Deprecated EventBus controller deployment" + - "[Removed]: Deprecated EventSource controller deployment" + - "[Removed]: Deprecated Sensor controller deployment" + - "[Removed]: Removed RBAC that allowed controller to create / modify CRDs" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index b6c9a407..0acdf2ff 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -1,29 +1,43 @@ # Argo-Events Chart This is a **community maintained** chart. It installs the [argo-events](https://github.com/argoproj/argo-events) application. This application comes packaged with: + - Sensor Custom Resource Definition (See CRD Notes) - EventSource Custom Resource Definition (See CRD Notes) - EventBus Custom Resource Definition (See CRD Notes) -- Sensor Controller Deployment -- EventSource Controller Deployment -- EventBus Controller Deployment -- Service Account -- Roles -- Role Bindings -- Cluster Roles -- Cluster Role Bindings +- Controller Deployment +- Validation Webhook Deployment +- Service Accounts +- Roles / Cluster Roles +- Role Bindings / Cluster Role Bindings -To regenerate this document, from the root of this chart directory run: +To regenerate this document, please run: ```shell -docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +./scripts/helm-docs.sh ``` -## Notes on CRD Installation +## Upgrading -Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. +### Custom resource definitions -You can install the CRDs manually from `crds` folder. +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. + +You can install the CRDs manually from `templates/crds` folder. + +### 2.0.* + +Custom resource definitions were moved to `templates` folder so they can be managed by Helm. + +To adopt already created CRDs please use following command: + +```bash +for crd in "eventbus.argoproj.io" "eventsources.argoproj.io" "sensors.argoproj.io"; do + kubectl label --overwrite crd $crd app.kubernetes.io/managed-by=Helm + kubectl annotate --overwrite crd $crd meta.helm.sh/release-namespace= + kubectl annotate --overwrite crd $crd meta.helm.sh/release-name= +done +``` ## Values @@ -31,81 +45,135 @@ You can install the CRDs manually from `crds` folder. | Key | Type | Default | Description | |-----|------|---------|-------------| -| additionalSaNamespaces | list | `[]` | Create service accounts in additional namespaces specified The SA will always be created in the release namespaces | -| additionalServiceAccountRules | list | (See [values.yaml]) | Additional rules | -| createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-events CRDs. Only applies for cluster-wide installation (`singleNamespace: true`) | +| configs.jetstream.settings.maxFileStore | int | `-1` | Maximum size of the file storage (e.g. 20G) | +| configs.jetstream.settings.maxMemoryStore | int | `-1` | Maximum size of the memory storage (e.g. 1G) | +| configs.jetstream.streamConfig.duplicates | string | `"300s"` | Not documented at the moment | +| configs.jetstream.streamConfig.maxAge | string | `"72h"` | Maximum age of existing messages, i.e. “72h”, “4h35m” | +| configs.jetstream.streamConfig.maxBytes | string | `"1GB"` | | +| configs.jetstream.streamConfig.maxMsgs | int | `1000000` | Maximum number of messages before expiring oldest message | +| configs.jetstream.streamConfig.replicas | int | `3` | Number of replicas, defaults to 3 and requires minimal 3 | +| configs.jetstream.versions | list | `[]` | | +| configs.nats.versions | list | `[]` (See [values.yaml]) | Supported versions of NATS event bus | +| crds.annotations | object | `{}` | Annotations to be added to all CRDs | +| crds.install | bool | `true` | Install and upgrade CRDs | +| crds.keep | bool | `true` | Keep CRDs on chart uninstall | +| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-events crds Only applies for cluster-wide installation (`controller.rbac.namespaced: false`) | | fullnameOverride | string | `""` | String to fully override "argo-events.fullname" template | -| imagePullPolicy | string | `"Always"` | The image pull policy | -| imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | -| nameOverride | string | `""` | String to partially override "argo-events.fullname" template | -| registry | string | `"quay.io"` | docker registry | -| securityContext | object | `{"runAsNonRoot":true,"runAsUser":9731}` | Common PodSecurityContext for all controllers | -| serviceAccount | string | `"argo-events-sa"` | ServiceAccount to use for running controller. | -| serviceAccountAnnotations | object | `{}` | Annotations applied to created service account. Can be used to enable GKE workload identity, or other use-cases | -| singleNamespace | bool | `true` | Whether to run in namespaced scope. Set `singleNamespace` to false to have the controllers listen on all namespaces. Otherwise the controllers will listen on the namespace where the chart is installed in. | +| global.additionalLabels | object | `{}` | Additional labels to add to all resources | +| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | +| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo Events deployments | +| global.image.repository | string | `"quay.io/argoproj/argo-events"` | If defined, a repository applied to all Argo Events deployments | +| global.image.tag | string | `""` | Overrides the global Argo Events image tag whose default is the chart appVersion | +| global.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository | +| global.podAnnotations | object | `{}` | Annotations for the all deployed pods | +| global.podLabels | object | `{}` | Labels for the all deployed pods | +| global.securityContext | object | `{}` | Toggle and define securityContext. See [values.yaml] | +| nameOverride | string | `"argo-events"` | Provide a name in place of `argo-events` | +| openshift | bool | `false` | Deploy on OpenShift | -### Event Bus Controller +### Controller | Key | Type | Default | Description | |-----|------|---------|-------------| -| eventbusController.affinity | object | `{}` | Assign custom [affinity] rules to the event bus controller | -| eventbusController.containerSecurityContext | object | `{}` | Event bus controller container-level security context | -| eventbusController.extraEnv | list | `[]` | Additional environment variables to pass to event bus controller | -| eventbusController.image | string | `"argoproj/argo-events"` | Repository to use for the event bus controller | -| eventbusController.name | string | `"eventbus-controller"` | Event bus controller name | -| eventbusController.natsMetricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.8.0"` | NATS metrics exporter container image to use for the event bus | -| eventbusController.natsStreamingImage | string | `"nats-streaming:0.22.1"` | NATS streaming container image to use for the event bus | -| eventbusController.nodeSelector | object | `{}` | [Node selector] | -| eventbusController.podAnnotations | object | `{}` | Annotations to be added to event bus controller pods | -| eventbusController.podLabels | object | `{}` | Labels to be added to event event bus controller pods | -| eventbusController.priorityClassName | string | `""` | Priority class for the event bus controller | -| eventbusController.replicaCount | int | `1` | The number of event bus controller pods to run | -| eventbusController.resources | object | `{}` | Resource limits and requests for the event bus controller pods | -| eventbusController.tag | string | `""` (default is the chart appVersion) | Overrides the image tag | -| eventbusController.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| controller.containerSecurityContext | object | `{}` | Events controller container-level security context | +| controller.env | list | `[]` | Environment variables to pass to events controller | +| controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to events controller | +| controller.extraContainers | list | `[]` | Additional containers to be added to the events controller pods | +| controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the events controller | +| controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the events controller | +| controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the events controller | +| controller.initContainers | list | `[]` | Init containers to add to the events controller pods | +| controller.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| controller.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| controller.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| controller.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| controller.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.service.annotations | object | `{}` | Metrics service annotations | +| controller.metrics.service.labels | object | `{}` | Metrics service labels | +| controller.metrics.service.servicePort | int | `8082` | Metrics service port | +| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| controller.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| controller.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| controller.name | string | `"controller-manager"` | Argo Events controller name string | +| controller.nodeSelector | object | `{}` | [Node selector] | +| controller.pdb.annotations | object | `{}` | Annotations to be added to events controller pdb | +| controller.pdb.enabled | bool | `false` | Deploy a PodDisruptionBudget for the events controller | +| controller.pdb.labels | object | `{}` | Labels to be added to events controller pdb | +| controller.podAnnotations | object | `{}` | Annotations to be added to events controller pods | +| controller.podLabels | object | `{}` | Labels to be added to events controller pods | +| controller.priorityClassName | string | `""` | Priority class for the events controller pods | +| controller.rbac.enabled | bool | `true` | Create events controller RBAC | +| controller.rbac.namespaced | bool | `false` | Restrict events controller to operate only in a single namespace instead of cluster-wide scope. | +| controller.rbac.rules | list | `[]` | Additional user rules for event controller's rbac | +| controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| controller.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| controller.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| controller.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| controller.replicas | int | `1` | The number of events controller pods to run. | +| controller.resources | object | `{}` | Resource limits and requests for the events controller pods | +| controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| controller.serviceAccount.create | bool | `true` | Create a service account for the events controller | +| controller.serviceAccount.name | string | `""` | Service account name | +| controller.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the events controller | +| controller.volumeMounts | list | `[]` | Additional volumeMounts to the events controller main container | +| controller.volumes | list | `[]` | Additional volumes to the events controller pod | -### Event Source Controller +### Webhook | Key | Type | Default | Description | |-----|------|---------|-------------| -| eventsourceController.affinity | object | `{}` | Assign custom [affinity] rules to the event source controller | -| eventsourceController.containerSecurityContext | object | `{}` | Event source controller container-level security context | -| eventsourceController.eventsourceImage | string | `"argoproj/argo-events"` | Repository to use for the event source image | -| eventsourceController.extraEnv | list | `[]` | Additional environment variables to pass to event source controller | -| eventsourceController.image | string | `"argoproj/argo-events"` | Repository to use for the event source controller | -| eventsourceController.name | string | `"eventsource-controller"` | Event source controller name | -| eventsourceController.nodeSelector | object | `{}` | [Node selector] | -| eventsourceController.podAnnotations | object | `{}` | Annotations to be added to event source controller pods | -| eventsourceController.podLabels | object | `{}` | Labels to be added to event source controller pods | -| eventsourceController.priorityClassName | string | `""` | Priority class for the event source controller | -| eventsourceController.replicaCount | int | `1` | The number of event source controller pods to run | -| eventsourceController.resources | object | `{}` | Resource limits and requests for the event source controller pods | -| eventsourceController.tag | string | `""` (default is the chart appVersion) | Overrides the image tag | -| eventsourceController.tolerations | list | `[]` | [Tolerations] for use with node taints | - -### Sensor Controller - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| sensorController.affinity | object | `{}` | Assign custom [affinity] rules to the sensor controller | -| sensorController.containerSecurityContext | object | `{}` | Sensor controllers container-level security context | -| sensorController.extraEnv | list | `[]` | Additional environment variables to pass to sensor controller | -| sensorController.image | string | `"argoproj/argo-events"` | Repository to use for the sensor controller | -| sensorController.name | string | `"sensor-controller"` | Sensor controller name | -| sensorController.nodeSelector | object | `{}` | [Node selector] | -| sensorController.podAnnotations | object | `{}` | Annotations to be added to sensor controller pods | -| sensorController.podLabels | object | `{}` | Labels to be added to sensor controller pods | -| sensorController.priorityClassName | string | `""` | Priority class for the sensor controller | -| sensorController.replicaCount | int | `1` | The number of sensor controller pods to run | -| sensorController.resources | object | `{}` | Resource limits and requests for the sensor controller pods | -| sensorController.sensorImage | string | `"argoproj/argo-events"` | Repository to use for the sensor image | -| sensorController.tag | string | `""` (default is the chart appVersion) | Overrides the image tag | -| sensorController.tolerations | list | `[]` | [Tolerations] for use with node taints | +| webhook.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| webhook.containerSecurityContext | object | `{}` | Event controller container-level security context | +| webhook.enabled | bool | `false` | Enable admission webhook. Applies only for cluster-wide installation | +| webhook.env | list | `[]` (See [values.yaml]) | Environment variables to pass to event controller | +| webhook.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to event controller | +| webhook.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the event controller | +| webhook.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the event controller | +| webhook.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the event controller | +| webhook.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| webhook.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| webhook.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| webhook.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| webhook.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| webhook.name | string | `"events-webhook"` | Argo Events admission webhook name string | +| webhook.nodeSelector | object | `{}` | [Node selector] | +| webhook.pdb.annotations | object | `{}` | Annotations to be added to admission webhook pdb | +| webhook.pdb.enabled | bool | `false` | Deploy a PodDisruptionBudget for the admission webhook | +| webhook.pdb.labels | object | `{}` | Labels to be added to admission webhook pdb | +| webhook.podAnnotations | object | `{}` | Annotations to be added to event controller pods | +| webhook.podLabels | object | `{}` | Labels to be added to event controller pods | +| webhook.priorityClassName | string | `""` | Priority class for the event controller pods | +| webhook.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| webhook.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| webhook.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| webhook.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| webhook.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| webhook.replicas | int | `1` | The number of webhook pods to run. | +| webhook.resources | object | `{}` | Resource limits and requests for the event controller pods | +| webhook.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| webhook.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| webhook.serviceAccount.create | bool | `true` | Create a service account for the admission webhook | +| webhook.serviceAccount.name | string | `""` | Service account name | +| webhook.tolerations | list | `[]` | [Tolerations] for use with node taints | +| webhook.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the event controller | +| webhook.volumeMounts | list | `[]` | Additional volumeMounts to the event controller main container | +| webhook.volumes | list | `[]` | Additional volumes to the event controller pod | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml diff --git a/charts/argo-events/README.md.gotmpl b/charts/argo-events/README.md.gotmpl index 61654981..7ee5cefe 100644 --- a/charts/argo-events/README.md.gotmpl +++ b/charts/argo-events/README.md.gotmpl @@ -1,29 +1,43 @@ # Argo-Events Chart This is a **community maintained** chart. It installs the [argo-events](https://github.com/argoproj/argo-events) application. This application comes packaged with: + - Sensor Custom Resource Definition (See CRD Notes) - EventSource Custom Resource Definition (See CRD Notes) - EventBus Custom Resource Definition (See CRD Notes) -- Sensor Controller Deployment -- EventSource Controller Deployment -- EventBus Controller Deployment -- Service Account -- Roles -- Role Bindings -- Cluster Roles -- Cluster Role Bindings +- Controller Deployment +- Validation Webhook Deployment +- Service Accounts +- Roles / Cluster Roles +- Role Bindings / Cluster Role Bindings -To regenerate this document, from the root of this chart directory run: +To regenerate this document, please run: ```shell -docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +./scripts/helm-docs.sh ``` -## Notes on CRD Installation +## Upgrading -Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--skip-crds` when installing the chart. +### Custom resource definitions -You can install the CRDs manually from `crds` folder. +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. + +You can install the CRDs manually from `templates/crds` folder. + +### 2.0.* + +Custom resource definitions were moved to `templates` folder so they can be managed by Helm. + +To adopt already created CRDs please use following command: + +```bash +for crd in "eventbus.argoproj.io" "eventsources.argoproj.io" "sensors.argoproj.io"; do + kubectl label --overwrite crd $crd app.kubernetes.io/managed-by=Helm + kubectl annotate --overwrite crd $crd meta.helm.sh/release-namespace= + kubectl annotate --overwrite crd $crd meta.helm.sh/release-name= +done +``` ## Values @@ -32,46 +46,39 @@ You can install the CRDs manually from `crds` folder. | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if not (or (hasPrefix "eventbusController" .Key) (hasPrefix "eventsourceController" .Key) (hasPrefix "sensorController" .Key) ) }} + {{- if not (or (hasPrefix "controller" .Key) (hasPrefix "webhook" .Key) ) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} -### Event Bus Controller +### Controller | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if hasPrefix "eventbusController" .Key }} + {{- if hasPrefix "controller" .Key }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} -### Event Source Controller +### Webhook | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if hasPrefix "eventsourceController" .Key }} + {{- if hasPrefix "webhook" .Key }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} -### Sensor Controller - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -{{- range .Values }} - {{- if hasPrefix "sensorController" .Key }} -| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | - {{- end }} -{{- end }} ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml diff --git a/charts/argo-events/ci/test-values.yaml b/charts/argo-events/ci/test-values.yaml index a15316ef..122ae333 100644 --- a/charts/argo-events/ci/test-values.yaml +++ b/charts/argo-events/ci/test-values.yaml @@ -1,2 +1 @@ -serviceAccount: argo-events-sa-test singleNamespace: false diff --git a/charts/argo-events/crds/eventbus-crd.yml b/charts/argo-events/crds/eventbus-crd.yml deleted file mode 100644 index 052984c6..00000000 --- a/charts/argo-events/crds/eventbus-crd.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventbus.argoproj.io -spec: - group: argoproj.io - names: - kind: EventBus - listKind: EventBusList - plural: eventbus - shortNames: - - eb - singular: eventbus - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} diff --git a/charts/argo-events/crds/eventsource-crd.yml b/charts/argo-events/crds/eventsource-crd.yml deleted file mode 100644 index ea49a4aa..00000000 --- a/charts/argo-events/crds/eventsource-crd.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventsources.argoproj.io -spec: - group: argoproj.io - scope: Namespaced - names: - kind: EventSource - plural: eventsources - singular: eventsource - listKind: EventSourceList - shortNames: - - es - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} diff --git a/charts/argo-events/crds/sensor-crd.yml b/charts/argo-events/crds/sensor-crd.yml deleted file mode 100644 index d2414bc3..00000000 --- a/charts/argo-events/crds/sensor-crd.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sensors.argoproj.io -spec: - group: argoproj.io - names: - kind: Sensor - listKind: SensorList - plural: sensors - singular: sensor - shortNames: - - sn - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - subresources: - status: {} diff --git a/charts/argo-events/templates/_helpers.tpl b/charts/argo-events/templates/_helpers.tpl index c25f9e5f..efbdc669 100644 --- a/charts/argo-events/templates/_helpers.tpl +++ b/charts/argo-events/templates/_helpers.tpl @@ -24,3 +24,76 @@ If release name contains chart name it will be used as a full name. {{- end }} {{- end }} {{- end }} + +{{/* +Create controller name and version as used by the chart label. +*/}} +{{- define "argo-events.controller.fullname" -}} +{{- printf "%s-%s" (include "argo-events.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the controller service account to use +*/}} +{{- define "argo-events.controller.serviceAccountName" -}} +{{- if .Values.controller.serviceAccount.create -}} + {{ default (include "argo-events.controller.fullname" .) .Values.controller.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.controller.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create webhook name and version as used by the chart label. +*/}} +{{- define "argo-events.webhook.fullname" }} +{{- printf "%s-%s" (include "argo-events.fullname" .) .Values.webhook.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the webhook service account to use +*/}} +{{- define "argo-events.webhook.serviceAccountName" -}} +{{- if .Values.webhook.serviceAccount.create -}} + {{ default (include "argo-events.webhook.fullname" .) .Values.webhook.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.webhook.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "argo-events.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "argo-events.labels" -}} +helm.sh/chart: {{ include "argo-events.chart" .context }} +{{ include "argo-events.selectorLabels" (dict "context" .context "component" .component "name" .name) }} +app.kubernetes.io/managed-by: {{ .context.Release.Service }} +app.kubernetes.io/part-of: argo-events +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "argo-events.selectorLabels" -}} +{{- if .name -}} +app.kubernetes.io/name: {{ include "argo-events.name" .context }}-{{ .name }} +{{- end }} +app.kubernetes.io/instance: {{ .context.Release.Name }} +{{- if .component }} +app.kubernetes.io/component: {{ .component }} +{{- end }} +{{- end }} + +{{/* +Return the default Argo Events app version +*/}} +{{- define "argo-events.defaultTag" -}} + {{- default .Chart.AppVersion .Values.global.image.tag }} +{{- end -}} diff --git a/charts/argo-events/templates/aggregate-roles.yaml b/charts/argo-events/templates/aggregate-roles.yaml index 6b1fc63a..70802798 100644 --- a/charts/argo-events/templates/aggregate-roles.yaml +++ b/charts/argo-events/templates/aggregate-roles.yaml @@ -1,83 +1,86 @@ -{{- if and .Values.createAggregateRoles (not .Values.singleNamespace) }} +{{- if and .Values.createAggregateRoles (not .Values.controller.rbac.namespaced) }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: + name: {{ include "argo-events.fullname" . }}-aggregate-to-admin labels: rbac.authorization.k8s.io/aggregate-to-admin: "true" - name: {{ include "argo-events.fullname" . }}-aggregate-to-admin + {{- include "argo-events.labels" (dict "context" .) | nindent 4 }} rules: - - apiGroups: - - argoproj.io - resources: - - sensors - - sensors/finalizers - - sensors/status - - eventsources - - eventsources/finalizers - - eventsources/status - - eventbus - - eventbus/finalizers - - eventbus/status - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch +- apiGroups: + - argoproj.io + resources: + - sensors + - sensors/finalizers + - sensors/status + - eventsources + - eventsources/finalizers + - eventsources/status + - eventbus + - eventbus/finalizers + - eventbus/status + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: + name: {{ include "argo-events.fullname" . }}-aggregate-to-edit labels: rbac.authorization.k8s.io/aggregate-to-edit: "true" - name: {{ include "argo-events.fullname" . }}-aggregate-to-edit + {{- include "argo-events.labels" (dict "context" .) | nindent 4 }} rules: - - apiGroups: - - argoproj.io - resources: - - sensors - - sensors/finalizers - - sensors/status - - eventsources - - eventsources/finalizers - - eventsources/status - - eventbus - - eventbus/finalizers - - eventbus/status - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch +- apiGroups: + - argoproj.io + resources: + - sensors + - sensors/finalizers + - sensors/status + - eventsources + - eventsources/finalizers + - eventsources/status + - eventbus + - eventbus/finalizers + - eventbus/status + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: + name: {{ include "argo-events.fullname" . }}-aggregate-to-view labels: rbac.authorization.k8s.io/aggregate-to-view: "true" - name: {{ include "argo-events.fullname" . }}-aggregate-to-view + {{- include "argo-events.labels" (dict "context" .) | nindent 4 }} rules: - - apiGroups: - - argoproj.io - resources: - - sensors - - sensors/finalizers - - sensors/status - - eventsources - - eventsources/finalizers - - eventsources/status - - eventbus - - eventbus/finalizers - - eventbus/status - verbs: - - get - - list - - watch +- apiGroups: + - argoproj.io + resources: + - sensors + - sensors/finalizers + - sensors/status + - eventsources + - eventsources/finalizers + - eventsources/status + - eventbus + - eventbus/finalizers + - eventbus/status + verbs: + - get + - list + - watch {{- end }} diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml deleted file mode 100644 index efdd6101..00000000 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ /dev/null @@ -1,101 +0,0 @@ -{{- if not .Values.singleNamespace }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argo-events-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argo-events-role -subjects: - - kind: ServiceAccount - name: {{ .Values.serviceAccount }} - namespace: {{ .Release.Namespace }} - {{- if .Values.additionalSaNamespaces }} - {{ $sa := .Values.serviceAccount }} - {{- range $namespace := .Values.additionalSaNamespaces }} - - kind: ServiceAccount - name: {{ $sa }} - namespace: {{ $namespace }} - {{- end }} - {{- end }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-events-role -rules: - {{- with .Values.additionalServiceAccountRules }} - {{- toYaml . | nindent 2 }} - {{- end }} - - apiGroups: - - "" - resources: - - "events" - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - apiGroups: - - argoproj.io - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - resources: - - sensors - - sensors/finalizers - - sensors/status - - eventsources - - eventsources/finalizers - - eventsources/status - - eventbus - - eventbus/finalizers - - eventbus/status - - apiGroups: - - "" - resources: - - pods - - pods/exec - - configmaps - - secrets - - services - - persistentvolumeclaims - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - "apps" - resources: - - deployments - - statefulsets - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -{{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml new file mode 100644 index 00000000..2458fef9 --- /dev/null +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -0,0 +1,41 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "argo-events.controller.fullname" . }} + labels: + {{- include "argo-events.labels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} +data: + controller-config.yaml: | + eventBus: + {{- if .Values.configs.nats.versions }} + nats: + {{- range .Values.configs.nats.versions }} + versions: + - version: {{ .version }} + natsStreamingImage: {{ .natsStreamingImage }} + metricsExporterImage: {{ .metricsExporterImage }} + {{- end }} + {{- end }} + {{- if .Values.configs.jetstream.versions }} + jetstream: + # Default JetStream settings, could be overridden by EventBus JetStream specs + settings: | + # https://docs.nats.io/running-a-nats-service/configuration#jetstream + # Only configure "max_memory_store" or "max_file_store", do not set "store_dir" as it has been hardcoded. + max_memory_store: {{ .Values.configs.jetstream.settings.maxMemoryStore | default -1 }} + max_file_store: {{ .Values.configs.jetstream.settings.maxFileStore | default -1 }} + streamConfig: | + maxMsgs: {{ .Values.configs.jetstream.streamConfig.maxMsgs }} + maxAge: {{ .Values.configs.jetstream.streamConfig.maxAge }} + maxBytes: {{ .Values.configs.jetstream.streamConfig.maxBytes }} + replicas: {{ .Values.configs.jetstream.streamConfig.replicas }} + duplicates: {{ .Values.configs.jetstream.streamConfig.duplicates }} + {{- range .Values.configs.jetstream.versions }} + versions: + - version: {{ .version }} + natsImage: {{ .natsImage }} + metricsExporterImage: {{ .metricsExporterImage }} + configReloaderImage: {{ .configReloaderImage }} + startCommand: {{ .startCommand }} + {{- end }} + {{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml new file mode 100644 index 00000000..88ecf66f --- /dev/null +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -0,0 +1,137 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "argo-events.controller.fullname" . }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag | quote }} +spec: + selector: + matchLabels: + {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} + revisionHistoryLimit: 5 + replicas: {{ .Values.controller.replicas }} + template: + metadata: + annotations: + checksum/config: {{ include (print $.Template.BasePath "/argo-events-controller/config.yaml") . | sha256sum }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.controller.podAnnotations) }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} + app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag | quote }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.controller.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Values.controller.name }} + image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} + args: + - controller + {{- if .Values.controller.rbac.namespaced }} + - --namespaced + {{- end }} + {{- with .Values.controller.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + env: + - name: ARGO_EVENTS_IMAGE + value: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag }} + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- with .Values.controller.env }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.envFrom }} + envFrom: + {{- toYaml | nindent 8 }} + {{- end }} + volumeMounts: + - name: config + mountPath: /etc/argo-events + {{- with .Values.controller.volumeMounts }} + {{- toYaml . | nindent 8 }} + {{- end }} + ports: + - name: metrics + containerPort: 7777 + protocol: TCP + - name: probe + containerPort: 8081 + protocol: TCP + livenessProbe: + httpGet: + port: probe + path: /healthz + initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.controller.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }} + readinessProbe: + httpGet: + port: probe + path: /readyz + initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} + {{- with .Values.controller.resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.controller.extraContainers }} + {{- toYaml . | nindent 6 }} + {{- end -}} + {{- with .Values.controller.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-events.selectorLabels" (dict "context" $ "name" $.Values.controller.name) | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} + serviceAccountName: {{ include "argo-events.controller.serviceAccountName" . }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 6 }} + {{- end }} + volumes: + - name: config + configMap: + name: {{ include "argo-events.controller.fullname" . }} + {{- with .Values.controller.volumes }} + {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/pdb.yaml b/charts/argo-events/templates/argo-events-controller/pdb.yaml new file mode 100644 index 00000000..576fcfcf --- /dev/null +++ b/charts/argo-events/templates/argo-events-controller/pdb.yaml @@ -0,0 +1,28 @@ +{{- if .Values.controller.pdb.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-events.controller.fullname" . }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- with .Values.controller.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.pdb.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- if .Values.controller.pdb.minAvailable }} + minAvailable: {{ .Values.controller.pdb.minAvailable }} + {{- else if .Values.controller.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/rbac.yaml b/charts/argo-events/templates/argo-events-controller/rbac.yaml new file mode 100644 index 00000000..c69c4419 --- /dev/null +++ b/charts/argo-events/templates/argo-events-controller/rbac.yaml @@ -0,0 +1,113 @@ +{{- if .Values.controller.rbac.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: {{ .Values.controller.rbac.namespaced | ternary "Role" "ClusterRole" }} +metadata: + name: {{ include "argo-events.controller.fullname" . }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} +rules: +{{- if .Values.openshift }} +- apiGroups: + - apps + resources: + - deployments/finalizers + verbs: + - update + {{- if not .Values.controller.rbac.namespaced }} +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles/finalizers + verbs: + - update + {{- end }} +{{- end }} +{{- with .Values.controller.rbac.rules }} + {{- toYaml . | nindent 0 }} +{{- end }} +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - argoproj.io + resources: + - sensors + - sensors/finalizers + - sensors/status + - eventsources + - eventsources/finalizers + - eventsources/status + - eventbus + - eventbus/finalizers + - eventbus/status + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + - pods/exec + - configmaps + - secrets + - services + - persistentvolumeclaims + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - apps + resources: + - deployments + - statefulsets + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: {{ .Values.controller.rbac.namespaced | ternary "RoleBinding" "ClusterRoleBinding" }} +metadata: + name: {{ include "argo-events.controller.fullname" . }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: {{ .Values.controller.rbac.namespaced | ternary "Role" "ClusterRole" }} + name: {{ include "argo-events.controller.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "argo-events.controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/service.yaml b/charts/argo-events/templates/argo-events-controller/service.yaml new file mode 100644 index 00000000..d0d6ab33 --- /dev/null +++ b/charts/argo-events/templates/argo-events-controller/service.yaml @@ -0,0 +1,25 @@ +{{- if .Values.controller.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "argo-events.controller.fullname" . }}-metrics + {{- with .Values.controller.metrics.service.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" (printf "%s-metrics" .Values.controller.name)) | nindent 4 }} + {{- with .Values.controller.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ports: + - name: metrics + protocol: TCP + port: {{ .Values.controller.metrics.service.servicePort }} + targetPort: metrics + selector: + {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml new file mode 100644 index 00000000..7a035b76 --- /dev/null +++ b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if .Values.controller.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ include "argo-events.controller.serviceAccountName" . }} + {{- with .Values.controller.serviceAccount.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml new file mode 100644 index 00000000..c24979eb --- /dev/null +++ b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml @@ -0,0 +1,38 @@ +{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-events.controller.fullname" . }} + {{- with .Values.controller.metrics.serviceMonitor.namespace }} + namespace: {{ . }} + {{- end }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- with .Values.controller.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + {{- with .Values.controller.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + path: /metrics + {{- with .Values.controller.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argo-events.selectorLabels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 6 }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml deleted file mode 100644 index b8e81eff..00000000 --- a/charts/argo-events/templates/argo-events-roles.yaml +++ /dev/null @@ -1,103 +0,0 @@ -{{- if .Values.singleNamespace }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argo-events-binding - namespace: {{ .Release.Namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argo-events-role -subjects: - - kind: ServiceAccount - name: {{ .Values.serviceAccount }} - namespace: {{ .Release.Namespace }} - {{- if .Values.additionalSaNamespaces }} - {{ $sa := .Values.serviceAccount }} - {{- range $namespace := .Values.additionalSaNamespaces }} - - kind: ServiceAccount - name: {{ $sa }} - namespace: {{ $namespace }} - {{- end }} - {{- end }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argo-events-role - namespace: {{ .Release.Namespace }} -rules: - {{- with .Values.additionalServiceAccountRules }} - {{- toYaml . | nindent 2 }} - {{- end }} - - apiGroups: - - "" - resources: - - "events" - verbs: - - "create" - - "patch" - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - apiGroups: - - argoproj.io - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - resources: - - sensors - - sensors/finalizers - - sensors/status - - eventsources - - eventsources/finalizers - - eventsources/status - - eventbus - - eventbus/finalizers - - eventbus/status - - apiGroups: - - "" - resources: - - pods - - pods/exec - - configmaps - - secrets - - services - - persistentvolumeclaims - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - "apps" - resources: - - deployments - - statefulsets - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -{{- end }} diff --git a/charts/argo-events/templates/argo-events-sa.yaml b/charts/argo-events/templates/argo-events-sa.yaml deleted file mode 100644 index fec88b4d..00000000 --- a/charts/argo-events/templates/argo-events-sa.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# All argo-events services are bound to the "argo-events" service account. -# In RBAC enabled setups, this SA is bound to specific roles. -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.serviceAccount }} - namespace: {{ .Release.Namespace }} - {{- with .Values.serviceAccountAnnotations }} - annotations: {{- toYaml . | nindent 4 }} - {{- end }} -{{- if .Values.additionalSaNamespaces }} -{{ $annotations := .Values.serviceAccountAnnotations }} -{{ $sa := .Values.serviceAccount }} -{{- range $namespace := .Values.additionalSaNamespaces }} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ $sa }} - namespace: {{ $namespace }} - {{- with $annotations }} - annotations: {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} -{{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/clusterrole.yaml b/charts/argo-events/templates/argo-events-webhook/clusterrole.yaml new file mode 100644 index 00000000..e47f01b0 --- /dev/null +++ b/charts/argo-events/templates/argo-events-webhook/clusterrole.yaml @@ -0,0 +1,79 @@ +{{- if and .Values.webhook.enabled (not .Values.controller.rbac.namespaced) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argo-events-webhook + labels: + {{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }} +rules: +{{- if .Values.openshift }} +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles/finalizers + verbs: + - update +- apiGroups: + - apps + resources: + - deployments/finalizers + verbs: + - update +{{- end }} +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - update + - delete + - patch + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - get + - list +- apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + verbs: + - get + - list + - create + - update + - delete + - patch + - watch +- apiGroups: + - argoproj.io + resources: + - eventbus + - eventsources + - sensors + verbs: + - get + - list + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + verbs: + - get + - list +{{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml new file mode 100644 index 00000000..5562f139 --- /dev/null +++ b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.webhook.enabled (not .Values.controller.rbac.namespaced) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "argo-events.webhook.fullname" . }} + labels: + {{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argo-events-webhook +subjects: +- kind: ServiceAccount + name: {{ include "argo-events.webhook.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml new file mode 100644 index 00000000..8def5183 --- /dev/null +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -0,0 +1,120 @@ +{{- if and .Values.webhook.enabled (not .Values.controller.rbac.namespaced) }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: events-webhook + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} + app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag | quote }} +spec: + selector: + matchLabels: + {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.webhook.name) | nindent 6 }} + revisionHistoryLimit: 5 + replicas: {{ .Values.webhook.replicas }} + template: + metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.webhook.podAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 8 }} + app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag | quote }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.webhook.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Values.webhook.name }} + image: {{ default .Values.global.image.repository .Values.webhook.image.repository }}:{{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.webhook.image.imagePullPolicy }} + args: + - webhook-service + {{- with .Values.webhook.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- with .Values.webhook.env }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.webhook.envFrom }} + envFrom: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.webhook.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 8 }} + {{- end }} + ports: + - name: webhook + containerPort: 443 + protocol: TCP + livenessProbe: + tcpSocket: + port: webhook + initialDelaySeconds: {{ .Values.webhook.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.webhook.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.webhook.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.webhook.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.webhook.livenessProbe.failureThreshold }} + readinessProbe: + tcpSocket: + port: webhook + initialDelaySeconds: {{ .Values.webhook.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.webhook.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.webhook.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.webhook.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.webhook.readinessProbe.failureThreshold }} + {{- with .Values.webhook.resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.webhook.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.webhook.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.webhook.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.webhook.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-events.selectorLabels" (dict "context" $ "name" $.Values.webhook.name) | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} + serviceAccountName: {{ include "argo-events.webhook.serviceAccountName" . }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.webhook.volumes }} + volumes: + {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/pdb.yaml b/charts/argo-events/templates/argo-events-webhook/pdb.yaml new file mode 100644 index 00000000..3bf08225 --- /dev/null +++ b/charts/argo-events/templates/argo-events-webhook/pdb.yaml @@ -0,0 +1,28 @@ +{{- if and .Values.webhook.enabled .Values.webhook.pdb.enabled (not .Values.controller.rbac.namespaced) }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "argo-events.webhook.fullname" . }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} + {{- with .Values.webhook.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.webhook.pdb.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- if .Values.webhook.pdb.minAvailable }} + minAvailable: {{ .Values.webhook.pdb.minAvailable }} + {{- else if .Values.webhook.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.webhook.pdb.maxUnavailable }} + {{- else }} + minAvailable: 0 + {{- end }} + selector: + matchLabels: + {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.webhook.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/service.yaml b/charts/argo-events/templates/argo-events-webhook/service.yaml new file mode 100644 index 00000000..cb85a8cb --- /dev/null +++ b/charts/argo-events/templates/argo-events-webhook/service.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.webhook.enabled (not .Values.controller.rbac.namespaced) }} +apiVersion: v1 +kind: Service +metadata: + name: events-webhook + labels: + {{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }} +spec: + ports: + - port: 443 + targetPort: webhook + selector: + {{- include "argo-events.selectorLabels" (dict "context" $ "name" $.Values.webhook.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml new file mode 100644 index 00000000..b723a77f --- /dev/null +++ b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.webhook.serviceAccount.create (not .Values.controller.rbac.namespaced) }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.webhook.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ include "argo-events.webhook.serviceAccountName" . }} + {{- with .Values.webhook.serviceAccount.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-events/templates/crds/eventbus-crd.yml b/charts/argo-events/templates/crds/eventbus-crd.yml new file mode 100644 index 00000000..f967b9b0 --- /dev/null +++ b/charts/argo-events/templates/crds/eventbus-crd.yml @@ -0,0 +1,48 @@ +{{- if .Values.crds.install }} +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: eventbus.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + group: argoproj.io + names: + kind: EventBus + listKind: EventBusList + plural: eventbus + shortNames: + - eb + singular: eventbus + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +{{- end }} diff --git a/charts/argo-events/templates/crds/eventsource-crd.yml b/charts/argo-events/templates/crds/eventsource-crd.yml new file mode 100644 index 00000000..72fee21c --- /dev/null +++ b/charts/argo-events/templates/crds/eventsource-crd.yml @@ -0,0 +1,48 @@ +{{- if .Values.crds.install }} +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: eventsources.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + group: argoproj.io + names: + kind: EventSource + listKind: EventSourceList + plural: eventsources + shortNames: + - es + singular: eventsource + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +{{- end }} diff --git a/charts/argo-events/templates/crds/sensor-crd.yml b/charts/argo-events/templates/crds/sensor-crd.yml new file mode 100644 index 00000000..3dbf2dc8 --- /dev/null +++ b/charts/argo-events/templates/crds/sensor-crd.yml @@ -0,0 +1,48 @@ +{{- if .Values.crds.install }} +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: sensors.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + group: argoproj.io + names: + kind: Sensor + listKind: SensorList + plural: sensors + shortNames: + - sn + singular: sensor + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} +{{- end }} diff --git a/charts/argo-events/templates/eventbus-controller/deployment.yaml b/charts/argo-events/templates/eventbus-controller/deployment.yaml deleted file mode 100644 index 48022cf6..00000000 --- a/charts/argo-events/templates/eventbus-controller/deployment.yaml +++ /dev/null @@ -1,85 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-{{ .Values.eventbusController.name }} - namespace: {{ .Release.Namespace }} - labels: - app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.eventbusController.replicaCount }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} - release: {{ .Release.Name }} - {{- with .Values.eventbusController.podLabels }} - {{- tpl (toYaml .) $ | nindent 8 }} - {{- end }} - {{- with .Values.eventbusController.podAnnotations }} - annotations: {{- toYaml . | nindent 8 }} - {{- end }} - spec: - serviceAccountName: {{ .Values.serviceAccount }} - containers: - - name: {{ .Values.eventbusController.name }} - image: "{{ .Values.registry }}/{{ .Values.eventbusController.image }}:{{ .Values.eventbusController.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.imagePullPolicy }} - args: - - eventbus-controller - {{- if .Values.singleNamespace }} - - --namespaced - {{- end }} - env: - {{- with .Values.eventbusController.extraEnv }} - {{- toYaml . | nindent 12 }} - {{- end }} - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NATS_STREAMING_IMAGE - value: {{ .Values.eventbusController.natsStreamingImage }} - - name: NATS_METRICS_EXPORTER_IMAGE - value: {{ .Values.eventbusController.natsMetricsExporterImage }} - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 3 - periodSeconds: 3 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 3 - periodSeconds: 3 - resources: {{- toYaml .Values.eventbusController.resources | nindent 12 }} - {{- with .Values.eventbusController.containerSecurityContext }} - securityContext: {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.eventbusController.priorityClassName }} - priorityClassName: {{ . | quote }} - {{- end }} - {{- with .Values.securityContext }} - securityContext: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.eventbusController.nodeSelector }} - nodeSelector: {{ toYaml .Values.eventbusController.nodeSelector | nindent 8 }} - {{- end }} - {{- if .Values.eventbusController.tolerations }} - tolerations: {{ toYaml .Values.eventbusController.tolerations | nindent 8 }} - {{- end }} - {{- if .Values.eventbusController.affinity }} - affinity: {{ toYaml .Values.eventbusController.affinity | nindent 8 }} - {{- end }} diff --git a/charts/argo-events/templates/eventsource-controller/deployment.yaml b/charts/argo-events/templates/eventsource-controller/deployment.yaml deleted file mode 100644 index 9fd55776..00000000 --- a/charts/argo-events/templates/eventsource-controller/deployment.yaml +++ /dev/null @@ -1,83 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} - namespace: {{ .Release.Namespace }} - labels: - app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.eventsourceController.replicaCount }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} - release: {{ .Release.Name }} - {{- with .Values.eventsourceController.podLabels }} - {{- tpl (toYaml .) $ | nindent 8 }} - {{- end }} - {{- with .Values.eventsourceController.podAnnotations }} - annotations: {{- toYaml . | nindent 8 }} - {{- end }} - spec: - serviceAccountName: {{ .Values.serviceAccount }} - containers: - - name: {{ .Values.eventsourceController.name }} - image: "{{ .Values.registry }}/{{ .Values.eventsourceController.image }}:{{ .Values.eventsourceController.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.imagePullPolicy }} - args: - - eventsource-controller - {{- if .Values.singleNamespace }} - - --namespaced - {{- end }} - env: - {{- with .Values.eventsourceController.extraEnv }} - {{- toYaml . | nindent 12 }} - {{- end }} - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: EVENTSOURCE_IMAGE - value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag | default .Chart.AppVersion }}" - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 3 - periodSeconds: 3 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 3 - periodSeconds: 3 - resources: {{- toYaml .Values.eventsourceController.resources | nindent 12 }} - {{- with .Values.eventsourceController.containerSecurityContext }} - securityContext: {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.eventsourceController.priorityClassName }} - priorityClassName: {{ . | quote }} - {{- end }} - {{- with .Values.securityContext }} - securityContext: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.eventsourceController.nodeSelector }} - nodeSelector: {{ toYaml .Values.eventsourceController.nodeSelector | nindent 8 }} - {{- end }} - {{- if .Values.eventsourceController.tolerations }} - tolerations: {{ toYaml .Values.eventsourceController.tolerations | nindent 8 }} - {{- end }} - {{- if .Values.eventsourceController.affinity }} - affinity: {{ toYaml .Values.eventsourceController.affinity | nindent 8 }} - {{- end }} diff --git a/charts/argo-events/templates/sensor-controller/deployment.yaml b/charts/argo-events/templates/sensor-controller/deployment.yaml deleted file mode 100644 index da678b54..00000000 --- a/charts/argo-events/templates/sensor-controller/deployment.yaml +++ /dev/null @@ -1,83 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-{{ .Values.sensorController.name }} - namespace: {{ .Release.Namespace }} - labels: - app: {{ .Release.Name }}-{{ .Values.sensorController.name }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.sensorController.replicaCount }} - selector: - matchLabels: - app: {{ .Release.Name }}-{{ .Values.sensorController.name }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ .Release.Name }}-{{ .Values.sensorController.name }} - release: {{ .Release.Name }} - {{- with .Values.sensorController.podLabels }} - {{- tpl (toYaml .) $ | nindent 8 }} - {{- end }} - {{- with .Values.sensorController.podAnnotations }} - annotations: {{- toYaml . | nindent 8 }} - {{- end }} - spec: - serviceAccountName: {{ .Values.serviceAccount }} - containers: - - name: {{ .Values.sensorController.name }} - image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.imagePullPolicy }} - args: - - sensor-controller - {{- if .Values.singleNamespace }} - - --namespaced - {{- end }} - env: - {{- with .Values.sensorController.extraEnv }} - {{- toYaml . | nindent 12 }} - {{- end }} - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: SENSOR_IMAGE - value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag | default .Chart.AppVersion }}" - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 3 - periodSeconds: 3 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 3 - periodSeconds: 3 - resources: {{- toYaml .Values.sensorController.resources | nindent 12 }} - {{- with .Values.sensorController.containerSecurityContext }} - securityContext: {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.sensorController.priorityClassName }} - priorityClassName: {{ . | quote }} - {{- end }} - {{- with .Values.securityContext }} - securityContext: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.sensorController.nodeSelector }} - nodeSelector: {{ toYaml .Values.sensorController.nodeSelector | nindent 8 }} - {{- end }} - {{- if .Values.sensorController.tolerations }} - tolerations: {{ toYaml .Values.sensorController.tolerations | nindent 8 }} - {{- end }} - {{- if .Values.sensorController.affinity }} - affinity: {{ toYaml .Values.sensorController.affinity | nindent 8 }} - {{- end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 074a8fdf..41b76e8b 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -1,163 +1,404 @@ -# -- String to partially override "argo-events.fullname" template -nameOverride: "" +## Argo Events configuration +## Ref: https://github.com/argoproj/argo-events +## +# -- Provide a name in place of `argo-events` +nameOverride: argo-events # -- String to fully override "argo-events.fullname" template fullnameOverride: "" -# -- docker registry -registry: quay.io +# -- Deploy on OpenShift +openshift: false -# -- The image pull policy -imagePullPolicy: Always +# -- Create clusterroles that extend existing clusterroles to interact with argo-events crds +# Only applies for cluster-wide installation (`controller.rbac.namespaced: false`) +## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles +createAggregateRoles: false -# -- Secrets with credentials to pull images from a private registry -imagePullSecrets: [] -# - name: argo-pull-secret +## Custom resource configuration +crds: + # -- Install and upgrade CRDs + install: true + # -- Keep CRDs on chart uninstall + keep: true + # -- Annotations to be added to all CRDs + annotations: {} -# -- ServiceAccount to use for running controller. -serviceAccount: argo-events-sa +global: + image: + # -- If defined, a repository applied to all Argo Events deployments + repository: quay.io/argoproj/argo-events + # -- Overrides the global Argo Events image tag whose default is the chart appVersion + tag: "" + # -- If defined, a imagePullPolicy applied to all Argo Events deployments + imagePullPolicy: IfNotPresent -# -- Annotations applied to created service account. Can be used to enable GKE workload identity, or other use-cases -serviceAccountAnnotations: {} - -# -- Create service accounts in additional namespaces specified -# The SA will always be created in the release namespaces -additionalSaNamespaces: [] - # - argo-prod - -# -- Additional rules -# @default -- (See [values.yaml]) -additionalServiceAccountRules: -- apiGroups: - - apiextensions.k8s.io - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - resources: - - customresourcedefinitions - -# -- Create clusterroles that extend existing clusterroles to interact with argo-events CRDs. -# Only applies for cluster-wide installation (`singleNamespace: true`) -createAggregateRoles: true - -# -- Whether to run in namespaced scope. -# Set `singleNamespace` to false to have the controllers -# listen on all namespaces. Otherwise the controllers will listen -# on the namespace where the chart is installed in. -singleNamespace: true - -# sensor controller -sensorController: - # -- Sensor controller name - name: sensor-controller - # -- Repository to use for the sensor controller - image: argoproj/argo-events - # -- Overrides the image tag - # @default -- `""` (default is the chart appVersion) - tag: "" - # -- The number of sensor controller pods to run - replicaCount: 1 - # -- Additional environment variables to pass to sensor controller - extraEnv: [] - # - name: DEBUG_LOG - # value: "true" - - # -- Repository to use for the sensor image - sensorImage: argoproj/argo-events - # -- Annotations to be added to sensor controller pods + # -- If defined, uses a Secret to pull an image from a private Docker registry or repository + imagePullSecrets: [] + # -- Annotations for the all deployed pods podAnnotations: {} + # -- Labels for the all deployed pods + podLabels: {} + + # -- Additional labels to add to all resources + additionalLabels: {} + # app: argo-events + + # -- Toggle and define securityContext. See [values.yaml] + securityContext: {} + # runAsNonRoot: true + # runAsUser: 9731 + # runAsGroup: 9731 + # fsGroup: 9731 + + # -- Mapping between IP and hostnames that will be injected as entries in the pod's hosts files + hostAliases: [] + # - ip: 10.20.30.40 + # hostnames: + # - git.myhostname + +## Event bus configuration +configs: + ## NATS event bus + nats: + # -- Supported versions of NATS event bus + # @default -- `[]` (See [values.yaml]) + versions: [] + # - version: 0.22.1 + # natsStreamingImage: nats-streaming:0.22.1 + # metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 + + ## JetStream event bus + jetstream: + # Default JetStream settings, could be overridden by EventBus JetStream spec + # Ref: https://docs.nats.io/running-a-nats-service/configuration#jetstream + settings: + # -- Maximum size of the memory storage (e.g. 1G) + maxMemoryStore: -1 + # -- Maximum size of the file storage (e.g. 20G) + maxFileStore: -1 + streamConfig: + # -- Maximum number of messages before expiring oldest message + maxMsgs: 1000000 + # -- Maximum age of existing messages, i.e. “72h”, “4h35m” + maxAge: 72h + # Total size of messages before expiring oldest message, 0 means unlimited. + maxBytes: 1GB + # -- Number of replicas, defaults to 3 and requires minimal 3 + replicas: 3 + # -- Not documented at the moment + duplicates: 300s + # Supported versions of JetStream eventbus + # @default -- `[]` (See [values.yaml]) + versions: [] + # - version: latest + # natsImage: nats:2.8.1 + # metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + # configReloaderImage: natsio/nats-server-config-reloader:0.6.3 + # startCommand: /nats-server + # - version: "2.8.1" + # natsImage: nats:2.8.1 + # metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + # configReloaderImage: natsio/nats-server-config-reloader:0.6.3 + # startCommand: /nats-server + # - version: 2.8.1-alpine + # natsImage: nats:2.8.1-alpine + # metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + # configReloaderImage: natsio/nats-server-config-reloader:0.6.3 + # startCommand: nats-server + +## Argo Events controller +controller: + # -- Argo Events controller name string + name: controller-manager + + rbac: + # -- Create events controller RBAC + enabled: true + # -- Restrict events controller to operate only in a single namespace instead of cluster-wide scope. + namespaced: false + # -- Additional user rules for event controller's rbac + rules: [] + + image: + # -- Repository to use for the events controller + # @default -- `""` (defaults to global.image.repository) + repository: "" + # -- Tag to use for the events controller + # @default -- `""` (defaults to global.image.tag) + tag: "" + # -- Image pull policy for the events controller + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- The number of events controller pods to run. + replicas: 1 + + # Pod disruption budget + pdb: + # -- Deploy a PodDisruptionBudget for the events controller + enabled: false + # minAvailable: 1 + # maxUnavailable: 0 + # -- Labels to be added to events controller pdb + labels: {} + # -- Annotations to be added to events controller pdb + annotations: {} + + # -- Environment variables to pass to events controller + env: [] + # - name: DEBUG_LOG + # value: "true" + + # -- envFrom to pass to events controller + # @default -- `[]` (See [values.yaml]) + envFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + + # -- Annotations to be added to events controller pods + podAnnotations: {} + + # -- Labels to be added to events controller pods + podLabels: {} + + # -- Events controller container-level security context + containerSecurityContext: {} + # capabilities: + # drop: + # - all + # readOnlyRootFilesystem: true + # runAsNonRoot: true + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + readinessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + livenessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + + # -- Additional volumes to the events controller pod + volumes: [] + + # -- Additional volumeMounts to the events controller main container + volumeMounts: [] + # -- [Node selector] nodeSelector: {} - # -- Labels to be added to sensor controller pods - podLabels: {} - # -- Priority class for the sensor controller - priorityClassName: "" # -- [Tolerations] for use with node taints tolerations: [] - # -- Assign custom [affinity] rules to the sensor controller + # -- Assign custom [affinity] rules to the deployment affinity: {} - # -- Resource limits and requests for the sensor controller pods + + # -- Assign custom [TopologySpreadConstraints] rules to the events controller + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + + # -- Priority class for the events controller pods + priorityClassName: "" + + # -- Resource limits and requests for the events controller pods resources: {} - # -- Sensor controllers container-level security context - containerSecurityContext: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi -eventsourceController: - # -- Event source controller name - name: eventsource-controller - # -- Repository to use for the event source controller - image: argoproj/argo-events - # -- Overrides the image tag - # @default -- `""` (default is the chart appVersion) - tag: "" - # -- The number of event source controller pods to run - replicaCount: 1 - # -- Additional environment variables to pass to event source controller - extraEnv: [] - # - name: DEBUG_LOG - # value: "true" + # -- Additional containers to be added to the events controller pods + extraContainers: [] - # -- Repository to use for the event source image - eventsourceImage: argoproj/argo-events - # -- Annotations to be added to event source controller pods + # -- Init containers to add to the events controller pods + initContainers: [] + + serviceAccount: + # -- Create a service account for the events controller + create: true + # -- Service account name + name: "" + # -- Annotations applied to created service account + annotations: {} + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true + + ## Events controller metrics configuration + metrics: + # -- Deploy metrics service + enabled: false + service: + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 8082 + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: false + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus + # -- Prometheus ServiceMonitor namespace + namespace: "" # "monitoring" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + +## Argo Events admission webhook +webhook: + # -- Enable admission webhook. Applies only for cluster-wide installation + enabled: false + + # -- Argo Events admission webhook name string + name: events-webhook + + image: + # -- Repository to use for the event controller + # @default -- `""` (defaults to global.image.repository) + repository: "" + # -- Tag to use for the event controller + # @default -- `""` (defaults to global.image.tag) + tag: "" + # -- Image pull policy for the event controller + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- The number of webhook pods to run. + replicas: 1 + + # Pod disruption budget + pdb: + # -- Deploy a PodDisruptionBudget for the admission webhook + enabled: false + # minAvailable: 1 + # maxUnavailable: 0 + # -- Labels to be added to admission webhook pdb + labels: {} + # -- Annotations to be added to admission webhook pdb + annotations: {} + + # -- Environment variables to pass to event controller + # @default -- `[]` (See [values.yaml]) + env: [] + # - name: DEBUG_LOG + # value: "true" + + # -- envFrom to pass to event controller + # @default -- `[]` (See [values.yaml]) + envFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + + # -- Annotations to be added to event controller pods podAnnotations: {} + + # -- Labels to be added to event controller pods + podLabels: {} + + # -- Event controller container-level security context + containerSecurityContext: {} + # capabilities: + # drop: + # - all + # readOnlyRootFilesystem: true + # runAsNonRoot: true + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + readinessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + livenessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + + # -- Additional volumeMounts to the event controller main container + volumeMounts: [] + + # -- Additional volumes to the event controller pod + volumes: [] + # -- [Node selector] nodeSelector: {} - # -- Labels to be added to event source controller pods - podLabels: {} - # -- Priority class for the event source controller - priorityClassName: "" # -- [Tolerations] for use with node taints tolerations: [] - # -- Assign custom [affinity] rules to the event source controller + # -- Assign custom [affinity] rules to the deployment affinity: {} - # -- Resource limits and requests for the event source controller pods - resources: {} - # -- Event source controller container-level security context - containerSecurityContext: {} -eventbusController: - # -- Event bus controller name - name: eventbus-controller - # -- Repository to use for the event bus controller - image: argoproj/argo-events - # -- Overrides the image tag - # @default -- `""` (default is the chart appVersion) - tag: "" - # -- The number of event bus controller pods to run - replicaCount: 1 - # -- Additional environment variables to pass to event bus controller - extraEnv: [] - # - name: DEBUG_LOG - # value: "true" + # -- Assign custom [TopologySpreadConstraints] rules to the event controller + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule - # -- Annotations to be added to event bus controller pods - podAnnotations: {} - # -- [Node selector] - nodeSelector: {} - # -- Labels to be added to event event bus controller pods - podLabels: {} - # -- Priority class for the event bus controller + # -- Priority class for the event controller pods priorityClassName: "" - # -- [Tolerations] for use with node taints - tolerations: [] - # -- Assign custom [affinity] rules to the event bus controller - affinity: {} - # -- Resource limits and requests for the event bus controller pods - resources: {} - # -- NATS streaming container image to use for the event bus - natsStreamingImage: nats-streaming:0.22.1 - # -- NATS metrics exporter container image to use for the event bus - natsMetricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 - # -- Event bus controller container-level security context - containerSecurityContext: {} -# -- Common PodSecurityContext for all controllers -securityContext: - runAsNonRoot: true - runAsUser: 9731 + # -- Resource limits and requests for the event controller pods + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + + serviceAccount: + # -- Create a service account for the admission webhook + create: true + # -- Service account name + name: "" + # -- Annotations applied to created service account + annotations: {} + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true From 4ed76386e00d636eb906eef86ab77bdf54ea0915 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 15 Jun 2022 22:16:02 +0900 Subject: [PATCH 0288/1248] chore(argo-cd): use latest URLS (#1331) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 16 ++++++++-------- charts/argo-cd/README.md.gotmpl | 14 +++++++------- charts/argo-cd/values.yaml | 12 ++++++------ 4 files changed, 23 insertions(+), 23 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6cd00449..17f14860 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.1 +version: 4.9.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Extend K8s RBAC when using UI exec feature" + - "[Changed]: Use latest URLs" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 17dd8642..41629e38 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -2,11 +2,11 @@ A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. -Source code can be found [here](https://argoproj.github.io/argo-cd/) +Source code can be found [here](https://argo-cd.readthedocs.io/en/stable/) ## Additional Information -This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes. +This is a **community maintained** chart. This chart installs [argo-cd](https://argo-cd.readthedocs.io/en/stable/), a declarative, GitOps continuous delivery tool for Kubernetes. The default installation is intended to be similar to the provided Argo CD [releases](https://github.com/argoproj/argo-cd/releases). @@ -16,7 +16,7 @@ For instance, rather than adding repositories and their keys in your Helm values ## High Availability This chart installs the non-HA version of Argo CD by default. If you want to run Argo CD in HA mode, you can use one of the example values in the next sections. -Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of Argo CD works in detail. +Please also have a look into the upstream [Operator Manual regarding High Availability](https://argo-cd.readthedocs.io/en/stable/operator-manual/high_availability/) to understand how scaling of Argo CD works in detail. > **Warning:** > You need at least 3 worker nodes as the HA mode of redis enforces Pods to run on separate nodes. @@ -218,7 +218,7 @@ NAME: my-release | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | -| configs.gpgKeys | object | `{}` (See [values.yaml]) | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring | +| configs.gpgKeys | object | `{}` (See [values.yaml]) | [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring | | configs.gpgKeysAnnotations | object | `{}` | GnuPG key ring annotations | | configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts | | configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations | @@ -882,14 +882,14 @@ server: ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -[Argo CD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ +[Argo CD RBAC policy]: https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ -[external cluster credentials]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters +[external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters -[General Argo CD configuration]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories -[gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ +[General Argo CD configuration]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories +[gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index a0e54686..b1557f44 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -2,11 +2,11 @@ A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. -Source code can be found [here](https://argoproj.github.io/argo-cd/) +Source code can be found [here](https://argo-cd.readthedocs.io/en/stable/) ## Additional Information -This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes. +This is a **community maintained** chart. This chart installs [argo-cd](https://argo-cd.readthedocs.io/en/stable/), a declarative, GitOps continuous delivery tool for Kubernetes. The default installation is intended to be similar to the provided Argo CD [releases](https://github.com/argoproj/argo-cd/releases). @@ -16,7 +16,7 @@ For instance, rather than adding repositories and their keys in your Helm values ## High Availability This chart installs the non-HA version of Argo CD by default. If you want to run Argo CD in HA mode, you can use one of the example values in the next sections. -Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of Argo CD works in detail. +Please also have a look into the upstream [Operator Manual regarding High Availability](https://argo-cd.readthedocs.io/en/stable/operator-manual/high_availability/) to understand how scaling of Argo CD works in detail. > **Warning:** > You need at least 3 worker nodes as the HA mode of redis enforces Pods to run on separate nodes. @@ -348,14 +348,14 @@ server: ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -[Argo CD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ +[Argo CD RBAC policy]: https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ -[external cluster credentials]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters +[external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters -[General Argo CD configuration]: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories -[gRPC-ingress]: https://argoproj.github.io/argo-cd/operator-manual/ingress/ +[General Argo CD configuration]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories +[gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b5672d4c..9d56a4dc 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1135,7 +1135,7 @@ server: https: false # dedicated ingress for gRPC as documented at - # Ref: https://argoproj.github.io/argo-cd/operator-manual/ingress/ + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ ingressGrpc: # -- Enable an ingress resource for the Argo CD server for dedicated [gRPC-ingress] enabled: false @@ -1583,7 +1583,7 @@ repoServer: # -- Additional volumes to the repo server pod volumes: [] ## Use init containers to configure custom tooling - ## https://argoproj.github.io/argo-cd/operator-manual/custom_tools/ + ## https://argo-cd.readthedocs.io/en/stable/operator-manual/custom_tools/ ## When using the volumes & volumeMounts section bellow, please comment out those above. # - name: custom-tools # emptyDir: {} @@ -1755,8 +1755,8 @@ configs: # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) ## Ref: - ## - https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters - ## - https://argoproj.github.io/argo-cd/operator-manual/security/#external-cluster-credentials + ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters + ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/security/#external-cluster-credentials clusterCredentials: [] # - name: mycluster # server: https://mycluster.com @@ -1781,7 +1781,7 @@ configs: # -- GnuPG key ring annotations gpgKeysAnnotations: {} - # -- [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring + # -- [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring # @default -- `{}` (See [values.yaml]) gpgKeys: {} # 4AEE18F83AFDEB23: | @@ -1930,7 +1930,7 @@ configs: # -- add additional secrets to be added to argocd-secret ## Custom secrets. Useful for injecting SSO secrets into environment variables. - ## Ref: https://argoproj.github.io/argo-cd/operator-manual/sso/ + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/#sensitive-data-and-sso-client-secrets ## Note that all values must be non-empty. extra: {} From 0ad6070fcc30319d87cfd1aceb53f7d6265f11e6 Mon Sep 17 00:00:00 2001 From: Michael Vittrup Larsen Date: Thu, 16 Jun 2022 13:23:38 +0200 Subject: [PATCH 0289/1248] Argo-cd: Add controller statefulset name truncation at 52 chars. Fixes #1328 (#1329) * Add controller statefulset name truncation at 52 chars Signed-off-by: MichaelVL * Delete old changelog Signed-off-by: MichaelVL --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 17f14860..7c567502 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.2 +version: 4.9.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Use latest URLs" + - "[Fixed]: Long release names cause invalid app controller statefulset resource" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 44af06dd..71d91b20 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -26,9 +26,11 @@ If release name contains chart name it will be used as a full name. {{/* Create controller name and version as used by the chart label. +Truncated at 52 chars because StatefulSet label 'controller-revision-hash' is limited +to 63 chars and it includes 10 chars of hash and a separating '-'. */}} {{- define "argo-cd.controller.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 52 | trimSuffix "-" -}} {{- end -}} {{/* From 7c21bec7f5dcdaae38144e27a2ccbc672cd9b4d3 Mon Sep 17 00:00:00 2001 From: Romain Poirot <32273490+Redlinkk@users.noreply.github.com> Date: Fri, 17 Jun 2022 07:00:56 +0000 Subject: [PATCH 0290/1248] docs(argo-cd): Fix incorrect version in upgrade instructions (#1330) * doc: fix incorrect version in upgrade instructions Signed-off-by: Romain Poirot * Bump chart version and add changelog annotation Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/README.md.gotmpl | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7c567502..2731f1bb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.3 +version: 4.9.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Long release names cause invalid app controller statefulset resource" + - "[Fixed]: Use correct version in upgrade instructions (README.md)" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 41629e38..2fdf8639 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -95,7 +95,7 @@ kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref= Date: Fri, 17 Jun 2022 03:12:52 -0500 Subject: [PATCH 0291/1248] feat(argo-rollouts) Add controller.extraEnv (#1333) * feat(argo-rollouts) Add controller.extraEnv Ability to specify environment variables for rollouts-controller from values.yaml Signed-off-by: Ben Hayden * Also implement extraEnv for dashboard component Signed-off-by: Marco Kilchhofer * Reword changelog line Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 4 +++- .../argo-rollouts/templates/controller/deployment.yaml | 4 ++++ charts/argo-rollouts/templates/dashboard/deployment.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 9 +++++++++ 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 9cf45863..162af6c8 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.2.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.16.0 +version: 2.17.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Argo rollouts dashboard cluster role readonly flags" + - "[Added]: Ability to inject custom environment variables" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 87a26250..0b2de8af 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -63,6 +63,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | | controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | +| controller.extraEnv | list | `[]` | Additional environment variables for rollouts-controller. A list of name/value maps. | | controller.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | controller.image.registry | string | `"quay.io"` | Registry to use | | controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | @@ -100,6 +101,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | | dashboard.enabled | bool | `false` | Deploy dashboard server | | dashboard.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-dashboard. A list of flags. | +| dashboard.extraEnv | list | `[]` | Additional environment variables for rollouts-dashboard. A list of name/value maps. | | dashboard.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | | dashboard.image.registry | string | `"quay.io"` | Registry to use | | dashboard.image.repository | string | `"argoproj/kubectl-argo-rollouts"` | Repository to use | @@ -169,4 +171,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.16.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.17.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index ed0d4ebf..223d13f0 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -43,6 +43,10 @@ spec: {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.extraEnv }} + env: + {{- toYaml . | nindent 8 }} + {{- end }} imagePullPolicy: {{ .Values.controller.image.pullPolicy }} name: argo-rollouts ports: diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 33310ef5..a84d4bbf 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -39,6 +39,10 @@ spec: {{- with .Values.dashboard.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.dashboard.extraEnv }} + env: + {{- toYaml . | nindent 8 }} + {{- end }} name: argo-rollouts-dashboard ports: - containerPort: {{ .Values.dashboard.service.targetPort }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 99d43d4e..aa98cbb8 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -48,6 +48,11 @@ controller: # -- Additional command line arguments to pass to rollouts-controller. A list of flags. extraArgs: [] + # -- Additional environment variables for rollouts-controller. A list of name/value maps. + extraEnv: [] + # - name: AWS_REGION + # value: us-east-1 + # -- Literal yaml for extra containers to be added to controller deployment. ## Additional containers to add to the rollouts controller deployment ## This will be rendered as the literal yaml @@ -176,6 +181,10 @@ dashboard: pullPolicy: IfNotPresent # -- Additional command line arguments to pass to rollouts-dashboard. A list of flags. extraArgs: [] + # -- Additional environment variables for rollouts-dashboard. A list of name/value maps. + extraEnv: [] + # - name: FOO + # value: bar # -- Resource limits and requests for the dashboard pods. resources: {} # -- Security Context to set on pod level From 8aadace16b9cf7a3dc1c563956247377aaf16d67 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 17 Jun 2022 14:31:47 +0200 Subject: [PATCH 0292/1248] ci(github): Migrate "Semantic Pull Requests" App to GH Action (#1334) Signed-off-by: Marco Kilchhofer --- .github/semantic.yml | 3 --- .github/workflows/pr-title.yml | 29 +++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+), 3 deletions(-) delete mode 100644 .github/semantic.yml create mode 100644 .github/workflows/pr-title.yml diff --git a/.github/semantic.yml b/.github/semantic.yml deleted file mode 100644 index d93cf9cc..00000000 --- a/.github/semantic.yml +++ /dev/null @@ -1,3 +0,0 @@ -## Reference: https://github.com/zeke/semantic-pull-requests -# Always validate the PR title, and ignore the commits -titleOnly: true diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml new file mode 100644 index 00000000..be111a06 --- /dev/null +++ b/.github/workflows/pr-title.yml @@ -0,0 +1,29 @@ +## Reference: https://github.com/amannn/action-semantic-pull-request +name: "Lint PR" + +on: + pull_request_target: + types: + - opened + - edited + - synchronize + +jobs: + main: + name: Validate PR title + runs-on: ubuntu-latest + steps: + - uses: amannn/action-semantic-pull-request@v4 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + # Configure which scopes are allowed. + scopes: | + argo-cd + argo-events + argo-rollouts + argo-workflows + argocd-image-updater + github + # Configure that a scope must always be provided. + requireScope: true From 50a473b1ef7bc6f69f8910aeb5d03e527a336c11 Mon Sep 17 00:00:00 2001 From: Scott Cabrinha Date: Wed, 22 Jun 2022 22:49:55 -0700 Subject: [PATCH 0293/1248] feat(argo-cd): Upgrade image to v2.4.2 (#1339) * feat(argo-cd): Upgrade image to v2.4.2 Signed-off-by: scabrinha * Update changelog Signed-off-by: Marco Kilchhofer Co-authored-by: scabrinha Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2731f1bb..a36fb2d1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.0 +appVersion: v2.4.2 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.4 +version: 4.9.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Use correct version in upgrade instructions (README.md)" + - "[Changed]: Update to app version 2.4.2" From 94f4a5e56ee1d7fee6828ed3bd52c39e22d6fc9e Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 23 Jun 2022 15:33:44 +0900 Subject: [PATCH 0294/1248] feat(argo-cd): support clusterResourceBlacklist (#1335) * feat(argo-cd):support clusterResourceBlacklist Signed-off-by: yu-croco * fix(argo-cd): fix lint Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/projects.yaml | 4 ++++ charts/argo-cd/values.yaml | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a36fb2d1..8329fdc8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.2 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.5 +version: 4.9.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.4.2" + - "[Added]: Support clusterResourceBlacklist" diff --git a/charts/argo-cd/templates/argocd-configs/projects.yaml b/charts/argo-cd/templates/argocd-configs/projects.yaml index 54a232c1..e1fa0fc1 100644 --- a/charts/argo-cd/templates/argocd-configs/projects.yaml +++ b/charts/argo-cd/templates/argocd-configs/projects.yaml @@ -31,6 +31,10 @@ spec: clusterResourceWhitelist: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .clusterResourceBlacklist }} + clusterResourceBlacklist: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .namespaceResourceBlacklist }} namespaceResourceBlacklist: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9d56a4dc..e7b96125 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1344,6 +1344,7 @@ server: # - namespace: guestbook # server: https://kubernetes.default.svc # clusterResourceWhitelist: [] + # clusterResourceBlacklist: [] # namespaceResourceBlacklist: # - group: '' # kind: ResourceQuota From 445b2757f5adb4c2144dee4b139ffe28c428f2fc Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 23 Jun 2022 18:29:45 +0900 Subject: [PATCH 0295/1248] fix(argo-workflows): add missing verbs on workflow-controller cluster role for using HTTP templates (#1327) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-cluster-roles.yaml | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 62c849ff..ffe40d5c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.3 +version: 0.16.4 appVersion: v3.3.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Support for mainContainer config" + - "[Fixed]: Add missing verb on workflow-controller cluster role for using HTTP templates" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index a726dd4b..ce1f829f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -154,6 +154,15 @@ rules: - update - patch - delete +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + resourceNames: + {{/* for HTTP templates */}} + - argo-workflows-agent-ca-certificates {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- From 6f8aea37501f226e42838d63b507bfb99d149647 Mon Sep 17 00:00:00 2001 From: Gabriele Date: Thu, 23 Jun 2022 16:43:30 +0200 Subject: [PATCH 0296/1248] fix(argo-cd): fix argo-cd notifications resource names in role (#1340) * fix(argo-cd): fix argo-cd notifications resource names in role Signed-off-by: Gabriele Diener * fix(argo-cd): fix chart version Signed-off-by: Gabriele Diener --- charts/argo-cd/Chart.yaml | 5 +++-- charts/argo-cd/templates/argocd-notifications/role.yaml | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8329fdc8..6b73ba65 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.2 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.6 +version: 4.9.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support clusterResourceBlacklist" + - "[Fixed]: fix ArgoCD notifications config map name in role" + - "[Fixed]: fix ArgoCD notifications secret name in role" diff --git a/charts/argo-cd/templates/argocd-notifications/role.yaml b/charts/argo-cd/templates/argocd-notifications/role.yaml index 75a88e5f..545ff327 100644 --- a/charts/argo-cd/templates/argocd-notifications/role.yaml +++ b/charts/argo-cd/templates/argocd-notifications/role.yaml @@ -28,7 +28,7 @@ rules: - apiGroups: - "" resourceNames: - - {{ template "argo-cd.notifications.fullname" . }}-cm + - {{ include "argo-cd.notifications.configMapName" . }} resources: - configmaps verbs: @@ -36,7 +36,7 @@ rules: - apiGroups: - "" resourceNames: - - {{ template "argo-cd.notifications.fullname" . }}-secret + - {{ include "argo-cd.notifications.secretName" . }} resources: - secrets verbs: From 789ce031bd2ce50cc38dd3b753075cb454d5cfe1 Mon Sep 17 00:00:00 2001 From: "JM\" (Jason Meridth)" Date: Thu, 23 Jun 2022 11:00:43 -0500 Subject: [PATCH 0297/1248] feat(argo-workflows) Upgrade argo-workflows to v3.3.7 (#1337) [Release Notes](https://github.com/argoproj/argo-workflows/releases/tag/v3.3.7) Includes: - fix: Skip TestExitHookWithExpression() completely ([#8761](https://github.com/argoproj/argo-workflows/pull/8761)) Signed-off-by: jmeridth Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ffe40d5c..3c6a6821 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.4 -appVersion: v3.3.6 +version: 0.16.5 +appVersion: v3.3.7 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing verb on workflow-controller cluster role for using HTTP templates" + - "[Changed]: Update to app version v3.3.7" From 87f0f3a99c3542be24b3cc7faefca45828f5d76b Mon Sep 17 00:00:00 2001 From: "JM\" (Jason Meridth)" Date: Fri, 24 Jun 2022 00:47:27 -0500 Subject: [PATCH 0298/1248] feat(argo-workflows): Upgrade argo-workflows to v3.3.8 (#1341) --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3c6a6821..2c617b70 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.5 -appVersion: v3.3.7 +version: 0.16.6 +appVersion: v3.3.8 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v3.3.7" + - "[Changed]: Update to app version v3.3.8" From 5458a88acb4ae11491812c3ebae8ddc07d734282 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 28 Jun 2022 02:44:48 +0900 Subject: [PATCH 0299/1248] fix(argo-cd): fix doc of how to upgrade CRD (#1344) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 6 +++--- charts/argo-cd/README.md.gotmpl | 6 +++--- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6b73ba65..3d1bae72 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.2 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.7 +version: 4.9.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: fix ArgoCD notifications config map name in role" - - "[Fixed]: fix ArgoCD notifications secret name in role" + - "[Fixed]: fix doc of how to upgrade CRD" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2fdf8639..4b604dbb 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -89,10 +89,10 @@ Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs Please use `kubectl` to upgrade CRDs manually from [crds](crds/) folder or via the manifests from the upstream project repo: ```bash -kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref= +kubectl apply -k https://github.com/argoproj/argo-cd/manifests/crds\?ref\= -# Eg. version v2.3.3 -kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref=v2.3.3 +# Eg. version v2.4.2 +kubectl apply -k https://github.com/argoproj/argo-cd/manifests/crds\?ref\=v2.4.2 ``` ### 4.9.0 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 27178fd2..93fb78ce 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -89,10 +89,10 @@ Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs Please use `kubectl` to upgrade CRDs manually from [crds](crds/) folder or via the manifests from the upstream project repo: ```bash -kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref= +kubectl apply -k https://github.com/argoproj/argo-cd/manifests/crds\?ref\= -# Eg. version v2.3.3 -kubectl apply -k https://github.com/argoproj/argo-cd.git/manifests/crds?ref=v2.3.3 +# Eg. version v2.4.2 +kubectl apply -k https://github.com/argoproj/argo-cd/manifests/crds\?ref\=v2.4.2 ``` ### 4.9.0 From 768907653a45ab5c65eb21c9b435857351eaf8a9 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 27 Jun 2022 23:35:25 +0200 Subject: [PATCH 0300/1248] fix(argo-events): Fix generation of configured EventBus versions (#1346) Signed-off-by: Petr Drastil --- charts/argo-events/Chart.yaml | 13 ++----------- .../templates/argo-events-controller/config.yaml | 4 ++-- 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 118d287e..d9f65e9f 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.0 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.0 +version: 2.0.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,13 +15,4 @@ maintainers: - name: whynowy annotations: artifacthub.io/changes: | - - "[Added]: Argo events controller for v1.7.0" - - "[Added]: Argo events addmission webhook deployment" - - "[Added]: Global configuration options for all deployments" - - "[Added]: Pod disruption budgets for HA deployments" - - "[Added]: Support for Prometheus metrics on controller deployment" - - "[Changed]: Enable cluster-wide deployment by default" - - "[Removed]: Deprecated EventBus controller deployment" - - "[Removed]: Deprecated EventSource controller deployment" - - "[Removed]: Deprecated Sensor controller deployment" - - "[Removed]: Removed RBAC that allowed controller to create / modify CRDs" + - "[Fixed]: Fixed generation of configured EventBus versions" diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml index 2458fef9..80c49df3 100644 --- a/charts/argo-events/templates/argo-events-controller/config.yaml +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -9,8 +9,8 @@ data: eventBus: {{- if .Values.configs.nats.versions }} nats: - {{- range .Values.configs.nats.versions }} versions: + {{- range .Values.configs.nats.versions }} - version: {{ .version }} natsStreamingImage: {{ .natsStreamingImage }} metricsExporterImage: {{ .metricsExporterImage }} @@ -30,8 +30,8 @@ data: maxBytes: {{ .Values.configs.jetstream.streamConfig.maxBytes }} replicas: {{ .Values.configs.jetstream.streamConfig.replicas }} duplicates: {{ .Values.configs.jetstream.streamConfig.duplicates }} - {{- range .Values.configs.jetstream.versions }} versions: + {{- range .Values.configs.jetstream.versions }} - version: {{ .version }} natsImage: {{ .natsImage }} metricsExporterImage: {{ .metricsExporterImage }} From 4a1903d0b89ce4d890db32e7ab2b5b443f9dcd32 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Tue, 28 Jun 2022 09:20:25 -0400 Subject: [PATCH 0301/1248] feat(argo-cd): Upgrade argocd to v2.4.3 (#1348) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3d1bae72..84f55479 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.2 +appVersion: v2.4.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.8 +version: 4.9.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: fix doc of how to upgrade CRD" + - [Changed]: Update to app version 2.4.3" From 28d12acb0ec663b58f96ef39e0030ba8a66d84b7 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Tue, 28 Jun 2022 11:11:29 -0400 Subject: [PATCH 0302/1248] feat(argo-cd): Upgrade argocd redis-ha dependency (#1349) Signed-off-by: smcavallo --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 932ea555..f2113369 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.16.0 -digest: sha256:fa6a784ee32cc11fbc1bbbbaafcb179e447bc984e898ae35a1cd4408dbed7ccb -generated: "2022-05-25T11:44:28.53802+02:00" + version: 4.16.1 +digest: sha256:83d33cc45a9abc134f4de4bbe6b0036196bd8e153ee7392efdf3a1407698078e +generated: "2022-06-28T09:30:44.5453445-04:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 84f55479..408854a4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.9 +version: 4.9.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -16,9 +16,9 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.16.0 + version: 4.16.1 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - [Changed]: Update to app version 2.4.3" + - [Changed]: Update redis-ha dependency for cve mitigation" From 055677a45e361d113f1c58aacb367ab86f767c49 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 29 Jun 2022 00:59:25 +0200 Subject: [PATCH 0303/1248] feat(argo-events): Add new maintainer for argo-events (#1347) Signed-off-by: Petr Drastil Co-authored-by: Alex Collins --- CODEOWNERS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index e3876444..88016b72 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -10,7 +10,7 @@ /charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco # Argo Events -/charts/argo-events/ @jbehling @VaibhavPage +/charts/argo-events/ @jbehling @VaibhavPage @pdrastil # Argo Rollouts -/charts/argo-rollouts/ +/charts/argo-rollouts/ From 34640e00bdbb84be3bcd7c181c20d5ce9d89c7d7 Mon Sep 17 00:00:00 2001 From: Thomas Loubiou Date: Wed, 29 Jun 2022 15:09:56 +0200 Subject: [PATCH 0304/1248] fix(argo-cd): bump redis-ha dependency to 4.17.1 (#1350) Signed-off-by: Thomas Loubiou --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index f2113369..02e8942b 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.16.1 -digest: sha256:83d33cc45a9abc134f4de4bbe6b0036196bd8e153ee7392efdf3a1407698078e -generated: "2022-06-28T09:30:44.5453445-04:00" + version: 4.17.1 +digest: sha256:eecc8c4bee9af2f12aa6c7e6d0d76c87a8c0b06aa3f2af8405578c4725a5f501 +generated: "2022-06-29T14:57:19.381444853+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 408854a4..d8a2db97 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.10 +version: 4.9.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -16,9 +16,9 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.16.1 + version: 4.17.1 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - [Changed]: Update redis-ha dependency for cve mitigation" + - [Changed]: Update redis-ha dependency for better configuration options From 418ec740b425193bf23bc0537203d24bc4a92803 Mon Sep 17 00:00:00 2001 From: "JM\" (Jason Meridth)" Date: Wed, 29 Jun 2022 08:35:17 -0500 Subject: [PATCH 0305/1248] chore(argo-cd): Add jmeridth to argo-cd in CODEOWNERS to help with PRs (#1351) - [x] already helping with argo-workflows PRs Signed-off-by: jmeridth --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 88016b72..c161dac3 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,7 +7,7 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco +/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth # Argo Events /charts/argo-events/ @jbehling @VaibhavPage @pdrastil From 6d2dd8cca78f419f0f43216f45e3870165d7493d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 4 Jul 2022 11:49:55 +0200 Subject: [PATCH 0306/1248] feat(argo-events): Upgrade controller to v1.7.1 (#1358) Signed-off-by: Petr Drastil --- charts/argo-events/Chart.yaml | 8 +++++--- .../templates/argo-events-controller/config.yaml | 1 + charts/argo-events/values.yaml | 16 ++++++++-------- 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index d9f65e9f..ecf2d612 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.0 +appVersion: v1.7.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.1 +version: 2.0.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -11,8 +11,10 @@ keywords: sources: - https://github.com/argoproj/argo-events maintainers: + - name: pdrastil - name: VaibhavPage - name: whynowy annotations: artifacthub.io/changes: | - - "[Fixed]: Fixed generation of configured EventBus versions" + - "[Changed]: Upgrade Argo events controller to v1.7.1" + - "[Changed]: Upgrade sample configuration for NATs images" diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml index 80c49df3..486fa364 100644 --- a/charts/argo-events/templates/argo-events-controller/config.yaml +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -24,6 +24,7 @@ data: # Only configure "max_memory_store" or "max_file_store", do not set "store_dir" as it has been hardcoded. max_memory_store: {{ .Values.configs.jetstream.settings.maxMemoryStore | default -1 }} max_file_store: {{ .Values.configs.jetstream.settings.maxFileStore | default -1 }} + # The default properties of the streams to be created in this JetStream service streamConfig: | maxMsgs: {{ .Values.configs.jetstream.streamConfig.maxMsgs }} maxAge: {{ .Values.configs.jetstream.streamConfig.maxAge }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 41b76e8b..68bad5a3 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -92,19 +92,19 @@ configs: # @default -- `[]` (See [values.yaml]) versions: [] # - version: latest - # natsImage: nats:2.8.1 + # natsImage: nats:2.8.2 # metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - # configReloaderImage: natsio/nats-server-config-reloader:0.6.3 + # configReloaderImage: natsio/nats-server-config-reloader:0.7.0 # startCommand: /nats-server - # - version: "2.8.1" - # natsImage: nats:2.8.1 + # - version: "2.8.2" + # natsImage: nats:2.8.2 # metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - # configReloaderImage: natsio/nats-server-config-reloader:0.6.3 + # configReloaderImage: natsio/nats-server-config-reloader:0.7.0 # startCommand: /nats-server - # - version: 2.8.1-alpine - # natsImage: nats:2.8.1-alpine + # - version: 2.8.2-alpine + # natsImage: nats:2.8.2-alpine # metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - # configReloaderImage: natsio/nats-server-config-reloader:0.6.3 + # configReloaderImage: natsio/nats-server-config-reloader:0.7.0 # startCommand: nats-server ## Argo Events controller From e40abee91f29fb89ec34a1200823211d62b6d760 Mon Sep 17 00:00:00 2001 From: darklore <958690+darklore@users.noreply.github.com> Date: Wed, 6 Jul 2022 21:38:55 +0900 Subject: [PATCH 0307/1248] fix(argo-events): Fix selectorLabels of ServiceMonitor (#1361) Signed-off-by: darklore --- charts/argo-events/Chart.yaml | 5 ++--- .../templates/argo-events-controller/servicemonitor.yaml | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index ecf2d612..4ebfea81 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.2 +version: 2.0.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -16,5 +16,4 @@ maintainers: - name: whynowy annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Argo events controller to v1.7.1" - - "[Changed]: Upgrade sample configuration for NATs images" + - "[Fixed]: Fixed selectorLabel of ServiceMonitor that doesn't match metrics Service" diff --git a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml index c24979eb..6c1f23ca 100644 --- a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml +++ b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml @@ -34,5 +34,5 @@ spec: - {{ .Release.Namespace }} selector: matchLabels: - {{- include "argo-events.selectorLabels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 6 }} + {{- include "argo-events.selectorLabels" (dict "context" . "component" .Values.controller.name "name" (printf "%s-metrics" .Values.controller.name)) | nindent 6 }} {{- end }} From cb84719b1a35bebfb9113fef54a7fdeaa1e86fa9 Mon Sep 17 00:00:00 2001 From: Usman Malik Date: Thu, 7 Jul 2022 18:45:59 +0200 Subject: [PATCH 0308/1248] feat(argo-cd): Upgrade argocd to v2.4.4 (#1363) Signed-off-by: imusmanmalik --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d8a2db97..c869f989 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.3 +appVersion: v2.4.4 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.11 +version: 4.9.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - [Changed]: Update redis-ha dependency for better configuration options + - [Changed]: Update to app version 2.4.4" From 8f3aed978ce8d839a4fe09bc95533d26daf533e2 Mon Sep 17 00:00:00 2001 From: Victor Login Date: Sun, 10 Jul 2022 04:36:36 +0600 Subject: [PATCH 0309/1248] fix(github): update link to the project page in README.md (#1362) Signed-off-by: Login Victor --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a5bbf0d9..61922839 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) -Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. The charts can be added using following command: +Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: ``` helm repo add argo https://argoproj.github.io/argo-helm From e01c6130461235038334d070b154182ed6a42814 Mon Sep 17 00:00:00 2001 From: Tadayuki Onishi Date: Wed, 13 Jul 2022 09:10:34 +0900 Subject: [PATCH 0310/1248] feat(argo-workflows): Assign common labels to some resources (#1369) * feat(argo-workflows): Assign common labels to controller resources Signed-off-by: kenchan0130 * feat(argo-workflows): Assign common labels to the server sa resource Signed-off-by: kenchan0130 * Update argo-workflows Chart.yaml Signed-off-by: kenchan0130 --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-aggregate-roles.yaml | 3 +++ .../controller/workflow-controller-cluster-roles.yaml | 2 ++ .../templates/controller/workflow-controller-sa.yaml | 2 ++ charts/argo-workflows/templates/controller/workflow-rb.yaml | 2 ++ charts/argo-workflows/templates/controller/workflow-role.yaml | 2 ++ charts/argo-workflows/templates/controller/workflow-sa.yaml | 2 ++ charts/argo-workflows/templates/server/server-sa.yaml | 2 ++ 8 files changed, 17 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 2c617b70..a2e8c940 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.6 +version: 0.16.7 appVersion: v3.3.8 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v3.3.8" + - "[Changed]: Assign common labels to some resources" diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml index 5a89fe75..977bb86b 100644 --- a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -4,6 +4,7 @@ kind: ClusterRole metadata: name: {{ template "argo-workflows.fullname" . }}-view labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rbac.authorization.k8s.io/aggregate-to-view: "true" rules: - apiGroups: @@ -29,6 +30,7 @@ kind: ClusterRole metadata: name: {{ template "argo-workflows.fullname" . }}-edit labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rbac.authorization.k8s.io/aggregate-to-edit: "true" rules: - apiGroups: @@ -59,6 +61,7 @@ kind: ClusterRole metadata: name: {{ template "argo-workflows.fullname" . }}-admin labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rbac.authorization.k8s.io/aggregate-to-admin: "true" rules: - apiGroups: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index ce1f829f..bab7cc23 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -170,6 +170,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: - apiGroups: - argoproj.io diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index f5e10857..3acc93ab 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -3,6 +3,8 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.controllerServiceAccountName" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{ with .Values.controller.serviceAccount.annotations }} annotations: {{- toYaml .| nindent 4 }} diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 41809c7c..6f9ba23d 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -5,6 +5,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-workflows.fullname" $ }}-workflow + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} {{- with $namespace }} namespace: {{ . }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 75913b90..38c0ed43 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -5,6 +5,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-workflows.fullname" $ }}-workflow + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} {{- with $namespace }} namespace: {{ . }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 7c76585a..43e6cbf6 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -5,6 +5,8 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ $.Values.workflow.serviceAccount.name }} + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} {{- with $namespace }} namespace: {{ . }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml index adcf7b48..5525d7af 100644 --- a/charts/argo-workflows/templates/server/server-sa.yaml +++ b/charts/argo-workflows/templates/server/server-sa.yaml @@ -3,6 +3,8 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.serverServiceAccountName" . }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} From 1fda562239357e7fbabdc1cdb36faf96a58ade66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Kalinowski?= Date: Wed, 13 Jul 2022 22:42:30 +0200 Subject: [PATCH 0311/1248] feat(argo-cd): Upgrade argocd to v2.4.6 (#1373) Signed-off-by: Pawel Kalinowski --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c869f989..5159c240 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.4 +appVersion: v2.4.6 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.12 +version: 4.9.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - [Changed]: Update to app version 2.4.4" + - [Changed]: Update to app version 2.4.6" From 9c245d4e65135635d6724579d1e9876fe99f02a9 Mon Sep 17 00:00:00 2001 From: Daniel Nachtrub Date: Thu, 14 Jul 2022 15:02:52 +0200 Subject: [PATCH 0312/1248] feat(argo-cd): Added apiVersion switch for autoscaling resources (#1375) * Added apiVersion switch for autoscaling Signed-off-by: dn * bumped chart version added changelog Signed-off-by: dn * updated docs with helm-docs 1.9.1 Signed-off-by: dn * added new line end of file (lint issue) Signed-off-by: dn * replaced linebreaks in chart.yaml with LF Signed-off-by: dn * Apply changes from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/_helpers.tpl | 13 +++++++++++++ .../argo-cd/templates/argocd-repo-server/hpa.yaml | 14 +++++++++++++- charts/argo-cd/templates/argocd-server/hpa.yaml | 14 +++++++++++++- charts/argo-cd/values.yaml | 2 ++ 6 files changed, 44 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5159c240..3a78cafc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.6 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.13 +version: 4.9.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - [Changed]: Update to app version 2.4.6" + - [Changed]: Autoscaling now uses autoscaling/v2 apiVersion on kubernetes >= 1.23 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4b604dbb..475bf8c1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -213,6 +213,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| +| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of certmanager resources rendered by this helm chart | | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 71d91b20..cf761118 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -219,6 +219,19 @@ Return the appropriate apiVersion for ingress {{- end -}} {{- end -}} +{{/* +Return the appropriate apiVersion for autoscaling +*/}} +{{- define "argo-cd.autoscaling.apiVersion" -}} +{{- if .Values.apiVersionOverrides.autoscaling -}} +{{- print .Values.apiVersionOverrides.autoscaling -}} +{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" $) -}} +{{- print "autoscaling/v2beta1" -}} +{{- else -}} +{{- print "autoscaling/v2" -}} +{{- end -}} +{{- end -}} + {{/* Return the target Kubernetes version */}} diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index 65e379dd..2d179ca4 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -1,5 +1,5 @@ {{- if .Values.repoServer.autoscaling.enabled }} -apiVersion: autoscaling/v2beta1 +apiVersion: {{ include "argo-cd.autoscaling.apiVersion" . }} kind: HorizontalPodAutoscaler metadata: labels: @@ -17,12 +17,24 @@ spec: - type: Resource resource: name: memory + {{- if eq (include "argo-cd.autoscaling.apiVersion" $) "autoscaling/v2beta1" }} targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} {{- end }} {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu + {{- if eq (include "argo-cd.autoscaling.apiVersion" $) "autoscaling/v2beta1" }} targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index e079a7e2..6fd444ec 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.autoscaling.enabled }} -apiVersion: autoscaling/v2beta1 +apiVersion: {{ include "argo-cd.autoscaling.apiVersion" . }} kind: HorizontalPodAutoscaler metadata: labels: @@ -17,12 +17,24 @@ spec: - type: Resource resource: name: memory + {{- if eq (include "argo-cd.autoscaling.apiVersion" $) "autoscaling/v2beta1" }} targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} {{- end }} {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu + {{- if eq (include "argo-cd.autoscaling.apiVersion" $) "autoscaling/v2beta1" }} targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e7b96125..541586ec 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -53,6 +53,8 @@ apiVersionOverrides: certmanager: "" # cert-manager.io/v1 # -- String to override apiVersion of ingresses rendered by this helm chart ingress: "" # networking.k8s.io/v1beta1 + # -- String to override apiVersion of autoscaling rendered by this helm chart + autoscaling: "" # autoscaling/v2 # -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles From 8ef5710660f56d353dae6c3cd8ac4b2f0c026498 Mon Sep 17 00:00:00 2001 From: Vlad Voloshyn Date: Fri, 15 Jul 2022 14:43:03 +0300 Subject: [PATCH 0313/1248] feat(argo-rollouts): Add extra manifests option to chart (#1366) * feat(argo-rollouts): Add extra manifests option to chart Signed-off-by: Vlad Voloshyn * fix indent Signed-off-by: Vlad Voloshyn * Apply suggestions from code review Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 ++- charts/argo-rollouts/templates/extra-manifests.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 13 +++++++++++++ 4 files changed, 21 insertions(+), 3 deletions(-) create mode 100644 charts/argo-rollouts/templates/extra-manifests.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 162af6c8..cd411e66 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.2.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.17.0 +version: 2.18.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Ability to inject custom environment variables" + - "[Added]: Additional manifests to deploy within the chart" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 0b2de8af..89e982fe 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -42,6 +42,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | clusterInstall | bool | `true` | `false` runs controller in namespaced mode (does not require cluster RBAC) | | crdAnnotations | object | `{}` | Annotations to be added to all CRDs | +| extraObjects | list | `[]` | Additional manifests to deploy within the chart. A list of objects. | | fullnameOverride | string | `nil` | String to fully override "argo-rollouts.fullname" template | | imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Registry secret names as an array. | | installCRDs | bool | `true` | Install and upgrade CRDs | @@ -171,4 +172,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.17.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.18.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/extra-manifests.yaml b/charts/argo-rollouts/templates/extra-manifests.yaml new file mode 100644 index 00000000..a9bb3b6b --- /dev/null +++ b/charts/argo-rollouts/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraObjects }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index aa98cbb8..b8ebfc49 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -22,6 +22,19 @@ apiVersionOverrides: # -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" +# -- Additional manifests to deploy within the chart. A list of objects. +## Can be used to add secrets for Analysis with 3rd-party monitoring solutions. +extraObjects: [] + # - apiVersion: v1 + # kind: Secret + # metadata: + # name: datadog + # type: Opaque + # data: + # address: https://api.datadoghq.com + # api-key: + # app-key: + controller: # -- Value of label `app.kubernetes.io/component` component: rollouts-controller From 1bf8dd4fdcfe47eb1e1c00a4eba6278192d9290d Mon Sep 17 00:00:00 2001 From: Philipp B Date: Tue, 19 Jul 2022 08:25:22 +0200 Subject: [PATCH 0314/1248] feat(argo-cd): Upgrade argocd to v2.4.7 (#1378) Signed-off-by: Philipp Born --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3a78cafc..8c643381 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.6 +appVersion: v2.4.7 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.14 +version: 4.9.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - [Changed]: Autoscaling now uses autoscaling/v2 apiVersion on kubernetes >= 1.23 + - "[Changed]: Update to app version 2.4.7" From 833c877ca531b354614975afd026ba391366907a Mon Sep 17 00:00:00 2001 From: yanyx Date: Tue, 19 Jul 2022 20:47:42 +0800 Subject: [PATCH 0315/1248] fix(argo-cd): fix unmarshal annotaions error (#1379) Signed-off-by: Yixing Yan --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-notifications/service-metrics.yaml | 15 +++++++++------ 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8c643381..1444e478 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.7 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.15 +version: 4.9.16 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.4.7" + - "[Fixed]: Fix ArgoCD notification metrics unmarshal error" diff --git a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml index 118fc428..8e0a92a8 100644 --- a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml @@ -5,18 +5,21 @@ metadata: name: {{ template "argo-cd.notifications.fullname" . }}-metrics labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 4 }} - {{- with .Values.notifications.metrics.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.notifications.metrics.service.annotations }} +{{- if .Values.notifications.metrics.service.labels }} +{{- toYaml .Values.notifications.metrics.service.labels | nindent 4 }} +{{- end }} +{{- if .Values.notifications.metrics.service.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := .Values.notifications.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} {{- end }} +{{- end }} spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} ports: - name: {{ .Values.notifications.metrics.service.portName }} + protocol: TCP port: {{ .Values.notifications.metrics.port }} - targetPort: {{ .Values.notifications.metrics.port }} + targetPort: metrics {{- end }} From 8f0914dc4ef80a468ea66c8069807c735b907315 Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Thu, 21 Jul 2022 11:53:19 +0200 Subject: [PATCH 0316/1248] feat(argo-cd): Truncate version labels to 63 characters (#1368) Allow to use digests. https://github.com/argoproj/argo-helm/issues/417 Signed-off-by: Mathieu Parent --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-application-controller/deployment.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 4 ++-- charts/argo-cd/templates/argocd-notifications/deployment.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 4 ++-- charts/argo-cd/templates/redis/deployment.yaml | 4 ++-- 8 files changed, 16 insertions(+), 16 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1444e478..42ebfaab 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.7 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.9.16 +version: 4.10.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Fix ArgoCD notification metrics unmarshal error" + - [Changed]: Truncate version labels to 63 characters" diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 61642ccf..32a1543d 100755 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -25,7 +25,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.controller.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 79df81bd..5277a559 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | trunc 63 | quote }} spec: replicas: {{ .Values.applicationSet.replicaCount }} selector: @@ -21,7 +21,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 96eb35cd..e1a88ca6 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-cd.notifications.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | trunc 63 | quote }} spec: strategy: {{- .Values.notifications.updateStrategy | toYaml | nindent 4 }} @@ -22,7 +22,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.notifications.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index f3ad2fdc..be556894 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -24,7 +24,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.repoServer.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 66d8381c..f051a3ba 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -24,7 +24,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | quote }} + app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.server.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 2ca2fd6e..7aa13051 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-cd.dex.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} - app.kubernetes.io/version: {{ .Values.dex.image.tag | quote }} + app.kubernetes.io/version: {{ .Values.dex.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -20,7 +20,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 8 }} - app.kubernetes.io/version: {{ .Values.dex.image.tag | quote }} + app.kubernetes.io/version: {{ .Values.dex.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.dex.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 87d143b7..0ce76349 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -6,7 +6,7 @@ metadata: name: {{ template "argo-cd.redis.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} - app.kubernetes.io/version: {{ .Values.redis.image.tag | quote }} + app.kubernetes.io/version: {{ .Values.redis.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -21,7 +21,7 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 8 }} - app.kubernetes.io/version: {{ .Values.redis.image.tag | quote }} + app.kubernetes.io/version: {{ .Values.redis.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.redis.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} From 334d8ae728114ae45f10190b9527d3f70dabc71d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 27 Jul 2022 09:50:42 +0900 Subject: [PATCH 0317/1248] feat(argo-workflows): Add global tag (#1377) * feat(argo-workflows): Moved `.Values.images` values to global Signed-off-by: yu-croco * Revert "feat(argo-workflows): Moved `.Values.images` values to global" This reverts commit 67b4294675440ba2dfef5c8db8473d416144cc35. Signed-off-by: yu-croco * feat(argo-workflows): Add global tag Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 7 ++++--- charts/argo-workflows/templates/_helpers.tpl | 7 +++++++ .../controller/workflow-controller-deployment.yaml | 8 ++++---- .../templates/controller/workflow-controller-service.yaml | 2 +- .../templates/server/server-deployment.yaml | 6 +++--- .../argo-workflows/templates/server/server-service.yaml | 2 +- charts/argo-workflows/values.yaml | 8 +++++--- 8 files changed, 27 insertions(+), 17 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a2e8c940..ac7627a9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.7 +version: 0.16.8 appVersion: v3.3.8 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Assign common labels to some resources" + - "[Added]: Set global tag" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b3aae666..7d14a64f 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -45,6 +45,7 @@ Fields to note: | fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template | | images.pullPolicy | string | `"Always"` | imagePullPolicy to apply to all containers | | images.pullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| images.tag | string | `""` | Common tag for Argo Workflows images. Defaults to `.Chart.AppVersion`. | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | nameOverride | string | `nil` | String to partially override "argo-workflows.fullname" template | | singleNamespace | bool | `false` | Restrict Argo to operate only in a single namespace (the namespace of the Helm release) by apply Roles and RoleBindings instead of the Cluster equivalents, and start workflow-controller with the --namespaced flag. Use it in clusters with strict access policy. | @@ -73,7 +74,7 @@ Fields to note: | controller.extraEnv | list | `[]` | Extra environment variables to provide to the controller container | | controller.image.registry | string | `"quay.io"` | Registry to use for the controller | | controller.image.repository | string | `"argoproj/workflow-controller"` | Registry to use for the controller | -| controller.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| controller.image.tag | string | `""` | Image tag for the workflow controller. Defaults to `.Values.images.tag`. | | controller.initialDelay | string | `nil` | Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 | | controller.instanceID.enabled | bool | `false` | Configures the controller to filter workflow submissions to only those which have a matching instanceID attribute. | | controller.instanceID.explicitID | string | `""` | Use a custom instanceID | @@ -143,7 +144,7 @@ Fields to note: | executor.env | object | `{}` | Adds environment variables for the executor. | | executor.image.registry | string | `"quay.io"` | Registry to use for the Workflow Executors | | executor.image.repository | string | `"argoproj/argoexec"` | Repository to use for the Workflow Executors | -| executor.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| executor.image.tag | string | `""` | Image tag for the workflow executor. Defaults to `.Values.images.tag`. | | executor.resources | object | `{}` | Resource limits and requests for the Workflow Executors | | executor.securityContext | object | `{}` | sets security context for the executor container | @@ -162,7 +163,7 @@ Fields to note: | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | | server.image.registry | string | `"quay.io"` | Registry to use for the server | | server.image.repository | string | `"argoproj/argocli"` | Repository to use for the server | -| server.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| server.image.tag | string | `""` | Image tag for the Argo Workflows server. Defaults to `.Values.images.tag`. | | server.ingress.annotations | object | `{}` | Additional ingress annotations | | server.ingress.enabled | bool | `false` | Enable an ingress resource | | server.ingress.extraPaths | list | `[]` | Additional ingress paths | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 2289951d..f0306cac 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -120,3 +120,10 @@ Return the target Kubernetes version {{- define "argo-workflows.kubeVersion" -}} {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} {{- end -}} + +{{/* +Return the default Argo Workflows app version +*/}} +{{- define "argo-workflows.defaultTag" -}} + {{- default .Chart.AppVersion .Values.images.tag }} +{{- end -}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 9f53a2e4..53cab446 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -4,7 +4,7 @@ metadata: name: {{ template "argo-workflows.controller.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} {{- with .Values.controller.deploymentAnnotations }} annotations: {{- toYaml . | nindent 4 }} @@ -18,7 +18,7 @@ spec: metadata: labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} {{- with.Values.controller.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} @@ -34,14 +34,14 @@ spec: {{- end }} containers: - name: controller - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" imagePullPolicy: {{ .Values.images.pullPolicy }} command: [ "workflow-controller" ] args: - "--configmap" - "{{ template "argo-workflows.controller.fullname" . }}-configmap" - "--executor-image" - - "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ .Values.executor.image.tag | default .Chart.AppVersion }}" + - "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" - "--loglevel" - "{{ .Values.controller.logging.level }}" - "--gloglevel" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 37d4658d..3ca1afad 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-workflows.controller.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.controller.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} {{- with .Values.controller.serviceLabels }} {{ toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index f80ff838..d4881d52 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-workflows.server.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} {{- with .Values.server.deploymentAnnotations }} annotations: {{- toYaml . | nindent 4 }} @@ -19,7 +19,7 @@ spec: metadata: labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} {{- with .Values.server.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} @@ -35,7 +35,7 @@ spec: {{- end }} containers: - name: argo-server - image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ .Values.server.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" imagePullPolicy: {{ .Values.images.pullPolicy }} securityContext: {{- toYaml .Values.server.securityContext | nindent 12 }} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 9161aaef..3b147ab2 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-workflows.server.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.server.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} {{- with .Values.server.serviceAnnotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 70e76ceb..569ac5c5 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -1,4 +1,6 @@ images: + # -- Common tag for Argo Workflows images. Defaults to `.Chart.AppVersion`. + tag: "" # -- imagePullPolicy to apply to all containers pullPolicy: Always # -- Secrets with credentials to pull images from a private registry @@ -45,7 +47,7 @@ controller: registry: quay.io # -- Registry to use for the controller repository: argoproj/workflow-controller - # -- Overrides the image tag whose default is the chart appVersion. + # -- Image tag for the workflow controller. Defaults to `.Values.images.tag`. tag: "" # -- parallelism dictates how many workflows can be running at the same time parallelism: @@ -280,7 +282,7 @@ executor: registry: quay.io # -- Repository to use for the Workflow Executors repository: argoproj/argoexec - # -- Overrides the image tag whose default is the chart appVersion. + # -- Image tag for the workflow executor. Defaults to `.Values.images.tag`. tag: "" # -- Resource limits and requests for the Workflow Executors resources: {} @@ -302,7 +304,7 @@ server: registry: quay.io # -- Repository to use for the server repository: argoproj/argocli - # -- Overrides the image tag whose default is the chart appVersion. + # -- Image tag for the Argo Workflows server. Defaults to `.Values.images.tag`. tag: "" # -- optional map of annotations to be applied to the ui Deployment deploymentAnnotations: {} From 0a28b48f95e4aabfeb4120530baaf639c5945d67 Mon Sep 17 00:00:00 2001 From: kahirokunn Date: Fri, 29 Jul 2022 23:40:11 +0900 Subject: [PATCH 0318/1248] fix(argo-cd): redis and redis-exporter image was migrated from docker hub to public ecr for docker hub rate limit (#1386) * fix(argo-cd): redis image was migrated from docker hub to public ecr for docker hub rate limit Signed-off-by: kahirokunn * fix(argo-cd): redis-exporter image was migrated from docker hub to public ecr for docker hub rate limit Signed-off-by: kahirokunn --- charts/argo-cd/Chart.yaml | 5 +++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 42ebfaab..f548d0df 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.7 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.0 +version: 4.10.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - [Changed]: Truncate version labels to 63 characters" + - [Changed]: redis image was migrated from docker hub to public ecr for docker hub rate limit + - [Changed]: redis-exporter image was migrated from docker hub to public ecr for docker hub rate limit diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 475bf8c1..590d372d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -639,14 +639,14 @@ NAME: my-release | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | -| redis.image.repository | string | `"redis"` | Redis repository | +| redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis.image.tag | string | `"7.0.0-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | | redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | -| redis.metrics.image.repository | string | `"bitnami/redis-exporter"` | redis-exporter image repository | +| redis.metrics.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | | redis.metrics.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | | redis.metrics.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.metrics.service.annotations | object | `{}` | Metrics service annotations | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 541586ec..7bf92d94 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -593,7 +593,7 @@ redis: image: # -- Redis repository - repository: redis + repository: public.ecr.aws/docker/library/redis # -- Redis tag tag: 7.0.0-alpine # -- Redis imagePullPolicy @@ -711,7 +711,7 @@ redis: enabled: false image: # -- redis-exporter image repository - repository: bitnami/redis-exporter + repository: public.ecr.aws/bitnami/redis-exporter # -- redis-exporter image tag tag: 1.26.0-debian-10-r2 # -- redis-exporter image PullPolicy From b665d53b4d6f7d9434d7ececf289684c6a3805c4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 30 Jul 2022 03:15:02 +0900 Subject: [PATCH 0319/1248] fix(argo-cd): Drop all `~` keys from redis-ha because they cause error on kustomize and cannot document via helm-docs (#1322) * fix(argo-cd): Add notes on redis-ha for kustomize users Signed-off-by: yu-croco * fix(argo-cd): Drop all `~` keys from redis-ha Signed-off-by: yu-croco * feat(argo-cd): keep necessary redis-ha parameters Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 10 +++++----- charts/argo-cd/README.md.gotmpl | 5 +++++ charts/argo-cd/values.yaml | 16 ---------------- 4 files changed, 12 insertions(+), 24 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f548d0df..f5892468 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.7 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.1 +version: 4.10.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - [Changed]: redis image was migrated from docker hub to public ecr for docker hub rate limit - - [Changed]: redis-exporter image was migrated from docker hub to public ecr for docker hub rate limit + - "[Fixed]: Drop all `~` keys from redis-ha because they cause error on kustomize and cannot document via helm-docs" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 590d372d..e563d053 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -696,13 +696,8 @@ The main options are listed here: |-----|------|---------|-------------| | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | -| redis-ha.exporter.image | string | `nil` (follows subchart default) | Exporter image | -| redis-ha.exporter.tag | string | `nil` (follows subchart default) | Exporter tag | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | -| redis-ha.haproxy.image.repository | string | `nil` (follows subchart default) | HAProxy Image Repository | -| redis-ha.haproxy.image.tag | string | `nil` (follows subchart default) | HAProxy Image Tag | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.repository | string | `nil` (follows subchart default) | Redis image repository | | redis-ha.image.tag | string | `"7.0.0-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | @@ -712,6 +707,11 @@ The main options are listed here: | redis-ha.topologySpreadConstraints.maxSkew | string | `""` (defaults to `1`) | Max skew of pods tolerated | | redis-ha.topologySpreadConstraints.topologyKey | string | `""` (defaults to `topology.kubernetes.io/zone`) | Topology key for spread | | redis-ha.topologySpreadConstraints.whenUnsatisfiable | string | `""` (defaults to `ScheduleAnyway`) | Enforcement policy, hard or soft | +| redis-ha.exporter.image | string | `nil` (follows subchart default) | Exporter image | +| redis-ha.exporter.tag | string | `nil` (follows subchart default) | Exporter tag | +| redis-ha.haproxy.image.repository | string | `nil` (follows subchart default) | HAProxy Image Repository | +| redis-ha.haproxy.image.tag | string | `nil` (follows subchart default) | HAProxy Image Tag | +| redis-ha.image.repository | string | `nil` (follows subchart default) | Redis image repository | ### Option 3 - External Redis diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 93fb78ce..99523737 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -288,6 +288,11 @@ The main options are listed here: | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} +| redis-ha.exporter.image | string | `nil` (follows subchart default) | Exporter image | +| redis-ha.exporter.tag | string | `nil` (follows subchart default) | Exporter tag | +| redis-ha.haproxy.image.repository | string | `nil` (follows subchart default) | HAProxy Image Repository | +| redis-ha.haproxy.image.tag | string | `nil` (follows subchart default) | HAProxy Image Tag | +| redis-ha.image.repository | string | `nil` (follows subchart default) | Redis image repository | ### Option 3 - External Redis diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7bf92d94..67ed8e5b 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -784,12 +784,6 @@ redis-ha: exporter: # -- If `true`, the prometheus exporter sidecar is enabled enabled: true - # -- Exporter image - # @default -- `nil` (follows subchart default) - image: ~ - # -- Exporter tag - # @default -- `nil` (follows subchart default) - tag: ~ persistentVolume: # -- Configures persistency on Redis nodes enabled: false @@ -805,20 +799,10 @@ redis-ha: haproxy: # -- Enabled HAProxy LoadBalancing/Proxy enabled: true - image: - # -- HAProxy Image Repository - # @default -- `nil` (follows subchart default) - repository: ~ - # -- HAProxy Image Tag - # @default -- `nil` (follows subchart default) - tag: ~ metrics: # -- HAProxy enable prometheus metric scraping enabled: true image: - # -- Redis image repository - # @default -- `nil` (follows subchart default) - repository: ~ # -- Redis tag tag: 7.0.0-alpine From a1d7e51f8f2d2cb16fb7069dc78f05dd38918b10 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 31 Jul 2022 21:19:47 +0900 Subject: [PATCH 0320/1248] chore(argo-cd): update redis to 7.0.4 for avoiding CVE-2022-30065 (#1387) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f5892468..ae2fe8e6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.7 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.2 +version: 4.10.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Drop all `~` keys from redis-ha because they cause error on kustomize and cannot document via helm-docs" + - "[Changed]: update redis to 7.0.4 for avoiding CVE-2022-30065" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e563d053..d9dbb7cc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -640,7 +640,7 @@ NAME: my-release | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.0-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.4-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | @@ -698,7 +698,7 @@ The main options are listed here: | redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.0-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.4-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 67ed8e5b..dfe758a1 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -595,7 +595,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.0-alpine + tag: 7.0.4-alpine # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent @@ -804,7 +804,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.0-alpine + tag: 7.0.4-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: From 79b109e7d94fcdc43346ae82e74b47654e163770 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Mon, 1 Aug 2022 09:48:52 -0400 Subject: [PATCH 0321/1248] feat(argo-cd): Upgrade argocd to v2.4.8 (#1390) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ae2fe8e6..0f0aa535 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.7 +appVersion: v2.4.8 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.3 +version: 4.10.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: update redis to 7.0.4 for avoiding CVE-2022-30065" + - "[Changed]: Update to app version 2.4.8" From 8b28c6a826308dc26fcd0f06f0bdc3daea0387eb Mon Sep 17 00:00:00 2001 From: Hyeonmin Park Date: Tue, 2 Aug 2022 19:01:34 +0900 Subject: [PATCH 0322/1248] feat(argo-cd): Add entry and notes for admin.enabled (#1370) * feat(argo-cd): Add entry and notes for admin.enabled Signed-off-by: Hyeonmin Park * feat(argo-cd): Consider and add comments for server.config.dex.config Signed-off-by: Hyeonmin Park --- charts/argo-cd/Chart.yaml | 5 +++-- charts/argo-cd/templates/NOTES.txt | 10 ++++++++-- charts/argo-cd/values.yaml | 18 +++++++++++++++++- 3 files changed, 28 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0f0aa535..0bf77577 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.8 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.4 +version: 4.10.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.4.8" + - [Added]: Add entry and notes for admin.enabled + - [Added]: Add comments for server.config.dex.config diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 34cdaaca..ceb40d66 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -1,6 +1,6 @@ {{- if or .Values.configs.repositoryCredentials .Values.server.config.repositories }} -WARNING: You are using configs.repositoryCredentials and/or server.config.repositories parameter that are DEPRECATED -Instead, use configs.repositoryTemplates and/or configs.repositories parameters +WARNING: You are using `configs.repositoryCredentials` and/or `server.config.repositories` parameter that are DEPRECATED +Instead, use `configs.repositoryTemplates` and/or `configs.repositories` parameters Read More about here: https://argo-cd.readthedocs.io/en/latest/operator-manual/declarative-setup/#legacy-behaviour {{- end}} @@ -15,8 +15,14 @@ In order to access the server UI you have the following options: - Add the `--insecure` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts +{{ if eq (index .Values.server.config "admin.enabled") "true" -}} After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running: kubectl -n {{ .Release.Namespace }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d (You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://github.com/argoproj/argo-cd/blob/master/docs/getting_started.md#4-login-using-the-cli) +{{ else if or (index .Values.server.config "dex.config") (index .Values.server.config "oidc.config") -}} +After reaching the UI the first time you can login using Dex or OIDC. +{{ else -}} +After reaching the UI the first time you cannot login with username and password since you've disabled it. You should enable admin back or configure Dex via `server.config.dex.config` or OIDC via `server.config.oidc.config`. +{{ end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index dfe758a1..4966cc30 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1213,7 +1213,7 @@ server: # Argo CD instance label key application.instanceLabelKey: argocd.argoproj.io/instance - # Enabled logs RBAC enforcement + # Enable logs RBAC enforcement # Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement server.rbac.log.enforce.enable: "false" @@ -1234,6 +1234,22 @@ server: # url: https://argoproj.github.io/argo-helm # name: argo + # admin.enabled indicates whether the admin user is enabled. It is enabled by default. + # https://argo-cd.readthedocs.io/en/latest/faq/#how-to-disable-admin-user + admin.enabled: "true" + + # dex.config: | + # connectors: + # # GitHub example + # - type: github + # id: github + # name: GitHub + # config: + # clientID: aabbccddeeff00112233 + # clientSecret: $dex.github.clientSecret # Alternatively $:dex.github.clientSecret + # orgs: + # - name: your-github-org + # oidc.config: | # name: AzureAD # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 From 57b142f5caddb9f97e396d85fd712f439de7305d Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 4 Aug 2022 12:14:32 +0200 Subject: [PATCH 0323/1248] ci(github): Cleanup unused chart-repos (#1392) Signed-off-by: Marco Kilchhofer --- .github/configs/ct-install.yaml | 4 ---- .github/configs/ct-lint.yaml | 4 ---- .github/workflows/lint-and-test.yml | 1 - .github/workflows/pr-sizing.yml | 1 - .github/workflows/publish.yml | 9 +++------ 5 files changed, 3 insertions(+), 16 deletions(-) diff --git a/.github/configs/ct-install.yaml b/.github/configs/ct-install.yaml index ff56c21c..df00bb1e 100644 --- a/.github/configs/ct-install.yaml +++ b/.github/configs/ct-install.yaml @@ -6,11 +6,7 @@ target-branch: main chart-dirs: - charts chart-repos: - - argo=https://argoproj.github.io/argo-helm - - minio=https://helm.min.io/ - dandydeveloper=https://dandydeveloper.github.io/charts/ - - stable=https://charts.helm.sh/stable - - incubator=https://charts.helm.sh/incubator helm-extra-args: "--timeout 600s" validate-chart-schema: false validate-maintainers: true diff --git a/.github/configs/ct-lint.yaml b/.github/configs/ct-lint.yaml index 16d01791..1e66067a 100644 --- a/.github/configs/ct-lint.yaml +++ b/.github/configs/ct-lint.yaml @@ -6,11 +6,7 @@ target-branch: main chart-dirs: - charts chart-repos: - - argo=https://argoproj.github.io/argo-helm - - minio=https://helm.min.io/ - dandydeveloper=https://dandydeveloper.github.io/charts/ - - stable=https://charts.helm.sh/stable - - incubator=https://charts.helm.sh/incubator helm-extra-args: "--timeout 600s" validate-chart-schema: false validate-maintainers: true diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index bd2bfe3f..6b4d971f 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -1,5 +1,4 @@ ## Reference: https://github.com/helm/chart-testing-action ---- name: Linting and Testing on: pull_request jobs: diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 7f35a417..bcdfc440 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -1,5 +1,4 @@ ## Reference: https://github.com/pascalgn/size-label-action ---- name: 'PR Labeling' on: pull_request_target: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c3089bc3..729c2621 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,10 +1,10 @@ ---- +## Reference: https://github.com/helm/chart-releaser-action name: Chart Publish on: push: branches: - main - - rewrite-build + jobs: publish: runs-on: ubuntu-latest @@ -19,11 +19,8 @@ jobs: - name: Add dependency chart repos run: | - helm repo add argo https://argoproj.github.io/argo-helm - helm repo add minio https://helm.min.io/ helm repo add dandydeveloper https://dandydeveloper.github.io/charts/ - helm repo add stable https://charts.helm.sh/stable - helm repo add incubator https://charts.helm.sh/incubator + - name: Configure Git run: | git config user.name "$GITHUB_ACTOR" From 5b6cb2678a4558c39100084c7c0e8f5dd58de430 Mon Sep 17 00:00:00 2001 From: JM Date: Wed, 10 Aug 2022 06:43:17 -0500 Subject: [PATCH 0324/1248] feat(argo-workflows): Upgrade argo-workflows to v3.3.9 (#1393) [Release Notes](https://github.com/argoproj/argo-workflows/releases/tag/v3.3.9) Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ac7627a9..7deac3ba 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.8 -appVersion: v3.3.8 +version: 0.16.9 +appVersion: v3.3.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Added]: Set global tag" + - "[Changed]: Update to app version v3.3.9" From eade73f62e94587876eeb8b04889c4b288532734 Mon Sep 17 00:00:00 2001 From: JM Date: Thu, 11 Aug 2022 15:41:22 -0500 Subject: [PATCH 0325/1248] feat(argo-cd): Upgrade argocd to v2.4.9 (#1395) [Release Notes](https://github.com/argoproj/argo-cd/releases/tag/v2.4.9) [Diff between v2.4.8 and v2.4.9 of argo-cd](https://github.com/argoproj/argo-cd/compare/v2.4.8...v2.4.9) - 9 doc changes - 3 fixes Signed-off-by: jmeridth --- charts/argo-cd/Chart.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0bf77577..fd5842f4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.8 +appVersion: v2.4.9 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.5 +version: 4.10.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - [Added]: Add entry and notes for admin.enabled - - [Added]: Add comments for server.config.dex.config + - "[Changed]: Update to app version 2.4.9" From 1a5a22b774f075f4d0c578a02696eca45d870fdd Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 12 Aug 2022 02:07:38 +0200 Subject: [PATCH 0326/1248] chore(github): Enable GitHub Discussions (#1397) Signed-off-by: Marco Kilchhofer Signed-off-by: Marco Kilchhofer --- .github/ISSUE_TEMPLATE/config.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 5a31b2c7..bb9a2645 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,6 +1,9 @@ blank_issues_enabled: false contact_links: + - name: Ask a question + url: https://github.com/argoproj/argo-helm/discussions/new + about: Ask a question or start a discussion about our community Helm Charts - name: Chat on Slack url: https://argoproj.github.io/community/join-slack about: Maybe chatting with the community can help From fce51dfec34667d9c8e307e4ed009b36fc8f6ab1 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 17 Aug 2022 09:06:40 +0900 Subject: [PATCH 0327/1248] fix(argo-workflows): Changed default .Values.artifactRepository.s3.insecure to false for security (#1401) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/values.yaml | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 7deac3ba..6e3474f4 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.16.9 +version: 0.17.0 appVersion: v3.3.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm @@ -15,4 +15,4 @@ maintainers: - name: benjaminws annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version v3.3.9" + - "[Fixed]: Changed default .Values.artifactRepository.s3.insecure to false for security" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 569ac5c5..da69440a 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -502,7 +502,8 @@ artifactRepository: secretKeySecret: # name: -minio key: secretkey - insecure: true + # insecure will disable TLS. Primarily used for minio installs not configured with TLS + insecure: false # bucket: # endpoint: # region: From bcf785e395b2d2845f3fed3f6ae547ff41487d83 Mon Sep 17 00:00:00 2001 From: JM Date: Wed, 17 Aug 2022 19:28:01 -0500 Subject: [PATCH 0328/1248] feat(argo-cd): Upgrade argocd to v2.4.10 (#1404) [Release notes](https://github.com/argoproj/argo-cd/releases/tag/v2.4.10) [Diff between argo-cd v2.4.9 and v2.4.10](https://github.com/argoproj/argo-cd/compare/v2.4.9...v2.4.10) - 3 doc changes - 3 fixes Signed-off-by: jmeridth Signed-off-by: jmeridth --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fd5842f4..01976948 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.9 +appVersion: v2.4.10 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.6 +version: 4.10.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.4.9" + - "[Changed]: Update to app version 2.4.10" From 5d39e4942272a141e7577ca98fb4c6102e0e8f10 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 19 Aug 2022 21:37:29 +0200 Subject: [PATCH 0329/1248] chore(argo-cd): Update documentation (#1400) * chore(argo-cd): Update documentation Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +-- charts/argo-cd/README.md | 64 ++++++++++++++++++--------------- charts/argo-cd/README.md.gotmpl | 33 +++++++++++------ 3 files changed, 61 insertions(+), 40 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 01976948..78b5c7a0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.10 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.7 +version: 4.10.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.4.10" + - "[Changed]: Improved documentation" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d9dbb7cc..060b4f10 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -28,7 +28,7 @@ redis-ha: enabled: true controller: - enableStatefulSet: true + replicas: 1 server: autoscaling: @@ -39,6 +39,9 @@ repoServer: autoscaling: enabled: true minReplicas: 2 + +applicationSet: + replicas: 2 ``` ### HA mode without autoscaling @@ -48,16 +51,16 @@ redis-ha: enabled: true controller: - enableStatefulSet: true + replicas: 1 server: replicas: 2 - env: - - name: ARGOCD_API_SERVER_REPLICAS - value: '2' repoServer: replicas: 2 + +applicationSet: + replicas: 2 ``` ### Synchronizing Changes from Original Repository @@ -89,10 +92,10 @@ Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs Please use `kubectl` to upgrade CRDs manually from [crds](crds/) folder or via the manifests from the upstream project repo: ```bash -kubectl apply -k https://github.com/argoproj/argo-cd/manifests/crds\?ref\= +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" -# Eg. version v2.4.2 -kubectl apply -k https://github.com/argoproj/argo-cd/manifests/crds\?ref\=v2.4.2 +# Eg. version v2.4.9 +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9" ``` ### 4.9.0 @@ -216,6 +219,30 @@ NAME: my-release | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of certmanager resources rendered by this helm chart | | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | +| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| extraObjects | list | `[]` | Array of extra K8s manifests to deploy | +| fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | +| global.additionalLabels | object | `{}` | Additional labels to add to all resources | +| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | +| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | +| global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | +| global.image.tag | string | `""` | Overrides the global Argo CD image tag whose default is the chart appVersion | +| global.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository | +| global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | +| global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | +| global.podAnnotations | object | `{}` | Annotations for the all deployed pods | +| global.podLabels | object | `{}` | Labels for the all deployed pods | +| global.securityContext | object | `{}` | Toggle and define securityContext. See [values.yaml] | +| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | +| nameOverride | string | `"argocd"` | Provide a name in place of `argocd` | +| openshift.enabled | bool | `false` | enables using arbitrary uid for argo repo server | +| server.additionalApplications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | +| server.additionalProjects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | + +## Argo CD Configs + +| Key | Type | Default | Description | +|-----|------|---------|-------------| | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | @@ -240,25 +267,6 @@ NAME: my-release | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | | configs.tlsCerts | object | See [values.yaml] | TLS certificate | | configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | -| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | -| extraObjects | list | `[]` | Array of extra K8s manifests to deploy | -| fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | -| global.additionalLabels | object | `{}` | Additional labels to add to all resources | -| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | -| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | -| global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | -| global.image.tag | string | `""` | Overrides the global Argo CD image tag whose default is the chart appVersion | -| global.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository | -| global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | -| global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | -| global.podAnnotations | object | `{}` | Annotations for the all deployed pods | -| global.podLabels | object | `{}` | Labels for the all deployed pods | -| global.securityContext | object | `{}` | Toggle and define securityContext. See [values.yaml] | -| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | -| nameOverride | string | `"argocd"` | Provide a name in place of `argocd` | -| openshift.enabled | bool | `false` | enables using arbitrary uid for argo repo server | -| server.additionalApplications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | -| server.additionalProjects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | ## Argo CD Controller @@ -889,7 +897,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters -[General Argo CD configuration]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories +[Declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup [gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 99523737..4385fc1d 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -28,7 +28,7 @@ redis-ha: enabled: true controller: - enableStatefulSet: true + replicas: 1 server: autoscaling: @@ -39,6 +39,9 @@ repoServer: autoscaling: enabled: true minReplicas: 2 + +applicationSet: + replicas: 2 ``` ### HA mode without autoscaling @@ -48,16 +51,16 @@ redis-ha: enabled: true controller: - enableStatefulSet: true + replicas: 1 server: replicas: 2 - env: - - name: ARGOCD_API_SERVER_REPLICAS - value: '2' repoServer: replicas: 2 + +applicationSet: + replicas: 2 ``` ### Synchronizing Changes from Original Repository @@ -89,10 +92,10 @@ Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs Please use `kubectl` to upgrade CRDs manually from [crds](crds/) folder or via the manifests from the upstream project repo: ```bash -kubectl apply -k https://github.com/argoproj/argo-cd/manifests/crds\?ref\= +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" -# Eg. version v2.4.2 -kubectl apply -k https://github.com/argoproj/argo-cd/manifests/crds\?ref\=v2.4.2 +# Eg. version v2.4.9 +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9" ``` ### 4.9.0 @@ -215,7 +218,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if not (or (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) ) }} + {{- if not (or (hasPrefix "configs" .Key) (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) ) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- if hasPrefix "server.additional" .Key }} @@ -223,6 +226,16 @@ NAME: my-release {{- end }} {{- end }} +## Argo CD Configs + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "configs" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + ## Argo CD Controller | Key | Type | Default | Description | @@ -359,7 +372,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters -[General Argo CD configuration]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories +[Declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup [gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs From 914021b38a75fc7ef0727b3e58a1d798a9fe5df2 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 21 Aug 2022 14:14:32 +0900 Subject: [PATCH 0330/1248] chore(github): add argocd-apps on pr-title (#1414) Signed-off-by: yu-croco --- .github/workflows/pr-title.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index be111a06..83dec55e 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -24,6 +24,7 @@ jobs: argo-rollouts argo-workflows argocd-image-updater + argocd-apps github # Configure that a scope must always be provided. requireScope: true From 798c8107c3d0015b8cb93d565cf714c16848b3e8 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 22 Aug 2022 21:32:07 +0900 Subject: [PATCH 0331/1248] feat(argocd-apps): adopt additional Applications/Projects to argocd-apps chart (#1356) Signed-off-by: yu-croco --- .github/ISSUE_TEMPLATE/bug_report.yaml | 1 + .github/ISSUE_TEMPLATE/feature_request.yaml | 1 + .github/configs/labeler.yaml | 3 + charts/argocd-apps/Chart.yaml | 17 +++++ charts/argocd-apps/README.md | 31 ++++++++ charts/argocd-apps/README.md.gotmpl | 26 +++++++ charts/argocd-apps/ci/default-values.yaml | 1 + .../argocd-apps/templates/applications.yaml | 42 ++++++++++ charts/argocd-apps/templates/projects.yaml | 62 +++++++++++++++ charts/argocd-apps/values.yaml | 76 +++++++++++++++++++ 10 files changed, 260 insertions(+) create mode 100644 charts/argocd-apps/Chart.yaml create mode 100644 charts/argocd-apps/README.md create mode 100644 charts/argocd-apps/README.md.gotmpl create mode 100644 charts/argocd-apps/ci/default-values.yaml create mode 100644 charts/argocd-apps/templates/applications.yaml create mode 100644 charts/argocd-apps/templates/projects.yaml create mode 100644 charts/argocd-apps/values.yaml diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml index 0d692e43..bef979b8 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yaml +++ b/.github/ISSUE_TEMPLATE/bug_report.yaml @@ -22,6 +22,7 @@ body: - argo-rollouts - argo-workflows - argocd-image-updater + - argocd-apps - other validations: required: true diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml index b755e584..e3f0c1a8 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yaml +++ b/.github/ISSUE_TEMPLATE/feature_request.yaml @@ -24,6 +24,7 @@ body: - argo-rollouts - argo-workflows - argocd-image-updater + - argocd-apps - other validations: required: true diff --git a/.github/configs/labeler.yaml b/.github/configs/labeler.yaml index b00bd383..acd6f219 100644 --- a/.github/configs/labeler.yaml +++ b/.github/configs/labeler.yaml @@ -12,3 +12,6 @@ argo-workflows: argocd-image-updater: - charts/argocd-image-updater/**/* + +argocd-apps: + - charts/argocd-apps/**/* diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml new file mode 100644 index 00000000..6a3fda06 --- /dev/null +++ b/charts/argocd-apps/Chart.yaml @@ -0,0 +1,17 @@ +apiVersion: v2 +name: argocd-apps +description: A Helm chart for managing additional Argo CD Applications and Projects +type: application +version: 0.0.1 +home: https://github.com/argoproj/argo-helm +icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png +keywords: + - argoproj + - argocd + - gitops +maintainers: + - name: argoproj + url: https://argoproj.github.io/ +annotations: + artifacthub.io/changes: | + - "[Added]: Add additional Applications and Projects" diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md new file mode 100644 index 00000000..ea205caa --- /dev/null +++ b/charts/argocd-apps/README.md @@ -0,0 +1,31 @@ +# argocd-apps + +A Helm chart for managing additional Argo CD Applications and Projects + +To regenerate this document, from the root of this chart directory run: +```shell +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + +## Prerequisites + +- Helm v3.0.0+ +- CRDs (Application and AppProject) + - You need to install them via [argo-cd Helm chart](../argo-cd) or upstream. + +## Installation + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +$ helm install my-release argo/argocd-apps +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| applications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | +| projects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argocd-apps/README.md.gotmpl b/charts/argocd-apps/README.md.gotmpl new file mode 100644 index 00000000..8d628693 --- /dev/null +++ b/charts/argocd-apps/README.md.gotmpl @@ -0,0 +1,26 @@ +{{ template "chart.header" . }} + +{{ template "chart.description" . }} + +To regenerate this document, from the root of this chart directory run: +```shell +docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:latest +``` + +## Prerequisites + +- Helm v3.0.0+ +- CRDs (Application and AppProject) + - You need to install them via [argo-cd Helm chart](../argo-cd) or upstream. + +## Installation + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +$ helm install my-release argo/argocd-apps +``` + +{{ template "chart.valuesSection" . }} + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argocd-apps/ci/default-values.yaml b/charts/argocd-apps/ci/default-values.yaml new file mode 100644 index 00000000..507f1e54 --- /dev/null +++ b/charts/argocd-apps/ci/default-values.yaml @@ -0,0 +1 @@ +# Test with default values diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml new file mode 100644 index 00000000..ea63fc25 --- /dev/null +++ b/charts/argocd-apps/templates/applications.yaml @@ -0,0 +1,42 @@ +{{- range .Values.applications }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + {{- with .additionalAnnotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- with .additionalLabels }} + labels: + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ .name }} + {{- with .namespace }} + namespace: {{ . }} + {{- end }} + {{- with .finalizers }} + finalizers: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + project: {{ tpl .project $ }} + source: + {{- toYaml .source | nindent 4 }} + destination: + {{- toYaml .destination | nindent 4 }} + {{- with .syncPolicy }} + syncPolicy: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .ignoreDifferences }} + ignoreDifferences: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .info }} + info: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml new file mode 100644 index 00000000..5832810b --- /dev/null +++ b/charts/argocd-apps/templates/projects.yaml @@ -0,0 +1,62 @@ +{{- range .Values.projects }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + {{- with .additionalAnnotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- with .additionalLabels }} + labels: + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ .name }} + {{- with .namespace }} + namespace: {{ . }} + {{- end }} + {{- with .finalizers }} + finalizers: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + description: {{ .description }} + sourceRepos: + {{- toYaml .sourceRepos | nindent 4 }} + destinations: + {{- toYaml .destinations | nindent 4 }} + {{- with .clusterResourceWhitelist }} + clusterResourceWhitelist: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .clusterResourceBlacklist }} + clusterResourceBlacklist: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .namespaceResourceBlacklist }} + namespaceResourceBlacklist: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .namespaceResourceWhitelist }} + namespaceResourceWhitelist: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .orphanedResources }} + orphanedResources: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .roles }} + roles: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .syncWindows }} + syncWindows: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .signatureKeys }} + signatureKeys: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml new file mode 100644 index 00000000..ec3cbb41 --- /dev/null +++ b/charts/argocd-apps/values.yaml @@ -0,0 +1,76 @@ +# -- Deploy Argo CD Applications within this helm release +# @default -- `[]` (See [values.yaml]) +## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ +applications: [] +# - name: guestbook +# namespace: argocd +# additionalLabels: {} +# additionalAnnotations: {} +# finalizers: +# - resources-finalizer.argocd.argoproj.io +# project: guestbook +# source: +# repoURL: https://github.com/argoproj/argocd-example-apps.git +# targetRevision: HEAD +# path: guestbook +# directory: +# recurse: true +# destination: +# server: https://kubernetes.default.svc +# namespace: guestbook +# syncPolicy: +# automated: +# prune: false +# selfHeal: false +# ignoreDifferences: +# - group: apps +# kind: Deployment +# jsonPointers: +# - /spec/replicas +# info: +# - name: url +# value: https://argoproj.github.io/ + +# -- Deploy Argo CD Projects within this helm release +# @default -- `[]` (See [values.yaml]) +## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ +projects: [] +# - name: guestbook +# namespace: argocd +# additionalLabels: {} +# additionalAnnotations: {} +# finalizers: +# - resources-finalizer.argocd.argoproj.io +# description: Example Project +# sourceRepos: +# - '*' +# destinations: +# - namespace: guestbook +# server: https://kubernetes.default.svc +# clusterResourceWhitelist: [] +# clusterResourceBlacklist: [] +# namespaceResourceBlacklist: +# - group: '' +# kind: ResourceQuota +# - group: '' +# kind: LimitRange +# - group: '' +# kind: NetworkPolicy +# orphanedResources: {} +# roles: [] +# namespaceResourceWhitelist: +# - group: 'apps' +# kind: Deployment +# - group: 'apps' +# kind: StatefulSet +# orphanedResources: {} +# roles: [] +# syncWindows: +# - kind: allow +# schedule: '10 1 * * *' +# duration: 1h +# applications: +# - '*-prod' +# manualSync: true +# signatureKeys: +# - keyID: ABCDEF1234567890 From 2125c7ac71b1228c978d017fbc7b964b268241dc Mon Sep 17 00:00:00 2001 From: smcavallo Date: Mon, 22 Aug 2022 10:04:01 -0400 Subject: [PATCH 0332/1248] feat(argo-cd): Upgrade argocd to v2.4.11 (#1416) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 78b5c7a0..505b369f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.10 +appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.8 +version: 4.10.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Improved documentation" + - "[Changed]: Update to app version 2.4.11" From b029a6dde311e88624de2247d39f7872f29807a1 Mon Sep 17 00:00:00 2001 From: jphelton Date: Mon, 22 Aug 2022 22:43:13 -0400 Subject: [PATCH 0333/1248] feat(argo-rollouts): flag to disable clusterrole/clusterrolebinding creation (#1388) * feat(argo-rollouts): Add flag to optionally disable the creation of cluster roles (even when running in cluster mode) Signed-off-by: Joshua Helton * fix README.md with helm-docs.sh Signed-off-by: Joshua Helton Signed-off-by: Joshua Helton Co-authored-by: JM --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 5 ++++- charts/argo-rollouts/templates/aggregate-roles.yaml | 2 +- .../templates/controller/clusterrole.yaml | 2 +- .../templates/controller/clusterrolebinding.yaml | 2 +- .../argo-rollouts/templates/dashboard/clusterrole.yaml | 2 +- .../templates/dashboard/clusterrolebinding.yaml | 2 +- charts/argo-rollouts/values.yaml | 10 ++++++++++ 8 files changed, 21 insertions(+), 8 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index cd411e66..94fc2692 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.2.0" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.18.0 +version: 2.19.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,4 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Added]: Additional manifests to deploy within the chart" + - "[Added]: flags to disable the creation of ClusterRoles/ClusterRoleBindings when run in cluster mode " diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 89e982fe..5aecd11b 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -42,6 +42,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | clusterInstall | bool | `true` | `false` runs controller in namespaced mode (does not require cluster RBAC) | | crdAnnotations | object | `{}` | Annotations to be added to all CRDs | +| createClusterAggregateRoles | bool | `true` | flag to enable creation of cluster aggregate roles (requires cluster RBAC) | | extraObjects | list | `[]` | Additional manifests to deploy within the chart. A list of objects. | | fullnameOverride | string | `nil` | String to fully override "argo-rollouts.fullname" template | | imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Registry secret names as an array. | @@ -62,6 +63,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | containerSecurityContext | object | `{}` | Security Context to set on container level | | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | +| controller.createClusterRole | bool | `true` | flag to enable creation of cluster controller role (requires cluster RBAC) | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | | controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | | controller.extraEnv | list | `[]` | Additional environment variables for rollouts-controller. A list of name/value maps. | @@ -100,6 +102,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` | | dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | +| dashboard.createClusterRole | bool | `true` | flag to enable creation of dashbord cluster role (requires cluster RBAC) | | dashboard.enabled | bool | `false` | Deploy dashboard server | | dashboard.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-dashboard. A list of flags. | | dashboard.extraEnv | list | `[]` | Additional environment variables for rollouts-dashboard. A list of name/value maps. | @@ -172,4 +175,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.18.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.19.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/aggregate-roles.yaml b/charts/argo-rollouts/templates/aggregate-roles.yaml index ab3ac6dd..86823903 100644 --- a/charts/argo-rollouts/templates/aggregate-roles.yaml +++ b/charts/argo-rollouts/templates/aggregate-roles.yaml @@ -1,4 +1,4 @@ -{{- if .Values.clusterInstall }} +{{- if and .Values.clusterInstall .Values.createClusterAggregateRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 9581ef96..4db2e81d 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -1,4 +1,4 @@ -{{- if .Values.clusterInstall }} +{{- if and .Values.clusterInstall .Values.controller.createClusterRole }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml index b48ce5b5..cbdb0e23 100644 --- a/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -{{- if .Values.clusterInstall }} +{{- if and .Values.clusterInstall .Values.controller.createClusterRole }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 8dd1ac6b..6a84102d 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +{{- if and .Values.dashboard.enabled .Values.clusterInstall .Values.dashboard.createClusterRole }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml index 331fbe4e..3296060c 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +{{- if and .Values.dashboard.enabled .Values.clusterInstall .Values.dashboard.createClusterRole }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index b8ebfc49..ae24b660 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -6,6 +6,9 @@ keepCRDs: true # -- `false` runs controller in namespaced mode (does not require cluster RBAC) clusterInstall: true +# -- flag to enable creation of cluster aggregate roles (requires cluster RBAC) +createClusterAggregateRoles: true + # -- String to partially override "argo-rollouts.fullname" template nameOverride: @@ -80,6 +83,9 @@ controller: # cpu: 50m # memory: 64Mi + # -- flag to enable creation of cluster controller role (requires cluster RBAC) + createClusterRole: true + metrics: # -- Deploy metrics service enabled: false @@ -181,6 +187,10 @@ dashboard: affinity: {} # -- [priorityClassName] for the dashboard server priorityClassName: "" + + # -- flag to enable creation of dashbord cluster role (requires cluster RBAC) + createClusterRole: true + # -- The number of dashboard pods to run replicas: 1 image: From f4501b21db22506bb24200e1f2288afdedd4b640 Mon Sep 17 00:00:00 2001 From: Luke Date: Tue, 23 Aug 2022 05:09:44 -0600 Subject: [PATCH 0334/1248] chore(github): bump lint container for arm/M1 macs (#1411) --- .github/workflows/lint-and-test.yml | 5 ++++- scripts/lint.sh | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 6b4d971f..1ede7931 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -20,7 +20,10 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.2.1 + uses: helm/chart-testing-action@v2.3.0 + with: + # Note: Also update in scripts/lint.sh + version: v3.7.0 - name: List changed charts id: list-changed diff --git a/scripts/lint.sh b/scripts/lint.sh index 2a4e8c9f..4fcf0870 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -9,7 +9,7 @@ echo -e "\n-- Linting all Helm Charts --\n" docker run \ -v "$SRCROOT:/workdir" \ --entrypoint /bin/sh \ - quay.io/helmpack/chart-testing:v3.3.1 \ + quay.io/helmpack/chart-testing:v3.7.0 \ -c cd /workdir \ ct lint \ --config .github/configs/ct-lint.yaml \ From 31d6a5f3290d869828eeb2655e4e23cdb7e2b903 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 24 Aug 2022 17:12:00 +0200 Subject: [PATCH 0335/1248] chore(argo-cd)!: Remove apps, appprojs and deprecated features (#1417) * feat(argo-cd): move server additionalApplications/additionalProjects to argocd-apps chart Signed-off-by: yu-croco * Remove deprecated features Signed-off-by: Petr Drastil * chore(argo-cd): improve release note Signed-off-by: yu-croco Co-authored-by: yu-croco Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 90 ++++++++++++++++- charts/argo-cd/README.md.gotmpl | 86 +++++++++++++++++ charts/argo-cd/templates/NOTES.txt | 6 -- .../{deployment.yaml => statefulset.yaml} | 4 +- .../argocd-configs/applications.yaml | 42 -------- .../templates/argocd-configs/projects.yaml | 62 ------------ .../repository-credentials-secret-legacy.yaml | 13 --- charts/argo-cd/values.yaml | 96 ------------------- 9 files changed, 177 insertions(+), 228 deletions(-) rename charts/argo-cd/templates/argocd-application-controller/{deployment.yaml => statefulset.yaml} (98%) delete mode 100644 charts/argo-cd/templates/argocd-configs/applications.yaml delete mode 100644 charts/argo-cd/templates/argocd-configs/projects.yaml delete mode 100644 charts/argo-cd/templates/argocd-configs/repository-credentials-secret-legacy.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 505b369f..9fde103a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.9 +version: 5.0.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.4.11" + - "[Removed]: Legacy support to run controller as a Deployment" + - "[Removed]: Legacy support to use old format of repository secrets" + - "[Removed]: Parameters server.additionalApplications and server.additionalProjects are moved to a separate chart - argocd-apps" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 060b4f10..f4d6ae73 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -98,6 +98,92 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref= Date: Thu, 25 Aug 2022 12:10:50 +0530 Subject: [PATCH 0336/1248] feat(argo-cd): Added spec.behavior in HPA (#1376) * added behavior in HPA for api version autoscaling/v2beta1 Signed-off-by: medicharlachiranjeevi * updated readme Signed-off-by: medicharlachiranjeevi * chore: Apply changes from code review Signed-off-by: Marco Kilchhofer * fix: Add missing quote Signed-off-by: Marco Kilchhofer Signed-off-by: medicharlachiranjeevi Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 ++-- charts/argo-cd/README.md | 2 ++ .../templates/argocd-repo-server/hpa.yaml | 12 ++++--- .../argo-cd/templates/argocd-server/hpa.yaml | 12 ++++--- charts/argo-cd/values.yaml | 31 ++++++++++++++++++- 5 files changed, 50 insertions(+), 13 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9fde103a..0eb2ebe4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.0.0 +version: 5.1.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,6 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: Legacy support to run controller as a Deployment" - - "[Removed]: Legacy support to use old format of repository secrets" - - "[Removed]: Parameters server.additionalApplications and server.additionalProjects are moved to a separate chart - argocd-apps" + - "[Added]: Ability to customize HPAs spec.behavior field" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f4d6ae73..17abd65f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -433,6 +433,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | repoServer.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | | repoServer.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the repo server [HPA] | @@ -514,6 +515,7 @@ NAME: my-release | server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | | server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo CD server [HPA] | diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index 2d179ca4..d07478ed 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -13,7 +13,7 @@ spec: minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }} maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }} metrics: -{{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory @@ -24,8 +24,8 @@ spec: averageUtilization: {{ . }} type: Utilization {{- end }} -{{- end }} -{{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu @@ -36,5 +36,9 @@ spec: averageUtilization: {{ . }} type: Utilization {{- end }} -{{- end }} + {{- end }} + {{- with .Values.repoServer.autoscaling.behavior }} + behavior: + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index 6fd444ec..c8df5017 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -13,7 +13,7 @@ spec: minReplicas: {{ .Values.server.autoscaling.minReplicas }} maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} metrics: -{{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory @@ -24,8 +24,8 @@ spec: averageUtilization: {{ . }} type: Utilization {{- end }} -{{- end }} -{{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu @@ -36,5 +36,9 @@ spec: averageUtilization: {{ . }} type: Utilization {{- end }} -{{- end }} + {{- end }} + {{- with .Values.server.autoscaling.behavior }} + behavior: + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2694692c..257649c8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -850,7 +850,21 @@ server: targetCPUUtilizationPercentage: 50 # -- Average memory utilization percentage for the Argo CD server [HPA] targetMemoryUtilizationPercentage: 50 - + # -- Configures the scaling behavior of the target in both Up and Down directions. + # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer + behavior: {} + # scaleDown: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 1 + # periodSeconds: 180 + # scaleUp: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 2 + # periodSeconds: 60 image: # -- Repository to use for the Argo CD server # @default -- `""` (defaults to global.image.repository) @@ -1421,6 +1435,21 @@ repoServer: targetCPUUtilizationPercentage: 50 # -- Average memory utilization percentage for the repo server [HPA] targetMemoryUtilizationPercentage: 50 + # -- Configures the scaling behavior of the target in both Up and Down directions. + # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer + behavior: {} + # scaleDown: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 1 + # periodSeconds: 180 + # scaleUp: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 2 + # periodSeconds: 60 image: # -- Repository to use for the repo server From e6587671d38484d6de61dae033d56340361976f5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 25 Aug 2022 17:42:43 +0900 Subject: [PATCH 0337/1248] feat(argo-cd): manage CRD by Helm (#1342) * feat(argo-cd): manage CRD by Helm Signed-off-by: yu-croco * feat: Implement "crds.keep" like argo-events chart Signed-off-by: Marco Kilchhofer * fix(argo-cd): update path of ArgoCD CRDs Signed-off-by: yu-croco * fix: Don't keep CRDs during chart testing Signed-off-by: Marco Kilchhofer Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 6 ++--- charts/argo-cd/Chart.yaml | 4 +-- charts/argo-cd/README.md | 26 +++++++++++++++++-- charts/argo-cd/README.md.gotmpl | 23 ++++++++++++++-- charts/argo-cd/ci/default-values.yaml | 2 ++ charts/argo-cd/ci/external-redis-values.yaml | 3 +++ charts/argo-cd/ci/ha-autoscaling-values.yaml | 3 +++ charts/argo-cd/ci/ha-static-values.yaml | 3 +++ .../{ => templates}/crds/crd-application.yaml | 11 +++++++- .../crds/crd-applicationset.yaml | 11 +++++++- .../{ => templates}/crds/crd-extension.yaml | 9 +++++++ .../{ => templates}/crds/crd-project.yaml | 9 +++++++ charts/argo-cd/values.yaml | 9 +++++++ 13 files changed, 108 insertions(+), 11 deletions(-) rename charts/argo-cd/{ => templates}/crds/crd-application.yaml (99%) rename charts/argo-cd/{ => templates}/crds/crd-applicationset.yaml (99%) rename charts/argo-cd/{ => templates}/crds/crd-extension.yaml (94%) rename charts/argo-cd/{ => templates}/crds/crd-project.yaml (98%) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 1ede7931..88fcf2df 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -1,7 +1,7 @@ ## Reference: https://github.com/helm/chart-testing-action name: Linting and Testing on: pull_request -jobs: +jobs: chart-test: runs-on: ubuntu-latest steps: @@ -37,7 +37,7 @@ jobs: fi - name: Run chart-testing (lint) run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml - + - name: Run docs-testing (helm-docs) id: helm-docs run: | @@ -60,7 +60,7 @@ jobs: if: | contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') run: | - kubectl apply -f charts/argo-cd/crds + kubectl apply -f charts/argo-cd/templates/crds - name: Skip HPA tests of ArgoCD if: contains(steps.list-changed.outputs.changed_charts, 'argo-cd') diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0eb2ebe4..21704899 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.1.0 +version: 5.2.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to customize HPAs spec.behavior field" + - "[Changed]: manage CRD by Helm" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 17abd65f..885529d5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -81,15 +81,17 @@ cd argo-cd git diff v1.8.7 v2.0.0 -- manifests/install.yaml ``` -Changes in the `CustomResourceDefinition` resources shall be fixed easily by copying 1:1 from the [`manifests/crds` folder](https://github.com/argoproj/argo-cd/tree/master/manifests/crds) into this [`charts/argo-cd/crds` folder](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd/crds). +Changes in the `CustomResourceDefinition` resources shall be fixed easily by copying 1:1 from the [`manifests/crds` folder](https://github.com/argoproj/argo-cd/tree/master/manifests/crds) into this [`charts/argo-cd/templates/crds` folder](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd/templates/crds). ## Upgrading ### Custom resource definitions +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. + Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). -Please use `kubectl` to upgrade CRDs manually from [crds](crds/) folder or via the manifests from the upstream project repo: +Please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: ```bash kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" @@ -98,6 +100,23 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" @@ -98,6 +100,23 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref= Date: Thu, 25 Aug 2022 18:07:46 +0900 Subject: [PATCH 0338/1248] feat(argo-cd): update redis-ha (#1421) Signed-off-by: yu-croco --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 02e8942b..086d554c 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.17.1 -digest: sha256:eecc8c4bee9af2f12aa6c7e6d0d76c87a8c0b06aa3f2af8405578c4725a5f501 -generated: "2022-06-29T14:57:19.381444853+02:00" + version: 4.20.0 +digest: sha256:d9ae15e83874338ffde67b9c37c5afd9ef3f2ec9f92e61e6bf132d33e458fbbf +generated: "2022-08-25T13:17:50.919151+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 21704899..f003c457 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.2.0 +version: 5.2.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -16,9 +16,9 @@ maintainers: - name: seanson dependencies: - name: redis-ha - version: 4.17.1 + version: 4.20.0 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: manage CRD by Helm" + - "[Changed]: Update redis-ha" From 393078862838bb9af99eb8e92a82b449f57305fa Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 25 Aug 2022 12:12:51 +0200 Subject: [PATCH 0339/1248] chore(argo-cd): Move notification configs (#1419) * Move notification configs to config dir Signed-off-by: Petr Drastil * Use expected names for notification configs Signed-off-by: Petr Drastil * Fix notification role Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 +++-- charts/argo-cd/README.md | 2 -- charts/argo-cd/templates/_helpers.tpl | 22 ------------------- ...regate-roles.yaml => aggregate-roles.yaml} | 0 .../argocd-notifications-cm.yaml} | 2 +- .../argocd-notifications-secret.yaml} | 4 ++-- .../argocd-notifications/deployment.yaml | 2 -- .../templates/argocd-notifications/role.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 ------- 9 files changed, 8 insertions(+), 41 deletions(-) rename charts/argo-cd/templates/{argocd-aggregate-roles.yaml => aggregate-roles.yaml} (100%) rename charts/argo-cd/templates/{argocd-notifications/configmap.yaml => argocd-configs/argocd-notifications-cm.yaml} (93%) rename charts/argo-cd/templates/{argocd-notifications/secret.yaml => argocd-configs/argocd-notifications-secret.yaml} (86%) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f003c457..19db25b3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.2.1 +version: 5.2.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update redis-ha" + - "[Changed]: Move notification configs to config folder" + - "[Changed]: Use default names for notification configs" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 885529d5..4867815f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -927,7 +927,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.bots.slack.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | | notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | -| notifications.cm.name | string | `""` | The name of the config map to use. | | notifications.containerSecurityContext | object | `{}` | Container Security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.enabled | bool | `true` | Enable Notifications controller | @@ -960,7 +959,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | -| notifications.secret.name | string | `""` | The name of the secret to use. | | notifications.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index cf761118..bfd0d41c 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -264,28 +264,6 @@ Return the default Argo CD app version {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} -{{/* -Create the name of the notifications controller secret to use -*/}} -{{- define "argo-cd.notifications.secretName" -}} -{{- if .Values.notifications.secret.create -}} - {{ default (printf "%s-secret" (include "argo-cd.notifications.fullname" .)) .Values.notifications.secret.name }} -{{- else -}} - {{ default "argocd-notifications-secret" .Values.notifications.secret.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the configmap to use -*/}} -{{- define "argo-cd.notifications.configMapName" -}} -{{- if .Values.notifications.cm.create -}} - {{ default (printf "%s-cm" (include "argo-cd.notifications.fullname" .)) .Values.notifications.cm.name }} -{{- else -}} - {{ default "argocd-notifications-cm" .Values.notifications.cm.name }} -{{- end -}} -{{- end -}} - {{- define "argo-cd.redisPasswordEnv" -}} {{- if or .Values.externalRedis.password .Values.externalRedis.existingSecret }} - name: REDIS_PASSWORD diff --git a/charts/argo-cd/templates/argocd-aggregate-roles.yaml b/charts/argo-cd/templates/aggregate-roles.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-aggregate-roles.yaml rename to charts/argo-cd/templates/aggregate-roles.yaml diff --git a/charts/argo-cd/templates/argocd-notifications/configmap.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml similarity index 93% rename from charts/argo-cd/templates/argocd-notifications/configmap.yaml rename to charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml index df1c9a6c..e3a1daba 100644 --- a/charts/argo-cd/templates/argocd-notifications/configmap.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "argo-cd.notifications.configMapName" . }} + name: argocd-notifications-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/argocd-notifications/secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml similarity index 86% rename from charts/argo-cd/templates/argocd-notifications/secret.yaml rename to charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index 342bf79f..9598ee02 100644 --- a/charts/argo-cd/templates/argocd-notifications/secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "argo-cd.notifications.secretName" . }} + name: argocd-notifications-secret labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- if .Values.notifications.secret.annotations }} @@ -14,6 +14,6 @@ metadata: type: Opaque stringData: {{- with .Values.notifications.secret.items }} - {{ toYaml . | nindent 2 }} + {{- toYaml . | nindent 2 }} {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index e1a88ca6..acc1c6e9 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -48,8 +48,6 @@ spec: {{- end }} - --namespace={{ .Release.Namespace }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - - --secret-name={{ include "argo-cd.notifications.secretName" . }} - - --config-map-name={{ include "argo-cd.notifications.configMapName" . }} {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/role.yaml b/charts/argo-cd/templates/argocd-notifications/role.yaml index 545ff327..52df9ad1 100644 --- a/charts/argo-cd/templates/argocd-notifications/role.yaml +++ b/charts/argo-cd/templates/argocd-notifications/role.yaml @@ -28,7 +28,7 @@ rules: - apiGroups: - "" resourceNames: - - {{ include "argo-cd.notifications.configMapName" . }} + - argocd-notifications-cm resources: - configmaps verbs: @@ -36,7 +36,7 @@ rules: - apiGroups: - "" resourceNames: - - {{ include "argo-cd.notifications.secretName" . }} + - argocd-notifications-secret resources: - secrets verbs: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9b460fff..d865ada3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2174,10 +2174,6 @@ notifications: # -- key:value pairs of annotations to be added to the secret annotations: {} - # -- The name of the secret to use. - ## If not set and create is true, the default name 'argocd-notifications-secret' is used - name: "" - # -- Generic key:value pairs to be inserted into the secret ## Can be used for templates, notification services etc. Some examples given below. ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ @@ -2287,10 +2283,6 @@ notifications: # -- Whether helm chart creates controller config map create: true - # -- The name of the config map to use. - ## If not set and create is true, the default name 'argocd-notifications-cm' is used - name: "" - # -- Contains centrally managed global application subscriptions ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ subscriptions: [] From 31e015699298ee038d48d9f94278c81721e9c1f0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 25 Aug 2022 12:41:43 +0200 Subject: [PATCH 0340/1248] feat(argo-cd): Add global logging options (#1422) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 20 +++++---- .../statefulset.yaml | 4 +- .../argocd-applicationset/deployment.yaml | 4 ++ .../argocd-notifications/deployment.yaml | 4 +- .../argocd-repo-server/deployment.yaml | 4 +- .../templates/argocd-server/deployment.yaml | 4 +- charts/argo-cd/values.yaml | 45 +++++++++++++------ 8 files changed, 59 insertions(+), 32 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 19db25b3..97846d1f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.2.2 +version: 5.3.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Move notification configs to config folder" - - "[Changed]: Use default names for notification configs" + - "[Added]: Global configuration for logging" + - "[Added]: ApplicationSet configuration for logging" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4867815f..afdef972 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -336,6 +336,8 @@ NAME: my-release | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | | global.image.tag | string | `""` | Overrides the global Argo CD image tag whose default is the chart appVersion | | global.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository | +| global.logging.format | string | `"text"` | Set the global logging format. Either: `text` or `json` | +| global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` | | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | | global.podAnnotations | object | `{}` | Annotations for the all deployed pods | @@ -402,8 +404,8 @@ NAME: my-release | controller.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | controller.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | controller.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| controller.logFormat | string | `"text"` | Application controller log format. Either `text` or `json` | -| controller.logLevel | string | `"info"` | Application controller log level | +| controller.logFormat | string | `""` (defaults to global.logging.format) | Application controller log format. Either `text` or `json` | +| controller.logLevel | string | `""` (defaults to global.logging.level) | Application controller log level. One of: `debug`, `info`, `warn` or `error` | | controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | | controller.metrics.applicationLabels.labels | list | `[]` | Additional labels | | controller.metrics.enabled | bool | `false` | Deploy metrics service | @@ -481,8 +483,8 @@ NAME: my-release | repoServer.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | repoServer.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | repoServer.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| repoServer.logFormat | string | `"text"` | Repo server log format: Either `text` or `json` | -| repoServer.logLevel | string | `"info"` | Repo server log level | +| repoServer.logFormat | string | `""` (defaults to global.logging.level) | Repo server log format: Either `text` or `json` | +| repoServer.logLevel | string | `""` (defaults to global.logging.format) | Repo server log level. One of: `debug`, `info`, `warn` or `error` | | repoServer.metrics.enabled | bool | `false` | Deploy metrics service | | repoServer.metrics.service.annotations | object | `{}` | Metrics service annotations | | repoServer.metrics.service.labels | object | `{}` | Metrics service labels | @@ -602,8 +604,8 @@ NAME: my-release | server.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | server.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| server.logFormat | string | `"text"` | Argo CD server log format: Either `text` or `json` | -| server.logLevel | string | `"info"` | Argo CD server log level | +| server.logFormat | string | `""` (defaults to global.logging.format) | Argo CD server log format: Either `text` or `json` | +| server.logLevel | string | `""` (defaults to global.logging.level) | Argo CD server log level. One of: `debug`, `info`, `warn` or `error` | | server.metrics.enabled | bool | `false` | Deploy metrics service | | server.metrics.service.annotations | object | `{}` | Metrics service annotations | | server.metrics.service.labels | object | `{}` | Metrics service labels | @@ -861,6 +863,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application set controller | | applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application set controller | | applicationSet.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.logFormat | string | `""` (defaults to global.logging.format) | ApplicationSet controller log format. Either `text` or `json` | +| applicationSet.logLevel | string | `""` (defaults to global.logging.level) | ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | @@ -938,8 +942,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | -| notifications.logFormat | string | `"text"` | Application controller log format. Either `text` or `json` | -| notifications.logLevel | string | `"info"` | Set the logging level. (One of: `debug`, `info`, `warn`, `error`) | +| notifications.logFormat | string | `""` (defaults to global.logging.format) | Application controller log format. Either `text` or `json` | +| notifications.logLevel | string | `""` (defaults to global.logging.level) | Application controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | | notifications.metrics.port | int | `9001` | Metrics port | | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 0cf277d1..eccc9b5b 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -51,9 +51,9 @@ spec: - --repo-server-timeout-seconds - {{ .Values.controller.args.repoServerTimeoutSeconds | quote }} - --logformat - - {{ .Values.controller.logFormat }} + - {{ default .Values.global.logging.format .Values.controller.logFormat }} - --loglevel - - {{ .Values.controller.logLevel }} + - {{ default .Values.global.logging.level .Values.controller.logLevel }} {{- if .Values.controller.metrics.applicationLabels.enabled }} {{- range .Values.controller.metrics.applicationLabels.labels }} - --metrics-application-labels diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 5277a559..fbbeff87 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -40,6 +40,10 @@ spec: command: - entrypoint.sh - argocd-applicationset-controller + - --logformat + - {{ default .Values.global.logging.format .Values.applicationSet.logFormat }} + - --loglevel + - {{ default .Values.global.logging.level .Values.applicationSet.logLevel }} - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} {{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index acc1c6e9..8accaed8 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -41,8 +41,8 @@ spec: {{- toYaml .Values.notifications.resources | nindent 12 }} command: - argocd-notifications - - --loglevel={{ .Values.notifications.logLevel }} - - --logformat={{ .Values.notifications.logFormat }} + - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} + - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} {{- if .Values.notifications.metrics.enabled }} - --metrics-port={{ .Values.notifications.metrics.port }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index be556894..682a68c1 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -52,9 +52,9 @@ spec: - {{ .Values.externalRedis.host }}:{{ .Values.externalRedis.port }} {{- end }} - --logformat - - {{ .Values.repoServer.logFormat }} + - {{ default .Values.global.logging.format .Values.repoServer.logFormat }} - --loglevel - - {{ .Values.repoServer.logLevel }} + - {{ default .Values.global.logging.level .Values.repoServer.logLevel }} {{- with .Values.repoServer.extraArgs }} {{- . | toYaml | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index f051a3ba..713f8de2 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -53,9 +53,9 @@ spec: - http://{{ template "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }} {{- end }} - --logformat - - {{ .Values.server.logFormat }} + - {{default .Values.global.logging.format .Values.server.logFormat }} - --loglevel - - {{ .Values.server.logLevel }} + - {{ default .Values.global.logging.level .Values.server.logLevel }} {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d865ada3..3d64ec3c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -26,6 +26,11 @@ global: tag: "" # -- If defined, a imagePullPolicy applied to all Argo CD deployments imagePullPolicy: IfNotPresent + logging: + # -- Set the global logging format. Either: `text` or `json` + format: text + # -- Set the global logging level. One of: `debug`, `info`, `warn` or `error` + level: info # -- Annotations for the all deployed pods podAnnotations: {} # -- Labels for the all deployed pods @@ -131,9 +136,11 @@ controller: repoServerTimeoutSeconds: "60" # -- Application controller log format. Either `text` or `json` - logFormat: text - # -- Application controller log level - logLevel: info + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Application controller log level. One of: `debug`, `info`, `warn` or `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" # -- Additional command line arguments to pass to application controller extraArgs: [] @@ -909,9 +916,11 @@ server: lifecycle: {} # -- Argo CD server log format: Either `text` or `json` - logFormat: text - # -- Argo CD server log level - logLevel: info + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Argo CD server log level. One of: `debug`, `info`, `warn` or `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" # -- Annotations to be added to server pods podAnnotations: {} @@ -1486,9 +1495,11 @@ repoServer: # name: secret-name # -- Repo server log format: Either `text` or `json` - logFormat: text - # -- Repo server log level - logLevel: info + # @default -- `""` (defaults to global.logging.level) + logFormat: "" + # -- Repo server log level. One of: `debug`, `info`, `warn` or `error` + # @default -- `""` (defaults to global.logging.format) + logLevel: "" # -- Annotations to be added to repo server pods podAnnotations: {} @@ -1950,6 +1961,13 @@ applicationSet: # -- Enable dry run mode dryRun: false + # -- ApplicationSet controller log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + # -- Additional containers to be added to the applicationset controller pod extraContainers: [] @@ -2067,7 +2085,6 @@ applicationSet: # -- List of extra cli args to add extraArgs: [] - # - --loglevel=warn # -- Environment variables to pass to the controller extraEnv: [] @@ -2190,10 +2207,12 @@ notifications: # email-password: # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ - # -- Set the logging level. (One of: `debug`, `info`, `warn`, `error`) - logLevel: info # -- Application controller log format. Either `text` or `json` - logFormat: text + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Application controller log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" # -- Extra arguments to provide to the controller extraArgs: [] From 4e9663c74742dd711c3371302f05251bc795e136 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 25 Aug 2022 13:35:17 +0200 Subject: [PATCH 0341/1248] feat(argo-cd): Set ARGOCD_CONTROLLER_REPLICAS automatically (#1413) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 +- charts/argo-cd/README.md | 2 +- charts/argo-cd/templates/_helpers.tpl | 10 +-- .../statefulset.yaml | 64 ++++++++++--------- charts/argo-cd/values.yaml | 7 +- 5 files changed, 41 insertions(+), 47 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 97846d1f..e3f0acf7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.3.0 +version: 5.3.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Global configuration for logging" - - "[Added]: ApplicationSet configuration for logging" + - "[Changed]: Env variable ARGOCD_CONTROLLER_REPLICAS is now automatically set by replica count" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index afdef972..d12ce196 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -437,7 +437,7 @@ NAME: my-release | controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | controller.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | controller.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| controller.replicas | int | `1` | The number of application controller pods to run. If changing the number of replicas you must pass the number as `ARGOCD_CONTROLLER_REPLICAS` as an environment variable | +| controller.replicas | int | `1` | The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. | | controller.resources | object | `{}` | Resource limits and requests for the application controller pods | | controller.service.annotations | object | `{}` | Application controller service annotations | | controller.service.labels | object | `{}` | Application controller service labels | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index bfd0d41c..d34dc0bd 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -265,17 +265,13 @@ Return the default Argo CD app version {{- end -}} {{- define "argo-cd.redisPasswordEnv" -}} - {{- if or .Values.externalRedis.password .Values.externalRedis.existingSecret }} +{{- if or .Values.externalRedis.password .Values.externalRedis.existingSecret -}} - name: REDIS_PASSWORD valueFrom: secretKeyRef: - {{- if .Values.externalRedis.existingSecret }} - name: {{ .Values.externalRedis.existingSecret }} - {{- else }} - name: {{ template "argo-cd.redis.fullname" . }} - {{- end }} + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} key: redis-password - {{- end }} +{{- end -}} {{- end -}} {{/* diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index eccc9b5b..e5442d0f 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -68,23 +68,25 @@ spec: - {{ .Values.externalRedis.host }}:{{ .Values.externalRedis.port }} {{- end }} {{- with .Values.controller.extraArgs }} - {{- . | toYaml | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} name: {{ .Values.controller.name }} - {{- if .Values.controller.containerSecurityContext }} - securityContext: {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }} + {{- with .Values.controller.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} {{- end }} - {{- if or .Values.controller.env .Values.externalRedis.password .Values.externalRedis.existingSecret }} env: - {{- include "argo-cd.redisPasswordEnv" . | nindent 8 }} {{- with .Values.controller.env }} - {{- toYaml . | nindent 8 }} + {{- toYaml . | nindent 10 }} {{- end }} - {{- end }} + - name: ARGOCD_CONTROLLER_REPLICAS + value: {{ .Values.controller.replicas | quote }} + {{- include "argo-cd.redisPasswordEnv" . | nindent 10 }} {{- with .Values.controller.envFrom }} - envFrom: {{- toYaml . | nindent 8 }} + envFrom: + {{- toYaml . | nindent 10 }} {{- end }} ports: - name: controller @@ -121,29 +123,29 @@ spec: {{- with .Values.controller.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} - {{- if .Values.controller.nodeSelector }} + {{- with .Values.controller.nodeSelector }} nodeSelector: -{{- toYaml .Values.controller.nodeSelector | nindent 8 }} - {{- end }} - {{- if .Values.controller.tolerations }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.tolerations }} tolerations: -{{- toYaml .Values.controller.tolerations | nindent 8 }} - {{- end }} - {{- if .Values.controller.affinity }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.affinity }} affinity: -{{- toYaml .Values.controller.affinity | nindent 8 }} - {{- end }} - {{- with .Values.controller.topologySpreadConstraints }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.topologySpreadConstraints }} topologySpreadConstraints: - {{- range $constraint := . }} - - {{ toYaml $constraint | nindent 8 | trim }} - {{- if not $constraint.labelSelector }} - labelSelector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.controller.name) | nindent 12 }} + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.controller.name) | nindent 12 }} + {{- end }} {{- end }} {{- end }} - {{- end }} serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }} {{- with .Values.global.hostAliases }} hostAliases: @@ -164,12 +166,12 @@ spec: optional: true secretName: argocd-repo-server-tls {{- with .Values.controller.volumes }} - {{- toYaml . | nindent 6 }} + {{- toYaml . | nindent 6 }} {{- end }} - {{- if .Values.controller.initContainers }} + {{- with .Values.controller.initContainers }} initContainers: - {{- toYaml .Values.controller.initContainers | nindent 6 }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.controller.priorityClassName }} + priorityClassName: {{ . }} {{- end }} -{{- if .Values.controller.priorityClassName }} - priorityClassName: {{ .Values.controller.priorityClassName }} -{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3d64ec3c..e69bbb19 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -119,7 +119,7 @@ controller: imagePullPolicy: "" # -- The number of application controller pods to run. - # If changing the number of replicas you must pass the number as `ARGOCD_CONTROLLER_REPLICAS` as an environment variable + # Additional replicas will cause sharding of managed clusters across number of replicas. replicas: 1 ## Application controller commandline flags @@ -146,10 +146,7 @@ controller: extraArgs: [] # -- Environment variables to pass to application controller - env: - [] - # - name: "ARGOCD_CONTROLLER_REPLICAS" - # value: "" + env: [] # -- envFrom to pass to application controller # @default -- `[]` (See [values.yaml]) From b4d2be51bcc524dd2f44a471a4e949a90a9fb502 Mon Sep 17 00:00:00 2001 From: Alexandre Gaudreault Date: Thu, 25 Aug 2022 17:39:04 -0400 Subject: [PATCH 0342/1248] fix(argo-cd): invalid yaml with topologySpreadConstraints (#1423) * fix(argo-cd): invalid yaml with topologySpreadConstraints Signed-off-by: Alexandre Gaudreault * add missing end * Update Chart.yaml * Apply changes from code review Signed-off-by: Marco Kilchhofer Signed-off-by: Alexandre Gaudreault Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/statefulset.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e3f0acf7..3653c15e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.3.1 +version: 5.3.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Env variable ARGOCD_CONTROLLER_REPLICAS is now automatically set by replica count" + - "[Fixed]: Invalid yaml for controller topologySpreadConstraints" diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index e5442d0f..12379771 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -138,11 +138,11 @@ spec: {{- with .Values.controller.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - - {{ toYaml $constraint | nindent 8 | trim }} + - {{ toYaml $constraint | nindent 8 | trim }} {{- if not $constraint.labelSelector }} - labelSelector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.controller.name) | nindent 12 }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.controller.name) | nindent 12 }} {{- end }} {{- end }} {{- end }} From 9920ecdb6e2126b41cc6b53c0bf41570e720e389 Mon Sep 17 00:00:00 2001 From: Jan Fuhrer Date: Fri, 26 Aug 2022 00:09:20 +0200 Subject: [PATCH 0343/1248] fix(argo-cd): Removal of duplicate mapping key annotations in crds (#1424) Signed-off-by: Jan Fuhrer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/crds/crd-applicationset.yaml | 3 +-- charts/argo-cd/templates/crds/crd-extension.yaml | 3 +-- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3653c15e..d8a0dcd9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.3.2 +version: 5.3.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Invalid yaml for controller topologySpreadConstraints" + - "[Fixed]: Removal of duplicate mapping key annotations in crds" diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index b1f8ef0f..2a6c56ec 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -9,11 +9,10 @@ metadata: {{- with .Values.crds.annotations }} {{- toYaml . | nindent 4 }} {{- end }} + controller-gen.kubebuilder.io/version: v0.3.0 labels: app.kubernetes.io/name: applicationsets.argoproj.io app.kubernetes.io/part-of: argocd - annotations: - controller-gen.kubebuilder.io/version: v0.3.0 name: applicationsets.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-extension.yaml b/charts/argo-cd/templates/crds/crd-extension.yaml index 89ac0ced..4105cbe7 100644 --- a/charts/argo-cd/templates/crds/crd-extension.yaml +++ b/charts/argo-cd/templates/crds/crd-extension.yaml @@ -9,11 +9,10 @@ metadata: {{- with .Values.crds.annotations }} {{- toYaml . | nindent 4 }} {{- end }} + controller-gen.kubebuilder.io/version: v0.4.1 labels: app.kubernetes.io/name: argocdextensions.argoproj.io app.kubernetes.io/part-of: argocd - annotations: - controller-gen.kubebuilder.io/version: v0.4.1 name: argocdextensions.argoproj.io spec: group: argoproj.io From 8ba4e4273160f49314c9970c449407f87fe4864d Mon Sep 17 00:00:00 2001 From: JM Date: Fri, 26 Aug 2022 04:02:57 -0500 Subject: [PATCH 0344/1248] chore(maintainers): Change helm chart maintainers to argoproj (#1426) Standardize helm chart maintainer to be ```yaml maintainers: - name: argoproj url: https://argoproj.github.io/ ``` We'll use CODEOWNERS to notify individual maintainers about PRs to the helm charts and will be our source-of-truth for that information Signed-off-by: jmeridth --- charts/argo-cd/Chart.yaml | 10 ++++------ charts/argo-events/Chart.yaml | 9 ++++----- charts/argo-rollouts/Chart.yaml | 11 +++++------ charts/argo-rollouts/README.md | 2 +- charts/argo-workflows/Chart.yaml | 12 +++++------- 5 files changed, 19 insertions(+), 25 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d8a0dcd9..c4bf087a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.3.3 +version: 5.3.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -10,10 +10,8 @@ keywords: - argocd - gitops maintainers: - - name: alexec - - name: alexmt - - name: jessesuen - - name: seanson + - name: argoproj + url: https://argoproj.github.io/ dependencies: - name: redis-ha version: 4.20.0 @@ -21,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Removal of duplicate mapping key annotations in crds" + - "[Changed]: Helm chart maintainers standardized to argoproj" diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 4ebfea81..7ab05ad6 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.3 +version: 2.0.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -11,9 +11,8 @@ keywords: sources: - https://github.com/argoproj/argo-events maintainers: - - name: pdrastil - - name: VaibhavPage - - name: whynowy + - name: argoproj + url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Fixed selectorLabel of ServiceMonitor that doesn't match metrics Service" + - "[Changed]: Helm chart maintainers standardized to argoproj" diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 94fc2692..7356a0cf 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,14 +1,13 @@ apiVersion: v2 -appVersion: "v1.2.0" +appVersion: "v1.2.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.19.0 +version: 2.19.2 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: - - name: alexmt - - name: dthomson25 - - name: jessesuen + - name: argoproj + url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: flags to disable the creation of ClusterRoles/ClusterRoleBindings when run in cluster mode " + - "[Changed]: Helm chart maintainers standardized to argoproj" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 5aecd11b..45807654 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -175,4 +175,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.19.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.19.2/charts/argo-rollouts/values.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6e3474f4..b2ea7525 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,18 +1,16 @@ apiVersion: v2 +appVersion: v3.3.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.17.0 -appVersion: v3.3.9 +version: 0.17.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: - https://github.com/argoproj/argo-workflows maintainers: - - name: alexec - - name: alexmt - - name: jessesuen - - name: benjaminws + - name: argoproj + url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Changed default .Values.artifactRepository.s3.insecure to false for security" + - "[Changed]: Helm chart maintainers standardized to argoproj" From eca9f91df49ef32742775a64bbe271c5a3655439 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 26 Aug 2022 15:37:42 +0200 Subject: [PATCH 0345/1248] chore(argo-cd): Upgrade redis-ha chart (#1429) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 086d554c..c287d556 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.20.0 -digest: sha256:d9ae15e83874338ffde67b9c37c5afd9ef3f2ec9f92e61e6bf132d33e458fbbf -generated: "2022-08-25T13:17:50.919151+09:00" + version: 4.22.1 +digest: sha256:d9dbffa70c257bb916439103f1df6bb83a034372d3cb0ca57a853c57a4618232 +generated: "2022-08-26T15:08:50.062721+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c4bf087a..24261445 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.3.4 +version: 5.3.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,9 +14,9 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.20.0 + version: 4.22.1 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Helm chart maintainers standardized to argoproj" + - "[Changed]: Upgrade Redis HA to 4.22.1 From dd4fdef4ee7909333d61b2b6b42113b57349ff8b Mon Sep 17 00:00:00 2001 From: JM Date: Fri, 26 Aug 2022 11:15:34 -0500 Subject: [PATCH 0346/1248] feat(argo-cd) Add appHardResyncPeriod option for controller (#1320) Base on this PR upstream https://github.com/argoproj/argo-cd/pull/8928 we can now provide a hard resync value to the ArgoCD Application Controller Signed-off-by: JM Signed-off-by: JM --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + .../templates/argocd-application-controller/statefulset.yaml | 2 ++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 24261445..13946b16 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.3.5 +version: 5.3.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Redis HA to 4.22.1 + - "[Added]: Add appHardResyncPeriod option for application controller" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d12ce196..3e66621f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -380,6 +380,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| controller.args.appHardResyncPeriod | string | `"0"` | define the application controller `--app-hard-resync` | | controller.args.appResyncPeriod | string | `"180"` | define the application controller `--app-resync` | | controller.args.operationProcessors | string | `"10"` | define the application controller `--operation-processors` | | controller.args.repoServerTimeoutSeconds | string | `"60"` | define the application controller `--repo-server-timeout-seconds` | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 12379771..7c15b843 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -44,6 +44,8 @@ spec: - {{ .Values.controller.args.operationProcessors | quote }} - --app-resync - {{ .Values.controller.args.appResyncPeriod | quote }} + - --app-hard-resync + - {{ .Values.controller.args.appHardResyncPeriod | quote }} - --self-heal-timeout-seconds - {{ .Values.controller.args.selfHealTimeout | quote }} - --repo-server diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e69bbb19..f4cb3e44 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -128,6 +128,8 @@ controller: statusProcessors: "20" # -- define the application controller `--operation-processors` operationProcessors: "10" + # -- define the application controller `--app-hard-resync` + appHardResyncPeriod: "0" # -- define the application controller `--app-resync` appResyncPeriod: "180" # -- define the application controller `--self-heal-timeout-seconds` From 19b1c138e138d462d9b15148ebe8ebf91f7014b9 Mon Sep 17 00:00:00 2001 From: Luke Date: Fri, 26 Aug 2022 10:40:01 -0600 Subject: [PATCH 0347/1248] feat(argo-rollouts): Add initContainers to controller pod, allow secrets to be manipulated (#1410) * Add initContainers to controller pod, allow secrets to be manipulated Signed-off-by: lukepatrick * bump Signed-off-by: lukepatrick * linting Signed-off-by: lukepatrick * Update charts/argo-rollouts/templates/controller/deployment.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: lukepatrick Signed-off-by: lukepatrick Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 ++- .../argo-rollouts/templates/controller/clusterrole.yaml | 5 ++++- .../argo-rollouts/templates/controller/deployment.yaml | 4 ++++ charts/argo-rollouts/templates/controller/role.yaml | 5 ++++- charts/argo-rollouts/values.yaml | 9 +++++++++ 6 files changed, 25 insertions(+), 5 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 7356a0cf..320bad6a 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.2.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.19.2 +version: 2.20.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -10,4 +10,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Helm chart maintainers standardized to argoproj" + - "[Added]: initContainer option to controller pod, updated secrets roles" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 45807654..d0881293 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -71,6 +71,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.image.registry | string | `"quay.io"` | Registry to use | | controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | +| controller.initContainers | list | `[]` | Init containers to add to the rollouts controller pod | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | @@ -175,4 +176,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.19.2/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.20.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 4db2e81d..b8fdf475 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -89,7 +89,7 @@ rules: - create - get - update -# secret read access to run analysis templates which reference secrets +# secret access to run analysis templates which reference secrets, allow init containers to manipulate secrets - apiGroups: - "" resources: @@ -99,6 +99,9 @@ rules: - get - list - watch + - create + - patch + - update # pod list/update needed for updating ephemeral data - apiGroups: - "" diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 223d13f0..d06c0c92 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -65,6 +65,10 @@ spec: {{- with .Values.controller.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.initContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} {{- if .Values.controller.nodeSelector }} nodeSelector: {{- toYaml .Values.controller.nodeSelector | nindent 8 }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 23794c34..81ce8542 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -66,7 +66,7 @@ rules: - list - watch - patch -# secret read access to run analysis templates which reference secrets +# secret access to run analysis templates which reference secrets # configmap access to read notification-engine configuration - apiGroups: - "" @@ -77,6 +77,9 @@ rules: - get - list - watch + - create + - patch + - update # pod list/update needed for updating ephemeral data - apiGroups: - "" diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index ae24b660..f74ed7a1 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -74,6 +74,15 @@ controller: ## This will be rendered as the literal yaml extraContainers: [] + # -- Init containers to add to the rollouts controller pod + ## This will be rendered as the literal yaml + initContainers: [] + # - name: download-tools + # image: alpine:3.8 + # command: [sh, -c] + # args: + # - ls + # -- Resource limits and requests for the controller pods. resources: {} # limits: From 71da4e98f26a222e664269fac55dde5c374915d5 Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Tue, 30 Aug 2022 17:30:29 +0200 Subject: [PATCH 0348/1248] fix(argo-cd): Remove version labels to avoid invalid characters (#1432) --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-application-controller/statefulset.yaml | 2 -- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 -- charts/argo-cd/templates/argocd-notifications/deployment.yaml | 2 -- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 -- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 -- charts/argo-cd/templates/dex/deployment.yaml | 2 -- charts/argo-cd/templates/redis/deployment.yaml | 2 -- 8 files changed, 2 insertions(+), 16 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 13946b16..ef7f80cc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.3.6 +version: 5.4.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add appHardResyncPeriod option for application controller" + - "[Changed]: Remove version labels to avoid invalid characters" diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 7c15b843..bde0bfed 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -5,7 +5,6 @@ metadata: name: {{ template "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -23,7 +22,6 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.controller.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index fbbeff87..93fa1e34 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -5,7 +5,6 @@ metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | trunc 63 | quote }} spec: replicas: {{ .Values.applicationSet.replicaCount }} selector: @@ -21,7 +20,6 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 8accaed8..4b4ac1e0 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -5,7 +5,6 @@ metadata: name: {{ template "argo-cd.notifications.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | trunc 63 | quote }} spec: strategy: {{- .Values.notifications.updateStrategy | toYaml | nindent 4 }} @@ -22,7 +21,6 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.notifications.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 682a68c1..325353f0 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -5,7 +5,6 @@ metadata: name: {{ template "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -24,7 +23,6 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.repoServer.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 713f8de2..b2ca6af0 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -5,7 +5,6 @@ metadata: name: {{ template "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -24,7 +23,6 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.server.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 7aa13051..3861ee3f 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -5,7 +5,6 @@ metadata: name: {{ template "argo-cd.dex.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} - app.kubernetes.io/version: {{ .Values.dex.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -20,7 +19,6 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 8 }} - app.kubernetes.io/version: {{ .Values.dex.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.dex.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 0ce76349..066146cf 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -6,7 +6,6 @@ metadata: name: {{ template "argo-cd.redis.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} - app.kubernetes.io/version: {{ .Values.redis.image.tag | trunc 63 | quote }} spec: selector: matchLabels: @@ -21,7 +20,6 @@ spec: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 8 }} - app.kubernetes.io/version: {{ .Values.redis.image.tag | trunc 63 | quote }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.redis.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} From 0bac122e98df6d0c1fe0e500045c95effab3c48a Mon Sep 17 00:00:00 2001 From: Marco Date: Sun, 4 Sep 2022 10:48:13 +0200 Subject: [PATCH 0349/1248] fix(argo-cd): Add automountServiceAccountToken to repoServer (#1436) Signed-off-by: Marco Lecheler --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ef7f80cc..9962ad77 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.4.0 +version: 5.4.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Remove version labels to avoid invalid characters" + - "[Fixed]: Template existing value automountServiceAccountToken into repo-server" diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 325353f0..bf0f35a7 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -31,6 +31,7 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} {{- if .Values.global.securityContext }} securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} {{- end }} From db0957d3cbae617b72995ee3db8790081f2095ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Kalemba?= <5924586+pkalemba@users.noreply.github.com> Date: Tue, 6 Sep 2022 12:13:28 +0200 Subject: [PATCH 0350/1248] feat(argo-cd): Add priorityClassName to notifications (#1439) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Allow to set up a priorityClassName for notifications controller Pods Signed-off-by: Paweł Kalemba Signed-off-by: Paweł Kalemba --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-notifications/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9962ad77..174c0f5e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.4.1 +version: 5.4.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Template existing value automountServiceAccountToken into repo-server" + - "[Added]: Add priorityClassName to notifications controller" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3e66621f..c2a8169c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -960,6 +960,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods | +| notifications.priorityClassName | string | `""` | Priority class for the controller pods | | notifications.resources | object | `{}` | Resource limits and requests for the controller | | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates controller secret | diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 4b4ac1e0..cfbb54f7 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -100,4 +100,7 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.notifications.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f4cb3e44..a0ec0150 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2277,6 +2277,9 @@ notifications: # -- Container Security Context containerSecurityContext: {} + # -- Priority class for the controller pods + priorityClassName: "" + # -- Resource limits and requests for the controller resources: {} # limits: From a6a2d1b1db72c0f8805678db8e410324c8afb772 Mon Sep 17 00:00:00 2001 From: Marc Brugger Date: Thu, 8 Sep 2022 18:59:42 +0200 Subject: [PATCH 0351/1248] Handle additional initContainers correctly in the dex deployment (#1442) Signed-off-by: bakito --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 7 +++---- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 174c0f5e..30c47953 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.11 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.4.2 +version: 5.4.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add priorityClassName to notifications controller" + - "[Fixed]: Additional initContainers are handled correctly in the dex deployment" diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 3861ee3f..6ce4a36d 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -47,6 +47,9 @@ spec: volumeMounts: - mountPath: /shared name: static-files + {{- if .Values.dex.initContainers }} + {{- toYaml .Values.dex.initContainers | nindent 6 }} + {{- end }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -146,10 +149,6 @@ spec: {{- if .Values.dex.extraVolumes }} {{- toYaml .Values.dex.extraVolumes | nindent 6 }} {{- end }} - {{- if .Values.dex.initContainers }} - initContainers: - {{- toYaml .Values.dex.initContainers | nindent 6 }} - {{- end }} {{- if .Values.dex.priorityClassName }} priorityClassName: {{ .Values.dex.priorityClassName }} {{- end }} From 5c6dcc681277108ef4780cf1d0204bbbdf4ff503 Mon Sep 17 00:00:00 2001 From: TomHellier Date: Fri, 16 Sep 2022 09:58:22 +0100 Subject: [PATCH 0352/1248] feat(argo-cd): Upgrade argocd to v2.4.12 (#1457) Signed-off-by: Tom Hellier Signed-off-by: Tom Hellier --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 30c47953..f5dc3ad9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.11 +appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.4.3 +version: 5.4.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Additional initContainers are handled correctly in the dex deployment" + - "[Changed]: Update to app version 2.4.12" From 2a9e3dbf005d06cab40c005aabf3a3e5d79d4845 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 19 Sep 2022 14:44:35 +0300 Subject: [PATCH 0353/1248] chore(argo-cd): Update Redis HA to 4.22.2 (#1462) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index c287d556..72afb402 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.1 -digest: sha256:d9dbffa70c257bb916439103f1df6bb83a034372d3cb0ca57a853c57a4618232 -generated: "2022-08-26T15:08:50.062721+02:00" + version: 4.22.2 +digest: sha256:b6dc7774d0cc20a7a889d10e61f3dd653bdacd7836558f4875688b5cb5051d80 +generated: "2022-09-19T12:39:19.736045+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f5dc3ad9..e39a9ac2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.4.4 +version: 5.4.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,9 +14,9 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.1 + version: 4.22.2 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.4.12" + - "[Changed]: Update redis-ha to 4.22.2" From dd2672e5c034ed67b8a44905c958bedb747a710d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 19 Sep 2022 15:56:52 +0300 Subject: [PATCH 0354/1248] chore(argo-cd): Update Dex image (#1459) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e39a9ac2..41e8e16e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.4.5 +version: 5.4.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update redis-ha to 4.22.2" + - "[Changed]: Update Dex image to v2.32.0" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c2a8169c..ce245dc1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -687,7 +687,7 @@ NAME: my-release | dex.extraVolumes | list | `[]` | Extra volumes to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.30.2"` | Dex image tag | +| dex.image.tag | string | `"v2.32.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a0ec0150..8c49c8b2 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -424,7 +424,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.30.2 + tag: v2.32.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 87d6e396a784089bb26e1ed00be331c01587df87 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 20 Sep 2022 01:10:20 +0900 Subject: [PATCH 0355/1248] chore(argo-workflows): upgrade version v3.4.0 (#1463) * chore(argo-workflows): upgrade version v3.4.0 Signed-off-by: yu-croco * fix(argo-workflows): Remove unsupported attributes on metricsConfig and telemetryConfig, from workflow-controller-configmap Signed-off-by: yu-croco * fix(argo-workflows): update CRDs Signed-off-by: yu-croco * fix(argo-workflows): upgrade CRDs Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 7 +- charts/argo-workflows/README.md | 8 +- .../argoproj.io_workflowartifactgctasks.yaml | 41 +++++ .../crds/argoproj.io_workflows.yaml | 5 + .../crds/argoproj.io_workflowtaskresults.yaml | 159 ++++++++++++++++++ .../workflow-controller-cluster-roles.yaml | 1 + .../workflow-controller-config-map.yaml | 25 ++- charts/argo-workflows/values.yaml | 21 ++- 8 files changed, 246 insertions(+), 21 deletions(-) create mode 100644 charts/argo-workflows/crds/argoproj.io_workflowartifactgctasks.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b2ea7525..c991b85a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.3.9 +appVersion: v3.4.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.17.1 +version: 0.18.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Helm chart maintainers standardized to argoproj" + - "[Changed]: Upgrade ArgoWorkflows to v3.4.0" + - "[Fixed]: Remove unsupported attributes on metricsConfig and telemetryConfig, from workflow-controller-configmap" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 7d14a64f..130a035c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -66,8 +66,6 @@ Fields to note: |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | -| controller.containerRuntimeExecutor | string | `"emissary"` | Specifies the container runtime interface to use (one of: `docker`, `kubelet`, `k8sapi`, `pns`, `emissary`) | -| controller.containerRuntimeExecutors | list | `[]` | Specifies the executor to use. This has precedence over `controller.containerRuntimeExecutor`. | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | @@ -85,9 +83,12 @@ Fields to note: | controller.logging.globallevel | string | `"0"` | Set the glog logging level | | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | +| controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. | +| controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory | | controller.metricsConfig.path | string | `"/metrics"` | Path is the path where metrics are emitted. Must start with a "/". | | controller.metricsConfig.port | int | `9090` | Port is the port where metrics are emitted | | controller.metricsConfig.portName | string | `"metrics"` | Container metrics port name | +| controller.metricsConfig.secure | bool | `false` | Flag that use a self-signed cert for TLS | | controller.metricsConfig.servicePort | int | `8080` | Service metrics port | | controller.metricsConfig.servicePortName | string | `"metrics"` | Service metrics port name | | controller.name | string | `"workflow-controller"` | Workflow controller name string | @@ -116,8 +117,11 @@ Fields to note: | controller.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | controller.serviceType | string | `"ClusterIP"` | Service type of the controller Service | | controller.telemetryConfig.enabled | bool | `false` | Enables prometheus telemetry server | +| controller.telemetryConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. | +| controller.telemetryConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory | | controller.telemetryConfig.path | string | `"/telemetry"` | telemetry path | | controller.telemetryConfig.port | int | `8081` | telemetry container port | +| controller.telemetryConfig.secure | bool | `false` | Flag that use a self-signed cert for TLS | | controller.telemetryConfig.servicePort | int | `8081` | telemetry service port | | controller.telemetryConfig.servicePortName | string | `"telemetry"` | telemetry service port name | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | diff --git a/charts/argo-workflows/crds/argoproj.io_workflowartifactgctasks.yaml b/charts/argo-workflows/crds/argoproj.io_workflowartifactgctasks.yaml new file mode 100644 index 00000000..dbc98e91 --- /dev/null +++ b/charts/argo-workflows/crds/argoproj.io_workflowartifactgctasks.yaml @@ -0,0 +1,41 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workflowartifactgctasks.argoproj.io +spec: + group: argoproj.io + names: + kind: WorkflowArtifactGCTask + listKind: WorkflowArtifactGCTaskList + plural: workflowartifactgctasks + shortNames: + - wfat + singular: workflowartifactgctask + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-map-type: atomic + x-kubernetes-preserve-unknown-fields: true + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/argo-workflows/crds/argoproj.io_workflows.yaml b/charts/argo-workflows/crds/argoproj.io_workflows.yaml index 6e646adc..7a5b598d 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflows.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workflows.yaml @@ -23,6 +23,11 @@ spec: jsonPath: .status.startedAt name: Age type: date + - description: Human readable message indicating details about why the workflow + is in this condition. + jsonPath: .status.message + name: Message + type: string name: v1alpha1 schema: openAPIV3Schema: diff --git a/charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml b/charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml index 84d60f3e..e76677f7 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml +++ b/charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml @@ -43,6 +43,29 @@ spec: type: object archiveLogs: type: boolean + artifactGC: + properties: + podMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + serviceAccountName: + type: string + strategy: + enum: + - "" + - OnWorkflowCompletion + - OnWorkflowDeletion + - Never + type: string + type: object artifactory: properties: passwordSecret: @@ -72,6 +95,34 @@ spec: required: - url type: object + azure: + properties: + accountKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + blob: + type: string + container: + type: string + endpoint: + type: string + useSDKCreds: + type: boolean + required: + - blob + - container + - endpoint + type: object + deleted: + type: boolean from: type: string fromExpression: @@ -98,6 +149,8 @@ spec: type: object git: properties: + branch: + type: string depth: format: int64 type: integer @@ -124,6 +177,8 @@ spec: type: string revision: type: string + singleBranch: + type: boolean sshPrivateKeySecret: properties: key: @@ -207,6 +262,110 @@ spec: type: object http: properties: + auth: + properties: + basicAuth: + properties: + passwordSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + usernameSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + clientCert: + properties: + clientCertSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + clientKeySecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + oauth2: + properties: + clientIDSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + clientSecretSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + endpointParams: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + scopes: + items: + type: string + type: array + tokenURLSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object headers: items: properties: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index bab7cc23..4b0f389a 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -48,6 +48,7 @@ rules: - workflows/finalizers - workflowtasksets - workflowtasksets/finalizers + - workflowartifactgctasks verbs: - get - list diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 75b4af1a..f0744cf0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -13,11 +13,6 @@ data: instanceID: {{ .Values.controller.instanceID.explicitID }} {{- end }} {{- end }} - containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} - {{- with .Values.controller.containerRuntimeExecutors }} - containerRuntimeExecutors: - {{- toYaml . | nindent 6 }} - {{- end }} {{- if .Values.controller.parallelism }} parallelism: {{ .Values.controller.parallelism }} {{- end }} @@ -97,10 +92,26 @@ data: {{- end}} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: -{{ toYaml .Values.controller.metricsConfig | indent 6}}{{- end }} + enabled: {{ .Values.controller.metricsConfig.enabled }} + path: {{ .Values.controller.metricsConfig.path }} + port: {{ .Values.controller.metricsConfig.port }} + {{- if .Values.controller.metricsConfig.metricsTTL }} + metricsTTL: {{ .Values.controller.metricsConfig.metricsTTL }} + {{- end }} + ignoreErrors: {{ .Values.controller.metricsConfig.ignoreErrors }} + secure: {{ .Values.controller.metricsConfig.secure }} + {{- end }} {{- if .Values.controller.telemetryConfig.enabled }} telemetryConfig: -{{ toYaml .Values.controller.telemetryConfig | indent 6}}{{- end }} + enabled: {{ .Values.controller.telemetryConfig.enabled }} + path: {{ .Values.controller.telemetryConfig.path }} + port: {{ .Values.controller.telemetryConfig.port }} + {{- if .Values.controller.telemetryConfig.metricsTTL }} + metricsTTL: {{ .Values.controller.telemetryConfig.metricsTTL }} + {{- end }} + ignoreErrors: {{ .Values.controller.telemetryConfig.ignoreErrors }} + secure: {{ .Values.controller.telemetryConfig.secure }} + {{- end }} {{- if .Values.controller.persistence }} persistence: {{ toYaml .Values.controller.persistence | indent 6 }}{{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index da69440a..578fb1da 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -82,6 +82,12 @@ controller: path: /metrics # -- Port is the port where metrics are emitted port: 9090 + # -- How often custom metrics are cleared from memory + metricsTTL: "" + # -- Flag that instructs prometheus to ignore metric emission errors. + ignoreErrors: false + # -- Flag that use a self-signed cert for TLS + secure: false # -- Container metrics port name portName: metrics # -- Service metrics port @@ -142,6 +148,12 @@ controller: path: /telemetry # -- telemetry container port port: 8081 + # -- How often custom metrics are cleared from memory + metricsTTL: "" + # -- Flag that instructs prometheus to ignore metric emission errors. + ignoreErrors: false + # -- Flag that use a self-signed cert for TLS + secure: false # -- telemetry service port servicePort: 8081 # -- telemetry service port name @@ -170,15 +182,6 @@ controller: workflowNamespaces: - default - # -- Specifies the container runtime interface to use (one of: `docker`, `kubelet`, `k8sapi`, `pns`, `emissary`) - ## Ref: https://argoproj.github.io/argo-workflows/workflow-executors/ - containerRuntimeExecutor: emissary - # -- Specifies the executor to use. This has precedence over `controller.containerRuntimeExecutor`. - containerRuntimeExecutors: [] - # - name: emissary - # selector: - # matchLabels: - # workflows.argoproj.io/container-runtime-executor: emissary instanceID: # -- Configures the controller to filter workflow submissions # to only those which have a matching instanceID attribute. From 6594a22a4e101d228dc6b4f8d27cadc4fe018946 Mon Sep 17 00:00:00 2001 From: Zach Leslie Date: Mon, 19 Sep 2022 14:36:26 -0700 Subject: [PATCH 0356/1248] feat(argo-cd): Allow setting the private key algorithm in the Certificate spec (#1448) Signed-off-by: Zach Leslie --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++++ .../argo-cd/templates/argocd-server/certificate.yaml | 4 ++++ charts/argo-cd/values.yaml | 10 ++++++++++ 4 files changed, 20 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 41e8e16e..84bf13d6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.4.6 +version: 5.4.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Dex image to v2.32.0" + - "[Added]: Add privateKey spec handling from CertificatePrivateKey" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ce245dc1..c501e740 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -553,6 +553,10 @@ NAME: my-release | server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | | server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` | +| server.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` | +| server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | +| server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | +| server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | server.certificate.renewBefore | string | `""` | How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration | | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 80f89b03..33b34891 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -31,6 +31,10 @@ spec: {{- end }} kind: {{ .Values.server.certificate.issuer.kind | quote }} name: {{ .Values.server.certificate.issuer.name | quote }} + {{- with .Values.server.certificate.privateKey }} + privateKey: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.server.certificate.renewBefore }} renewBefore: {{ . | quote }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8c49c8b2..152db68c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1007,6 +1007,16 @@ server: duration: "" # -- How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration renewBefore: "" + # Private key of the certificate + privateKey: + # -- Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` + rotationPolicy: Never + # -- The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` + encoding: PKCS1 + # -- Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` + algorithm: RSA + # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. + size: 2048 issuer: # -- Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` group: "" From 8847af4522952edd2772384f09e8553c245bb397 Mon Sep 17 00:00:00 2001 From: JM Date: Tue, 20 Sep 2022 06:54:44 -0500 Subject: [PATCH 0357/1248] chore(argo-events) upgrade argo-events to 1.7.2 (#1465) [Release notes](https://github.com/argoproj/argo-events/releases/tag/v1.7.2) Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/README.md | 8 ++++++-- charts/argo-events/values.yaml | 32 ++++++++++---------------------- 3 files changed, 19 insertions(+), 27 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 7ab05ad6..a9f04aef 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.1 +appVersion: v1.7.2 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.4 +version: 2.0.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Helm chart maintainers standardized to argoproj" + - "[Changed]: Upgrade Argo events controller to v1.7.2" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 0acdf2ff..9a66aa06 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -52,8 +52,12 @@ done | configs.jetstream.streamConfig.maxBytes | string | `"1GB"` | | | configs.jetstream.streamConfig.maxMsgs | int | `1000000` | Maximum number of messages before expiring oldest message | | configs.jetstream.streamConfig.replicas | int | `3` | Number of replicas, defaults to 3 and requires minimal 3 | -| configs.jetstream.versions | list | `[]` | | -| configs.nats.versions | list | `[]` (See [values.yaml]) | Supported versions of NATS event bus | +| configs.jetstream.versions[0].configReloaderImage | string | `"natsio/nats-server-config-reloader:latest"` | | +| configs.jetstream.versions[0].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:latest"` | | +| configs.jetstream.versions[0].natsImage | string | `"nats:latest"` | | +| configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | | +| configs.jetstream.versions[0].version | string | `"latest"` | | +| configs.nats.versions | list | `[{"metricsExporterImage":"natsio/prometheus-nats-exporter:latest","natsStreamingImage":"nats-streaming:latest","version":"latest"}]` | Supported versions of NATS event bus | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 68bad5a3..87c6ccf0 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -62,11 +62,10 @@ configs: ## NATS event bus nats: # -- Supported versions of NATS event bus - # @default -- `[]` (See [values.yaml]) - versions: [] - # - version: 0.22.1 - # natsStreamingImage: nats-streaming:0.22.1 - # metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 + versions: + - version: latest + natsStreamingImage: nats-streaming:latest + metricsExporterImage: natsio/prometheus-nats-exporter:latest ## JetStream event bus jetstream: @@ -89,23 +88,12 @@ configs: # -- Not documented at the moment duplicates: 300s # Supported versions of JetStream eventbus - # @default -- `[]` (See [values.yaml]) - versions: [] - # - version: latest - # natsImage: nats:2.8.2 - # metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - # configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - # startCommand: /nats-server - # - version: "2.8.2" - # natsImage: nats:2.8.2 - # metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - # configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - # startCommand: /nats-server - # - version: 2.8.2-alpine - # natsImage: nats:2.8.2-alpine - # metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - # configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - # startCommand: nats-server + versions: + - version: "latest" + natsImage: nats:latest + metricsExporterImage: natsio/prometheus-nats-exporter:latest + configReloaderImage: natsio/nats-server-config-reloader:latest + startCommand: /nats-server ## Argo Events controller controller: From 8ee317128d31b75a07d263bffb07b57cb80a69f5 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 21 Sep 2022 09:32:06 +0200 Subject: [PATCH 0358/1248] Cleanup config files to keep them DRY (#1470) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +-- .../templates/argocd-configs/argocd-cm.yaml | 11 ++++--- .../argocd-configs/argocd-gpg-keys-cm.yaml | 10 +++--- .../argocd-notifications-cm.yaml | 6 ++-- .../argocd-notifications-secret.yaml | 6 ++-- .../argocd-configs/argocd-rbac-cm.yaml | 10 +++--- .../argocd-configs/argocd-secret.yaml | 32 +++++++++---------- .../argocd-ssh-known-hosts-cm.yaml | 10 +++--- .../argocd-configs/argocd-tls-certs-cm.yaml | 14 ++++---- .../argocd-configs/externalredis-secret.yaml | 6 ++-- .../repository-credentials-secret.yaml | 4 ++- .../argocd-configs/repository-secret.yaml | 4 ++- 12 files changed, 62 insertions(+), 55 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 84bf13d6..d799d226 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.4.7 +version: 5.4.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add privateKey spec handling from CertificatePrivateKey" + - "[Changed]: Cleanup of config files to keep them DRY" diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 0da0c1ed..4e85da7b 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -5,11 +5,12 @@ metadata: name: argocd-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cm") | nindent 4 }} - {{- if .Values.server.configAnnotations }} + {{- with .Values.server.configAnnotations }} annotations: - {{- range $key, $value := .Values.server.configAnnotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} - {{- end }} -data: {{- include "argo-cd.config" $ | nindent 4 }} -{{- end }} \ No newline at end of file +data: + {{- include "argo-cd.config" $ | nindent 2 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml index e96ef9aa..737887ab 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -1,15 +1,15 @@ apiVersion: v1 kind: ConfigMap metadata: - {{- if .Values.configs.gpgKeysAnnotations }} + name: argocd-gpg-keys-cm + labels: + {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} + {{- with .Values.configs.gpgKeysAnnotations }} annotations: - {{- range $key, $value := .Values.configs.gpgKeysAnnotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} - labels: - {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} - name: argocd-gpg-keys-cm {{- with .Values.configs.gpgKeys }} data: {{- toYaml . | nindent 2 }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml index e3a1daba..593da721 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml @@ -8,9 +8,9 @@ metadata: data: context: | argocdUrl: {{ .Values.notifications.argocdUrl | quote }} - {{- with .Values.notifications.context }} - {{- toYaml . | nindent 4 }} - {{- end }} + {{- with .Values.notifications.context }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.notifications.notifiers }} {{- toYaml . | nindent 2 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index 9598ee02..dc5bd383 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -5,11 +5,11 @@ metadata: name: argocd-notifications-secret labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} - {{- if .Values.notifications.secret.annotations }} + {{- with .Values.notifications.secret.annotations }} annotations: - {{- range $key, $value := .Values.notifications.secret.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} - {{- end }} + {{- end }} {{- end }} type: Opaque stringData: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index b02e3a00..38ecfc7c 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -5,14 +5,14 @@ metadata: name: argocd-rbac-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "rbac-cm") | nindent 4 }} - {{- if .Values.server.rbacConfigAnnotations }} + {{- with .Values.server.rbacConfigAnnotations }} annotations: - {{- range $key, $value := .Values.server.rbacConfigAnnotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} - {{- end }} -{{- if .Values.server.rbacConfig }} +{{- with .Values.server.rbacConfig }} data: -{{- toYaml .Values.server.rbacConfig | nindent 4 }} + {{- toYaml . | nindent 2 }} {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 62cf6be4..f289480d 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -5,34 +5,34 @@ metadata: name: argocd-secret labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }} - {{- if .Values.configs.secret.annotations }} + {{- with .Values.configs.secret.annotations }} annotations: - {{- range $key, $value := .Values.configs.secret.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} - {{- end }} + {{- end }} {{- end }} type: Opaque {{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }} # Setting a blank data again will wipe admin password/key/cert data: - {{- if .Values.configs.secret.githubSecret }} - webhook.github.secret: {{ .Values.configs.secret.githubSecret | b64enc }} + {{- with .Values.configs.secret.githubSecret }} + webhook.github.secret: {{ . | b64enc }} {{- end }} - {{- if .Values.configs.secret.gitlabSecret }} - webhook.gitlab.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }} + {{- with .Values.configs.secret.gitlabSecret }} + webhook.gitlab.secret: {{ . | b64enc }} {{- end }} - {{- if .Values.configs.secret.bitbucketServerSecret }} - webhook.bitbucketserver.secret: {{ .Values.configs.secret.bitbucketServerSecret | b64enc }} + {{- with .Values.configs.secret.bitbucketServerSecret }} + webhook.bitbucketserver.secret: {{ . | b64enc }} {{- end }} - {{- if .Values.configs.secret.bitbucketUUID }} - webhook.bitbucket.uuid: {{ .Values.configs.secret.bitbucketUUID | b64enc }} + {{- with .Values.configs.secret.bitbucketUUID }} + webhook.bitbucket.uuid: {{ . | b64enc }} {{- end }} - {{- if .Values.configs.secret.gogsSecret }} - webhook.gogs.secret: {{ .Values.configs.secret.gogsSecret | b64enc }} + {{- with .Values.configs.secret.gogsSecret }} + webhook.gogs.secret: {{ . | b64enc }} {{- end }} - {{- if .Values.configs.secret.argocdServerTlsConfig }} - tls.key: {{ .Values.configs.secret.argocdServerTlsConfig.key | b64enc }} - tls.crt: {{ .Values.configs.secret.argocdServerTlsConfig.crt | b64enc }} + {{- with .Values.configs.secret.argocdServerTlsConfig }} + tls.key: {{ .key | b64enc }} + tls.crt: {{ .crt | b64enc }} {{- end }} {{- if .Values.configs.secret.argocdServerAdminPassword }} admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 289885bd..844f492d 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -1,13 +1,13 @@ apiVersion: v1 -{{- toYaml .Values.configs.knownHosts | nindent 0 }} kind: ConfigMap metadata: + name: argocd-ssh-known-hosts-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "ssh-known-hosts-cm") | nindent 4 }} - {{- if .Values.configs.knownHostsAnnotations }} + {{- with .Values.configs.knownHostsAnnotations }} annotations: - {{- range $key, $value := .Values.configs.knownHostsAnnotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} - {{- end }} - name: argocd-ssh-known-hosts-cm \ No newline at end of file +{{- toYaml .Values.configs.knownHosts | nindent 0 }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 5b3f5fe5..74b21181 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -1,15 +1,15 @@ apiVersion: v1 -{{- if .Values.configs.tlsCerts }} -{{- toYaml .Values.configs.tlsCerts | nindent 0 }} -{{- end }} kind: ConfigMap metadata: + name: argocd-tls-certs-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "tls-certs-cm") | nindent 4 }} - {{- if .Values.configs.tlsCertsAnnotations }} + {{- with .Values.configs.tlsCertsAnnotations }} annotations: - {{- range $key, $value := .Values.configs.tlsCertsAnnotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} - {{- end }} - name: argocd-tls-certs-cm \ No newline at end of file +{{- with .Values.configs.tlsCerts }} +{{- toYaml . | nindent 0 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml index d2b1887f..a55044ba 100644 --- a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml @@ -2,12 +2,14 @@ apiVersion: v1 kind: Secret metadata: - name: {{ template "argo-cd.redis.fullname" . }} + name: {{ include "argo-cd.redis.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .Values.externalRedis.secretAnnotations }} annotations: - {{- toYaml . | nindent 4}} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} type: Opaque data: diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index 060ef579..96efd67c 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -9,7 +9,9 @@ metadata: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with $.Values.configs.credentialTemplatesAnnotations }} annotations: - {{- toYaml . | nindent 4}} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} data: {{- range $key, $value := $repo_cred_value }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index 4b49811e..bd0c067c 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -9,7 +9,9 @@ metadata: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with $.Values.configs.repositoriesAnnotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} data: {{- range $key, $value := $repo_value }} From 6099bbb256ffb955e4c9f99fb823d79fe3105a08 Mon Sep 17 00:00:00 2001 From: JM Date: Wed, 21 Sep 2022 05:34:39 -0500 Subject: [PATCH 0359/1248] fix(argo-workflows): move crds folder into templates folder (#1472) Fixes #1430 #1468 Due to multiple instances where new/changed CRDs for argo-workflows do not get installed/updated I believe it is time to move the crds folder into the templates folder like our other helm charts. I'm aware helm 3 is supposed to handle the crds folder but it seems there are a few known issues currently [here](https://github.com/hashicorp/terraform-provider-helm/issues/944), [here](https://github.com/helm/helm/issues/11321) and [here](https://github.com/helm/helm/pull/11330) that show that may still need some work. Signed-off-by: jmeridth Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 5 ++--- charts/argo-workflows/README.md | 3 +++ charts/argo-workflows/ci/default-values.yaml | 2 ++ charts/argo-workflows/ci/enable-ingress-values.yaml | 3 +++ charts/argo-workflows/ci/enable-metrics-values.yaml | 3 +++ charts/argo-workflows/ci/enable-rbac-values.yaml | 3 +++ .../crds/argoproj.io_clusterworkflowtemplates.yaml | 9 +++++++++ .../{ => templates}/crds/argoproj.io_cronworkflows.yaml | 9 +++++++++ .../crds/argoproj.io_workflowartifactgctasks.yaml | 9 +++++++++ .../crds/argoproj.io_workfloweventbindings.yaml | 9 +++++++++ .../{ => templates}/crds/argoproj.io_workflows.yaml | 9 +++++++++ .../crds/argoproj.io_workflowtaskresults.yaml | 9 +++++++++ .../crds/argoproj.io_workflowtasksets.yaml | 9 +++++++++ .../crds/argoproj.io_workflowtemplates.yaml | 9 +++++++++ charts/argo-workflows/values.yaml | 9 +++++++++ 15 files changed, 97 insertions(+), 3 deletions(-) rename charts/argo-workflows/{ => templates}/crds/argoproj.io_clusterworkflowtemplates.yaml (78%) rename charts/argo-workflows/{ => templates}/crds/argoproj.io_cronworkflows.yaml (79%) rename charts/argo-workflows/{ => templates}/crds/argoproj.io_workflowartifactgctasks.yaml (82%) rename charts/argo-workflows/{ => templates}/crds/argoproj.io_workfloweventbindings.yaml (77%) rename charts/argo-workflows/{ => templates}/crds/argoproj.io_workflows.yaml (85%) rename charts/argo-workflows/{ => templates}/crds/argoproj.io_workflowtaskresults.yaml (98%) rename charts/argo-workflows/{ => templates}/crds/argoproj.io_workflowtasksets.yaml (80%) rename charts/argo-workflows/{ => templates}/crds/argoproj.io_workflowtemplates.yaml (77%) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c991b85a..dfb1eb20 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.18.0 +version: 0.19.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoWorkflows to v3.4.0" - - "[Fixed]: Remove unsupported attributes on metricsConfig and telemetryConfig, from workflow-controller-configmap" + - "[Fixed]: Move crds folder into templates folder and add conditional flags for install and keep" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 130a035c..a0bec699 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -41,6 +41,9 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| crds.annotations | object | `{}` | Annotations to be added to all CRDs | +| crds.install | bool | `true` | Install and upgrade CRDs | +| crds.keep | bool | `true` | Keep CRDs on chart uninstall | | createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | | fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template | | images.pullPolicy | string | `"Always"` | imagePullPolicy to apply to all containers | diff --git a/charts/argo-workflows/ci/default-values.yaml b/charts/argo-workflows/ci/default-values.yaml index 507f1e54..ffc41c8a 100644 --- a/charts/argo-workflows/ci/default-values.yaml +++ b/charts/argo-workflows/ci/default-values.yaml @@ -1 +1,3 @@ # Test with default values +crds: + keep: false diff --git a/charts/argo-workflows/ci/enable-ingress-values.yaml b/charts/argo-workflows/ci/enable-ingress-values.yaml index d3485603..05dae886 100644 --- a/charts/argo-workflows/ci/enable-ingress-values.yaml +++ b/charts/argo-workflows/ci/enable-ingress-values.yaml @@ -1,3 +1,6 @@ +crds: + keep: false + server: ingress: enabled: true diff --git a/charts/argo-workflows/ci/enable-metrics-values.yaml b/charts/argo-workflows/ci/enable-metrics-values.yaml index 64c56cc1..32c007be 100644 --- a/charts/argo-workflows/ci/enable-metrics-values.yaml +++ b/charts/argo-workflows/ci/enable-metrics-values.yaml @@ -1,3 +1,6 @@ +crds: + keep: false + controller: serviceMonitor: enabled: false diff --git a/charts/argo-workflows/ci/enable-rbac-values.yaml b/charts/argo-workflows/ci/enable-rbac-values.yaml index 10f717ac..70924084 100644 --- a/charts/argo-workflows/ci/enable-rbac-values.yaml +++ b/charts/argo-workflows/ci/enable-rbac-values.yaml @@ -1,3 +1,6 @@ +crds: + keep: false + workflow: serviceAccount: create: true # Specifies whether a service account should be created diff --git a/charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml b/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml similarity index 78% rename from charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml rename to charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml index 889dfe2f..7f767b24 100644 --- a/charts/argo-workflows/crds/argoproj.io_clusterworkflowtemplates.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml @@ -1,7 +1,15 @@ +{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: clusterworkflowtemplates.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: group: argoproj.io names: @@ -34,3 +42,4 @@ spec: type: object served: true storage: true +{{- end }} diff --git a/charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml b/charts/argo-workflows/templates/crds/argoproj.io_cronworkflows.yaml similarity index 79% rename from charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml rename to charts/argo-workflows/templates/crds/argoproj.io_cronworkflows.yaml index 812cf114..7b932d8f 100644 --- a/charts/argo-workflows/crds/argoproj.io_cronworkflows.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_cronworkflows.yaml @@ -1,7 +1,15 @@ +{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: cronworkflows.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: group: argoproj.io names: @@ -38,3 +46,4 @@ spec: type: object served: true storage: true +{{- end }} diff --git a/charts/argo-workflows/crds/argoproj.io_workflowartifactgctasks.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflowartifactgctasks.yaml similarity index 82% rename from charts/argo-workflows/crds/argoproj.io_workflowartifactgctasks.yaml rename to charts/argo-workflows/templates/crds/argoproj.io_workflowartifactgctasks.yaml index dbc98e91..dcebddb2 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflowartifactgctasks.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflowartifactgctasks.yaml @@ -1,7 +1,15 @@ +{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: workflowartifactgctasks.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: group: argoproj.io names: @@ -39,3 +47,4 @@ spec: storage: true subresources: status: {} +{{- end }} diff --git a/charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workfloweventbindings.yaml similarity index 77% rename from charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml rename to charts/argo-workflows/templates/crds/argoproj.io_workfloweventbindings.yaml index 22e2ecf0..097fa5cd 100644 --- a/charts/argo-workflows/crds/argoproj.io_workfloweventbindings.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workfloweventbindings.yaml @@ -1,7 +1,15 @@ +{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: workfloweventbindings.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: group: argoproj.io names: @@ -33,3 +41,4 @@ spec: type: object served: true storage: true +{{- end }} diff --git a/charts/argo-workflows/crds/argoproj.io_workflows.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflows.yaml similarity index 85% rename from charts/argo-workflows/crds/argoproj.io_workflows.yaml rename to charts/argo-workflows/templates/crds/argoproj.io_workflows.yaml index 7a5b598d..85b71f91 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflows.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflows.yaml @@ -1,7 +1,15 @@ +{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: workflows.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: group: argoproj.io names: @@ -53,3 +61,4 @@ spec: served: true storage: true subresources: {} +{{- end }} diff --git a/charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml similarity index 98% rename from charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml rename to charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml index e76677f7..e9bb93f6 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflowtaskresults.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml @@ -1,7 +1,15 @@ +{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: workflowtaskresults.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: group: argoproj.io names: @@ -582,3 +590,4 @@ spec: type: object served: true storage: true +{{- end }} diff --git a/charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflowtasksets.yaml similarity index 80% rename from charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml rename to charts/argo-workflows/templates/crds/argoproj.io_workflowtasksets.yaml index 22cf52b1..74692941 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflowtasksets.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflowtasksets.yaml @@ -1,7 +1,15 @@ +{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: workflowtasksets.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: group: argoproj.io names: @@ -39,3 +47,4 @@ spec: storage: true subresources: status: {} +{{- end }} diff --git a/charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflowtemplates.yaml similarity index 77% rename from charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml rename to charts/argo-workflows/templates/crds/argoproj.io_workflowtemplates.yaml index 8165ec25..810e6f51 100644 --- a/charts/argo-workflows/crds/argoproj.io_workflowtemplates.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflowtemplates.yaml @@ -1,7 +1,15 @@ +{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: workflowtemplates.argoproj.io + annotations: + {{- if .Values.crds.keep }} + "helm.sh/resource-policy": keep + {{- end }} + {{- with .Values.crds.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: group: argoproj.io names: @@ -33,3 +41,4 @@ spec: type: object served: true storage: true +{{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 578fb1da..0d661b6c 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -7,6 +7,15 @@ images: pullSecrets: [] # - name: argo-pull-secret +## Custom resource configuration +crds: + # -- Install and upgrade CRDs + install: true + # -- Keep CRDs on chart uninstall + keep: true + # -- Annotations to be added to all CRDs + annotations: {} + # -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: true From edf29d2e15625f99acf66708ddbd729581820ddd Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 21 Sep 2022 13:48:37 +0200 Subject: [PATCH 0360/1248] Add argocd-cmd-params-cm (#1267) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 41 +- charts/argo-cd/README.md.gotmpl | 5 + charts/argo-cd/ci/ha-autoscaling-values.yaml | 3 - charts/argo-cd/ci/ha-static-values.yaml | 6 - charts/argo-cd/templates/NOTES.txt | 37 ++ charts/argo-cd/templates/_helpers.tpl | 50 +- .../statefulset.yaml | 167 ++++- .../argocd-configs/argocd-cmd-params-cm.yaml | 14 + .../argocd-repo-server/deployment.yaml | 216 +++++-- .../templates/argocd-server/deployment.yaml | 279 +++++++-- charts/argo-cd/templates/dex/deployment.yaml | 110 ++-- charts/argo-cd/values.yaml | 570 +++++++++--------- 13 files changed, 1018 insertions(+), 486 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d799d226..d249ec29 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.4.8 +version: 5.5.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Cleanup of config files to keep them DRY" + - "[Added]: New configuration section `configs.params` for command line parameters" + - "[Deprecated]: Command line arguments in `args` sections" + - "[Deprecated]: Options `logFormat` and `logLevel` for core components" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c501e740..a5ffd5db 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -100,6 +100,11 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" + # tlsClientConfig: + # insecure: false + # caData: "" + # - name: mycluster2 + # server: https://mycluster2.com + # labels: {} + # annotations: {} + # namespaces: namespace1,namespace2 + # clusterResources: true + # config: + # bearerToken: "" + # tlsClientConfig: + # insecure: false + # caData: "" -# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds -## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles -createAggregateRoles: false + # -- GnuPG key ring annotations + gpgKeysAnnotations: {} + # -- [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring + # @default -- `{}` (See [values.yaml]) + gpgKeys: {} + # 4AEE18F83AFDEB23: | + # -----BEGIN PGP PUBLIC KEY BLOCK----- + # + # mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta + # x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT + # SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ + # 7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa + # buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v + # yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs + # b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW + # BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf + # DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6 + # 9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws + # +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5 + # 4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O + # j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48= + # =Bvzs + # -----END PGP PUBLIC KEY BLOCK----- + + # -- Known Hosts configmap annotations + knownHostsAnnotations: {} + knownHosts: + data: + # -- Known Hosts + # @default -- See [values.yaml] + ssh_known_hosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + # -- TLS certificate configmap annotations + tlsCertsAnnotations: {} + # -- TLS certificate + # @default -- See [values.yaml] + tlsCerts: + {} + # data: + # argocd.example.com: | + # -----BEGIN CERTIFICATE----- + # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL + # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE + # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 + # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda + # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT + # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES + # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi + # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 + # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc + # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u + # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G + # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ + # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E + # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko + # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J + # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u + # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO + # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 + # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 + # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ + # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn + # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx + # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 + # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT + # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr + # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO + # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so + # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr + # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 + # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W + # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK + # XWyb96wrUlv+E8I= + # -----END CERTIFICATE----- + + # -- Repository credentials to be used as Templates for other repos + ## Creates a secret for each key/value specified below to create repository credentials + credentialTemplates: {} + # github-enterprise-creds-1: + # url: https://github.com/argoproj + # githubAppID: 1 + # githubAppInstallationID: 2 + # githubAppEnterpriseBaseUrl: https://ghe.example.com/api/v3 + # githubAppPrivateKey: | + # -----BEGIN OPENSSH PRIVATE KEY----- + # ... + # -----END OPENSSH PRIVATE KEY----- + # https-creds: + # url: https://github.com/argoproj + # password: my-password + # username: my-username + # ssh-creds: + # url: git@github.com:argoproj-labs + # sshPrivateKey: | + # -----BEGIN OPENSSH PRIVATE KEY----- + # ... + # -----END OPENSSH PRIVATE KEY----- + + # -- Annotations to be added to `configs.credentialTemplates` Secret + credentialTemplatesAnnotations: {} + + # -- Repositories list to be used by applications + ## Creates a secret for each key/value specified below to create repositories + ## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". + repositories: {} + # istio-helm-repo: + # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts + # name: istio.io + # type: helm + # private-helm-repo: + # url: https://my-private-chart-repo.internal + # name: private-repo + # type: helm + # password: my-password + # username: my-username + # private-repo: + # url: https://github.com/argoproj/private-repo + + # -- Annotations to be added to `configs.repositories` Secret + repositoriesAnnotations: {} + + secret: + # -- Create the argocd-secret + createSecret: true + # -- Annotations to be added to argocd-secret + annotations: {} + + # -- Shared secret for authenticating GitHub webhook events + githubSecret: "" + # -- Shared secret for authenticating GitLab webhook events + gitlabSecret: "" + # -- Shared secret for authenticating BitbucketServer webhook events + bitbucketServerSecret: "" + # -- UUID for authenticating Bitbucket webhook events + bitbucketUUID: "" + # -- Shared secret for authenticating Gogs webhook events + gogsSecret: "" + + # -- add additional secrets to be added to argocd-secret + ## Custom secrets. Useful for injecting SSO secrets into environment variables. + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/#sensitive-data-and-sso-client-secrets + ## Note that all values must be non-empty. + extra: + {} + # LDAP_PASSWORD: "mypassword" + + # -- Argo TLS Data + argocdServerTlsConfig: + {} + # key: + # crt: | + # -----BEGIN CERTIFICATE----- + # + # -----END CERTIFICATE----- + # -----BEGIN CERTIFICATE----- + # + # -----END CERTIFICATE----- + + # -- Bcrypt hashed admin password + ## Argo expects the password in the secret to be bcrypt hashed. You can create this hash with + ## `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` + argocdServerAdminPassword: "" + # -- Admin password modification time. Eg. `"2006-01-02T15:04:05Z"` + # @default -- `""` (defaults to current time) + argocdServerAdminPasswordMtime: "" + + # -- Define custom [CSS styles] for your argo instance. + # This setting will automatically mount the provided CSS and reference it in the argo configuration. + # @default -- `""` (See [values.yaml]) + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ + styles: "" + # styles: | + # .nav-bar { + # background: linear-gradient(to bottom, #999, #777, #333, #222, #111); + # } + + # Argo CD configuration parameters + ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cmd-params-cm.yaml + params: + # -- Annotations to be added to the argocd-cmd-params-cm ConfigMap + annotations: {} + + ## Generic parameters + # -- Open-Telemetry collector address: (e.g. "otel-collector:4317") + otlp.address: '' + # -- Time period in seconds for application resync + timeout.reconciliation: 180 + # -- Time period in seconds for application hard resync + timeout.hard.reconciliation: 0 + + ## Controller Properties + # -- Number of application status processors + controller.status.processors: 20 + # -- Number of application operation processors + controller.operation.processors: 10 + # -- Specifies timeout between application self heal attempts + controller.self.heal.timeout.seconds: 5 + # -- Repo server RPC call timeout seconds. + controller.repo.server.timeout.seconds: 60 + + ## Server properties + # -- Run server without TLS + server.insecure: false + # -- Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / + server.basehref: / + # -- Used if Argo CD is running behind reverse proxy under subpath different from / + server.rootpath: / + # -- Directory path that contains additional static assets + server.staticassets: /shared/app + # -- Disable Argo CD RBAC for user authentication + server.disable.auth: false + # -- Enable GZIP compression + server.enable.gzip: false + # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "". + server.x.frame.options: sameorigin + + ## Repo-server properties + # -- Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. + reposerver.parallelism.limit: 0 # -- Array of extra K8s manifests to deploy extraObjects: [] @@ -122,27 +382,30 @@ controller: # Additional replicas will cause sharding of managed clusters across number of replicas. replicas: 1 - ## Application controller commandline flags - args: - # -- define the application controller `--status-processors` - statusProcessors: "20" - # -- define the application controller `--operation-processors` - operationProcessors: "10" - # -- define the application controller `--app-hard-resync` - appHardResyncPeriod: "0" - # -- define the application controller `--app-resync` - appResyncPeriod: "180" - # -- define the application controller `--self-heal-timeout-seconds` - selfHealTimeout: "5" - # -- define the application controller `--repo-server-timeout-seconds` - repoServerTimeoutSeconds: "60" + # -- DEPRECATED - Application controller commandline flags + args: {} + # DEPRECATED - Use configs.params to override + # # -- define the application controller `--status-processors` + # statusProcessors: "20" + # # -- define the application controller `--operation-processors` + # operationProcessors: "10" + # # -- define the application controller `--app-hard-resync` + # appHardResyncPeriod: "0" + # # -- define the application controller `--app-resync` + # appResyncPeriod: "180" + # # -- define the application controller `--self-heal-timeout-seconds` + # selfHealTimeout: "5" + # # -- define the application controller `--repo-server-timeout-seconds` + # repoServerTimeoutSeconds: "60" + + # DEPRECATED - Use configs.params to override # -- Application controller log format. Either `text` or `json` # @default -- `""` (defaults to global.logging.format) - logFormat: "" + # logFormat: "" # -- Application controller log level. One of: `debug`, `info`, `warn` or `error` # @default -- `""` (defaults to global.logging.level) - logLevel: "" + # logLevel: "" # -- Additional command line arguments to pass to application controller extraArgs: [] @@ -496,20 +759,10 @@ dex: automountServiceAccountToken: true # -- Additional volumeMounts to the dex main container - volumeMounts: - - name: static-files - mountPath: /shared + volumeMounts: [] # -- Additional volumes to the dex pod - volumes: - - name: static-files - emptyDir: {} - - # -- Extra volumes to the dex pod - extraVolumes: [] - - # -- Extra volumeMounts to the dex pod - extraVolumeMounts: [] + volumes: [] # -- Container port for HTTP access containerPortHttp: 5556 @@ -554,7 +807,7 @@ dex: # - all # readOnlyRootFilesystem: true -# -- Resource limits and requests for dex + # -- Resource limits and requests for dex resources: {} # limits: # cpu: 50m @@ -893,12 +1146,6 @@ server: # -- Additional command line arguments to pass to Argo CD server extraArgs: [] - # - --insecure - - # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the Argo CD server app - staticAssets: - # -- Disable deprecated flag `--staticassets` - enabled: true # -- Environment variables to pass to Argo CD server env: [] @@ -914,12 +1161,13 @@ server: # -- Specify postStart and preStop lifecycle hooks for your argo-cd-server container lifecycle: {} + # DEPRECATED - Use configs.params to override # -- Argo CD server log format: Either `text` or `json` # @default -- `""` (defaults to global.logging.format) - logFormat: "" + # logFormat: "" # -- Argo CD server log level. One of: `debug`, `info`, `warn` or `error` # @default -- `""` (defaults to global.logging.level) - logLevel: "" + # logLevel: "" # -- Annotations to be added to server pods podAnnotations: {} @@ -1503,12 +1751,13 @@ repoServer: # - secretRef: # name: secret-name + # DEPRECATED - Use configs.params to override # -- Repo server log format: Either `text` or `json` # @default -- `""` (defaults to global.logging.level) - logFormat: "" + # logFormat: "" # -- Repo server log level. One of: `debug`, `info`, `warn` or `error` # @default -- `""` (defaults to global.logging.format) - logLevel: "" + # logLevel: "" # -- Annotations to be added to repo server pods podAnnotations: {} @@ -1718,223 +1967,6 @@ repoServer: # -- Secrets with credentials to pull images from a private registry imagePullSecrets: [] -## Argo Configs -configs: - # -- Provide one or multiple [external cluster credentials] - # @default -- `[]` (See [values.yaml]) - ## Ref: - ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters - ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/security/#external-cluster-credentials - clusterCredentials: [] - # - name: mycluster - # server: https://mycluster.com - # labels: {} - # annotations: {} - # config: - # bearerToken: "" - # tlsClientConfig: - # insecure: false - # caData: "" - # - name: mycluster2 - # server: https://mycluster2.com - # labels: {} - # annotations: {} - # namespaces: namespace1,namespace2 - # clusterResources: true - # config: - # bearerToken: "" - # tlsClientConfig: - # insecure: false - # caData: "" - - # -- GnuPG key ring annotations - gpgKeysAnnotations: {} - # -- [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring - # @default -- `{}` (See [values.yaml]) - gpgKeys: {} - # 4AEE18F83AFDEB23: | - # -----BEGIN PGP PUBLIC KEY BLOCK----- - # - # mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta - # x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT - # SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ - # 7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa - # buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v - # yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs - # b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW - # BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf - # DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6 - # 9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws - # +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5 - # 4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O - # j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48= - # =Bvzs - # -----END PGP PUBLIC KEY BLOCK----- - - # -- Known Hosts configmap annotations - knownHostsAnnotations: {} - knownHosts: - data: - # -- Known Hosts - # @default -- See [values.yaml] - ssh_known_hosts: | - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== - github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= - gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf - gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 - ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - # -- TLS certificate configmap annotations - tlsCertsAnnotations: {} - # -- TLS certificate - # @default -- See [values.yaml] - tlsCerts: - {} - # data: - # argocd.example.com: | - # -----BEGIN CERTIFICATE----- - # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL - # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE - # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 - # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda - # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT - # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES - # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi - # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 - # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc - # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u - # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G - # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ - # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E - # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko - # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J - # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u - # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO - # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 - # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 - # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ - # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn - # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx - # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 - # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT - # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr - # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO - # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so - # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr - # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 - # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W - # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK - # XWyb96wrUlv+E8I= - # -----END CERTIFICATE----- - - # -- Repository credentials to be used as Templates for other repos - ## Creates a secret for each key/value specified below to create repository credentials - credentialTemplates: {} - # github-enterprise-creds-1: - # url: https://github.com/argoproj - # githubAppID: 1 - # githubAppInstallationID: 2 - # githubAppEnterpriseBaseUrl: https://ghe.example.com/api/v3 - # githubAppPrivateKey: | - # -----BEGIN OPENSSH PRIVATE KEY----- - # ... - # -----END OPENSSH PRIVATE KEY----- - # https-creds: - # url: https://github.com/argoproj - # password: my-password - # username: my-username - # ssh-creds: - # url: git@github.com:argoproj-labs - # sshPrivateKey: | - # -----BEGIN OPENSSH PRIVATE KEY----- - # ... - # -----END OPENSSH PRIVATE KEY----- - - # -- Annotations to be added to `configs.credentialTemplates` Secret - credentialTemplatesAnnotations: {} - - # -- Repositories list to be used by applications - ## Creates a secret for each key/value specified below to create repositories - ## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". - repositories: {} - # istio-helm-repo: - # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts - # name: istio.io - # type: helm - # private-helm-repo: - # url: https://my-private-chart-repo.internal - # name: private-repo - # type: helm - # password: my-password - # username: my-username - # private-repo: - # url: https://github.com/argoproj/private-repo - - # -- Annotations to be added to `configs.repositories` Secret - repositoriesAnnotations: {} - - secret: - # -- Create the argocd-secret - createSecret: true - # -- Annotations to be added to argocd-secret - annotations: {} - - # -- Shared secret for authenticating GitHub webhook events - githubSecret: "" - # -- Shared secret for authenticating GitLab webhook events - gitlabSecret: "" - # -- Shared secret for authenticating BitbucketServer webhook events - bitbucketServerSecret: "" - # -- UUID for authenticating Bitbucket webhook events - bitbucketUUID: "" - # -- Shared secret for authenticating Gogs webhook events - gogsSecret: "" - - # -- add additional secrets to be added to argocd-secret - ## Custom secrets. Useful for injecting SSO secrets into environment variables. - ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/#sensitive-data-and-sso-client-secrets - ## Note that all values must be non-empty. - extra: - {} - # LDAP_PASSWORD: "mypassword" - - # -- Argo TLS Data - argocdServerTlsConfig: - {} - # key: - # crt: | - # -----BEGIN CERTIFICATE----- - # - # -----END CERTIFICATE----- - # -----BEGIN CERTIFICATE----- - # - # -----END CERTIFICATE----- - - # -- Bcrypt hashed admin password - ## Argo expects the password in the secret to be bcrypt hashed. You can create this hash with - ## `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` - argocdServerAdminPassword: "" - # -- Admin password modification time. Eg. `"2006-01-02T15:04:05Z"` - # @default -- `""` (defaults to current time) - argocdServerAdminPasswordMtime: "" - - # -- Define custom [CSS styles] for your argo instance. - # This setting will automatically mount the provided CSS and reference it in the argo configuration. - # @default -- `""` (See [values.yaml]) - ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ - styles: "" - # styles: | - # .nav-bar { - # background: linear-gradient(to bottom, #999, #777, #333, #222, #111); - # } - -openshift: - # -- enables using arbitrary uid for argo repo server - enabled: false - applicationSet: # -- Enable Application Set controller enabled: true From e9dddd82897d9b9485163d87ccdec6166103a240 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 21 Sep 2022 21:51:04 +0900 Subject: [PATCH 0361/1248] fix(argo-workflows): remove unsupported value from SSO configuration (#1473) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/values.yaml | 5 ----- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index dfb1eb20..019d2129 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.19.0 +version: 0.19.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Move crds folder into templates folder and add conditional flags for install and keep" + - "[Fixed]: Remove unsupported values from SSO configuration" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 0d661b6c..d4344a19 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -482,11 +482,6 @@ server: # redirectUrl: https://argo/oauth2/callback # rbac: # enabled: true - ## When present, restricts secrets the server can read to a given list. - ## You can use it to restrict the server to only be able to access the - ## service account token secrets that are associated with service accounts - ## used for authorization. - # secretWhitelist: [] ## Scopes requested from the SSO ID provider. The 'groups' scope requests ## group membership information, which is usually used for authorization ## decisions. From 67659d4db06836c26500ada7f6e53606d4876826 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 21 Sep 2022 20:21:12 +0200 Subject: [PATCH 0362/1248] feat(argo-cd): Add username support for external redis (#1478) Signed-off-by: Petr Drastil Signed-off-by: Eugene Lugovtsov <34510252+EugeneLugovtsov@users.noreply.github.com> Co-authored-by: Eugene Lugovtsov <34510252+EugeneLugovtsov@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 1 + .../templates/argocd-configs/externalredis-secret.yaml | 9 +++++++-- charts/argo-cd/values.yaml | 2 ++ 4 files changed, 12 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d249ec29..339b47fd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.0 +version: 5.5.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,6 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: New configuration section `configs.params` for command line parameters" - - "[Deprecated]: Command line arguments in `args` sections" - - "[Deprecated]: Options `logFormat` and `logLevel` for core components" + - "[Added]: REDIS_USERNAME environment variable added automatically based on externalRedis.username" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a5ffd5db..0117b4ad 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -852,6 +852,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | externalRedis.password | string | `""` | External Redis password | | externalRedis.port | int | `6379` | External Redis server port | | externalRedis.secretAnnotations | object | `{}` | External Redis Secret annotations | +| externalRedis.username | string | `""` | External Redis username | ## ApplicationSet diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml index a55044ba..80dfc475 100644 --- a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.externalRedis.password (not .Values.externalRedis.existingSecret) }} +{{- if and (or .Values.externalRedis.username .Values.externalRedis.password) (not .Values.externalRedis.existingSecret) }} apiVersion: v1 kind: Secret metadata: @@ -13,5 +13,10 @@ metadata: {{- end }} type: Opaque data: - redis-password: {{ .Values.externalRedis.password | b64enc }} + {{- with .Values.externalRedis.username }} + redis-username: {{ . | b64enc }} + {{- end }} + {{- with .Values.externalRedis.password }} + redis-password: {{ . | b64enc }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cc1da0e0..82560619 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1089,6 +1089,8 @@ redis-ha: externalRedis: # -- External Redis server host host: "" + # -- External Redis username + username: "" # -- External Redis password password: "" # -- External Redis server port From 07d63255ae19ff1e08a22e71c932f686f8f619ac Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 21 Sep 2022 21:06:10 +0200 Subject: [PATCH 0363/1248] fix(argo-cd): Fix UI error caused by new config (#1480) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 339b47fd..947f2362 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.1 +version: 5.5.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: REDIS_USERNAME environment variable added automatically based on externalRedis.username" + - "[Fixed]: Argo CD server returns 404 due to invalid default value" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 0117b4ad..68befdd7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -373,7 +373,7 @@ NAME: my-release | configs.params."server.disable.auth" | bool | `false` | Disable Argo CD RBAC for user authentication | | configs.params."server.enable.gzip" | bool | `false` | Enable GZIP compression | | configs.params."server.insecure" | bool | `false` | Run server without TLS | -| configs.params."server.rootpath" | string | `"/"` | Used if Argo CD is running behind reverse proxy under subpath different from / | +| configs.params."server.rootpath" | string | `""` | Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | | configs.params."server.x.frame.options" | string | `"sameorigin"` | Set X-Frame-Options header in HTTP responses to value. To disable, set to "". | | configs.params."timeout.hard.reconciliation" | int | `0` | Time period in seconds for application hard resync | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 82560619..6160cbcc 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -320,7 +320,7 @@ configs: # -- Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / server.basehref: / # -- Used if Argo CD is running behind reverse proxy under subpath different from / - server.rootpath: / + server.rootpath: '' # -- Directory path that contains additional static assets server.staticassets: /shared/app # -- Disable Argo CD RBAC for user authentication From ba733e921d06c056a38eb15925c5fcefd008b146 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 22 Sep 2022 10:52:41 +0200 Subject: [PATCH 0364/1248] fix(argo-cd): Rendering of node selector for repoServer (#1484) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 947f2362..9d787849 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.2 +version: 5.5.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Argo CD server returns 404 due to invalid default value" + - "[Fixed]: Node selector for repoServer was not rendered correctly" diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index c207f18a..a1f600dc 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -235,7 +235,7 @@ spec: {{- end }} {{- with .Values.repoServer.nodeSelector }} nodeSelector: - {{- toYaml .Values.repoServer.nodeSelector | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.repoServer.tolerations }} tolerations: From f1fabf17dd2320a53da6f3837225b1cd9b0b7c07 Mon Sep 17 00:00:00 2001 From: Paul Brousseau Date: Thu, 22 Sep 2022 10:20:28 -0700 Subject: [PATCH 0365/1248] docs(argo-cd): Minor clarification around CRDs for Argo-CD (#1481) Signed-off-by: Paul Brousseau --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/README.md.gotmpl | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9d787849..a585f90e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.3 +version: 5.5.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Node selector for repoServer was not rendered correctly" + - "[Fixed]: Clarified documentation around CRD upgrades" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 68befdd7..3fda655f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -89,9 +89,9 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. -Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 5.2.0, the CRDs have been moved to `/templates` to address this design decision. -Please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: +If you are using Argo CD chart version prior to 5.2.0 or have elected to manage the Argo CD CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: ```bash kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index d44a4f6d..c14ca122 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -89,9 +89,9 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. -Helm cannot upgrade custom resource definitions [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 5.2.0, the CRDs have been moved to `/templates` to address this design decision. -Please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: +If you are using Argo CD chart version prior to 5.2.0 or have elected to manage the Argo CD CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: ```bash kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" From fd0f2c92e18742e59f85cd51e7c5972a2448a063 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 24 Sep 2022 09:03:36 +0900 Subject: [PATCH 0366/1248] fix(argo-workflows): Set only used values on SSO configuration (#1483) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 +-- .../workflow-controller-config-map.yaml | 33 ++++++++++++++++++- charts/argo-workflows/values.yaml | 5 +++ 3 files changed, 39 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 019d2129..36a595f6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.19.1 +version: 0.19.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Remove unsupported values from SSO configuration" + - "[Fixed]: Set only used values on SSO configuration" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index f0744cf0..06cc3d34 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -119,7 +119,38 @@ data: workflowDefaults: {{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} {{- with .Values.server.sso }} - sso: {{- toYaml . | nindent 6 }} + sso: + issuer: {{ .issuer }} + clientId: + name: {{ .clientId.name }} + key: {{ .clientId.key }} + clientSecret: + name: {{ .clientSecret.name }} + key: {{ .clientSecret.key }} + redirectUrl: {{ .redirectUrl }} + {{- if and (.rbac) (.rbac.enabled) }} + rbac: + enabled: {{ .rbac.enabled }} + {{- end }} + {{- if .scopes }} + scopes: {{ toYaml .scopes | nindent 8 }} + {{- end }} + {{- if .issuerAlias }} + issuerAlias: {{ .issuerAlias }} + {{- end }} + {{- if and (.sessionExpiry) (.sessionExpiry.duration) }} + sessionExpiry: + duration: {{ .sessionExpiry.duration }} + {{- end }} + {{- if .customGroupClaimName }} + customGroupClaimName: {{ .customGroupClaimName }} + {{- end }} + {{- if .userInfoPath }} + userInfoPath: {{ .userInfoPath }} + {{- end }} + {{- if .insecureSkipVerify }} + insecureSkipVerify: {{ .insecureSkipVerify }} + {{- end }} {{- end }} {{- with .Values.controller.workflowRestrictions }} workflowRestrictions: {{- toYaml . | nindent 6 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index d4344a19..0d661b6c 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -482,6 +482,11 @@ server: # redirectUrl: https://argo/oauth2/callback # rbac: # enabled: true + ## When present, restricts secrets the server can read to a given list. + ## You can use it to restrict the server to only be able to access the + ## service account token secrets that are associated with service accounts + ## used for authorization. + # secretWhitelist: [] ## Scopes requested from the SSO ID provider. The 'groups' scope requests ## group membership information, which is usually used for authorization ## decisions. From 9b3a65e2398df28558d13a96899a84c664b81e13 Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Sun, 25 Sep 2022 19:02:42 +0200 Subject: [PATCH 0367/1248] fix(argo-cd): Add missing templating for some service labels (#1489) --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-application-controller/service.yaml | 3 +++ charts/argo-cd/templates/argocd-applicationset/service.yaml | 3 +++ charts/argo-cd/templates/argocd-repo-server/service.yaml | 3 +++ 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a585f90e..009543db 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.4 +version: 5.5.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Clarified documentation around CRD upgrades" + - "[Fixed]: Add missing templating for some service labels" diff --git a/charts/argo-cd/templates/argocd-application-controller/service.yaml b/charts/argo-cd/templates/argocd-application-controller/service.yaml index db563135..1d4340ff 100644 --- a/charts/argo-cd/templates/argocd-application-controller/service.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/service.yaml @@ -10,6 +10,9 @@ metadata: name: {{ template "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} +{{- with .Values.controller.service.labels }} +{{- toYaml . | nindent 4 }} +{{- end }} spec: ports: - name: {{ .Values.controller.service.portName }} diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index 4d2fd4eb..9e0de533 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -11,6 +11,9 @@ metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +{{- with .Values.applicationSet.service.labels }} +{{- toYaml . | nindent 4 }} +{{- end }} spec: ports: - name: {{ .Values.applicationSet.service.portName }} diff --git a/charts/argo-cd/templates/argocd-repo-server/service.yaml b/charts/argo-cd/templates/argocd-repo-server/service.yaml index 6ab15747..541ea41e 100644 --- a/charts/argo-cd/templates/argocd-repo-server/service.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/service.yaml @@ -9,6 +9,9 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} +{{- with .Values.repoServer.service.labels }} +{{- toYaml . | nindent 4 }} +{{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} spec: ports: From bf2420767bfb49ce28c92094f2234e9e5012d7fb Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 26 Sep 2022 10:49:33 +0900 Subject: [PATCH 0368/1248] fix(argo-workflows): change default type of `.mainContainer.env` and `.executor.env` from object to array (#1487) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 4 ++-- charts/argo-workflows/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 36a595f6..925e8af9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.19.2 +version: 0.19.3 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Set only used values on SSO configuration" + - "[Fixed]: Change default type of `.mainContainer.env` and `.executor.env` from object to array" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index a0bec699..8cf04457 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -139,7 +139,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| -| mainContainer.env | object | `{}` | Adds environment variables for the Workflow main container | +| mainContainer.env | list | `[]` | Adds environment variables for the Workflow main container | | mainContainer.imagePullPolicy | string | `"Always"` | imagePullPolicy to apply to Workflow main container | | mainContainer.resources | object | `{}` | Resource limits and requests for the Workflow main container | | mainContainer.securityContext | object | `{}` | sets security context for the Workflow main container | @@ -148,7 +148,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| -| executor.env | object | `{}` | Adds environment variables for the executor. | +| executor.env | list | `[]` | Adds environment variables for the executor. | | executor.image.registry | string | `"quay.io"` | Registry to use for the Workflow Executors | | executor.image.repository | string | `"argoproj/argoexec"` | Repository to use for the Workflow Executors | | executor.image.tag | string | `""` | Image tag for the workflow executor. Defaults to `.Values.images.tag`. | diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 0d661b6c..b961bcdd 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -283,7 +283,7 @@ mainContainer: # -- Resource limits and requests for the Workflow main container resources: {} # -- Adds environment variables for the Workflow main container - env: {} + env: [] # -- sets security context for the Workflow main container securityContext: {} @@ -299,7 +299,7 @@ executor: # -- Resource limits and requests for the Workflow Executors resources: {} # -- Adds environment variables for the executor. - env: {} + env: [] # -- sets security context for the executor container securityContext: {} From ab2ab593b333145b67f2497bb203a2465942cc76 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 26 Sep 2022 13:11:00 +0900 Subject: [PATCH 0369/1248] feat(argo-workflows): Support Azure Blob Storage for artifact (#1488) * feat(argo-workflows): Support Azure Blob Storage for artifact Signed-off-by: yu-croco * chore(argo-workflows): refactor, from if/else to with Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../workflow-controller-config-map.yaml | 13 ++++++++----- charts/argo-workflows/values.yaml | 18 ++++++++++++++++++ 4 files changed, 29 insertions(+), 7 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 925e8af9..772ba388 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.19.3 +version: 0.19.4 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Change default type of `.mainContainer.env` and `.executor.env` from object to array" + - "[Added]: Support Azure Blob Storage for artifact" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 8cf04457..70ca0bdc 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -213,6 +213,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | artifactRepository.archiveLogs | bool | `false` | Archive the main container logs as an artifact | +| artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | | useDefaultArtifactRepo | bool | `false` | Influences the creation of the ConfigMap for the workflow-controller itself. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 06cc3d34..2f6e35b2 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -56,10 +56,13 @@ data: {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} {{- end }} - {{- if .Values.artifactRepository.gcs }} - gcs: -{{ toYaml .Values.artifactRepository.gcs | indent 8}} - {{- else }} + {{- with .Values.artifactRepository.gcs }} + gcs: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.artifactRepository.azure }} + azure: {{- toYaml . | nindent 8 }} + {{- end }} + {{- if and (not .Values.artifactRepository.gcs) (not .Values.artifactRepository.azure) }} s3: {{- if .Values.useStaticCredentials }} accessKeySecret: @@ -89,7 +92,7 @@ data: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- end}} + {{- end }} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: enabled: {{ .Values.controller.metricsConfig.enabled }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index b961bcdd..4459d6dd 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -539,3 +539,21 @@ artifactRepository: # serviceAccountKeySecret: # name: my-gcs-credentials # key: serviceAccountKey + # -- Store artifact in Azure Blob Storage + # @default -- `{}` (See [values.yaml]) + azure: {} + # endpoint: https://mystorageaccountname.blob.core.windows.net + # container: my-container-name + # blob: path/in/container + ## accountKeySecret is a secret selector. + ## It references the k8s secret named 'my-azure-storage-credentials'. + ## This secret is expected to have have the key 'account-access-key', + ## containing the base64 encoded credentials to the storage account. + ## If a managed identity has been assigned to the machines running the + ## workflow (e.g., https://docs.microsoft.com/en-us/azure/aks/use-managed-identity) + ## then accountKeySecret is not needed, and useSDKCreds should be + ## set to true instead: + # useSDKCreds: true + # accountKeySecret: + # name: my-azure-storage-credentials + # key: account-access-key From 99aadc56c422097ec84b54fc5ede3cdc952c2643 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 27 Sep 2022 18:53:04 +0900 Subject: [PATCH 0370/1248] fix(argo-workflows): sso configuration (#1492) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-config-map.yaml | 9 ++++----- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 772ba388..752e16ee 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.19.4 +version: 0.19.5 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support Azure Blob Storage for artifact" + - "[Fixed]: Fixed failed sso configuration" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 2f6e35b2..2a6aaf7c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -131,9 +131,9 @@ data: name: {{ .clientSecret.name }} key: {{ .clientSecret.key }} redirectUrl: {{ .redirectUrl }} - {{- if and (.rbac) (.rbac.enabled) }} + {{- with .rbac }} rbac: - enabled: {{ .rbac.enabled }} + enabled: {{ .enabled }} {{- end }} {{- if .scopes }} scopes: {{ toYaml .scopes | nindent 8 }} @@ -141,9 +141,8 @@ data: {{- if .issuerAlias }} issuerAlias: {{ .issuerAlias }} {{- end }} - {{- if and (.sessionExpiry) (.sessionExpiry.duration) }} - sessionExpiry: - duration: {{ .sessionExpiry.duration }} + {{- if .sessionExpiry }} + sessionExpiry: .sessionExpiry {{- end }} {{- if .customGroupClaimName }} customGroupClaimName: {{ .customGroupClaimName }} From 57d64df5466f814754d2937fd2ab9af86d5cb717 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 27 Sep 2022 21:43:48 +0900 Subject: [PATCH 0371/1248] fix(argo-workflows): Helm syntax on SSO configuration (#1493) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 752e16ee..f07e8eb1 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.19.5 +version: 0.19.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Fixed failed sso configuration" + - "[Fixed]: Helm syntax on SSO configuration" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 2a6aaf7c..c0130ba7 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -142,7 +142,7 @@ data: issuerAlias: {{ .issuerAlias }} {{- end }} {{- if .sessionExpiry }} - sessionExpiry: .sessionExpiry + sessionExpiry: {{ .sessionExpiry }} {{- end }} {{- if .customGroupClaimName }} customGroupClaimName: {{ .customGroupClaimName }} From bece474c2727f0ac0619b0efa9c1370147bbd4ce Mon Sep 17 00:00:00 2001 From: Jason Murray <15822260+chaosaffe@users.noreply.github.com> Date: Wed, 28 Sep 2022 04:05:20 -0700 Subject: [PATCH 0372/1248] docs(argo-cd): Fix link to chart source (#1434) Signed-off-by: Jason Murray <15822260+chaosaffe@users.noreply.github.com> Signed-off-by: Marco Kilchhofer Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +++++-- charts/argo-cd/README.md | 5 +++-- charts/argo-cd/README.md.gotmpl | 4 ++-- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 009543db..d6c01d25 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,9 +2,12 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.5 +version: 5.5.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png +sources: + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd + - https://github.com/argoproj/argo-cd keywords: - argoproj - argocd @@ -19,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing templating for some service labels" + - "[Added]: Source code section inside chart README" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3fda655f..e520f2b1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -2,9 +2,10 @@ A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. -Source code can be found [here](https://argo-cd.readthedocs.io/en/stable/) +Source code can be found here: -## Additional Information +* +* This is a **community maintained** chart. This chart installs [argo-cd](https://argo-cd.readthedocs.io/en/stable/), a declarative, GitOps continuous delivery tool for Kubernetes. diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index c14ca122..f7ed30d2 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -2,9 +2,9 @@ A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. -Source code can be found [here](https://argo-cd.readthedocs.io/en/stable/) +Source code can be found here: -## Additional Information +{{ template "chart.sourcesList" . }} This is a **community maintained** chart. This chart installs [argo-cd](https://argo-cd.readthedocs.io/en/stable/), a declarative, GitOps continuous delivery tool for Kubernetes. From 107695e73858662756e3bbf23ebc36b245ae403e Mon Sep 17 00:00:00 2001 From: Keigo Hattori Date: Wed, 28 Sep 2022 22:50:45 +0900 Subject: [PATCH 0373/1248] feat(argo-workflows): Add extra manifests to deploy within the chart (#1495) Signed-off-by: Keigo Hattori --- charts/argo-workflows/Chart.yaml | 4 +-- charts/argo-workflows/README.md | 1 + .../templates/extra-manifests.yaml | 4 +++ charts/argo-workflows/values.yaml | 26 +++++++++++++++++++ 4 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 charts/argo-workflows/templates/extra-manifests.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f07e8eb1..831aa43f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.19.6 +version: 0.20.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Helm syntax on SSO configuration" + - "[Added]: Additional manifests to deploy within the chart" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 70ca0bdc..339f81be 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -45,6 +45,7 @@ Fields to note: | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | | createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template | | images.pullPolicy | string | `"Always"` | imagePullPolicy to apply to all containers | | images.pullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | diff --git a/charts/argo-workflows/templates/extra-manifests.yaml b/charts/argo-workflows/templates/extra-manifests.yaml new file mode 100644 index 00000000..a9bb3b6b --- /dev/null +++ b/charts/argo-workflows/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraObjects }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 4459d6dd..fc9ab550 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -496,6 +496,32 @@ server: # -- Extra containers to be added to the server deployment extraContainers: [] +# -- Array of extra K8s manifests to deploy +extraObjects: [] + # - apiVersion: secrets-store.csi.x-k8s.io/v1 + # kind: SecretProviderClass + # metadata: + # name: argo-server-sso + # spec: + # provider: aws + # parameters: + # objects: | + # - objectName: "argo/server/sso" + # objectType: "secretsmanager" + # jmesPath: + # - path: "client_id" + # objectAlias: "client_id" + # - path: "client_secret" + # objectAlias: "client_secret" + # secretObjects: + # - data: + # - key: client_id + # objectName: client_id + # - key: client_secret + # objectName: client_secret + # secretName: argo-server-sso-secrets-store + # type: Opaque + # -- Influences the creation of the ConfigMap for the workflow-controller itself. useDefaultArtifactRepo: false # -- Use static credentials for S3 (eg. when not using AWS IRSA) From ed2bf79bab80d3f3ed560e9c40f6c44845136c00 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 29 Sep 2022 01:43:32 -0500 Subject: [PATCH 0374/1248] chore(argo-rollouts) Upgrade to argo-rollouts 1.3.0 (#1466) Signed-off-by: jmeridth --- charts/argo-rollouts/Chart.yaml | 13 ++- charts/argo-rollouts/README.md | 2 +- .../templates/crds/analysis-run-crd.yaml | 11 ++- .../templates/crds/analysis-template-crd.yaml | 10 +++ .../crds/cluster-analysis-template-crd.yaml | 10 +++ .../templates/crds/experiment-crd.yaml | 5 +- .../templates/crds/rollout-crd.yaml | 89 ++++++++++++++++++- 7 files changed, 132 insertions(+), 8 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 320bad6a..12c42fca 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,13 +1,18 @@ apiVersion: v2 -appVersion: "v1.2.2" +appVersion: v1.3.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.20.0 -icon: https://argoproj.github.io/argo-rollouts/assets/logo.png +version: 2.21.0 home: https://github.com/argoproj/argo-helm +icon: https://argoproj.github.io/argo-rollouts/assets/logo.png +keywords: + - argoproj + - argo-rollouts +sources: + - https://github.com/argoproj/argo-rollouts maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: initContainer option to controller pod, updated secrets roles" + - "[Changed]: Upgrade ArgoRollouts to v1.3.0" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index d0881293..4f0a54e2 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -176,4 +176,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.20.0/charts/argo-rollouts/values.yaml +[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.21.0/charts/argo-rollouts/values.yaml diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index f5cba997..0d95f6f5 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -202,6 +202,13 @@ spec: query: type: string type: object + influxdb: + properties: + profile: + type: string + query: + type: string + type: object job: properties: metadata: @@ -2575,6 +2582,9 @@ spec: maxSkew: format: int32 type: integer + minDomains: + format: int32 + type: integer topologyKey: type: string whenUnsatisfiable: @@ -2875,5 +2885,4 @@ spec: served: true storage: true subresources: {} - {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 7b23b54d..862af976 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -198,6 +198,13 @@ spec: query: type: string type: object + influxdb: + properties: + profile: + type: string + query: + type: string + type: object job: properties: metadata: @@ -2571,6 +2578,9 @@ spec: maxSkew: format: int32 type: integer + minDomains: + format: int32 + type: integer topologyKey: type: string whenUnsatisfiable: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 8ea109f7..60604611 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -198,6 +198,13 @@ spec: query: type: string type: object + influxdb: + properties: + profile: + type: string + query: + type: string + type: object job: properties: metadata: @@ -2571,6 +2578,9 @@ spec: maxSkew: format: int32 type: integer + minDomains: + format: int32 + type: integer topologyKey: type: string whenUnsatisfiable: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 90b4b499..86af1932 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -2477,6 +2477,9 @@ spec: maxSkew: format: int32 type: integer + minDomains: + format: int32 + type: integer topologyKey: type: string whenUnsatisfiable: @@ -2606,4 +2609,4 @@ spec: served: true storage: true subresources: {} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 596f55ca..ec58d318 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.7.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -603,6 +603,74 @@ spec: format: int32 type: integer type: object + setHeaderRoute: + properties: + match: + items: + properties: + headerName: + type: string + headerValue: + properties: + exact: + type: string + prefix: + type: string + regex: + type: string + type: object + required: + - headerName + - headerValue + type: object + type: array + name: + type: string + type: object + setMirrorRoute: + properties: + match: + items: + properties: + headers: + additionalProperties: + properties: + exact: + type: string + prefix: + type: string + regex: + type: string + type: object + type: object + method: + properties: + exact: + type: string + prefix: + type: string + regex: + type: string + type: object + path: + properties: + exact: + type: string + prefix: + type: string + regex: + type: string + type: object + type: object + type: array + name: + type: string + percentage: + format: int32 + type: integer + required: + - name + type: object setWeight: format: int32 type: integer @@ -743,6 +811,15 @@ spec: type: object type: array type: object + managedRoutes: + items: + properties: + name: + type: string + required: + - name + type: object + type: array nginx: properties: additionalIngressAnnotations: @@ -763,6 +840,13 @@ spec: trafficSplitName: type: string type: object + traefik: + properties: + weightedTraefikServiceName: + type: string + required: + - weightedTraefikServiceName + type: object type: object type: object type: object @@ -3083,6 +3167,9 @@ spec: maxSkew: format: int32 type: integer + minDomains: + format: int32 + type: integer topologyKey: type: string whenUnsatisfiable: From 01a871c91eee76941336a93dbc9ddfcdee5bc470 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 29 Sep 2022 10:54:42 -0500 Subject: [PATCH 0375/1248] chore(argo-events): upgrade argo-events to app version 1.7.3 (#1499) --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a9f04aef..46c4c6f6 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.2 +appVersion: v1.7.3 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.5 +version: 2.0.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Argo events controller to v1.7.2" + - "[Changed]: Upgrade Argo events controller to v1.7.3" From 54f4cbe36f36b398f78ab0edc97bd13af3c1e61f Mon Sep 17 00:00:00 2001 From: Hyeonmin Park Date: Fri, 30 Sep 2022 22:26:16 +0900 Subject: [PATCH 0376/1248] docs(argo-cd): Fix v5.5.0 upgrade guide heading (#1502) Signed-off-by: Hyeonmin Park --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/README.md.gotmpl | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d6c01d25..5fb8d427 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.12 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.6 +version: 5.5.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Source code section inside chart README" + - "[Fixed]: v5.5.0 Upgrade guide heading in README" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e520f2b1..9f3b9f04 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -101,7 +101,7 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref= Date: Fri, 30 Sep 2022 17:29:03 -0500 Subject: [PATCH 0377/1248] chore(argo-rollouts): Upgrade argo-rollouts to 1.3.1 (#1500) Signed-off-by: jmeridth --- .editorconfig | 4 ++++ charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 2 +- charts/argo-rollouts/README.md.gotmpl | 2 +- 4 files changed, 9 insertions(+), 5 deletions(-) create mode 100644 .editorconfig diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 00000000..cb90a2c2 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,4 @@ +[*.{md,md.gotmpl}] +indent_style = space +indent_size = 4 +trim_trailing_whitespace = false diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 12c42fca..6688d9b0 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.3.0 +appVersion: v1.3.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.0 +version: 2.21.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoRollouts to v1.3.0" + - "[Changed]: Upgrade ArgoRollouts to v1.3.1" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 4f0a54e2..e471d284 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -176,4 +176,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-2.21.0/charts/argo-rollouts/values.yaml +[values.yaml]: values.yaml diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 6682d168..445c84db 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -98,4 +98,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets -[values.yaml]: https://github.com/argoproj/argo-helm/blob/argo-rollouts-{{ .Version }}/charts/argo-rollouts/values.yaml +[values.yaml]: values.yaml From 0b5ab6da1878e3cb8331015a46853af323816d13 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 2 Oct 2022 04:27:57 -0500 Subject: [PATCH 0378/1248] chore(argo-workflows): Upgrade argo-workflows to app version 3.4.1 (#1505) [Release Notes](https://github.com/argoproj/argo-workflows/releases/tag/v3.4.1) Signed-off-by: jmeridth Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 831aa43f..61fa7297 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.0 +appVersion: v3.4.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.0 +version: 0.20.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Additional manifests to deploy within the chart" + - "[Changed]: Upgrade ArgoWorkflows to v3.4.1" From 332173bd77f47220f19b96d6f41f83ccd15a729f Mon Sep 17 00:00:00 2001 From: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Date: Mon, 3 Oct 2022 20:58:12 -0400 Subject: [PATCH 0379/1248] chore(argo-cd): upgrade Dex to 2.35 to avoid CVE-2022-39222 (#1507) * chore(argo-cd): upgrade Dex to 2.35 to avoid CVE-2022-39222 Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * update image tag Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5fb8d427..f7a44267 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.12 +appVersion: v2.4.13 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.7 +version: 5.5.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: v5.5.0 Upgrade guide heading in README" + - "[Fixed]: Upgrade Dex to v2.35.0 to avoid CVE-2022-39222 and update app version to v2.4.13" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 9f3b9f04..d1c507b6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -699,7 +699,7 @@ NAME: my-release | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.32.0"` | Dex image tag | +| dex.image.tag | string | `"v2.35.0-distroless"` | Dex image tag | | dex.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6160cbcc..d1b17b44 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -687,7 +687,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.32.0 + tag: v2.35.0-distroless # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From c11a729595a787ee02d80e698febd9082f033015 Mon Sep 17 00:00:00 2001 From: Eddie Knight Date: Wed, 5 Oct 2022 14:27:31 -0500 Subject: [PATCH 0380/1248] chore(docs): Updated README following CLOMonitor guidelines (#1509) * chore: Added security policy note to README * chore: Added Changelog note to README * Added Artifact Hub badge Signed-off-by: Eddie Knight --- README.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 61922839..18217029 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,7 @@ [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) +[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: @@ -11,4 +12,12 @@ helm repo add argo https://argoproj.github.io/argo-helm ## Contributing -We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details. \ No newline at end of file +We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details. + +### Security Policy + +If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new). + +### Changelog + +Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). \ No newline at end of file From 197526a40b4c8237869145255610069f91f9f7fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mattias=20=C3=84ngehov?= Date: Thu, 6 Oct 2022 16:31:51 +0200 Subject: [PATCH 0381/1248] feat(argo-cd): Add support for labels on Service Accounts (#1513) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Allow configuring labels on service accounts Signed-off-by: Mattias Ängehov * Update documentation Signed-off-by: Mattias Ängehov * Update version and changes Signed-off-by: Mattias Ängehov Signed-off-by: Mattias Ängehov --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 3 +++ .../argocd-application-controller/serviceaccount.yaml | 3 +++ .../templates/argocd-applicationset/serviceaccount.yaml | 3 +++ charts/argo-cd/templates/argocd-server/serviceaccount.yaml | 3 +++ charts/argo-cd/values.yaml | 6 ++++++ 6 files changed, 20 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f7a44267..3687d9a8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.13 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.8 +version: 5.5.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Upgrade Dex to v2.35.0 to avoid CVE-2022-39222 and update app version to v2.4.13" + - "[Added]: Allow labels to be set on service accounts" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d1c507b6..43430cc9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -462,6 +462,7 @@ NAME: my-release | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | controller.serviceAccount.create | bool | `true` | Create a service account for the application controller | +| controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller | @@ -677,6 +678,7 @@ NAME: my-release | server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | server.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | server.serviceAccount.create | bool | `true` | Create server service account | +| server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `"argocd-server"` | Server service account name | | server.tolerations | list | `[]` | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | @@ -908,6 +910,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.service.portName | string | `"webhook"` | Application set service port name | | applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | | applicationSet.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | diff --git a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index 4703236c..96d786cd 100644 --- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -12,4 +12,7 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- range $key, $value := .Values.controller.serviceAccount.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml index 4fafac8d..cf5c0ef5 100644 --- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -12,4 +12,7 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- range $key, $value := .Values.applicationSet.serviceAccount.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index cd95480b..a2eb9b11 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -12,4 +12,7 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- range $key, $value := .Values.server.serviceAccount.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d1b17b44..83acc6d9 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -516,6 +516,8 @@ controller: name: argocd-application-controller # -- Annotations applied to created service account annotations: {} + # -- Labels applied to created service account + labels: {} # -- Automount API credentials for the Service Account automountServiceAccountToken: true @@ -1356,6 +1358,8 @@ server: name: argocd-server # -- Annotations applied to created service account annotations: {} + # -- Labels applied to created service account + labels: {} # -- Automount API credentials for the Service Account automountServiceAccountToken: true @@ -2068,6 +2072,8 @@ applicationSet: create: true # -- Annotations to add to the service account annotations: {} + # -- Labels applied to created service account + labels: {} # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" From 3eb68caf8d01a2be7f4634961fa513d30eeaa8b4 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Thu, 6 Oct 2022 17:04:46 -0400 Subject: [PATCH 0382/1248] feat(argo-cd): Upgrade argocd to v2.4.14 (#1515) * feat(argo-cd): Upgrade argocd to v2.4.14 Signed-off-by: smcavallo * updated dex.image.tag Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3687d9a8..b1950fe4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.13 +appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.9 +version: 5.5.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Allow labels to be set on service accounts" + - "[Changed]: Update to app version 2.4.14" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 43430cc9..7cad3839 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -701,7 +701,7 @@ NAME: my-release | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.35.0-distroless"` | Dex image tag | +| dex.image.tag | string | `"v2.35.1-distroless"` | Dex image tag | | dex.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 83acc6d9..4f42c974 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -689,7 +689,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.35.0-distroless + tag: v2.35.1-distroless # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 5963c0befe54f866c72b30f631d069d8dadfef75 Mon Sep 17 00:00:00 2001 From: Evan Lock Date: Thu, 6 Oct 2022 18:23:33 -0400 Subject: [PATCH 0383/1248] fix(argo-cd): correct example PrometheusRule expression for missing app info (#1516) * Update rule expression for missing Argo apps Signed-off-by: Evan Lock * bump chart version, update changelog Signed-off-by: Evan Lock Signed-off-by: Evan Lock Co-authored-by: Evan Lock --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b1950fe4..4b805cf0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.10 +version: 5.5.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.4.14" + - "[Changed]: Updated example PrometheusRule expression for missing apps" diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4f42c974..eabfe5c5 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -567,7 +567,7 @@ controller: spec: [] # - alert: ArgoAppMissing # expr: | - # absent(argocd_app_info) + # absent(argocd_app_info) == 1 # for: 15m # labels: # severity: critical From c041c744643ab0da7464fecf8c26848573f80dc0 Mon Sep 17 00:00:00 2001 From: Eddie Knight Date: Fri, 7 Oct 2022 04:27:25 -0500 Subject: [PATCH 0384/1248] Added minimum permissions to workflows (#1517) Signed-off-by: Eddie Knight --- .github/workflows/lint-and-test.yml | 4 ++++ .github/workflows/pr-title.yml | 6 ++++++ .github/workflows/publish.yml | 5 +++++ .github/workflows/stale.yml | 7 +++++++ 4 files changed, 22 insertions(+) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 88fcf2df..f5f0297b 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -1,6 +1,10 @@ ## Reference: https://github.com/helm/chart-testing-action name: Linting and Testing on: pull_request + +permissions: + contents: read + jobs: chart-test: runs-on: ubuntu-latest diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 83dec55e..f42d814f 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -8,8 +8,14 @@ on: - edited - synchronize +permissions: + contents: read + jobs: main: + permissions: + pull-requests: read # for amannn/action-semantic-pull-request to analyze PRs + statuses: write # for amannn/action-semantic-pull-request to mark status of analyzed PR name: Validate PR title runs-on: ubuntu-latest steps: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 729c2621..6090494f 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -5,8 +5,13 @@ on: branches: - main +permissions: + contents: read + jobs: publish: + permissions: + contents: write # for helm/chart-releaser-action to push chart release and create a release runs-on: ubuntu-latest steps: - name: Checkout diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 0e8a171e..a9b2dbe2 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -3,8 +3,15 @@ name: Mark stale issues and pull requests on: schedule: - cron: "30 1 * * *" + +permissions: + contents: read + jobs: stale: + permissions: + issues: write # for actions/stale to close stale issues + pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - uses: actions/stale@v5 From fb7b59e4814343e103c1f436012634caf26bca64 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20B=C4=85ka=C5=82a?= <67150725+SebastianBakala-TomTom@users.noreply.github.com> Date: Fri, 7 Oct 2022 12:52:18 +0200 Subject: [PATCH 0385/1248] fix(argo-cd): Added missing envFrom for notifications-controller (#1512) Signed-off-by: bakala --- charts/argo-cd/Chart.yaml | 5 +++-- charts/argo-cd/README.md | 1 + .../templates/argocd-notifications/deployment.yaml | 7 ++++++- charts/argo-cd/values.yaml | 8 ++++++++ 4 files changed, 18 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4b805cf0..870b9149 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.11 +version: 5.5.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Updated example PrometheusRule expression for missing apps" + - "[Added]: Added `envFrom` field to the notifications-controller." + - "[Changed]: Templating the `env` field in the same way as in the argocd-server." diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 7cad3839..e6ee678f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -953,6 +953,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.enabled | bool | `true` | Enable Notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | | notifications.extraEnv | list | `[]` | Additional container environment variables | +| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | | notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | notifications.extraVolumes | list | `[]` | List of extra volumes to add | | notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller | diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index cfbb54f7..a1eab679 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -60,7 +60,12 @@ spec: securityContext: {{- toYaml .Values.notifications.containerSecurityContext | nindent 12 }} {{- end }} {{- with .Values.notifications.extraEnv }} - env: {{ toYaml . | nindent 12 }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.notifications.extraEnvFrom }} + envFrom: + {{- toYaml . | nindent 12 }} {{- end }} volumeMounts: - name: tls-certs diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index eabfe5c5..e46efcd2 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2269,6 +2269,14 @@ notifications: # -- Additional container environment variables extraEnv: [] + # -- envFrom to pass to the controller + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] # - mountPath: /tmp/foobar From 18dfcc1053acfdc4c6b16aef7886cc8699076e68 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 8 Oct 2022 20:28:22 +0900 Subject: [PATCH 0386/1248] chore(argo-cd): Updated Redis to 7.0.5 for fixing CVE-2022-35951. (#1523) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 870b9149..3bbff281 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.12 +version: 5.5.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,5 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Added `envFrom` field to the notifications-controller." - - "[Changed]: Templating the `env` field in the same way as in the argocd-server." + - "[Changed]: Updated Redis to 7.0.5 for fixing CVE-2022-35951." diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e6ee678f..aed2b789 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -771,7 +771,7 @@ NAME: my-release | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.4-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | @@ -829,7 +829,7 @@ The main options are listed here: | redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.4-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e46efcd2..8c9c70ec 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -862,7 +862,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.4-alpine + tag: 7.0.5-alpine # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent @@ -1071,7 +1071,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.4-alpine + tag: 7.0.5-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: From bdd118caf8f513673d80a744510d37bd168e8742 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 9 Oct 2022 00:22:51 +0200 Subject: [PATCH 0387/1248] fix(argo-cd): Move incorrectly placed timeout configs (#1526) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 -- charts/argo-cd/templates/NOTES.txt | 4 ++-- charts/argo-cd/values.yaml | 14 ++++++++++---- 4 files changed, 14 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3bbff281..d9d79339 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.13 +version: 5.5.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Updated Redis to 7.0.5 for fixing CVE-2022-35951." + - "[Fixed]: Incorrectly placed timeout.reconciliation and timeout.hard.reconciliation" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index aed2b789..f4a4c60b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -377,8 +377,6 @@ NAME: my-release | configs.params."server.rootpath" | string | `""` | Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | | configs.params."server.x.frame.options" | string | `"sameorigin"` | Set X-Frame-Options header in HTTP responses to value. To disable, set to "". | -| configs.params."timeout.hard.reconciliation" | int | `0` | Time period in seconds for application hard resync | -| configs.params."timeout.reconciliation" | int | `180` | Time period in seconds for application resync | | configs.params.annotations | object | `{}` | Annotations to be added to the argocd-cmd-params-cm ConfigMap | | configs.repositories | object | `{}` | Repositories list to be used by applications | | configs.repositoriesAnnotations | object | `{}` | Annotations to be added to `configs.repositories` Secret | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index a112b85a..bebdb822 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -5,10 +5,10 @@ DEPRECATED option controller.args.statusProcessors - Use configs.params.controll DEPRECATED option controller.args.operationProcessors - Use configs.params.controller.operation.processors {{- end }} {{- if .Values.controller.args.appResyncPeriod }} -DEPRECATED option controller.args.appResyncPeriod - Use configs.params.timeout.reconciliation +DEPRECATED option controller.args.appResyncPeriod - Use server.config.timeout.reconciliation {{- end }} {{- if .Values.controller.args.appHardResyncPeriod }} -DEPRECATED option controller.args.appHardResyncPeriod - Use configs.params.timeout.hard.reconciliation +DEPRECATED option controller.args.appHardResyncPeriod - Use server.config.timeout.hard.reconciliation {{- end }} {{- if .Values.controller.args.selfHealTimeout }} DEPRECATED option controller.args.selfHealTimeout - Use configs.params.controller.self.heal.timeout.seconds diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8c9c70ec..05ce622c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -299,10 +299,6 @@ configs: ## Generic parameters # -- Open-Telemetry collector address: (e.g. "otel-collector:4317") otlp.address: '' - # -- Time period in seconds for application resync - timeout.reconciliation: 180 - # -- Time period in seconds for application hard resync - timeout.hard.reconciliation: 0 ## Controller Properties # -- Number of application status processors @@ -1502,6 +1498,7 @@ server: config: # Argo CD's externally facing base URL (optional). Required when configuring SSO url: "" + # Argo CD instance label key application.instanceLabelKey: argocd.argoproj.io/instance @@ -1517,6 +1514,14 @@ server: # https://argo-cd.readthedocs.io/en/latest/faq/#how-to-disable-admin-user admin.enabled: "true" + # Application reconciliation timeout is the max amount of time required to discover if a new manifests version got + # published to the repository. Reconciliation by timeout is disabled if timeout is set to 0. Three minutes by default. + timeout.reconciliation: 180s + + # Timeout to refresh application data as well as target manifests cache + timeout.hard.reconciliation: "0" + + # Dex configuration # dex.config: | # connectors: # # GitHub example @@ -1529,6 +1534,7 @@ server: # orgs: # - name: your-github-org + # OIDC configuration as an alternative to dex (optional). # oidc.config: | # name: AzureAD # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 From 1297678c764210f07d54f939a8a8077cb79aadf5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 9 Oct 2022 07:26:34 +0900 Subject: [PATCH 0388/1248] chore(github): Update versions (#1525) --- .github/workflows/lint-and-test.yml | 6 +++--- .github/workflows/publish.yml | 11 +++++++---- .github/workflows/stale.yml | 2 +- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index f5f0297b..147f0b6b 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -18,9 +18,9 @@ jobs: uses: azure/setup-helm@v1 - name: Set up python - uses: actions/setup-python@v3 + uses: actions/setup-python@v4 with: - python-version: 3.8 + python-version: 3.9 - name: Setup Chart Linting id: lint @@ -55,7 +55,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@v1.2.0 + uses: helm/kind-action@v1.4.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 6090494f..8333a66d 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -20,7 +20,10 @@ jobs: fetch-depth: 0 - name: Install Helm - uses: azure/setup-helm@v1 + uses: azure/setup-helm@v3 + with: + version: latest # stable + token: ${{ secrets.GITHUB_TOKEN }} # only needed if version is 'latest' - name: Add dependency chart repos run: | @@ -30,15 +33,15 @@ jobs: run: | git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - + ## This is required to consider the old Circle-CI Index and to stay compatible with all the old releases. - - name: Fetch current Chart Index + - name: Fetch current Chart Index run: | git checkout origin/gh-pages index.yaml - name: Run chart-releaser uses: helm/chart-releaser-action@v1.4.0 - with: + with: config: "./.github/configs/cr.yaml" env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index a9b2dbe2..3637ed8f 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v5 + - uses: actions/stale@v6 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From fbaa2ef19b7137a3704b6732ffc12083b89a368e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan-Otto=20Kr=C3=B6pke?= Date: Sun, 9 Oct 2022 10:33:55 +0200 Subject: [PATCH 0389/1248] feat(argo-cd): Make labels for repoServer and notification service accounts configurable (#1527) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jan-Otto Kröpke Signed-off-by: Jan-Otto Kröpke --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ .../templates/argocd-notifications/serviceaccount.yaml | 3 +++ .../argo-cd/templates/argocd-repo-server/serviceaccount.yaml | 5 ++++- charts/argo-cd/values.yaml | 4 ++++ 5 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d9d79339..fb6952c1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.14 +version: 5.5.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Incorrectly placed timeout.reconciliation and timeout.hard.reconciliation" + - "[Added]: Make labels for repoServer and notification service accounts configurable" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f4a4c60b..3439300e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -535,6 +535,7 @@ NAME: my-release | repoServer.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | repoServer.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | +| repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account | | repoServer.serviceAccount.name | string | `""` | Repo server service account name | | repoServer.tolerations | list | `[]` | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the repo server | @@ -983,6 +984,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| notifications.serviceAccount.labels | object | `{}` | Labels applied to created service account | | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | diff --git a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml index 48c6967f..d6219280 100644 --- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml @@ -12,4 +12,7 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- range $key, $value := .Values.notifications.serviceAccount.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml index b045da74..71f75583 100644 --- a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -12,4 +12,7 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} -{{- end }} \ No newline at end of file + {{- range $key, $value := .Values.repoServer.serviceAccount.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 05ce622c..a3f90e7c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1921,6 +1921,8 @@ repoServer: name: "" # "argocd-repo-server" # -- Annotations applied to created service account annotations: {} + # -- Labels applied to created service account + labels: {} # -- Automount API credentials for the Service Account automountServiceAccountToken: true @@ -2364,6 +2366,8 @@ notifications: # -- Annotations applied to created service account annotations: {} + # -- Labels applied to created service account + labels: {} cm: # -- Whether helm chart creates controller config map create: true From d0381671fa33a81c40e4426bc1e24d3c4e76f05c Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 9 Oct 2022 15:23:05 +0200 Subject: [PATCH 0390/1248] chore(argo-cd): Remove invalid options from notification controller (#1530) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 +++-- charts/argo-cd/README.md | 2 -- .../templates/argocd-notifications/deployment.yaml | 13 ++++++++----- charts/argo-cd/values.yaml | 8 -------- 4 files changed, 11 insertions(+), 17 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fb6952c1..28e09add 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.15 +version: 5.5.16 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Make labels for repoServer and notification service accounts configurable" + - "[Fixed]: Notification controller strategy must be always Recreate" + - "[Removed]: Notification controller securityContext in favor of global.securityContext" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3439300e..1d83e566 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -981,7 +981,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | -| notifications.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | notifications.serviceAccount.labels | object | `{}` | Labels applied to created service account | @@ -990,7 +989,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.templates | object | `{}` | The notification template is used to generate the notification content | | notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | -| notifications.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | ### Using AWS ALB Ingress Controller With GRPC diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index a1eab679..40c3e076 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -2,12 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "argo-cd.notifications.fullname" . }} + name: {{ include "argo-cd.notifications.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: strategy: - {{- .Values.notifications.updateStrategy | toYaml | nindent 4 }} + type: Recreate selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} @@ -25,12 +25,15 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.notifications.imagePullSecrets | default .Values.global.imagePullSecrets }} + {{- with .Values.notifications.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} + {{- with .Values.global.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} - securityContext: {{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.notifications.securityContext) | nindent 8 }} containers: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a3f90e7c..7e21a545 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2231,10 +2231,6 @@ notifications: # -- [Node selector] nodeSelector: {} - # -- The deployment strategy to use to replace existing pods with new ones - updateStrategy: - type: Recreate - # -- Define user-defined context ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/#defining-user-defined-context context: {} @@ -2336,10 +2332,6 @@ notifications: # -- Labels to be applied to the controller Pods podLabels: {} - # -- Pod Security Context - securityContext: - runAsNonRoot: true - # -- Container Security Context containerSecurityContext: {} From 3a05c7e7b45c094cec8158fb205cd00983dfb164 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 10 Oct 2022 21:08:04 +0200 Subject: [PATCH 0391/1248] chore(argo-cd): Rename PDB templates (#1533) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 ++--- .../{poddisruptionbudget.yaml => pdb.yaml} | 0 .../{poddisruptionbudget.yaml => pdb.yaml} | 0 .../argocd-server/{poddisruptionbudget.yaml => pdb.yaml} | 0 .../templates/dex/{poddisruptionbudget.yaml => pdb.yaml} | 0 .../templates/redis/{poddisruptionbudget.yaml => pdb.yaml} | 0 6 files changed, 2 insertions(+), 3 deletions(-) rename charts/argo-cd/templates/argocd-application-controller/{poddisruptionbudget.yaml => pdb.yaml} (100%) rename charts/argo-cd/templates/argocd-repo-server/{poddisruptionbudget.yaml => pdb.yaml} (100%) rename charts/argo-cd/templates/argocd-server/{poddisruptionbudget.yaml => pdb.yaml} (100%) rename charts/argo-cd/templates/dex/{poddisruptionbudget.yaml => pdb.yaml} (100%) rename charts/argo-cd/templates/redis/{poddisruptionbudget.yaml => pdb.yaml} (100%) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 28e09add..0fba336b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.16 +version: 5.5.17 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,5 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Notification controller strategy must be always Recreate" - - "[Removed]: Notification controller securityContext in favor of global.securityContext" + - "[Changed]: Renamed PodDistruptionBudget templates to pdb.yaml" diff --git a/charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-application-controller/poddisruptionbudget.yaml rename to charts/argo-cd/templates/argocd-application-controller/pdb.yaml diff --git a/charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-repo-server/poddisruptionbudget.yaml rename to charts/argo-cd/templates/argocd-repo-server/pdb.yaml diff --git a/charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-server/poddisruptionbudget.yaml rename to charts/argo-cd/templates/argocd-server/pdb.yaml diff --git a/charts/argo-cd/templates/dex/poddisruptionbudget.yaml b/charts/argo-cd/templates/dex/pdb.yaml similarity index 100% rename from charts/argo-cd/templates/dex/poddisruptionbudget.yaml rename to charts/argo-cd/templates/dex/pdb.yaml diff --git a/charts/argo-cd/templates/redis/poddisruptionbudget.yaml b/charts/argo-cd/templates/redis/pdb.yaml similarity index 100% rename from charts/argo-cd/templates/redis/poddisruptionbudget.yaml rename to charts/argo-cd/templates/redis/pdb.yaml From 810aa6b887ddbebbd79c66dbfd32a4e4a570ce3e Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 10 Oct 2022 22:46:11 +0200 Subject: [PATCH 0392/1248] docs(argo-cd): Documented defaults for imagePullSecrets (#1536) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 18 +++---- .../bots/slack/deployment.yaml | 4 +- charts/argo-cd/values.yaml | 49 ++++++++++++------- 4 files changed, 44 insertions(+), 31 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0fba336b..4bd0b896 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.17 +version: 5.5.18 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Renamed PodDistruptionBudget templates to pdb.yaml" + - "[Changed]: Documented defaults for imagePullSecrets" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1d83e566..67932b25 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -341,7 +341,7 @@ NAME: my-release | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | | global.image.tag | string | `""` | Overrides the global Argo CD image tag whose default is the chart appVersion | -| global.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository | +| global.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | global.logging.format | string | `"text"` | Set the global logging format. Either: `text` or `json` | | global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` | | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | @@ -413,7 +413,7 @@ NAME: my-release | controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller | | controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller | | controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | -| controller.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| controller.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | controller.initContainers | list | `[]` | Init containers to add to the application controller pod | | controller.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | controller.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -491,7 +491,7 @@ NAME: my-release | repoServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the repo server | | repoServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the repo server | | repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | -| repoServer.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| repoServer.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | repoServer.initContainers | list | `[]` | Init containers to add to the repo server pods | | repoServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | repoServer.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -591,7 +591,7 @@ NAME: my-release | server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server | | server.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Argo CD server | | server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server | -| server.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| server.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | server.ingress.annotations | object | `{}` | Additional ingress annotations | | server.ingress.enabled | bool | `false` | Enable an ingress resource for the Argo CD server | | server.ingress.extraPaths | list | `[]` | Additional ingress paths | @@ -701,7 +701,7 @@ NAME: my-release | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | | dex.image.tag | string | `"v2.35.1-distroless"` | Dex image tag | -| dex.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | @@ -771,7 +771,7 @@ NAME: my-release | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | -| redis.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | @@ -877,7 +877,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application set controller | | applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application set controller | | applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application set controller | -| applicationSet.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | | applicationSet.logFormat | string | `""` (defaults to global.logging.format) | ApplicationSet controller log format. Either `text` or `json` | | applicationSet.logLevel | string | `""` (defaults to global.logging.level) | ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | @@ -934,7 +934,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | | notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | | notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | -| notifications.bots.slack.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | | notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | | notifications.bots.slack.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | @@ -958,7 +958,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller | | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | -| notifications.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | +| notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | notifications.logFormat | string | `""` (defaults to global.logging.format) | Application controller log format. Either `text` or `json` | | notifications.logLevel | string | `""` (defaults to global.logging.level) | Application controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index 0ec4565e..f51d2497 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -16,10 +16,10 @@ spec: labels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 8 }} spec: - {{- with .Values.notifications.bots.slack.imagePullSecrets | default .Values.global.imagePullSecrets }} + {{- with .Values.notifications.bots.slack.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} serviceAccountName: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} securityContext: {{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.notifications.securityContext) | nindent 8 }} containers: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7e21a545..1111d8f9 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -44,6 +44,10 @@ global: tag: "" # -- If defined, a imagePullPolicy applied to all Argo CD deployments imagePullPolicy: IfNotPresent + + # -- Secrets with credentials to pull images from a private registry + imagePullSecrets: [] + logging: # -- Set the global logging format. Either: `text` or `json` format: text @@ -59,8 +63,6 @@ global: # runAsGroup: 999 # fsGroup: 999 - # -- If defined, uses a Secret to pull an image from a private Docker registry or repository - imagePullSecrets: [] # -- Mapping between IP and hostnames that will be injected as entries in the pod's hosts files hostAliases: [] # - ip: 10.20.30.40 @@ -374,6 +376,10 @@ controller: # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- Secrets with credentials to pull images from a private registry + # @default -- `[]` (defaults to global.imagePullSecrets) + imagePullSecrets: [] + # -- The number of application controller pods to run. # Additional replicas will cause sharding of managed clusters across number of replicas. replicas: 1 @@ -636,8 +642,6 @@ controller: # minAvailable: 1 # maxUnavailable: 0 - # -- Secrets with credentials to pull images from a private registry - imagePullSecrets: [] ## Dex dex: @@ -689,6 +693,11 @@ dex: # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + + # -- Secrets with credentials to pull images from a private registry + # @default -- `[]` (defaults to global.imagePullSecrets) + imagePullSecrets: [] + initImage: # -- Argo CD init image repository # @default -- `""` (defaults to global.image.repository) @@ -844,9 +853,6 @@ dex: # minAvailable: 1 # maxUnavailable: 0 - # -- Secrets with credentials to pull images from a private registry - imagePullSecrets: [] - ## Redis redis: # -- Enable redis @@ -862,6 +868,10 @@ redis: # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent + # -- Secrets with credentials to pull images from a private registry + # @default -- `[]` (defaults to global.imagePullSecrets) + imagePullSecrets: [] + # -- Additional command line arguments to pass to redis-server extraArgs: [] # - --bind @@ -1035,9 +1045,6 @@ redis: # minAvailable: 1 # maxUnavailable: 0 - # -- Secrets with credentials to pull images from a private registry - imagePullSecrets: [] - # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted # Check the redis-ha chart for more properties @@ -1144,6 +1151,10 @@ server: # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" # IfNotPresent + # -- Secrets with credentials to pull images from a private registry + # @default -- `[]` (defaults to global.imagePullSecrets) + imagePullSecrets: [] + # -- Additional command line arguments to pass to Argo CD server extraArgs: [] @@ -1700,8 +1711,6 @@ server: # minAvailable: 1 # maxUnavailable: 0 - # -- Secrets with credentials to pull images from a private registry - imagePullSecrets: [] ## Repo Server repoServer: @@ -1749,6 +1758,10 @@ repoServer: # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" # IfNotPresent + # -- Secrets with credentials to pull images from a private registry + # @default -- `[]` (defaults to global.imagePullSecrets) + imagePullSecrets: [] + # -- Additional command line arguments to pass to repo server extraArgs: [] @@ -1978,9 +1991,6 @@ repoServer: # minAvailable: 1 # maxUnavailable: 0 - # -- Secrets with credentials to pull images from a private registry - imagePullSecrets: [] - applicationSet: # -- Enable Application Set controller enabled: true @@ -2002,6 +2012,10 @@ applicationSet: # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- If defined, uses a Secret to pull an image from a private Docker registry or repository. + # @default -- `[]` (defaults to global.imagePullSecrets) + imagePullSecrets: [] + args: # -- The default metric address metricsAddr: :8080 @@ -2061,9 +2075,6 @@ applicationSet: # -- Prometheus ServiceMonitor labels additionalLabels: {} - # -- If defined, uses a Secret to pull an image from a private Docker registry or repository. - imagePullSecrets: [] - ## Application set service configuration service: # -- Application set service annotations @@ -2226,6 +2237,7 @@ notifications: imagePullPolicy: "" # -- Secrets with credentials to pull images from a private registry + # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] # -- [Node selector] @@ -2663,6 +2675,7 @@ notifications: imagePullPolicy: "" # -- Secrets with credentials to pull images from a private registry + # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] service: From bbecd7445d534784589c368408609521d6255761 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 11 Oct 2022 14:28:45 +0200 Subject: [PATCH 0393/1248] chore(argo-cd): Organise cloud providers resources in sub-folders (#1535) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-server/{alb-grpc-service.yaml => aws/service.yaml} | 0 .../templates/argocd-server/{ => gke}/backendconfig.yaml | 0 .../templates/argocd-server/{ => gke}/frontendconfig.yaml | 0 .../{managedCertificate.yaml => gke/managedcertificate.yaml} | 0 .../templates/argocd-server/{ => openshift}/route.yaml | 0 6 files changed, 2 insertions(+), 2 deletions(-) rename charts/argo-cd/templates/argocd-server/{alb-grpc-service.yaml => aws/service.yaml} (100%) rename charts/argo-cd/templates/argocd-server/{ => gke}/backendconfig.yaml (100%) rename charts/argo-cd/templates/argocd-server/{ => gke}/frontendconfig.yaml (100%) rename charts/argo-cd/templates/argocd-server/{managedCertificate.yaml => gke/managedcertificate.yaml} (100%) rename charts/argo-cd/templates/argocd-server/{ => openshift}/route.yaml (100%) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4bd0b896..e9acb9e3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.18 +version: 5.5.19 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Documented defaults for imagePullSecrets" + - "[Changed]: Moved specific cloud provider resources to sub-folders" diff --git a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml rename to charts/argo-cd/templates/argocd-server/aws/service.yaml diff --git a/charts/argo-cd/templates/argocd-server/backendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-server/backendconfig.yaml rename to charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml diff --git a/charts/argo-cd/templates/argocd-server/frontendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-server/frontendconfig.yaml rename to charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml diff --git a/charts/argo-cd/templates/argocd-server/managedCertificate.yaml b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-server/managedCertificate.yaml rename to charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml diff --git a/charts/argo-cd/templates/argocd-server/route.yaml b/charts/argo-cd/templates/argocd-server/openshift/route.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-server/route.yaml rename to charts/argo-cd/templates/argocd-server/openshift/route.yaml From 6b523e3b0b184a48648b3309bfa9283434ea4cee Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 11 Oct 2022 15:52:31 +0200 Subject: [PATCH 0394/1248] feat(argo-cd): Add API version overrides for PDB and GKE (#1524) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 +- charts/argo-cd/README.md | 7 ++ charts/argo-cd/README.md.gotmpl | 5 ++ charts/argo-cd/templates/_helpers.tpl | 46 ----------- charts/argo-cd/templates/_versions.tpl | 78 +++++++++++++++++++ .../argocd-application-controller/pdb.yaml | 2 +- .../webhook-ingress.yaml | 12 +-- .../templates/argocd-repo-server/hpa.yaml | 6 +- .../templates/argocd-repo-server/pdb.yaml | 2 +- .../templates/argocd-server/certificate.yaml | 12 +-- .../argocd-server/gke/backendconfig.yaml | 2 +- .../argo-cd/templates/argocd-server/hpa.yaml | 6 +- .../templates/argocd-server/ingress-grpc.yaml | 8 +- .../templates/argocd-server/ingress.yaml | 16 ++-- .../argo-cd/templates/argocd-server/pdb.yaml | 2 +- charts/argo-cd/templates/dex/pdb.yaml | 2 +- charts/argo-cd/templates/redis/pdb.yaml | 2 +- charts/argo-cd/values.yaml | 8 +- 18 files changed, 130 insertions(+), 91 deletions(-) create mode 100644 charts/argo-cd/templates/_versions.tpl diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e9acb9e3..21e0cdce 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.19 +version: 5.5.20 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Moved specific cloud provider resources to sub-folders" + - "[Added]: API version override for PDB and Google Cloud." + - "[Changed]: Moved all API versions in dedicated helper." diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 67932b25..e6f8b4fd 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -101,6 +101,11 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=`. + ### 5.5.0 This version introduces new `configs.params` section that replaces command line arguments for containers. @@ -329,7 +334,9 @@ NAME: my-release |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of certmanager resources rendered by this helm chart | +| apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | +| apiVersionOverrides.pdb | string | `""` | String to override apiVersion of pod disruption budgets rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 1eed73b5..03b63f44 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -100,6 +100,11 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=`. + ### 5.5.0 This version introduces new `configs.params` section that replaces command line arguments for containers. diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 80121b7a..73e86d1c 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -216,41 +216,6 @@ app.kubernetes.io/component: {{ .component }} {{- end }} {{- end }} -{{/* -Return the appropriate apiVersion for ingress -*/}} -{{- define "argo-cd.ingress.apiVersion" -}} -{{- if .Values.apiVersionOverrides.ingress -}} -{{- print .Values.apiVersionOverrides.ingress -}} -{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" $) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" $) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for autoscaling -*/}} -{{- define "argo-cd.autoscaling.apiVersion" -}} -{{- if .Values.apiVersionOverrides.autoscaling -}} -{{- print .Values.apiVersionOverrides.autoscaling -}} -{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" $) -}} -{{- print "autoscaling/v2beta1" -}} -{{- else -}} -{{- print "autoscaling/v2" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the target Kubernetes version -*/}} -{{- define "argo-cd.kubeVersion" -}} - {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} -{{- end -}} - {{/* Argo Configuration Preset Values (Incluenced by Values configuration) */}} @@ -303,14 +268,3 @@ Return the default Argo CD app version {{- define "argo-cd.defaultTag" -}} {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} - -{{/* -Return the appropriate apiVersion for pod disruption budget -*/}} -{{- define "argo-cd.podDisruptionBudget.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "argo-cd.kubeVersion" $) -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "policy/v1" -}} -{{- end -}} -{{- end -}} diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl new file mode 100644 index 00000000..8e108bfe --- /dev/null +++ b/charts/argo-cd/templates/_versions.tpl @@ -0,0 +1,78 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Return the target Kubernetes version +*/}} +{{- define "argo-cd.kubeVersion" -}} +{{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} +{{- end }} + +{{/* +Return the appropriate apiVersion for autoscaling +*/}} +{{- define "argo-cd.apiVersion.autoscaling" -}} +{{- if .Values.apiVersionOverrides.autoscaling -}} +{{- print .Values.apiVersionOverrides.autoscaling -}} +{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} +{{- print "autoscaling/v2beta1" -}} +{{- else -}} +{{- print "autoscaling/v2" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for ingress +*/}} +{{- define "argo-cd.apiVersion.ingress" -}} +{{- if .Values.apiVersionOverrides.ingress -}} +{{- print .Values.apiVersionOverrides.ingress -}} +{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" .) -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for pod disruption budget +*/}} +{{- define "argo-cd.apiVersion.pdb" -}} +{{- if .Values.apiVersionOverrides.pdb -}} +{{- print .Values.apiVersionOverrides.pdb -}} +{{- else if semverCompare "<1.21-0" (include "argo-cd.kubeVersion" .) -}} +{{- print "policy/v1beta1" -}} +{{- else -}} +{{- print "policy/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for cert-manager +*/}} +{{- define "argo-cd.apiVersion.cert-manager" -}} +{{- if .Values.apiVersionOverrides.certmanager -}} +{{- print .Values.apiVersionOverrides.certmanager -}} +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}} +{{- print "cert-manager.io/v1" -}} +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}} +{{- print "cert-manager.io/v1alpha3" -}} +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}} +{{- print "cert-manager.io/v1alpha2" -}} +{{- else -}} +{{- print "certmanager.k8s.io/v1alpha1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for GKE resources +*/}} +{{- define "argo-cd.apiVersions.cloudgoogle" -}} +{{- if .Values.apiVersionOverrides.cloudgoogle -}} +{{- print .Values.apiVersionOverrides.cloudgoogle -}} +{{- else if .Capabilities.APIVersions.Has "cloud.google.com/v1" -}} +{{- print "cloud.google.com/v1" -}} +{{- else -}} +{{- print "cloud.google.com/v1beta1" -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml index 536294f1..fdd27b87 100644 --- a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.controller.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml index 4d1291ba..affeec86 100644 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml @@ -4,7 +4,7 @@ {{- $paths := .Values.applicationSet.webhook.ingress.paths -}} {{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}} {{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}} -apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} kind: Ingress metadata: {{- if .Values.applicationSet.webhook.ingress.annotations }} @@ -20,7 +20,7 @@ metadata: {{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }} {{- end }} spec: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.applicationSet.webhook.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} @@ -36,11 +36,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} {{- end }} backend: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: @@ -63,11 +63,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} {{- end }} backend: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index d07478ed..d7f74320 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -1,5 +1,5 @@ {{- if .Values.repoServer.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.autoscaling.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} kind: HorizontalPodAutoscaler metadata: labels: @@ -17,7 +17,7 @@ spec: - type: Resource resource: name: memory - {{- if eq (include "argo-cd.autoscaling.apiVersion" $) "autoscaling/v2beta1" }} + {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} targetAverageUtilization: {{ . }} {{- else }} target: @@ -29,7 +29,7 @@ spec: - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.autoscaling.apiVersion" $) "autoscaling/v2beta1" }} + {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} targetAverageUtilization: {{ . }} {{- else }} target: diff --git a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml index d4a4c93a..422a5b73 100644 --- a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.repoServer.pdb.enabled }} -apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.repoServer.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 33b34891..617c1495 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,15 +1,5 @@ {{- if .Values.server.certificate.enabled -}} -{{- if .Values.apiVersionOverrides.certmanager -}} -apiVersion: {{ .Values.apiVersionOverrides.certmanager }} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" }} -apiVersion: cert-manager.io/v1 -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }} -apiVersion: cert-manager.io/v1alpha3 -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" }} -apiVersion: cert-manager.io/v1alpha2 -{{- else }} -apiVersion: certmanager.k8s.io/v1alpha1 -{{- end }} +apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: name: {{ template "argo-cd.server.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml index 16c99c0a..69a42093 100644 --- a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.GKEbackendConfig.enabled }} -apiVersion: cloud.google.com/v1beta1 +apiVersion: {{ include "argo-cd.apiVersions.cloudgoogle" . }} kind: BackendConfig metadata: name: {{ template "argo-cd.server.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index c8df5017..af107b7f 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.autoscaling.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} kind: HorizontalPodAutoscaler metadata: labels: @@ -17,7 +17,7 @@ spec: - type: Resource resource: name: memory - {{- if eq (include "argo-cd.autoscaling.apiVersion" $) "autoscaling/v2beta1" }} + {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} targetAverageUtilization: {{ . }} {{- else }} target: @@ -29,7 +29,7 @@ spec: - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.autoscaling.apiVersion" $) "autoscaling/v2beta1" }} + {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} targetAverageUtilization: {{ . }} {{- else }} target: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index fb8cabae..faae5cfc 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -4,7 +4,7 @@ {{- $paths := .Values.server.ingressGrpc.paths -}} {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} {{- $pathType := .Values.server.ingressGrpc.pathType -}} -apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} kind: Ingress metadata: {{- if .Values.server.ingressGrpc.annotations }} @@ -20,7 +20,7 @@ metadata: {{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }} {{- end }} spec: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingressGrpc.ingressClassName }} ingressClassName: {{ . }} {{- end }} @@ -63,11 +63,11 @@ spec: {{- end -}} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} {{- end }} backend: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 576b94df..aeb60d24 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -4,7 +4,7 @@ {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} {{- $pathType := .Values.server.ingress.pathType -}} -apiVersion: {{ include "argo-cd.ingress.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} kind: Ingress metadata: {{- if .Values.server.ingress.annotations }} @@ -24,7 +24,7 @@ metadata: {{- toYaml .Values.server.ingress.labels | nindent 4 }} {{- end }} spec: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} @@ -41,11 +41,11 @@ spec: {{- range $p := $paths }} {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} - path: {{ $p }} - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: Prefix {{- end }} backend: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ template "argo-cd.server.fullname" $ }}-grpc port: @@ -60,11 +60,11 @@ spec: {{- end }} {{- end }} - path: {{ $p }} - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} {{- end }} backend: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: @@ -87,11 +87,11 @@ spec: {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} {{- end }} backend: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: diff --git a/charts/argo-cd/templates/argocd-server/pdb.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml index 29784ce6..edc45042 100644 --- a/charts/argo-cd/templates/argocd-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-server/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.pdb.enabled }} -apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.server.fullname" . }} diff --git a/charts/argo-cd/templates/dex/pdb.yaml b/charts/argo-cd/templates/dex/pdb.yaml index 7a16d8bf..25c61179 100644 --- a/charts/argo-cd/templates/dex/pdb.yaml +++ b/charts/argo-cd/templates/dex/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.dex.pdb.enabled }} -apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.dex.fullname" . }} diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 4de55b7e..04c06d6f 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.redis.pdb.enabled }} -apiVersion: {{ include "argo-cd.podDisruptionBudget.apiVersion" . }} +apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-cd.redis.fullname" . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1111d8f9..bd9dd124 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -14,10 +14,14 @@ kubeVersionOverride: "" apiVersionOverrides: # -- String to override apiVersion of certmanager resources rendered by this helm chart certmanager: "" # cert-manager.io/v1 - # -- String to override apiVersion of ingresses rendered by this helm chart - ingress: "" # networking.k8s.io/v1beta1 + # -- String to override apiVersion of GKE resources rendered by this helm chart + cloudgoogle: "" # cloud.google.com/v1 # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 + # -- String to override apiVersion of ingresses rendered by this helm chart + ingress: "" # networking.k8s.io/v1beta1 + # -- String to override apiVersion of pod disruption budgets rendered by this helm chart + pdb: "" # policy/v1 # -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles From 3351b30ee65a2cce0747a48c6d7c669d6548f6a6 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 11 Oct 2022 16:11:15 +0200 Subject: [PATCH 0395/1248] chore(argo-cd): Use same resources for repo-server copyutil (#1531) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/NOTES.txt | 3 +++ .../templates/argocd-repo-server/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 11 ----------- 5 files changed, 7 insertions(+), 16 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 21e0cdce..3726706e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.20 +version: 5.5.21 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,5 +22,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: API version override for PDB and Google Cloud." - - "[Changed]: Moved all API versions in dedicated helper." + - "[Fixed]: Init container for repo-server should use main container resources" + - "[Removed]: Section repoServer.copyutil that is no longer needed" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e6f8b4fd..35b0b49d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -490,7 +490,6 @@ NAME: my-release | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | | repoServer.containerSecurityContext | object | `{}` | Repo server container-level security context | -| repoServer.copyutil.resources | object | `{}` | Resource limits and requests for the copyutil initContainer | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index bebdb822..81c64ce1 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -34,6 +34,9 @@ DEPRECATED option repoServer.logFormat - Use configs.params.repoServer.log.forma {{- if .Values.repoServer.logLevel }} DEPRECATED option repoServer.logLevel - Use configs.params.repoServer.log.level {{- end }} +{{- if .Values.repoServer.copyutil }} +REMOVED option repoSever.copyutil.resources - Use repoServer.resources +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index a1f600dc..5a36842b 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -306,7 +306,7 @@ spec: image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} name: copyutil - {{- with .Values.repoServer.copyutil.resources }} + {{- with .Values.repoServer.resources }} resources: {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index bd9dd124..024a9ffe 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1957,17 +1957,6 @@ repoServer: # - list # - watch - # Init container to copy argocd binary - copyutil: - # -- Resource limits and requests for the copyutil initContainer - resources: {} - # limits: - # cpu: 50m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi - # -- Init containers to add to the repo server pods initContainers: [] # - name: download-tools From 32d86666beca6f7584a6f7b8f6d29a6f06ce0c70 Mon Sep 17 00:00:00 2001 From: Marc Brugger Date: Wed, 12 Oct 2022 00:19:24 +0200 Subject: [PATCH 0396/1248] Add support for additional initContainers and additional volume/volumeMounts (#1542) fix github action to handle crd installation correctly Signed-off-by: bakito Signed-off-by: bakito --- .github/workflows/lint-and-test.yml | 4 +++- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 3 +++ .../templates/deployment.yaml | 10 ++++++++ charts/argocd-image-updater/values.yaml | 23 +++++++++++++++++++ 5 files changed, 41 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 147f0b6b..e29b4871 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -64,7 +64,9 @@ jobs: if: | contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') run: | - kubectl apply -f charts/argo-cd/templates/crds + helm repo add dandydeveloper https://dandydeveloper.github.io/charts/ + helm dependency build charts/argo-cd/ + helm template charts/argo-cd/ -s templates/crds/* | kubectl apply -f - - name: Skip HPA tests of ArgoCD if: contains(steps.list-changed.outputs.changed_charts, 'argo-cd') diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index a5b2ecd7..049ed8ce 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.0 +version: 0.8.1 appVersion: v0.12.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update to argocd-image-updater v0.12" + - "[Added]: Add support for additional initContainers and additional volume/volumeMounts" diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 7d80daac..10259e19 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -91,6 +91,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | image.repository | string | `"quay.io/argoprojlabs/argocd-image-updater"` | Default image repository | | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | | imagePullSecrets | list | `[]` | ImagePullSecrets for the image updater deployment | +| initContainers | list | `[]` | Init containers to add to the image updater pod | | metrics.enabled | bool | `false` | Deploy metrics service | | metrics.service.annotations | object | `{}` | Metrics service annotations | | metrics.service.labels | object | `{}` | Metrics service labels | @@ -115,6 +116,8 @@ The `config.registries` value can be used exactly as it looks in the documentati | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | tolerations | list | `[]` | Kubernetes toleration settings for the deployment | | updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | +| volumeMounts | list | `[]` | Additional volumeMounts to the image updater main container | +| volumes | list | `[]` | Additional volumes to the image updater pod | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index a80d26be..61136fb8 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -138,6 +138,9 @@ spec: - mountPath: /scripts name: authscripts {{- end }} + {{- with .Values.volumeMounts }} + {{- toYaml . | nindent 10}} + {{- end }} volumes: - configMap: items: @@ -164,6 +167,9 @@ spec: name: argocd-image-updater-ssh-config optional: true name: ssh-config + {{- with .Values.volumes }} + {{- toYaml . | nindent 6}} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -176,3 +182,7 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.initContainers }} + initContainers: + {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index d6ebd232..9ac3e1ef 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -42,6 +42,29 @@ extraEnv: [] # - name: AWS_REGION # value: "us-west-1" +# -- Init containers to add to the image updater pod +initContainers: [] + # - name: download-tools + # image: alpine:3.8 + # command: [sh, -c] + # args: + # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && + # mv linux-amd64/helm /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + +# -- Additional volumeMounts to the image updater main container +volumeMounts: [] + +# -- Additional volumes to the image updater pod +volumes: [] + ## Use init containers to configure custom tooling + ## https://argo-cd.readthedocs.io/en/stable/operator-manual/custom_tools/ + ## When using the volumes & volumeMounts section bellow, please comment out those above. + # - name: custom-tools + # emptyDir: {} + config: # -- API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`) applicationsAPIKind: "" From b102a1cfab40346081ac9d175c9eed9e5e9ef06e Mon Sep 17 00:00:00 2001 From: Eddie Knight Date: Wed, 12 Oct 2022 02:29:44 -0500 Subject: [PATCH 0397/1248] chore(github): Added CLOMoitor exclusions related to dependency tracking (#1543) --- .clomonitor.yml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 .clomonitor.yml diff --git a/.clomonitor.yml b/.clomonitor.yml new file mode 100644 index 00000000..9f1fff8c --- /dev/null +++ b/.clomonitor.yml @@ -0,0 +1,21 @@ +# CLOMonitor metadata file +# This file must be located at the root of the repository + +# Checks exemptions +exemptions: + - check: dependency_update_tool + reason: "Helm deps are not currently scanned. Maintainers are watching developments to dependabot-core #2237" # Justification of this exemption (mandatory, it will be displayed on the UI) + - check: sbom + reason: "Tracking Helm dependencies is not yet a stable practice." + +# TODO: +# License scanning information +# licenseScanning: + # URL with the repository's license scanning results + # + # CLOMonitor can extract license scanning results from FOSSA and Snyk badges + # in the repository README.md file automatically. If your repository uses a + # different scanning solution, this url can be set to pass the corresponding + # check. + # url: https://license-scanning-results.url + From 9b2f24514c1e8b92d7a5c419f8bd551fd04a3e8c Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 12 Oct 2022 10:04:10 +0200 Subject: [PATCH 0398/1248] chore(argo-cd): Sync ApplicationSet deployment with upstream (#1545) Signed-off-by: Petr Drastil Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 +- .../argocd-applicationset/deployment.yaml | 91 +++++++++---------- .../templates/argocd-applicationset/role.yaml | 22 ++--- 3 files changed, 54 insertions(+), 64 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3726706e..b86de950 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.21 +version: 5.5.22 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,5 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Init container for repo-server should use main container resources" - - "[Removed]: Section repoServer.copyutil that is no longer needed" + - "[Changed]: Synced ApplicationSet deployment with upstream manifest" diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 93fa1e34..2dbc5b70 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "argo-cd.applicationSet.fullname" . }} + name: {{ include "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: @@ -28,13 +28,13 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} securityContext: {{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.applicationSet.podSecurityContext) | nindent 8 }} + serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} - securityContext: - {{- toYaml .Values.applicationSet.securityContext | nindent 12 }} + image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} command: - entrypoint.sh - argocd-applicationset-controller @@ -47,7 +47,6 @@ spec: {{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }} - --enable-leader-election=true {{- end }} - - --namespace={{ .Release.Namespace }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - --policy={{ .Values.applicationSet.args.policy }} - --debug={{ .Values.applicationSet.args.debug }} @@ -55,66 +54,49 @@ spec: {{- with .Values.applicationSet.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} - image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} - ports: - - name: http - containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }} - protocol: TCP - - name: metrics - containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }} - protocol: TCP - - name: webhook - containerPort: 7000 - protocol: TCP - {{- with .Values.applicationSet.extraEnv }} env: - {{- toYaml . | nindent 12 }} - {{- end }} + {{- with .Values.applicationSet.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} {{- end }} + ports: + - name: metrics + containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }} + protocol: TCP + - name: probe + containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }} + protocol: TCP + - name: webhook + containerPort: 7000 + protocol: TCP resources: {{- toYaml .Values.applicationSet.resources | nindent 12 }} + securityContext: + {{- toYaml .Values.applicationSet.securityContext | nindent 12 }} volumeMounts: - - mountPath: /tmp - name: tmp-dir - {{- if .Values.configs.knownHosts }} + {{- with .Values.applicationSet.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} - mountPath: /app/config/ssh name: ssh-known-hosts - {{- end }} - mountPath: /app/config/tls name: tls-certs - mountPath: /app/config/gpg/source name: gpg-keys - mountPath: /app/config/gpg/keys name: gpg-keyring - {{- with .Values.applicationSet.extraVolumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} + - mountPath: /tmp + name: tmp {{- with .Values.applicationSet.extraContainers }} {{- toYaml . | nindent 8 }} {{- end }} - volumes: - - emptyDir: {} - name: tmp-dir - {{- if .Values.configs.knownHosts }} - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - {{- end }} - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - configMap: - name: argocd-gpg-keys-cm - name: gpg-keys - - emptyDir: {} - name: gpg-keyring - {{- with .Values.applicationSet.extraVolumes }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -130,4 +112,21 @@ spec: {{- with .Values.applicationSet.priorityClassName }} priorityClassName: {{ . }} {{- end }} + volumes: + {{- with .Values.applicationSet.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm + - name: gpg-keyring + emptyDir: {} + - name: tmp + emptyDir: {} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index dc83f06a..15211844 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ template "argo-cd.applicationSet.fullname" . }} + name: {{ include "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} rules: @@ -10,7 +10,6 @@ rules: - argoproj.io resources: - applications - - appprojects - applicationsets - applicationsets/finalizers verbs: @@ -29,37 +28,30 @@ rules: - get - patch - update + - apiGroups: + - argoproj.io + resources: + - appprojects + verbs: + - get - apiGroups: - "" resources: - events verbs: - create - - delete - get - list - patch - - update - watch - apiGroups: - "" resources: - secrets - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - configmaps verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - apps From 14d2b8313ecf8ab8de02de9e3d3aacf7f5a6fe8e Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Wed, 12 Oct 2022 17:31:54 +0900 Subject: [PATCH 0399/1248] feat(argocd-apps): Add ArgoCD ApplicationSet (#1521) * Add ArgoCD ApplicationSet Signed-off-by: toyamagu Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- .github/workflows/lint-and-test.yml | 5 +- charts/argocd-apps/Chart.yaml | 4 +- charts/argocd-apps/README.md | 1 + .../ci/applicationsets-values.yaml | 45 ++++++++++++ .../templates/applicationsets.yaml | 73 +++++++++++++++++++ charts/argocd-apps/values.yaml | 47 ++++++++++++ 6 files changed, 171 insertions(+), 4 deletions(-) create mode 100644 charts/argocd-apps/ci/applicationsets-values.yaml create mode 100644 charts/argocd-apps/templates/applicationsets.yaml diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index e29b4871..2eb2beb1 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -59,10 +59,11 @@ jobs: if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml - + - name: Deploy latest ArgoCD CRDs when testing ArgoCD extensions if: | - contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') + contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') || + contains(steps.list-changed.outputs.changed_charts, 'argocd-apps') run: | helm repo add dandydeveloper https://dandydeveloper.github.io/charts/ helm dependency build charts/argo-cd/ diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 6a3fda06..c304fee2 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.1 +version: 0.0.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add additional Applications and Projects" + - "[Added]: Add ApplicationSets" diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index ea205caa..991f55b2 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -25,6 +25,7 @@ $ helm install my-release argo/argocd-apps | Key | Type | Default | Description | |-----|------|---------|-------------| | applications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | +| applicationsets | list | `[]` (See [values.yaml]) | Deploy Argo CD ApplicationSets within this helm release | | projects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | ---------------------------------------------- diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml new file mode 100644 index 00000000..a76ed41a --- /dev/null +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -0,0 +1,45 @@ +# Test with applicationsets + +applicationsets: +- name: guestbook + namespace: default # Only for test purpose. + additionalLabels: {} + additionalAnnotations: {} + # See PR #10026 (ArgoCD v2.5 or later) + # goTemplate: false + generators: + - git: + repoURL: https://github.com/argoproj/argocd-example-apps.git + revision: HEAD + directories: + - path: guestbook + - path: kustomize-* + template: + metadata: + name: '{{path.basename}}' + labels: {} + annotations: {} + spec: + project: default + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: '{{path}}' + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas + info: + - name: url + value: https://argoproj.github.io/ + syncPolicy: + # Set Application finalizer + preserveResourcesOnDeletion: false diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml new file mode 100644 index 00000000..20898d0a --- /dev/null +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -0,0 +1,73 @@ + +{{- range .Values.applicationsets }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + {{- with .additionalAnnotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- with .additionalLabels }} + labels: + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ .name }} + {{- with .namespace }} + namespace: {{ . }} + {{- end }} +spec: + {{- if hasKey . "goTemplate" }} + goTemplate: {{ .goTemplate }} + {{- end }} + {{- with .generators }} + generators: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .syncPolicy }} + syncPolicy: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .template }} + template: + {{- with .metadata }} + metadata: + {{- with .annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | squote }} + {{- end }} + {{- end }} + {{- with .labels }} + labels: + {{- toYaml . | nindent 8 }} + {{- end }} + name: {{ .name | squote }} + {{- with .namespace }} + namespace: {{ . | squote }} + {{- end }} + {{- end }} + {{- with .spec }} + spec: + project: {{ tpl .project $ }} + source: + {{- toYaml .source | nindent 8 }} + destination: + {{- toYaml .destination | nindent 8 }} + {{- with .syncPolicy }} + syncPolicy: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .ignoreDifferences }} + ignoreDifferences: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .info }} + info: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end -}} + {{- end }} +{{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index ec3cbb41..0421a377 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -74,3 +74,50 @@ projects: [] # manualSync: true # signatureKeys: # - keyID: ABCDEF1234567890 + +# -- Deploy Argo CD ApplicationSets within this helm release +# @default -- `[]` (See [values.yaml]) +## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/ +applicationsets: [] +# - name: guestbook +# namespace: argocd +# additionalLabels: {} +# additionalAnnotations: {} +# # See PR #10026 (ArgoCD v2.5 or later) +# # goTemplate: false +# generators: +# - git: +# repoURL: https://github.com/argoproj/argocd-example-apps.git +# revision: HEAD +# directories: +# - path: guestbook +# - path: kustomize-* +# template: +# metadata: +# name: '{{path.basename}}' +# labels: {} +# annotations: {} +# spec: +# project: default +# source: +# repoURL: https://github.com/argoproj/argocd-example-apps.git +# targetRevision: HEAD +# path: '{{path}}' +# destination: +# server: https://kubernetes.default.svc +# namespace: default +# syncPolicy: +# automated: +# prune: false +# selfHeal: false +# ignoreDifferences: +# - group: apps +# kind: Deployment +# jsonPointers: +# - /spec/replicas +# info: +# - name: url +# value: https://argoproj.github.io/ +# syncPolicy: +# # Set Application finalizer +# preserveResourcesOnDeletion: false From d75f8e615a7a7ad9ae446c95d3c7e1c28909d7e7 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Wed, 12 Oct 2022 06:46:06 -0500 Subject: [PATCH 0400/1248] fix(argo-cd): Fix missed apiVersion pattern change (#1547) Signed-off-by: jmeridth --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b86de950..8d5aa746 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.22 +version: 5.5.23 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Synced ApplicationSet deployment with upstream manifest" + - "[Fixed]: Fix missed apiVersion pattern change diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index faae5cfc..54304007 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -36,11 +36,11 @@ spec: {{- end -}} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} {{- end }} backend: - {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }} + {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ $serviceName }} port: From 9743219ace519f39c8bf1afede70b48803cef885 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 12 Oct 2022 14:55:33 +0200 Subject: [PATCH 0401/1248] chore(argo-cd): Improve PDB implementation and documentation (#1544) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +- charts/argo-cd/README.md | 54 +++-- charts/argo-cd/README.md.gotmpl | 1 + .../argocd-application-controller/pdb.yaml | 20 +- .../templates/argocd-applicationset/pdb.yaml | 26 +++ .../argocd-notifications/bots/slack/pdb.yaml | 26 +++ .../templates/argocd-notifications/pdb.yaml | 26 +++ .../templates/argocd-repo-server/pdb.yaml | 20 +- .../argo-cd/templates/argocd-server/pdb.yaml | 20 +- charts/argo-cd/templates/dex/pdb.yaml | 22 +- charts/argo-cd/templates/redis/pdb.yaml | 23 +- charts/argo-cd/values.yaml | 214 ++++++++++++------ 12 files changed, 327 insertions(+), 133 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-applicationset/pdb.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/pdb.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8d5aa746..de82880d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.23 +version: 5.5.24 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,8 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Fix missed apiVersion pattern change + - "[Added]: PDB for Application Set controller" + - "[Added]: PDB for Notifications controller" + - "[Added]: PDB for Slack bot" + - "[Fixed]: PDB for Redis is not created if redis-ha is enabled" + - "[Changed]: Documentation for PDB usage" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 35b0b49d..95d64340 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -448,8 +448,10 @@ NAME: my-release | controller.name | string | `"application-controller"` | Application controller name string | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | -| controller.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the application controller | +| controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller | | controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb | +| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.podLabels | object | `{}` | Labels to be added to application controller pods | | controller.priorityClassName | string | `""` | Priority class for the application controller pods | @@ -520,9 +522,11 @@ NAME: my-release | repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | repoServer.name | string | `"repo-server"` | Repo server name | | repoServer.nodeSelector | object | `{}` | [Node selector] | -| repoServer.pdb.annotations | object | `{}` | Annotations to be added to Repo server pdb | -| repoServer.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the Repo server | -| repoServer.pdb.labels | object | `{}` | Labels to be added to Repo server pdb | +| repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb | +| repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server | +| repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb | +| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | | repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | | repoServer.priorityClassName | string | `""` | Priority class for the repo server | @@ -644,9 +648,11 @@ NAME: my-release | server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | server.name | string | `"server"` | Argo CD server name | | server.nodeSelector | object | `{}` | [Node selector] | -| server.pdb.annotations | object | `{}` | Annotations to be added to server pdb | -| server.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the server | -| server.pdb.labels | object | `{}` | Labels to be added to server pdb | +| server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb | +| server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server | +| server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb | +| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | | server.priorityClassName | string | `""` | Priority class for the Argo CD server | @@ -734,8 +740,10 @@ NAME: my-release | dex.name | string | `"dex-server"` | Dex name | | dex.nodeSelector | object | `{}` | [Node selector] | | dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb | -| dex.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the Dex server | +| dex.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Dex server | | dex.pdb.labels | object | `{}` | Labels to be added to Dex server pdb | +| dex.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| dex.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods | | dex.podLabels | object | `{}` | Labels to be added to the Dex server pods | | dex.priorityClassName | string | `""` | Priority class for dex | @@ -802,9 +810,11 @@ NAME: my-release | redis.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | redis.name | string | `"redis"` | Redis name | | redis.nodeSelector | object | `{}` | [Node selector] | -| redis.pdb.annotations | object | `{}` | Annotations to be added to Redis server pdb | -| redis.pdb.enabled | bool | `false` | Deploy a Poddisruptionbudget for the Redis server | -| redis.pdb.labels | object | `{}` | Labels to be added to Redis server pdb | +| redis.pdb.annotations | object | `{}` | Annotations to be added to Redis pdb | +| redis.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Redis | +| redis.pdb.labels | object | `{}` | Labels to be added to Redis pdb | +| redis.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| redis.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods | | redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | | redis.priorityClassName | string | `""` | Priority class for redis | @@ -873,7 +883,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | -| applicationSet.enabled | bool | `true` | Enable Application Set controller | +| applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | | applicationSet.extraEnv | list | `[]` | Environment variables to pass to the controller | @@ -902,11 +912,16 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | applicationSet.name | string | `"applicationset-controller"` | Application Set controller name string | | applicationSet.nodeSelector | object | `{}` | [Node selector] | +| applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | +| applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | +| applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | +| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods | | applicationSet.podLabels | object | `{}` | Labels for the controller pods | | applicationSet.podSecurityContext | object | `{}` | Pod Security Context | | applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | -| applicationSet.replicaCount | int | `1` | The number of controller pods to run | +| applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | | applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. | | applicationSet.securityContext | object | `{}` | Security Context | | applicationSet.service.annotations | object | `{}` | Application set service annotations | @@ -942,6 +957,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | | notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | +| notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb | +| notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot | +| notifications.bots.slack.pdb.labels | object | `{}` | Labels to be added to Slack bot pdb | +| notifications.bots.slack.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| notifications.bots.slack.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | | notifications.bots.slack.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | | notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | @@ -955,7 +975,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | | notifications.containerSecurityContext | object | `{}` | Container Security Context | | notifications.context | object | `{}` | Define user-defined context | -| notifications.enabled | bool | `true` | Enable Notifications controller | +| notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | | notifications.extraEnv | list | `[]` | Additional container environment variables | | notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | @@ -980,6 +1000,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.name | string | `"notifications-controller"` | Notifications controller name string | | notifications.nodeSelector | object | `{}` | [Node selector] | | notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook | +| notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb | +| notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller | +| notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb | +| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods | | notifications.priorityClassName | string | `""` | Priority class for the controller pods | @@ -1033,6 +1058,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[PodDisruptionBudget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 03b63f44..a3eb7d3b 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -492,6 +492,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[PodDisruptionBudget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ diff --git a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml index fdd27b87..8f2531ff 100644 --- a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml @@ -2,23 +2,23 @@ apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - {{- with .Values.controller.pdb.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} + {{- with .Values.controller.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.controller.pdb.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} spec: - {{- if .Values.controller.pdb.minAvailable }} - minAvailable: {{ .Values.controller.pdb.minAvailable }} - {{- else if .Values.controller.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} + {{- with .Values.controller.pdb.maxUnavailable }} + maxUnavailable: {{ . }} {{- else }} - minAvailable: 0 + minAvailable: {{ .Values.controller.pdb.minAvailable | default 0 }} {{- end }} selector: matchLabels: diff --git a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml new file mode 100644 index 00000000..d101d576 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.applicationSet.enabled .Values.applicationSet.pdb.enabled }} +apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +kind: PodDisruptionBudget +metadata: + name: {{ include "argo-cd.applicationSet.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- with .Values.applicationSet.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.applicationSet.pdb.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- with .Values.applicationSet.pdb.maxUnavailable }} + maxUnavailable: {{ . }} + {{- else }} + minAvailable: {{ .Values.applicationSet.pdb.minAvailable | default 0 }} + {{- end }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml new file mode 100644 index 00000000..458af6f7 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }} +apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +kind: PodDisruptionBudget +metadata: + name: {{ include "argo-cd.notifications.fullname" . }}-bot + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} + {{- with .Values.notifications.bots.slack.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.notifications.bots.slack.pdb.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- with .Values.notifications.bots.slack.pdb.maxUnavailable }} + maxUnavailable: {{ . }} + {{- else }} + minAvailable: {{ .Values.notifications.bots.slack.pdb.minAvailable | default 0 }} + {{- end }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/pdb.yaml new file mode 100644 index 00000000..711495a2 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/pdb.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.notifications.enabled .Values.notifications.pdb.enabled }} +apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +kind: PodDisruptionBudget +metadata: + name: {{ include "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- with .Values.notifications.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.notifications.pdb.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- with .Values.notifications.pdb.maxUnavailable }} + maxUnavailable: {{ . }} + {{- else }} + minAvailable: {{ .Values.notifications.pdb.minAvailable | default 0 }} + {{- end }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml index 422a5b73..7202bd39 100644 --- a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml @@ -2,23 +2,23 @@ apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} - {{- with .Values.repoServer.pdb.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} + {{- with .Values.repoServer.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.repoServer.pdb.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} spec: - {{- if .Values.repoServer.pdb.minAvailable }} - minAvailable: {{ .Values.repoServer.pdb.minAvailable }} - {{- else if .Values.repoServer.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.repoServer.pdb.maxUnavailable }} + {{- with .Values.repoServer.pdb.maxUnavailable }} + maxUnavailable: {{ . }} {{- else }} - minAvailable: 0 + minAvailable: {{ .Values.repoServer.pdb.minAvailable | default 0 }} {{- end }} selector: matchLabels: diff --git a/charts/argo-cd/templates/argocd-server/pdb.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml index edc45042..81d3367b 100644 --- a/charts/argo-cd/templates/argocd-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-server/pdb.yaml @@ -2,23 +2,23 @@ apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- with .Values.server.pdb.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} + {{- with .Values.server.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.server.pdb.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} spec: - {{- if .Values.server.pdb.minAvailable }} - minAvailable: {{ .Values.server.pdb.minAvailable }} - {{- else if .Values.server.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.server.pdb.maxUnavailable }} + {{- with .Values.server.pdb.maxUnavailable }} + maxUnavailable: {{ . }} {{- else }} - minAvailable: 0 + minAvailable: {{ .Values.server.pdb.minAvailable | default 0 }} {{- end }} selector: matchLabels: diff --git a/charts/argo-cd/templates/dex/pdb.yaml b/charts/argo-cd/templates/dex/pdb.yaml index 25c61179..caa2ab29 100644 --- a/charts/argo-cd/templates/dex/pdb.yaml +++ b/charts/argo-cd/templates/dex/pdb.yaml @@ -1,24 +1,24 @@ -{{- if .Values.dex.pdb.enabled }} +{{- if and .Values.dex.enabled .Values.dex.pdb.enabled }} apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: - name: {{ template "argo-cd.dex.fullname" . }} + name: {{ include "argo-cd.dex.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} - {{- with .Values.dex.pdb.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} + {{- with .Values.dex.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.dex.pdb.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} spec: - {{- if .Values.dex.pdb.minAvailable }} - minAvailable: {{ .Values.dex.pdb.minAvailable }} - {{- else if .Values.dex.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.dex.pdb.maxUnavailable }} + {{- with .Values.dex.pdb.maxUnavailable }} + maxUnavailable: {{ . }} {{- else }} - minAvailable: 0 + minAvailable: {{ .Values.dex.pdb.minAvailable | default 0 }} {{- end }} selector: matchLabels: diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 04c06d6f..57fb94b3 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -1,24 +1,25 @@ -{{- if .Values.redis.pdb.enabled }} +{{- $redisHa := index .Values "redis-ha" -}} +{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.pdb.enabled }} apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} kind: PodDisruptionBudget metadata: - name: {{ template "argo-cd.redis.fullname" . }} + name: {{ include "argo-cd.redis.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} - {{- with .Values.redis.pdb.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} + {{- with .Values.redis.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.redis.pdb.annotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} spec: - {{- if .Values.redis.pdb.minAvailable }} - minAvailable: {{ .Values.redis.pdb.minAvailable }} - {{- else if .Values.redis.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.redis.pdb.maxUnavailable }} + {{- with .Values.dex.pdb.maxUnavailable }} + maxUnavailable: {{ . }} {{- else }} - minAvailable: 0 + minAvailable: {{ .Values.redis.pdb.minAvailable | default 0 }} {{- end }} selector: matchLabels: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 024a9ffe..f630a092 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -364,11 +364,32 @@ extraObjects: [] # labels: # app.kubernetes.io/part-of: argocd -## Controller +## Application controller controller: # -- Application controller name string name: application-controller + # -- The number of application controller pods to run. + # Additional replicas will cause sharding of managed clusters across number of replicas. + replicas: 1 + + ## Application controller Pod Disruption Budget + ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + pdb: + # -- Deploy a [PodDisruptionBudget] for the application controller + enabled: false + # -- Labels to be added to application controller pdb + labels: {} + # -- Annotations to be added to application controller pdb + annotations: {} + # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) + # @default -- `""` (defaults to 0 if not specified) + minAvailable: "" + # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + ## Has higher precedence over `controller.pdb.minAvailable` + maxUnavailable: "" + + ## Application controller image image: # -- Repository to use for the application controller # @default -- `""` (defaults to global.image.repository) @@ -384,10 +405,6 @@ controller: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # -- The number of application controller pods to run. - # Additional replicas will cause sharding of managed clusters across number of replicas. - replicas: 1 - # -- DEPRECATED - Application controller commandline flags args: {} # DEPRECATED - Use configs.params to override @@ -404,7 +421,6 @@ controller: # # -- define the application controller `--repo-server-timeout-seconds` # repoServerTimeoutSeconds: "60" - # DEPRECATED - Use configs.params to override # -- Application controller log format. Either `text` or `json` # @default -- `""` (defaults to global.logging.format) @@ -635,18 +651,6 @@ controller: # name: custom-tools # subPath: helm - pdb: - # -- Labels to be added to application controller pdb - labels: {} - # -- Annotations to be added to application controller pdb - annotations: {} - - # -- Deploy a Poddisruptionbudget for the application controller - enabled: false - # minAvailable: 1 - # maxUnavailable: 0 - - ## Dex dex: # -- Enable dex @@ -689,6 +693,23 @@ dex: # -- Prometheus ServiceMonitor labels additionalLabels: {} + ## Dex Pod Disruption Budget + ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + pdb: + # -- Deploy a [PodDisruptionBudget] for the Dex server + enabled: false + # -- Labels to be added to Dex server pdb + labels: {} + # -- Annotations to be added to Dex server pdb + annotations: {} + # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) + # @default -- `""` (defaults to 0 if not specified) + minAvailable: "" + # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + ## Has higher precedence over `dex.pdb.minAvailable` + maxUnavailable: "" + + ## Dex image image: # -- Dex image repository repository: ghcr.io/dexidp/dex @@ -846,17 +867,6 @@ dex: # name: custom-tools # subPath: helm - pdb: - # -- Labels to be added to Dex server pdb - labels: {} - # -- Annotations to be added to Dex server pdb - annotations: {} - - # -- Deploy a Poddisruptionbudget for the Dex server - enabled: false - # minAvailable: 1 - # maxUnavailable: 0 - ## Redis redis: # -- Enable redis @@ -864,6 +874,23 @@ redis: # -- Redis name name: redis + ## Redis Pod Disruption Budget + ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + pdb: + # -- Deploy a [PodDisruptionBudget] for the Redis + enabled: false + # -- Labels to be added to Redis pdb + labels: {} + # -- Annotations to be added to Redis pdb + annotations: {} + # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) + # @default -- `""` (defaults to 0 if not specified) + minAvailable: "" + # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + ## Has higher precedence over `redis.pdb.minAvailable` + maxUnavailable: "" + + ## Redis image image: # -- Redis repository repository: public.ecr.aws/docker/library/redis @@ -1038,16 +1065,6 @@ redis: # -- Prometheus ServiceMonitor labels additionalLabels: {} - pdb: - # -- Labels to be added to Redis server pdb - labels: {} - # -- Annotations to be added to Redis server pdb - annotations: {} - - # -- Deploy a Poddisruptionbudget for the Redis server - enabled: false - # minAvailable: 1 - # maxUnavailable: 0 # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted @@ -1118,6 +1135,7 @@ server: # -- The number of server pods to run replicas: 1 + ## Argo CD server Horizontal Pod Autoscaler autoscaling: # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server enabled: false @@ -1144,6 +1162,24 @@ server: # - type: Pods # value: 2 # periodSeconds: 60 + + ## Argo CD server Pod Disruption Budget + ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + pdb: + # -- Deploy a [PodDisruptionBudget] for the Argo CD server + enabled: false + # -- Labels to be added to Argo CD server pdb + labels: {} + # -- Annotations to be added to Argo CD server pdb + annotations: {} + # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) + # @default -- `""` (defaults to 0 if not specified) + minAvailable: "" + # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + ## Has higher precedence over `server.pdb.minAvailable` + maxUnavailable: "" + + ## Argo CD server image image: # -- Repository to use for the Argo CD server # @default -- `""` (defaults to global.image.repository) @@ -1704,18 +1740,6 @@ server: # - name: argo-rollouts # url: https://github.com/argoproj-labs/rollout-extension/releases/download/v0.1.0/extension.tar - pdb: - # -- Labels to be added to server pdb - labels: {} - # -- Annotations to be added to server pdb - annotations: {} - - # -- Deploy a Poddisruptionbudget for the server - enabled: false - # minAvailable: 1 - # maxUnavailable: 0 - - ## Repo Server repoServer: # -- Repo server name @@ -1724,6 +1748,7 @@ repoServer: # -- The number of repo server pods to run replicas: 1 + ## Repo server Horizontal Pod Autoscaler autoscaling: # -- Enable Horizontal Pod Autoscaler ([HPA]) for the repo server enabled: false @@ -1751,6 +1776,23 @@ repoServer: # value: 2 # periodSeconds: 60 + ## Repo server Pod Disruption Budget + ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + pdb: + # -- Deploy a [PodDisruptionBudget] for the repo server + enabled: false + # -- Labels to be added to repo server pdb + labels: {} + # -- Annotations to be added to repo server pdb + annotations: {} + # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) + # @default -- `""` (defaults to 0 if not specified) + minAvailable: "" + # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + ## Has higher precedence over `repoServer.pdb.minAvailable` + maxUnavailable: "" + + ## Repo server image image: # -- Repository to use for the repo server # @default -- `""` (defaults to global.image.repository) @@ -1973,27 +2015,34 @@ repoServer: # name: custom-tools # subPath: helm - pdb: - # -- Labels to be added to Repo server pdb - labels: {} - # -- Annotations to be added to Repo server pdb - annotations: {} - - # -- Deploy a Poddisruptionbudget for the Repo server - enabled: false - # minAvailable: 1 - # maxUnavailable: 0 - +## ApplicationSet controller applicationSet: - # -- Enable Application Set controller + # -- Enable ApplicationSet controller enabled: true # -- Application Set controller name string name: applicationset-controller - # -- The number of controller pods to run + # -- The number of ApplicationSet controller pods to run replicaCount: 1 + ## ApplicationSet controller Pod Disruption Budget + ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + pdb: + # -- Deploy a [PodDisruptionBudget] for the ApplicationSet controller + enabled: false + # -- Labels to be added to ApplicationSet controller pdb + labels: {} + # -- Annotations to be added to ApplicationSet controller pdb + annotations: {} + # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) + # @default -- `""` (defaults to 0 if not specified) + minAvailable: "" + # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + ## Has higher precedence over `applicationSet.pdb.minAvailable` + maxUnavailable: "" + + ## ApplicationSet controller image image: # -- Repository to use for the application set controller # @default -- `""` (defaults to global.image.repository) @@ -2205,8 +2254,9 @@ applicationSet: # hosts: # - argocd-applicationset.example.com +## Notifications controller notifications: - # -- Enable Notifications controller + # -- Enable notifications controller enabled: true # -- Notifications controller name string @@ -2218,6 +2268,23 @@ notifications: # -- Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates argocdUrl: + ## Notifications controller Pod Disruption Budget + ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + pdb: + # -- Deploy a [PodDisruptionBudget] for the notifications controller + enabled: false + # -- Labels to be added to notifications controller pdb + labels: {} + # -- Annotations to be added to notifications controller pdb + annotations: {} + # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) + # @default -- `""` (defaults to 0 if not specified) + minAvailable: "" + # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + ## Has higher precedence over `notifications.pdb.minAvailable` + maxUnavailable: "" + + ## Notifications controller image image: # -- Repository to use for the notifications controller # @default -- `""` (defaults to global.image.repository) @@ -2656,6 +2723,23 @@ notifications: updateStrategy: type: Recreate + ## Slack bot Pod Disruption Budget + ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + pdb: + # -- Deploy a [PodDisruptionBudget] for the Slack bot + enabled: false + # -- Labels to be added to Slack bot pdb + labels: {} + # -- Annotations to be added to Slack bot pdb + annotations: {} + # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) + # @default -- `""` (defaults to 0 if not specified) + minAvailable: "" + # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + ## Has higher precedence over `notifications.bots.slack.pdb.minAvailable` + maxUnavailable: "" + + ## Slack bot imabe image: # -- Repository to use for the Slack bot # @default -- `""` (defaults to global.image.repository) From 2b629879dbc22a9968aa73a2439c67a6f6002c95 Mon Sep 17 00:00:00 2001 From: Eddie Knight Date: Wed, 12 Oct 2022 12:30:52 -0500 Subject: [PATCH 0402/1248] chore(github): Added Argoproj CLOMonitor Badge (#1548) Signed-off-by: Eddie Knight --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 18217029..1d96a35f 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,7 @@ [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) +[![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo) Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: From 8495d6bb5c0ef5ece48020664ec63439b86bd997 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 13 Oct 2022 18:17:14 +0200 Subject: [PATCH 0403/1248] fix(argo-cd): Leader election for ApplicationSet controller (#1554) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 ++------ .../argo-cd/templates/argocd-applicationset/role.yaml | 10 ++++++++++ 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index de82880d..bbc2abf1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.24 +version: 5.5.25 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,8 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: PDB for Application Set controller" - - "[Added]: PDB for Notifications controller" - - "[Added]: PDB for Slack bot" - - "[Fixed]: PDB for Redis is not created if redis-ha is enabled" - - "[Changed]: Documentation for PDB usage" + - "[Fixed]: Leader election permissions for ApplicationSet controller" diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index 15211844..8f60df1a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -62,6 +62,16 @@ rules: - get - list - watch + # Leader election + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - update + - delete + - patch - apiGroups: - coordination.k8s.io resources: From 7c3276f44db5829621f0dea0434d4a54ed4673cf Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 14 Oct 2022 00:06:44 +0200 Subject: [PATCH 0404/1248] feat(argocd-apps): Add Argo extensions (#1546) Signed-off-by: Petr Drastil --- charts/argocd-apps/Chart.yaml | 4 +-- charts/argocd-apps/README.md | 1 + charts/argocd-apps/ci/extensions-values.yaml | 12 +++++++++ charts/argocd-apps/templates/extensions.yaml | 27 ++++++++++++++++++++ charts/argocd-apps/values.yaml | 15 +++++++++++ 5 files changed, 57 insertions(+), 2 deletions(-) create mode 100644 charts/argocd-apps/ci/extensions-values.yaml create mode 100644 charts/argocd-apps/templates/extensions.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index c304fee2..cba44891 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.2 +version: 0.0.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add ApplicationSets" + - "[Added]: Add Extensions" diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index 991f55b2..fc994888 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -26,6 +26,7 @@ $ helm install my-release argo/argocd-apps |-----|------|---------|-------------| | applications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | | applicationsets | list | `[]` (See [values.yaml]) | Deploy Argo CD ApplicationSets within this helm release | +| extensions | list | `[]` (See [values.yaml]) | Deploy Argo UI Extensions within this helm release | | projects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | ---------------------------------------------- diff --git a/charts/argocd-apps/ci/extensions-values.yaml b/charts/argocd-apps/ci/extensions-values.yaml new file mode 100644 index 00000000..15a9fa73 --- /dev/null +++ b/charts/argocd-apps/ci/extensions-values.yaml @@ -0,0 +1,12 @@ +# Test with extensions + +extensions: + - name: example + namespace: default + additionalLabels: {} + additionalAnnotations: {} + sources: + - git: + url: https://github.com/argoproj-labs/argocd-example-extension.git + - web: + url: https://github.com/argoproj-labs/argocd-example-extension/releases/download/v0.1.0/extension.tar diff --git a/charts/argocd-apps/templates/extensions.yaml b/charts/argocd-apps/templates/extensions.yaml new file mode 100644 index 00000000..1893c2a7 --- /dev/null +++ b/charts/argocd-apps/templates/extensions.yaml @@ -0,0 +1,27 @@ +{{- range .Values.extensions }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCDExtension +metadata: + name: {{ .name }} + {{- with .namespace }} + namespace: {{ . }} + {{- end }} + finalizers: + - extensions-finalizer.argocd.argoproj.io + {{- with .additionalLabels }} + labels: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .additionalAnnotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +{{- with .sources }} +spec: + sources: + {{- toYaml . | nindent 4 }} +{{- end }} +{{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 0421a377..3e0a07f4 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -121,3 +121,18 @@ applicationsets: [] # syncPolicy: # # Set Application finalizer # preserveResourcesOnDeletion: false + +# -- Deploy Argo UI Extensions within this helm release +# @default -- `[]` (See [values.yaml]) +## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary. +## Ref: https://github.com/argoproj-labs/argocd-extensions +extensions: [] + # - name: example + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # sources: + # - git: + # url: https://github.com/argoproj-labs/argocd-example-extension.git + # - web: + # url: https://github.com/argoproj-labs/argocd-example-extension/releases/download/v0.1.0/extension.tar From 17e601148f0325d196e55a77a1b9577c8bbd926d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 14 Oct 2022 00:28:44 +0200 Subject: [PATCH 0405/1248] chore(argo-cd): Move Argo UI extension resource to argocd-apps (#1550) * Move extensions to argocd-apps chart * Simplify extension rbac * Bump minor version Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 3 +-- .../argocd-server/extensions-rolebinding.yaml | 15 ------------- .../templates/argocd-server/extensions.yaml | 17 --------------- .../argocd-server/extentions-role.yaml | 21 ------------------- .../argo-cd/templates/argocd-server/role.yaml | 5 ++++- charts/argo-cd/values.yaml | 12 +++++------ 7 files changed, 12 insertions(+), 65 deletions(-) delete mode 100644 charts/argo-cd/templates/argocd-server/extensions-rolebinding.yaml delete mode 100644 charts/argo-cd/templates/argocd-server/extensions.yaml delete mode 100644 charts/argo-cd/templates/argocd-server/extentions-role.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bbc2abf1..1e6ce3e3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.14 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.5.25 +version: 5.6.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Leader election permissions for ApplicationSet controller" + - "[Changed]: Moved Argo Extension resource to argocd-apps chart" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 95d64340..ff267d15 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -590,8 +590,7 @@ NAME: my-release | server.containerSecurityContext | object | `{}` | Servers container-level security context | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | -| server.extensions.contents | list | `[]` | Extensions to be loaded into the server | -| server.extensions.enabled | bool | `false` | Enable support for extensions | +| server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | | server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | | server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | diff --git a/charts/argo-cd/templates/argocd-server/extensions-rolebinding.yaml b/charts/argo-cd/templates/argocd-server/extensions-rolebinding.yaml deleted file mode 100644 index 3e8ec5d6..00000000 --- a/charts/argo-cd/templates/argocd-server/extensions-rolebinding.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.server.extensions.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - name: argocd-server-extensions -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-server-extensions -subjects: -- kind: ServiceAccount - name: argocd-server -{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/extensions.yaml b/charts/argo-cd/templates/argocd-server/extensions.yaml deleted file mode 100644 index 5ac595db..00000000 --- a/charts/argo-cd/templates/argocd-server/extensions.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.server.extensions.enabled }} -{{- range $extension := .Values.server.extensions.contents }} ---- -apiVersion: argoproj.io/v1alpha1 -kind: ArgoCDExtension -metadata: - name: {{ $extension.name }} - finalizers: - - extensions-finalizer.argocd.argoproj.io - labels: - {{- include "argo-cd.labels" (dict "context" $ "component" $.Values.server.name "name" (printf "%s-extensions" $.Values.server.name)) | nindent 4 }} -spec: - sources: - - web: - url: {{ $extension.url }} -{{- end }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/extentions-role.yaml b/charts/argo-cd/templates/argocd-server/extentions-role.yaml deleted file mode 100644 index 53e592ae..00000000 --- a/charts/argo-cd/templates/argocd-server/extentions-role.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.server.extensions.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - name: argocd-server-extensions -rules: -- apiGroups: - - argoproj.io - resources: - - argocdextensions - verbs: - - create - - get - - list - - watch - - update - - delete - - patch -{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 46eb68d5..c73d189c 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -23,6 +23,9 @@ rules: resources: - applications - appprojects + {{- if .Values.server.extensions.enabled }} + - argocdextensions + {{- end }} verbs: - create - get @@ -37,4 +40,4 @@ rules: - events verbs: - create - - list \ No newline at end of file + - list diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f630a092..9f546d24 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1713,11 +1713,14 @@ server: # name: custom-tools # subPath: helm + ## Argo UI extensions + ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. + ## Ref: https://github.com/argoproj-labs/argocd-extensions extensions: - # -- Enable support for extensions - ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary. + # -- Enable support for Argo UI extensions enabled: false + ## Argo UI extensions image image: # -- Repository to use for extensions image repository: "ghcr.io/argoproj-labs/argocd-extensions" @@ -1735,11 +1738,6 @@ server: # cpu: 10m # memory: 64Mi - # -- Extensions to be loaded into the server - contents: [] - # - name: argo-rollouts - # url: https://github.com/argoproj-labs/rollout-extension/releases/download/v0.1.0/extension.tar - ## Repo Server repoServer: # -- Repo server name From aff5b9e5a964b6cd35417f0fcc26b6180001e605 Mon Sep 17 00:00:00 2001 From: Jan Christoph Beyer <34127121+BeyerJC@users.noreply.github.com> Date: Thu, 20 Oct 2022 13:23:17 +0200 Subject: [PATCH 0406/1248] feat(argo-cd): Upgrade argocd to v2.4.15 (#1566) Signed-off-by: Jan Christoph Beyer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1e6ce3e3..d219494b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.14 +appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.6.0 +version: 5.6.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Moved Argo Extension resource to argocd-apps chart" + - "[Changed]: Update to app version 2.4.15" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ff267d15..4877567b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -711,7 +711,7 @@ NAME: my-release | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.35.1-distroless"` | Dex image tag | +| dex.image.tag | string | `"v2.35.3-distroless"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9f546d24..83c1099d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -714,7 +714,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.35.1-distroless + tag: v2.35.3-distroless # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 12a1ccea75350600a08c83d95d19489531283b02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Estrela?= <6763969+Evilong@users.noreply.github.com> Date: Fri, 21 Oct 2022 09:10:53 +0100 Subject: [PATCH 0407/1248] feat(argo-cd): ServiceMonitor resources can be annotated (#1564) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [Added]: ServiceMonitor resources are able to be annotated Signed-off-by: João Estrela Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 7 +++++++ .../servicemonitor.yaml | 4 ++++ .../argocd-applicationset/servicemonitor.yaml | 4 ++++ .../argocd-notifications/servicemonitor.yaml | 4 ++++ .../argocd-repo-server/servicemonitor.yaml | 4 ++++ .../templates/argocd-server/servicemonitor.yaml | 4 ++++ charts/argo-cd/templates/dex/servicemonitor.yaml | 4 ++++ charts/argo-cd/templates/redis/servicemonitor.yaml | 4 ++++ charts/argo-cd/values.yaml | 14 ++++++++++++++ 10 files changed, 51 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d219494b..22de1552 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.6.1 +version: 5.6.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.4.15" + - "[Added]: ServiceMonitor resources are able to be annotated" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4877567b..44e1759e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -437,6 +437,7 @@ NAME: my-release | controller.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | controller.metrics.service.servicePort | int | `8082` | Metrics service port | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| controller.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | @@ -512,6 +513,7 @@ NAME: my-release | repoServer.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | repoServer.metrics.service.servicePort | int | `8084` | Metrics service port | | repoServer.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| repoServer.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | repoServer.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | repoServer.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | repoServer.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | @@ -637,6 +639,7 @@ NAME: my-release | server.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | server.metrics.service.servicePort | int | `8083` | Metrics service port | | server.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| server.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | server.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | server.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | server.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | @@ -728,6 +731,7 @@ NAME: my-release | dex.metrics.service.labels | object | `{}` | Metrics service labels | | dex.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | dex.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| dex.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | dex.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | dex.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | dex.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | @@ -799,6 +803,7 @@ NAME: my-release | redis.metrics.service.servicePort | int | `9121` | Metrics service port | | redis.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | redis.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| redis.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | redis.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | redis.metrics.serviceMonitor.interval | string | `"30s"` | Interval at which metrics should be scraped | | redis.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | @@ -901,6 +906,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | applicationSet.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | applicationSet.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | @@ -992,6 +998,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.metrics.service.labels | object | `{}` | Metrics service labels | | notifications.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | notifications.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 28b230db..3c8b0ca4 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -14,6 +14,10 @@ metadata: {{- with .Values.controller.metrics.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - port: {{ .Values.controller.metrics.service.portName }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index 10c950da..b836ccc5 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -15,6 +15,10 @@ metadata: {{- with .Values.applicationSet.metrics.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - port: {{ .Values.applicationSet.metrics.service.portName }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 7ed6237a..7f11d08f 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -14,6 +14,10 @@ metadata: {{- if .Values.notifications.metrics.serviceMonitor.additionalLabels }} {{- toYaml .Values.notifications.metrics.serviceMonitor.additionalLabels | nindent 4 }} {{- end }} + {{- with .Values.notifications.metrics.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - port: {{ .Values.notifications.metrics.service.portName }} diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 8f6bf9c8..82937d9b 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -14,6 +14,10 @@ metadata: {{- with .Values.repoServer.metrics.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.repoServer.metrics.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - port: {{ .Values.repoServer.metrics.service.portName }} diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 61d31390..d00e5657 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -14,6 +14,10 @@ metadata: {{- with .Values.server.metrics.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} + annotations: + {{- range $key, $value := .Values.server.metrics.serviceMonitor.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: endpoints: - port: {{ .Values.server.metrics.service.portName }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index ec98991a..d08d018f 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -14,6 +14,10 @@ metadata: {{- with .Values.dex.metrics.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.dex.metrics.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - port: {{ .Values.dex.metrics.service.portName }} diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index 8cd9a111..ea913467 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -15,6 +15,10 @@ metadata: {{- with .Values.redis.metrics.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.redis.metrics.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - port: {{ .Values.redis.metrics.service.portName }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 83c1099d..423cb7e0 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -582,6 +582,8 @@ controller: namespace: "" # "monitoring" # -- Prometheus ServiceMonitor labels additionalLabels: {} + # -- Prometheus ServiceMonitor annotations + annotations: {} rules: # -- Deploy a PrometheusRule for the application controller enabled: false @@ -692,6 +694,8 @@ dex: namespace: "" # "monitoring" # -- Prometheus ServiceMonitor labels additionalLabels: {} + # -- Prometheus ServiceMonitor annotations + annotations: {} ## Dex Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ @@ -1064,6 +1068,8 @@ redis: namespace: "" # "monitoring" # -- Prometheus ServiceMonitor labels additionalLabels: {} + # -- Prometheus ServiceMonitor annotations + annotations: {} # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) @@ -1397,6 +1403,8 @@ server: namespace: "" # monitoring # -- Prometheus ServiceMonitor labels additionalLabels: {} + # -- Prometheus ServiceMonitor annotations + annotations: {} serviceAccount: # -- Create server service account @@ -1954,6 +1962,8 @@ repoServer: namespace: "" # "monitoring" # -- Prometheus ServiceMonitor labels additionalLabels: {} + # -- Prometheus ServiceMonitor annotations + annotations: {} ## Enable Admin ClusterRole resources. ## Enable if you would like to grant cluster rights to Argo CD repo server. @@ -2114,6 +2124,8 @@ applicationSet: namespace: "" # monitoring # -- Prometheus ServiceMonitor labels additionalLabels: {} + # -- Prometheus ServiceMonitor annotations + annotations: {} ## Application set service configuration service: @@ -2381,6 +2393,8 @@ notifications: # prometheus: kube-prometheus # -- Prometheus ServiceMonitor labels additionalLabels: {} + # -- Prometheus ServiceMonitor annotations + annotations: {} # namespace: monitoring # interval: 30s # scrapeTimeout: 10s From 2626b31b699ca8e1810919652fd860443627389a Mon Sep 17 00:00:00 2001 From: Kiyoshi Muranaka Date: Sat, 22 Oct 2022 16:37:31 +0900 Subject: [PATCH 0408/1248] feat(argo-workflows): Add support for topologySpreadConstraints (#1496) Signed-off-by: Kiyoshi Muranaka Signed-off-by: Kiyoshi Muranaka Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 3 +++ charts/argo-workflows/README.md.gotmpl | 1 + .../workflow-controller-deployment.yaml | 11 +++++++++++ .../templates/server/server-deployment.yaml | 11 +++++++++++ charts/argo-workflows/values.yaml | 17 +++++++++++++++++ 6 files changed, 45 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 61fa7297..cc47a875 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.1 +version: 0.20.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoWorkflows to v3.4.1" + - "[Added]: Add support for topologySpreadConstraints" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 339f81be..492f073e 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -129,6 +129,7 @@ Fields to note: | controller.telemetryConfig.servicePort | int | `8081` | telemetry service port | | controller.telemetryConfig.servicePortName | string | `"telemetry"` | telemetry service port name | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the workflow controller | | controller.volumeMounts | list | `[]` | Additional volume mounts to the controller main container | | controller.volumes | list | `[]` | Additional volumes to the controller pod | | controller.workflowDefaults | object | `{}` | Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. Only valid for 2.7+ | @@ -206,6 +207,7 @@ Fields to note: | server.serviceType | string | `"ClusterIP"` | Service type for server pods | | server.sso | object | `{}` | SSO configuration when SSO is specified as a server auth mode. | | server.tolerations | list | `[]` | [Tolerations] for use with node taints | +| server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the argo server | | server.volumeMounts | list | `[]` | Additional volume mounts to the server main container. | | server.volumes | list | `[]` | Additional volumes to the server pod. | @@ -246,4 +248,5 @@ Fields to note: [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 27f43013..1a9e3e56 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -133,4 +133,5 @@ Fields to note: [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 53cab446..257b4423 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -106,6 +106,17 @@ spec: affinity: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-workflows.selectorLabels" (dict "context" $ "name" $.Values.controller.name) | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index d4881d52..53c116e1 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -109,6 +109,17 @@ spec: affinity: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-workflows.selectorLabels" (dict "context" $ "name" $.Values.server.name) | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.server.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index fc9ab550..f32ebd32 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -261,6 +261,15 @@ controller: tolerations: [] # -- Assign custom [affinity] rules affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the workflow controller + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- Leverage a PriorityClass to ensure your pods survive resource shortages. ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ priorityClassName: "" @@ -384,6 +393,14 @@ server: # -- Assign custom [affinity] rules affinity: {} + # -- Assign custom [TopologySpreadConstraints] rules to the argo server + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- Leverage a PriorityClass to ensure your pods survive resource shortages ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ priorityClassName: "" From 8c5015895251334b196a859516021e0793c0fff4 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 22 Oct 2022 14:59:23 +0200 Subject: [PATCH 0409/1248] chore(argo-cd): Rename metrics templates (#1556) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- .../{metrics-service.yaml => metrics.yaml} | 0 .../{metrics-service.yaml => metrics.yaml} | 0 .../{service-metrics.yaml => metrics.yaml} | 0 .../argocd-repo-server/{metrics-service.yaml => metrics.yaml} | 0 .../argocd-server/{metrics-service.yaml => metrics.yaml} | 0 .../templates/redis/{metrics-service.yaml => metrics.yaml} | 0 7 files changed, 2 insertions(+), 2 deletions(-) rename charts/argo-cd/templates/argocd-application-controller/{metrics-service.yaml => metrics.yaml} (100%) rename charts/argo-cd/templates/argocd-applicationset/{metrics-service.yaml => metrics.yaml} (100%) rename charts/argo-cd/templates/argocd-notifications/{service-metrics.yaml => metrics.yaml} (100%) rename charts/argo-cd/templates/argocd-repo-server/{metrics-service.yaml => metrics.yaml} (100%) rename charts/argo-cd/templates/argocd-server/{metrics-service.yaml => metrics.yaml} (100%) rename charts/argo-cd/templates/redis/{metrics-service.yaml => metrics.yaml} (100%) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 22de1552..1a158239 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.6.2 +version: 5.6.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: ServiceMonitor resources are able to be annotated" + - "[Changed]: Renamed metrics service templates to metrics.yaml" diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml rename to charts/argo-cd/templates/argocd-application-controller/metrics.yaml diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml rename to charts/argo-cd/templates/argocd-applicationset/metrics.yaml diff --git a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-notifications/service-metrics.yaml rename to charts/argo-cd/templates/argocd-notifications/metrics.yaml diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml rename to charts/argo-cd/templates/argocd-repo-server/metrics.yaml diff --git a/charts/argo-cd/templates/argocd-server/metrics-service.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-server/metrics-service.yaml rename to charts/argo-cd/templates/argocd-server/metrics.yaml diff --git a/charts/argo-cd/templates/redis/metrics-service.yaml b/charts/argo-cd/templates/redis/metrics.yaml similarity index 100% rename from charts/argo-cd/templates/redis/metrics-service.yaml rename to charts/argo-cd/templates/redis/metrics.yaml From 6eaec3188a0771c9ec7e98e29230a31561f18d3a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 24 Oct 2022 14:53:33 +0900 Subject: [PATCH 0410/1248] chore(argo-workflows): Update ArgoWorkflows to v3.4.2 (#1571) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index cc47a875..0aafb850 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.1 +appVersion: v3.4.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.2 +version: 0.20.3 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add support for topologySpreadConstraints" + - "[Changed]: Update ArgoWorkflows to v3.4.2" From 6fce9e7d9bff99104528f583ea9a556f20410137 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 24 Oct 2022 19:05:50 +0200 Subject: [PATCH 0411/1248] docs(argo-cd): Moved documentation for AWS ALB (#1539) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +-- charts/argo-cd/README.md | 45 ++++++++++++++++---------------- charts/argo-cd/README.md.gotmpl | 46 ++++++++++++++++----------------- 3 files changed, 46 insertions(+), 49 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1a158239..c9efe567 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.6.3 +version: 5.6.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Renamed metrics service templates to metrics.yaml" + - "[Fixed]: Documentation for AWS ALB should relate to Server component" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 44e1759e..95cecca4 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -698,6 +698,28 @@ NAME: my-release | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | | server.volumes | list | `[]` | Additional volumes to the server pod | +### Using AWS ALB Ingress Controller With GRPC + +If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. + +Example: + +```yaml +server: + ingress: + enabled: true + annotations: + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + alb.ingress.kubernetes.io/scheme: internal + alb.ingress.kubernetes.io/target-type: ip + ingressGrpc: + enabled: true + isAWSALB: true + awsALB: + serviceType: ClusterIP +``` + ## Dex | Key | Type | Default | Description | @@ -1027,29 +1049,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | -### Using AWS ALB Ingress Controller With GRPC - -If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. - -Example: - -```yaml -server: - ingress: - enabled: true - annotations: - alb.ingress.kubernetes.io/backend-protocol: HTTPS - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' - alb.ingress.kubernetes.io/scheme: internal - alb.ingress.kubernetes.io/target-type: ip - ingressGrpc: - enabled: true - isAWSALB: true - awsALB: - serviceType: ClusterIP - -``` - ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index a3eb7d3b..a0d00eca 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -381,6 +381,28 @@ NAME: my-release {{- end }} {{- end }} +### Using AWS ALB Ingress Controller With GRPC + +If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. + +Example: + +```yaml +server: + ingress: + enabled: true + annotations: + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + alb.ingress.kubernetes.io/scheme: internal + alb.ingress.kubernetes.io/target-type: ip + ingressGrpc: + enabled: true + isAWSALB: true + awsALB: + serviceType: ClusterIP +``` + ## Dex | Key | Type | Default | Description | @@ -454,30 +476,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide {{- end }} {{- end }} - -### Using AWS ALB Ingress Controller With GRPC - -If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. - -Example: - -```yaml -server: - ingress: - enabled: true - annotations: - alb.ingress.kubernetes.io/backend-protocol: HTTPS - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' - alb.ingress.kubernetes.io/scheme: internal - alb.ingress.kubernetes.io/target-type: ip - ingressGrpc: - enabled: true - isAWSALB: true - awsALB: - serviceType: ClusterIP - -``` - ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) From 01ae72a7b104a0dfb729f97a94427497860b1ac1 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 24 Oct 2022 20:00:02 +0200 Subject: [PATCH 0412/1248] chore(argo-cd): Remove controller duplicate service (#1549) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +-- charts/argo-cd/README.md | 4 --- charts/argo-cd/templates/NOTES.txt | 3 +++ .../metrics.yaml | 26 +++++++++---------- .../service.yaml | 22 ---------------- .../statefulset.yaml | 2 +- charts/argo-cd/values.yaml | 13 ++-------- 7 files changed, 21 insertions(+), 53 deletions(-) delete mode 100644 charts/argo-cd/templates/argocd-application-controller/service.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c9efe567..74b64126 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.6.4 +version: 5.6.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Documentation for AWS ALB should relate to Server component" + - "[Removed]: Controller service as duplicate for metrics service" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 95cecca4..f3dad541 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -463,10 +463,6 @@ NAME: my-release | controller.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | controller.replicas | int | `1` | The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. | | controller.resources | object | `{}` | Resource limits and requests for the application controller pods | -| controller.service.annotations | object | `{}` | Application controller service annotations | -| controller.service.labels | object | `{}` | Application controller service labels | -| controller.service.port | int | `8082` | Application controller service port | -| controller.service.portName | string | `"https-controller"` | Application controller service port name | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | controller.serviceAccount.create | bool | `true` | Create a service account for the application controller | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 81c64ce1..d5070d20 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -34,6 +34,9 @@ DEPRECATED option repoServer.logFormat - Use configs.params.repoServer.log.forma {{- if .Values.repoServer.logLevel }} DEPRECATED option repoServer.logLevel - Use configs.params.repoServer.log.level {{- end }} +{{- if .Values.controller.service }} +REMOVED option controller.service - Use controller.metrics +{{- end }} {{- if .Values.repoServer.copyutil }} REMOVED option repoSever.copyutil.resources - Use repoServer.resources {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml index 44e8eff3..88827a85 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml @@ -1,25 +1,25 @@ -{{- if .Values.controller.metrics.enabled}} +{{- if .Values.controller.metrics.enabled }} apiVersion: v1 kind: Service metadata: -{{- if .Values.controller.metrics.service.annotations }} - annotations: - {{- range $key, $value := .Values.controller.metrics.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} + name: {{ include "argo-cd.controller.fullname" . }}-metrics labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 4 }} -{{- if .Values.controller.metrics.service.labels }} -{{- toYaml .Values.controller.metrics.service.labels | nindent 4 }} -{{- end }} - name: {{ template "argo-cd.controller.fullname" . }}-metrics + {{- with .Values.controller.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.metrics.service.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: ports: - name: {{ .Values.controller.metrics.service.portName }} protocol: TCP port: {{ .Values.controller.metrics.service.servicePort }} - targetPort: controller + targetPort: metrics selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/service.yaml b/charts/argo-cd/templates/argocd-application-controller/service.yaml deleted file mode 100644 index 1d4340ff..00000000 --- a/charts/argo-cd/templates/argocd-application-controller/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: -{{- if .Values.controller.service.annotations }} - annotations: - {{- range $key, $value := .Values.controller.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - name: {{ template "argo-cd.controller.fullname" . }} - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} -{{- with .Values.controller.service.labels }} -{{- toYaml . | nindent 4 }} -{{- end }} -spec: - ports: - - name: {{ .Values.controller.service.portName }} - port: {{ .Values.controller.service.port }} - targetPort: {{ .Values.controller.containerPort }} - selector: - {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} \ No newline at end of file diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index e239738e..d2bf6825 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -210,7 +210,7 @@ spec: {{- toYaml . | nindent 10 }} {{- end }} ports: - - name: controller + - name: metrics containerPort: {{ .Values.controller.containerPort }} protocol: TCP livenessProbe: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 423cb7e0..39a27116 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -493,21 +493,12 @@ controller: # -- Additional volumes to the application controller pod volumes: [] - ## Controller service configuration - service: - # -- Application controller service annotations - annotations: {} - # -- Application controller service labels - labels: {} - # -- Application controller service port - port: 8082 - # -- Application controller service port name - portName: https-controller - # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} From 9d69923c93a9a0332ab8f08afa0225833b2730b0 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 24 Oct 2022 16:48:00 -0500 Subject: [PATCH 0413/1248] fix(github): Use hardcoded version for helm (#1573) - [x] use stable version of helm for azure/setup-helm github action - [x] match to v3 for azure/setup-helm usage (in linting action) Signed-off-by: jmeridth Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 6 ++++-- .github/workflows/publish.yml | 5 ++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 2eb2beb1..605c9f9e 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -15,7 +15,9 @@ jobs: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@v1 + uses: azure/setup-helm@v3 + with: + version: v3.10.1 # Also update in publish.yaml - name: Set up python uses: actions/setup-python@v4 @@ -59,7 +61,7 @@ jobs: if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml - + - name: Deploy latest ArgoCD CRDs when testing ArgoCD extensions if: | contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') || diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 8333a66d..901c2f63 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -22,8 +22,7 @@ jobs: - name: Install Helm uses: azure/setup-helm@v3 with: - version: latest # stable - token: ${{ secrets.GITHUB_TOKEN }} # only needed if version is 'latest' + version: v3.10.1 # Also update in lint-and-test.yaml - name: Add dependency chart repos run: | @@ -32,7 +31,7 @@ jobs: - name: Configure Git run: | git config user.name "$GITHUB_ACTOR" - git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" ## This is required to consider the old Circle-CI Index and to stay compatible with all the old releases. - name: Fetch current Chart Index From 3a431395d0fba4abafc290b816bbbb9d97a9705a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 25 Oct 2022 15:18:59 +0900 Subject: [PATCH 0414/1248] chore(argo-workflows): Enable to set different imagePullPolicy for mainContainer and executor (#1570) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 3 ++- .../controller/workflow-controller-config-map.yaml | 4 ++-- charts/argo-workflows/values.yaml | 6 ++++-- 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0aafb850..0c3dbf47 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.3 +version: 0.20.4 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update ArgoWorkflows to v3.4.2" + - "[Changed]: Enable to set different imagePullPolicy for mainContainer and executor" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 492f073e..3d9c4d10 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -142,7 +142,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | mainContainer.env | list | `[]` | Adds environment variables for the Workflow main container | -| mainContainer.imagePullPolicy | string | `"Always"` | imagePullPolicy to apply to Workflow main container | +| mainContainer.imagePullPolicy | string | `""` | imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. | | mainContainer.resources | object | `{}` | Resource limits and requests for the Workflow main container | | mainContainer.securityContext | object | `{}` | sets security context for the Workflow main container | @@ -151,6 +151,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | executor.env | list | `[]` | Adds environment variables for the executor. | +| executor.image.pullPolicy | string | `""` | Image PullPolicy to use for the Workflow Executors. Defaults to `.Values.images.pullPolicy`. | | executor.image.registry | string | `"quay.io"` | Registry to use for the Workflow Executors | | executor.image.repository | string | `"argoproj/argoexec"` | Repository to use for the Workflow Executors | | executor.image.tag | string | `""` | Image tag for the workflow executor. Defaults to `.Values.images.tag`. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index c0130ba7..0e79514c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -27,7 +27,7 @@ data: {{- end }} {{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.securityContext}} mainContainer: - imagePullPolicy: {{ .Values.images.pullPolicy }} + imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.mainContainer.imagePullPolicy }} {{- with .Values.mainContainer.resources }} resources: {{- toYaml . | nindent 8 }} {{- end }} @@ -40,7 +40,7 @@ data: {{- end }} {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} executor: - imagePullPolicy: {{ .Values.images.pullPolicy }} + imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.executor.image.pullPolicy }} {{- with .Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index f32ebd32..1e2faa30 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -287,8 +287,8 @@ controller: # mainContainer adds default config for main container that could be overriden in workflows template mainContainer: - # -- imagePullPolicy to apply to Workflow main container - imagePullPolicy: Always + # -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. + imagePullPolicy: "" # -- Resource limits and requests for the Workflow main container resources: {} # -- Adds environment variables for the Workflow main container @@ -305,6 +305,8 @@ executor: repository: argoproj/argoexec # -- Image tag for the workflow executor. Defaults to `.Values.images.tag`. tag: "" + # -- Image PullPolicy to use for the Workflow Executors. Defaults to `.Values.images.pullPolicy`. + pullPolicy: "" # -- Resource limits and requests for the Workflow Executors resources: {} # -- Adds environment variables for the executor. From 365dd3ce1e4d6b61660a55463cfc2953de1e48a4 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 25 Oct 2022 08:41:54 +0200 Subject: [PATCH 0415/1248] chore(argo-cd): Group common template helpers together (#1555) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/templates/_common.tpl | 65 +++++++++++++++++++++++++++ charts/argo-cd/templates/_helpers.tpl | 65 --------------------------- 3 files changed, 67 insertions(+), 67 deletions(-) create mode 100644 charts/argo-cd/templates/_common.tpl diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 74b64126..66b0f53c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.6.5 +version: 5.6.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: Controller service as duplicate for metrics service" + - "[Changed]: Grouped common template helpers together" diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl new file mode 100644 index 00000000..f5154e47 --- /dev/null +++ b/charts/argo-cd/templates/_common.tpl @@ -0,0 +1,65 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "argo-cd.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "argo-cd.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "argo-cd.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create Argo CD app version +*/}} +{{- define "argo-cd.defaultTag" -}} +{{- default .Chart.AppVersion .Values.global.image.tag }} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "argo-cd.labels" -}} +helm.sh/chart: {{ include "argo-cd.chart" .context }} +{{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} +app.kubernetes.io/managed-by: {{ .context.Release.Service }} +app.kubernetes.io/part-of: argocd +{{- with .context.Values.global.additionalLabels }} +{{ toYaml . }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "argo-cd.selectorLabels" -}} +{{- if .name -}} +app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .name }} +{{ end -}} +app.kubernetes.io/instance: {{ .context.Release.Name }} +{{- if .component }} +app.kubernetes.io/component: {{ .component }} +{{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 73e86d1c..d079d6bb 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -1,29 +1,4 @@ {{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "argo-cd.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "argo-cd.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - {{/* Create controller name and version as used by the chart label. Truncated at 52 chars because StatefulSet label 'controller-revision-hash' is limited @@ -183,39 +158,6 @@ Create the name of the notifications bots slack service account to use {{- end -}} {{- end -}} -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "argo-cd.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "argo-cd.labels" -}} -helm.sh/chart: {{ include "argo-cd.chart" .context }} -{{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} -app.kubernetes.io/managed-by: {{ .context.Release.Service }} -app.kubernetes.io/part-of: argocd -{{- with .context.Values.global.additionalLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "argo-cd.selectorLabels" -}} -{{- if .name -}} -app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .name }} -{{ end -}} -app.kubernetes.io/instance: {{ .context.Release.Name }} -{{- if .component }} -app.kubernetes.io/component: {{ .component }} -{{- end }} -{{- end }} - {{/* Argo Configuration Preset Values (Incluenced by Values configuration) */}} @@ -261,10 +203,3 @@ Merge Argo Params Configuration with Preset Configuration {{ $key }}: {{ $value | quote }} {{- end }} {{- end -}} - -{{/* -Return the default Argo CD app version -*/}} -{{- define "argo-cd.defaultTag" -}} - {{- default .Chart.AppVersion .Values.global.image.tag }} -{{- end -}} From e217e71580c617348d48c002be5b727784f507a3 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 25 Oct 2022 15:29:50 +0200 Subject: [PATCH 0416/1248] docs(argo-cd): Improve docs for Argo CD configs (#1574) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 +++-- charts/argo-cd/README.md | 11 ++++++++--- charts/argo-cd/README.md.gotmpl | 11 +++++++++-- charts/argo-cd/templates/NOTES.txt | 8 ++++---- 4 files changed, 24 insertions(+), 11 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 66b0f53c..87b64abd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.6.6 +version: 5.6.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Grouped common template helpers together" + - "[Changed]: Created dedicated docs section for Argo CD configs" + - "[Fixed]: Documentation how to run server as insecure" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f3dad541..f34d8ead 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -343,6 +343,14 @@ NAME: my-release | createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | +| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | +| nameOverride | string | `"argocd"` | Provide a name in place of `argocd` | +| openshift.enabled | bool | `false` | enables using arbitrary uid for argo repo server | + +## Global Configs + +| Key | Type | Default | Description | +|-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Additional labels to add to all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | @@ -356,9 +364,6 @@ NAME: my-release | global.podAnnotations | object | `{}` | Annotations for the all deployed pods | | global.podLabels | object | `{}` | Labels for the all deployed pods | | global.securityContext | object | `{}` | Toggle and define securityContext. See [values.yaml] | -| kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | -| nameOverride | string | `"argocd"` | Provide a name in place of `argocd` | -| openshift.enabled | bool | `false` | enables using arbitrary uid for argo repo server | ## Argo CD Configs diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index a0d00eca..0fb649cd 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -333,10 +333,17 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if not (or (hasPrefix "configs" .Key) (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) ) }} + {{- if not (or (hasPrefix "global" .Key) (hasPrefix "configs" .Key) (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) ) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} - {{- if hasPrefix "server.additional" .Key }} +{{- end }} + +## Global Configs + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "global" .Key }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index d5070d20..6cd2924c 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -43,13 +43,13 @@ REMOVED option repoSever.copyutil.resources - Use repoServer.resources In order to access the server UI you have the following options: -1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443 +1. kubectl port-forward service/{{ include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443 and then open the browser on http://localhost:8080 and accept the certificate 2. enable ingress in the values file `server.ingress.enabled` and either - - Add the annotation for ssl passthrough: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough - - Add the `--insecure` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts + - Add the annotation for ssl passthrough: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-1-ssl-passthrough + - Set the `configs.params."server.insecure"` in the values file and terminate SSL at your ingress: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-2-multiple-ingress-objects-and-hosts {{ if eq (index .Values.server.config "admin.enabled") "true" -}} @@ -57,7 +57,7 @@ After reaching the UI the first time you can login with username: admin and the kubectl -n {{ .Release.Namespace }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d -(You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://github.com/argoproj/argo-cd/blob/master/docs/getting_started.md#4-login-using-the-cli) +(You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://argo-cd.readthedocs.io/en/stable/getting_started/#4-login-using-the-cli) {{ else if or (index .Values.server.config "dex.config") (index .Values.server.config "oidc.config") -}} After reaching the UI the first time you can login using Dex or OIDC. {{ else -}} From 24de82b21473aa011472ebc19fb0626f57b53fe0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 25 Oct 2022 16:08:51 +0200 Subject: [PATCH 0417/1248] chore(argo-cd): Metrics DRY cleaning (#1569) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 ++-- .../argocd-applicationset/metrics.yaml | 16 ++++++------- .../argocd-notifications/metrics.yaml | 14 +++++------ .../templates/argocd-repo-server/metrics.yaml | 24 +++++++++---------- .../templates/argocd-server/metrics.yaml | 22 ++++++++--------- charts/argo-cd/templates/redis/metrics.yaml | 14 +++++------ 6 files changed, 47 insertions(+), 48 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 87b64abd..21246b8c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.6.7 +version: 5.6.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,5 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Created dedicated docs section for Argo CD configs" - - "[Fixed]: Documentation how to run server as insecure" + - "[Changed]: DRY cleanup of metrics templates" diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index a6ce523f..7a9397cd 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -2,18 +2,18 @@ apiVersion: v1 kind: Service metadata: - {{- if .Values.applicationSet.metrics.service.annotations }} + name: {{ include "argo-cd.applicationSet.fullname" . }}-metrics + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }} + {{- with .Values.applicationSet.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.applicationSet.metrics.service.annotations }} annotations: - {{- range $key, $value := .Values.applicationSet.metrics.service.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }} -{{- if .Values.applicationSet.metrics.service.labels }} -{{- toYaml .Values.applicationSet.metrics.service.labels | nindent 4 }} -{{- end }} - name: {{ template "argo-cd.applicationSet.fullname" . }}-metrics spec: ports: - name: {{ .Values.applicationSet.metrics.service.portName }} diff --git a/charts/argo-cd/templates/argocd-notifications/metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml index 8e0a92a8..3b80e97b 100644 --- a/charts/argo-cd/templates/argocd-notifications/metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/metrics.yaml @@ -2,18 +2,18 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-metrics + name: {{ include "argo-cd.notifications.fullname" . }}-metrics labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 4 }} -{{- if .Values.notifications.metrics.service.labels }} -{{- toYaml .Values.notifications.metrics.service.labels | nindent 4 }} -{{- end }} -{{- if .Values.notifications.metrics.service.annotations }} + {{- with .Values.notifications.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.notifications.metrics.service.annotations }} annotations: - {{- range $key, $value := .Values.notifications.metrics.service.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml index 14ca18d9..1124057e 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml @@ -1,19 +1,19 @@ -{{- if .Values.repoServer.metrics.enabled}} +{{- if .Values.repoServer.metrics.enabled }} apiVersion: v1 kind: Service metadata: -{{- if .Values.repoServer.metrics.service.annotations }} - annotations: - {{- range $key, $value := .Values.repoServer.metrics.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} + name: {{ include "argo-cd.repoServer.fullname" . }}-metrics labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-metrics" .Values.repoServer.name)) | nindent 4 }} -{{- if .Values.repoServer.metrics.service.labels }} -{{- toYaml .Values.repoServer.metrics.service.labels | nindent 4 }} -{{- end }} - name: {{ template "argo-cd.repoServer.fullname" . }}-metrics + {{- with .Values.repoServer.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.repoServer.metrics.service.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: ports: - name: {{ .Values.repoServer.metrics.service.portName }} @@ -22,4 +22,4 @@ spec: targetPort: metrics selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 4 }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/metrics.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml index 4d19dc07..bf8ee083 100644 --- a/charts/argo-cd/templates/argocd-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics.yaml @@ -2,18 +2,18 @@ apiVersion: v1 kind: Service metadata: - {{- if .Values.server.metrics.service.annotations }} - annotations: - {{- range $key, $value := .Values.server.metrics.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} + name: {{ include "argo-cd.server.fullname" . }}-metrics labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-metrics" .Values.server.name)) | nindent 4 }} -{{- if .Values.server.metrics.service.labels }} -{{- toYaml .Values.server.metrics.service.labels | nindent 4 }} -{{- end }} - name: {{ template "argo-cd.server.fullname" . }}-metrics + {{- with .Values.server.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.server.metrics.service.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: ports: - name: {{ .Values.server.metrics.service.portName }} @@ -22,4 +22,4 @@ spec: targetPort: metrics selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/redis/metrics.yaml b/charts/argo-cd/templates/redis/metrics.yaml index da96a22b..6886a740 100644 --- a/charts/argo-cd/templates/redis/metrics.yaml +++ b/charts/argo-cd/templates/redis/metrics.yaml @@ -3,19 +3,20 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "argo-cd.redis.fullname" . }}-metrics + name: {{ include "argo-cd.redis.fullname" . }}-metrics + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} + {{- with .Values.redis.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.redis.metrics.service.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} - {{- with .Values.redis.metrics.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} spec: + type: {{ .Values.redis.metrics.service.type }} {{- with .Values.redis.metrics.service.clusterIP }} clusterIP: {{ . }} {{- end }} @@ -26,5 +27,4 @@ spec: targetPort: metrics selector: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} - type: {{ .Values.redis.metrics.service.type }} {{- end }} From c8f7efb68ff03271a53d6bffa55677baa0da560d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 25 Oct 2022 19:05:38 +0200 Subject: [PATCH 0418/1248] feat(argo-cd): Move argocd-cm and argocd-rbac-cm to config section (#1528) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 19 +- charts/argo-cd/templates/NOTES.txt | 8 +- charts/argo-cd/templates/_helpers.tpl | 14 +- .../templates/argocd-configs/argocd-cm.yaml | 6 +- .../argocd-configs/argocd-rbac-cm.yaml | 6 +- .../templates/argocd-server/clusterrole.yaml | 2 +- charts/argo-cd/values.yaml | 263 +++++++++--------- 8 files changed, 170 insertions(+), 154 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 21246b8c..58118915 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.6.8 +version: 5.7.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: DRY cleanup of metrics templates" + - "[Added]: Configuration sections configs.cm and configs.rbac" + - "[Deprecated]: Generic configuration via server.config" + - "[Deprecated]: Argo RBAC configuration via server.rbacConfig" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f34d8ead..f4a238ac 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -370,6 +370,14 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | +| configs.cm."admin.enabled" | string | `"true"` | Enable local admin user | +| configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning | +| configs.cm."exec.enabled" | string | `"false"` | Enable exec feature in Argo UI | +| configs.cm."server.rbac.log.enforce.enable" | string | `"false"` | Enable logs RBAC enforcement | +| configs.cm."timeout.hard.reconciliation" | string | `"0"` | Timeout to refresh application data as well as target manifests cache | +| configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | +| configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | +| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [Declarative setup] | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpgKeys | object | `{}` (See [values.yaml]) | [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring | @@ -390,6 +398,11 @@ NAME: my-release | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | | configs.params."server.x.frame.options" | string | `"sameorigin"` | Set X-Frame-Options header in HTTP responses to value. To disable, set to "". | | configs.params.annotations | object | `{}` | Annotations to be added to the argocd-cmd-params-cm ConfigMap | +| configs.rbac."policy.csv" | string | `''` (See [values.yaml]) | File containing user-defined policies and role definitions. | +| configs.rbac."policy.default" | string | `""` | The name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... | +| configs.rbac.annotations | object | `{}` | Annotations to be added to argocd-rbac-cm configmap | +| configs.rbac.create | bool | `true` | Create the argocd-rbac-cm configmap with ([Argo CD RBAC policy]) definitions. If false, it is expected the configmap will be created by something else. Argo CD will not work if there is no configmap created with the name above. | +| configs.rbac.scopes | string | `"[groups]"` | OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). The scope value can be a string, or a list of strings. | | configs.repositories | object | `{}` | Repositories list to be used by applications | | configs.repositoriesAnnotations | object | `{}` | Annotations to be added to `configs.repositories` Secret | | configs.secret.annotations | object | `{}` | Annotations to be added to argocd-secret | @@ -586,9 +599,6 @@ NAME: my-release | server.certificate.renewBefore | string | `""` | How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration | | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | -| server.config | object | See [values.yaml] | [General Argo CD configuration] | -| server.configAnnotations | object | `{}` | Annotations to be added to Argo CD ConfigMap | -| server.configEnabled | bool | `true` | Manage Argo CD configmap (Declarative Setup) | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | `{}` | Servers container-level security context | | server.env | list | `[]` | Environment variables to pass to Argo CD server | @@ -659,9 +669,6 @@ NAME: my-release | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | | server.priorityClassName | string | `""` | Priority class for the Argo CD server | -| server.rbacConfig | object | `{}` | Argo CD rbac config ([Argo CD RBAC policy]) | -| server.rbacConfigAnnotations | object | `{}` | Annotations to be added to Argo CD rbac ConfigMap | -| server.rbacConfigCreate | bool | `true` | Whether or not to create the configmap. If false, it is expected the configmap will be created by something else. Argo CD will not work if there is no configMap created with the name above. | | server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 6cd2924c..852577da 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -34,6 +34,12 @@ DEPRECATED option repoServer.logFormat - Use configs.params.repoServer.log.forma {{- if .Values.repoServer.logLevel }} DEPRECATED option repoServer.logLevel - Use configs.params.repoServer.log.level {{- end }} +{{- if or .Values.server.config .Values.server.configEnabled .Values.server.configAnnotations }} +DEPRECATED option server.config - Use configs.cm +{{- end }} +{{- if or .Values.server.rbacConfig .Values.server.rbacConfigCreate .Values.server.rbacConfigAnnotations }} +DEPRECATED option server.rbacConfig - Use configs.rbac +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} @@ -52,7 +58,7 @@ In order to access the server UI you have the following options: - Set the `configs.params."server.insecure"` in the values file and terminate SSL at your ingress: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-2-multiple-ingress-objects-and-hosts -{{ if eq (index .Values.server.config "admin.enabled") "true" -}} +{{ if eq (index (coalesce .Values.server.config .Values.configs.cm) "admin.enabled") "true" -}} After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running: kubectl -n {{ .Release.Namespace }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index d079d6bb..cdde1452 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -161,19 +161,19 @@ Create the name of the notifications bots slack service account to use {{/* Argo Configuration Preset Values (Incluenced by Values configuration) */}} -{{- define "argo-cd.config.presets" -}} - {{- if .Values.configs.styles }} +{{- define "argo-cd.config.cm.presets" -}} +{{- if .Values.configs.styles -}} ui.cssurl: "./custom/custom.styles.css" - {{- end }} +{{- end -}} {{- end -}} {{/* Merge Argo Configuration with Preset Configuration */}} -{{- define "argo-cd.config" -}} - {{- if .Values.server.configEnabled -}} -{{- toYaml (mergeOverwrite (default dict (fromYaml (include "argo-cd.config.presets" $))) .Values.server.config) }} - {{- end -}} +{{- define "argo-cd.config.cm" -}} +{{- $config := coalesce .Values.server.config (omit .Values.configs.cm "create" "annotations") -}} +{{- $preset := include "argo-cd.config.cm.presets" . | fromYaml | default dict -}} +{{- mergeOverwrite $preset $config | toYaml }} {{- end -}} {{/* diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 4e85da7b..9db8f771 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -1,16 +1,16 @@ -{{- if .Values.server.configEnabled }} +{{- if (coalesce .Values.server.configEnabled .Values.configs.cm.create) }} apiVersion: v1 kind: ConfigMap metadata: name: argocd-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cm") | nindent 4 }} - {{- with .Values.server.configAnnotations }} + {{- with (coalesce .Values.server.configAnnotations .Values.configs.cm.annotations) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} data: - {{- include "argo-cd.config" $ | nindent 2 }} + {{- include "argo-cd.config.cm" . | nindent 2 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index 38ecfc7c..6e8decd0 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -1,17 +1,17 @@ -{{- if .Values.server.rbacConfigCreate }} +{{- if (coalesce .Values.server.rbacConfigCreate .Values.configs.rbac.create) }} apiVersion: v1 kind: ConfigMap metadata: name: argocd-rbac-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "rbac-cm") | nindent 4 }} - {{- with .Values.server.rbacConfigAnnotations }} + {{- with (coalesce .Values.server.rbacConfigAnnotations .Values.configs.rbac.annotations) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- with .Values.server.rbacConfig }} +{{- with (coalesce .Values.server.rbacConfig (omit .Values.configs.rbac "create" "annotations")) }} data: {{- toYaml . | nindent 2 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index caac062e..b1e44848 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -27,7 +27,7 @@ rules: - pods/log verbs: - get - {{- if eq (index .Values.server.config "exec.enabled") "true" }} + {{- if eq (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled") "true" }} - apiGroups: - "" resources: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 39a27116..11b6d568 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -85,6 +85,138 @@ global: ## Argo Configs configs: + # General Argo CD configuration + ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml + cm: + # -- Create the argocd-cm configmap for [Declarative setup] + create: true + + # -- Annotations to be added to argocd-cm configmap + annotations: {} + + # -- The name of tracking label used by Argo CD for resource pruning + # @default -- Defaults to app.kubernetes.io/instance + application.instanceLabelKey: argocd.argoproj.io/instance + + # -- Enable logs RBAC enforcement + ## Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement + server.rbac.log.enforce.enable: "false" + + # -- Enable exec feature in Argo UI + ## Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/rbac/#exec-resource + exec.enabled: "false" + + # -- Enable local admin user + ## Ref: https://argo-cd.readthedocs.io/en/latest/faq/#how-to-disable-admin-user + admin.enabled: "true" + + # -- Timeout to discover if a new manifests version got published to the repository + timeout.reconciliation: 180s + + # -- Timeout to refresh application data as well as target manifests cache + timeout.hard.reconciliation: "0" + + # Dex configuration + # dex.config: | + # connectors: + # # GitHub example + # - type: github + # id: github + # name: GitHub + # config: + # clientID: aabbccddeeff00112233 + # clientSecret: $dex.github.clientSecret # Alternatively $:dex.github.clientSecret + # orgs: + # - name: your-github-org + + # OIDC configuration as an alternative to dex (optional). + # oidc.config: | + # name: AzureAD + # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 + # clientID: CLIENT_ID + # clientSecret: $oidc.azuread.clientSecret + # requestedIDTokenClaims: + # groups: + # essential: true + # requestedScopes: + # - openid + # - profile + # - email + + # Argo CD configuration parameters + ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cmd-params-cm.yaml + params: + # -- Annotations to be added to the argocd-cmd-params-cm ConfigMap + annotations: {} + + ## Generic parameters + # -- Open-Telemetry collector address: (e.g. "otel-collector:4317") + otlp.address: '' + + ## Controller Properties + # -- Number of application status processors + controller.status.processors: 20 + # -- Number of application operation processors + controller.operation.processors: 10 + # -- Specifies timeout between application self heal attempts + controller.self.heal.timeout.seconds: 5 + # -- Repo server RPC call timeout seconds. + controller.repo.server.timeout.seconds: 60 + + ## Server properties + # -- Run server without TLS + server.insecure: false + # -- Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / + server.basehref: / + # -- Used if Argo CD is running behind reverse proxy under subpath different from / + server.rootpath: '' + # -- Directory path that contains additional static assets + server.staticassets: /shared/app + # -- Disable Argo CD RBAC for user authentication + server.disable.auth: false + # -- Enable GZIP compression + server.enable.gzip: false + # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "". + server.x.frame.options: sameorigin + + ## Repo-server properties + # -- Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. + reposerver.parallelism.limit: 0 + + # Argo CD RBAC policy configuration + ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + rbac: + # -- Create the argocd-rbac-cm configmap with ([Argo CD RBAC policy]) definitions. + # If false, it is expected the configmap will be created by something else. + # Argo CD will not work if there is no configmap created with the name above. + create: true + + # -- Annotations to be added to argocd-rbac-cm configmap + annotations: {} + + # -- The name of the default role which Argo CD will falls back to, when authorizing API requests (optional). + # If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... + policy.default: '' + + # -- File containing user-defined policies and role definitions. + # @default -- `''` (See [values.yaml]) + policy.csv: '' + # Policy rules are in the form: + # p, subject, resource, action, object, effect + # Role definitions and bindings are in the form: + # g, subject, inherited-subject + # policy.csv | + # p, role:org-admin, applications, *, */*, allow + # p, role:org-admin, clusters, get, *, allow + # p, role:org-admin, repositories, *, *, allow + # p, role:org-admin, logs, get, *, allow + # p, role:org-admin, exec, create, */*, allow + # g, your-github-org:your-team, role:org-admin + + # -- OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). + # The scope value can be a string, or a list of strings. + scopes: "[groups]" + # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) ## Ref: @@ -296,46 +428,6 @@ configs: # background: linear-gradient(to bottom, #999, #777, #333, #222, #111); # } - # Argo CD configuration parameters - ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cmd-params-cm.yaml - params: - # -- Annotations to be added to the argocd-cmd-params-cm ConfigMap - annotations: {} - - ## Generic parameters - # -- Open-Telemetry collector address: (e.g. "otel-collector:4317") - otlp.address: '' - - ## Controller Properties - # -- Number of application status processors - controller.status.processors: 20 - # -- Number of application operation processors - controller.operation.processors: 10 - # -- Specifies timeout between application self heal attempts - controller.self.heal.timeout.seconds: 5 - # -- Repo server RPC call timeout seconds. - controller.repo.server.timeout.seconds: 60 - - ## Server properties - # -- Run server without TLS - server.insecure: false - # -- Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / - server.basehref: / - # -- Used if Argo CD is running behind reverse proxy under subpath different from / - server.rootpath: '' - # -- Directory path that contains additional static assets - server.staticassets: /shared/app - # -- Disable Argo CD RBAC for user authentication - server.disable.auth: false - # -- Enable GZIP compression - server.enable.gzip: false - # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "". - server.x.frame.options: sameorigin - - ## Repo-server properties - # -- Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. - reposerver.parallelism.limit: 0 - # -- Array of extra K8s manifests to deploy extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 @@ -1540,97 +1632,6 @@ server: # -- Termination policy of Openshift Route termination_policy: None - # -- Manage Argo CD configmap (Declarative Setup) - ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml - configEnabled: true - # -- [General Argo CD configuration] - # @default -- See [values.yaml] - config: - # Argo CD's externally facing base URL (optional). Required when configuring SSO - url: "" - - # Argo CD instance label key - application.instanceLabelKey: argocd.argoproj.io/instance - - # Enable logs RBAC enforcement - # Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement - server.rbac.log.enforce.enable: "false" - - # exec.enabled indicates whether the UI exec feature is enabled. It is disabled by default. - # Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/rbac/#exec-resource - exec.enabled: "false" - - # admin.enabled indicates whether the admin user is enabled. It is enabled by default. - # https://argo-cd.readthedocs.io/en/latest/faq/#how-to-disable-admin-user - admin.enabled: "true" - - # Application reconciliation timeout is the max amount of time required to discover if a new manifests version got - # published to the repository. Reconciliation by timeout is disabled if timeout is set to 0. Three minutes by default. - timeout.reconciliation: 180s - - # Timeout to refresh application data as well as target manifests cache - timeout.hard.reconciliation: "0" - - # Dex configuration - # dex.config: | - # connectors: - # # GitHub example - # - type: github - # id: github - # name: GitHub - # config: - # clientID: aabbccddeeff00112233 - # clientSecret: $dex.github.clientSecret # Alternatively $:dex.github.clientSecret - # orgs: - # - name: your-github-org - - # OIDC configuration as an alternative to dex (optional). - # oidc.config: | - # name: AzureAD - # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 - # clientID: CLIENT_ID - # clientSecret: $oidc.azuread.clientSecret - # requestedIDTokenClaims: - # groups: - # essential: true - # requestedScopes: - # - openid - # - profile - # - email - - # -- Annotations to be added to Argo CD ConfigMap - configAnnotations: {} - - # -- Argo CD rbac config ([Argo CD RBAC policy]) - ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md - rbacConfig: - {} - # policy.csv is a file containing user-defined RBAC policies and role definitions (optional). - # Policy rules are in the form: - # p, subject, resource, action, object, effect - # Role definitions and bindings are in the form: - # g, subject, inherited-subject - # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. - # policy.csv: | - # # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project' - # p, my-org:team-alpha, applications, sync, my-project/*, allow - # # Grant all members of 'my-org:team-beta' admins - # g, my-org:team-beta, role:admin - # policy.default is the name of the default role which Argo CD will falls back to, when - # authorizing API requests (optional). If omitted or empty, users may be still be able to login, - # but will see no apps, projects, etc... - # policy.default: role:readonly - # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). - # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. - # scopes: '[cognito:groups, email]' - - # -- Annotations to be added to Argo CD rbac ConfigMap - rbacConfigAnnotations: {} - - # -- Whether or not to create the configmap. If false, it is expected the configmap will be created - # by something else. Argo CD will not work if there is no configMap created with the name above. - rbacConfigCreate: true - ## Enable Admin ClusterRole resources. ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. clusterAdminAccess: From 7e30521dd28ae52c04e0576fb390fd3be49f2bdc Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 25 Oct 2022 23:22:22 +0200 Subject: [PATCH 0419/1248] feat(argo-cd): Upgrade Argo CD to 2.5.0 (#1568) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +- charts/argo-cd/templates/_helpers.tpl | 13 +- .../statefulset.yaml | 57 +++-- .../argocd-configs/argocd-styles-cm.yaml | 4 +- .../argocd-repo-server/deployment.yaml | 92 ++++--- .../templates/argocd-server/clusterrole.yaml | 16 +- .../templates/argocd-server/deployment.yaml | 103 +++++--- .../argo-cd/templates/argocd-server/role.yaml | 3 +- .../templates/crds/crd-application.yaml | 30 ++- .../templates/crds/crd-applicationset.yaml | 234 +++++++++++++++++- .../argo-cd/templates/crds/crd-project.yaml | 10 + 11 files changed, 451 insertions(+), 119 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 58118915..7a9cb49b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.15 +appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.7.0 +version: 5.8.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,6 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Configuration sections configs.cm and configs.rbac" - - "[Deprecated]: Generic configuration via server.config" - - "[Deprecated]: Argo RBAC configuration via server.rbacConfig" + - "[Changed]: Upgraded Argo CD to 2.5.0" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index cdde1452..ccbae4be 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -15,6 +15,17 @@ Create dex name and version as used by the chart label. {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.dex.name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Create Dex server endpoint +*/}} +{{- define "argo-cd.dex.server" -}} +{{- $insecure := index .Values.configs.params "dexserver.disable.tls" | toString -}} +{{- $scheme := (eq $insecure "true") | ternary "http" "https" -}} +{{- $host := include "argo-cd.dex.fullname" . -}} +{{- $port := int .Values.dex.servicePortHttp -}} +{{- printf "%s://%s:%d" $scheme $host $port }} +{{- end }} + {{/* Create redis name and version as used by the chart label. */}} @@ -185,7 +196,7 @@ repo.server: "{{ include "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServe redis.server: {{ . | quote }} {{- end }} {{- if .Values.dex.enabled }} -server.dex.server: "http://{{ include "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }}" +server.dex.server: {{ include "argo-cd.dex.server" . }} {{- end }} {{- range $component := tuple "controller" "server" "reposerver" }} {{ $component }}.log.format: {{ $.Values.global.logging.format | quote }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index d2bf6825..018b5e0d 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -163,6 +163,12 @@ spec: name: argocd-cmd-params-cm key: controller.repo.server.strict.tls optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.resource.health.persist + optional: true - name: ARGOCD_APP_STATE_CACHE_EXPIRATION valueFrom: configMapKeyRef: @@ -175,6 +181,12 @@ spec: name: argocd-cmd-params-cm key: redis.server optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true - name: REDISDB valueFrom: configMapKeyRef: @@ -205,6 +217,12 @@ spec: name: argocd-cmd-params-cm key: otlp.address optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: application.namespaces + optional: true {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} @@ -216,31 +234,32 @@ spec: livenessProbe: httpGet: path: /healthz - port: {{ .Values.controller.containerPort }} + port: metrics initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }} successThreshold: {{ .Values.controller.livenessProbe.successThreshold }} failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }} readinessProbe: - tcpSocket: - port: {{ .Values.controller.containerPort }} + httpGet: + path: /healthz + port: metrics initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} - workingDir: /home/argocd - volumeMounts: - - name: argocd-home - mountPath: /home/argocd - - mountPath: /app/config/controller/tls - name: argocd-repo-server-tls - {{- with .Values.controller.volumeMounts }} - {{- toYaml . | nindent 8 }} - {{- end }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} + workingDir: /home/argocd + volumeMounts: + {{- with .Values.controller.volumeMounts }} + {{- toYaml . | nindent 8 }} + {{- end }} + - mountPath: /app/config/controller/tls + name: argocd-repo-server-tls + - mountPath: /home/argocd + name: argocd-home {{- with .Values.controller.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} @@ -273,10 +292,15 @@ spec: {{- toYaml . | nindent 6 }} {{- end }} volumes: - - emptyDir: {} - name: argocd-home + {{- with .Values.controller.volumes }} + {{- toYaml . | nindent 6 }} + {{- end }} + - name: argocd-home + emptyDir: {} - name: argocd-repo-server-tls secret: + secretName: argocd-repo-server-tls + optional: true items: - key: tls.crt path: tls.crt @@ -284,11 +308,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - optional: true - secretName: argocd-repo-server-tls - {{- with .Values.controller.volumes }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.controller.initContainers }} initContainers: {{- toYaml . | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml index a8079671..149104f1 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml @@ -2,10 +2,10 @@ apiVersion: v1 kind: ConfigMap metadata: - name: argocd-custom-styles + name: argocd-styles-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} data: custom.styles.css: | {{- .Values.configs.styles | nindent 4 }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 5a36842b..57e011c4 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -127,6 +127,12 @@ spec: name: argocd-cmd-params-cm key: redis.server optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true - name: REDISDB valueFrom: configMapKeyRef: @@ -169,6 +175,30 @@ spec: name: argocd-cmd-params-cm key: reposerver.plugin.tar.exclusions optional: true + - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS + valueFrom: + configMapKeyRef: + key: reposerver.allow.oob.symlinks + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.streamed.manifest.max.tar.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.streamed.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: reposerver.enable.git.submodule + name: argocd-cmd-params-cm + optional: true - name: HELM_CACHE_HOME value: /helm-working-dir - name: HELM_CONFIG_HOME @@ -183,44 +213,42 @@ spec: {{- if .Values.repoServer.volumeMounts }} {{- toYaml .Values.repoServer.volumeMounts | nindent 8 }} {{- end }} + - mountPath: /app/config/ssh + name: ssh-known-hosts + - mountPath: /app/config/tls + name: tls-certs - mountPath: /app/config/gpg/source name: gpg-keys - mountPath: /app/config/gpg/keys name: gpg-keyring - {{- if .Values.configs.knownHosts }} - - mountPath: /app/config/ssh - name: ssh-known-hosts - {{- end }} - - mountPath: /app/config/tls - name: tls-certs - mountPath: /app/config/reposerver/tls name: argocd-repo-server-tls - - mountPath: /tmp - name: tmp-dir - mountPath: /helm-working-dir name: helm-working-dir - mountPath: /home/argocd/cmp-server/plugins name: plugins + - mountPath: /tmp + name: tmp ports: - name: repo-server containerPort: {{ .Values.repoServer.containerPort }} protocol: TCP - {{ if .Values.repoServer.metrics.enabled }} - name: metrics containerPort: 8084 protocol: TCP - {{- end }} livenessProbe: - tcpSocket: - port: {{ .Values.repoServer.containerPort }} + httpGet: + path: /healthz?full=true + port: metrics initialDelaySeconds: {{ .Values.repoServer.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.repoServer.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.repoServer.livenessProbe.timeoutSeconds }} successThreshold: {{ .Values.repoServer.livenessProbe.successThreshold }} failureThreshold: {{ .Values.repoServer.livenessProbe.failureThreshold }} readinessProbe: - tcpSocket: - port: {{ .Values.repoServer.containerPort }} + httpGet: + path: /healthz + port: metrics initialDelaySeconds: {{ .Values.repoServer.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.repoServer.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.repoServer.readinessProbe.timeoutSeconds }} @@ -265,23 +293,29 @@ spec: {{- with .Values.repoServer.volumes }} {{- toYaml . | nindent 6 }} {{- end }} + - name: helm-working-dir + emptyDir: {} + - name: plugins + emptyDir: {} + - name: var-files + emptyDir: {} + - name: tmp + emptyDir: {} + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm - name: gpg-keys configMap: name: argocd-gpg-keys-cm - - emptyDir: {} - name: gpg-keyring - {{- if .Values.configs.knownHosts }} - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - {{- end }} - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - name: helm-working-dir + - name: gpg-keyring emptyDir: {} - name: argocd-repo-server-tls secret: + secretName: argocd-repo-server-tls + optional: true items: - key: tls.crt path: tls.crt @@ -289,14 +323,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - optional: true - secretName: argocd-repo-server-tls - - emptyDir: {} - name: tmp-dir - - emptyDir: {} - name: var-files - - emptyDir: {} - name: plugins initContainers: - command: - cp diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index b1e44848..c892f111 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: @@ -29,10 +29,18 @@ rules: - get {{- if eq (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled") "true" }} - apiGroups: - - "" + - "" resources: - - pods/exec + - pods/exec verbs: - - create + - create {{- end }} + - apiGroups: + - argoproj.io + resources: + - applications + verbs: + - get + - list + - watch {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 10c21541..023cc22d 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -84,7 +84,7 @@ spec: name: argocd-cmd-params-cm key: server.log.format optional: true - - name: ARGOCD_REPO_SERVER_LOGLEVEL + - name: ARGOCD_SERVER_LOG_LEVEL valueFrom: configMapKeyRef: name: argocd-cmd-params-cm @@ -144,6 +144,18 @@ spec: name: argocd-cmd-params-cm key: server.repo.server.strict.tls optional: true + - name: ARGOCD_SERVER_DEX_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.dex.server.plaintext + optional: true + - name: ARGOCD_SERVER_DEX_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.dex.server.strict.tls + optional: true - name: ARGOCD_TLS_MIN_VERSION valueFrom: configMapKeyRef: @@ -198,6 +210,12 @@ spec: name: argocd-cmd-params-cm key: redis.server optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true - name: REDISDB valueFrom: configMapKeyRef: @@ -234,51 +252,50 @@ spec: name: argocd-cmd-params-cm key: otlp.address optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: application.namespaces + optional: true {{- with .Values.server.envFrom }} envFrom: {{- toYaml . | nindent 10 }} {{- end }} volumeMounts: {{- with .Values.server.volumeMounts }} - {{- toYaml . | nindent 8}} + {{- toYaml . | nindent 8 }} {{- end }} - {{- if .Values.server.extensions.enabled }} - - name: extensions - mountPath: /tmp/extensions/ - {{- end }} - {{- if .Values.configs.knownHosts }} - mountPath: /app/config/ssh name: ssh-known-hosts - {{- end }} - mountPath: /app/config/tls name: tls-certs - mountPath: /app/config/server/tls name: argocd-repo-server-tls - {{- if .Values.configs.styles }} - - mountPath: "/shared/app/custom/custom.styles.css" - subPath: "custom.styles.css" - name: custom-styles - {{- end }} - {{- if .Values.server.containerSecurityContext.readOnlyRootFilesystem }} - - mountPath: /home/argocd/.aws - name: aws-config - {{- end }} + - mountPath: /app/config/dex/tls + name: argocd-dex-server-tls - mountPath: /home/argocd name: plugins-home + - mountPath: /home/argocd/.aws + name: aws-config + - mountPath: /shared/app/custom + name: styles - mountPath: /tmp - name: tmp-dir + name: tmp + {{- if .Values.server.extensions.enabled }} + - mountPath: /tmp/extensions + name: extensions + {{- end }} ports: - name: {{ .Values.server.name }} containerPort: {{ .Values.server.containerPort }} protocol: TCP - {{ if .Values.server.metrics.enabled }} - name: metrics containerPort: 8083 protocol: TCP - {{- end }} livenessProbe: httpGet: - path: /healthz + path: /healthz?full=true port: {{ .Values.server.containerPort }} initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }} @@ -347,31 +364,30 @@ spec: {{- with .Values.server.volumes }} {{- toYaml . | nindent 6}} {{- end }} + - name: aws-config + emptyDir: {} {{- if .Values.server.extensions.enabled }} - name: extensions emptyDir: {} {{- end }} - - emptyDir: {} - name: tmp-dir - {{- if .Values.server.containerSecurityContext.readOnlyRootFilesystem }} - - emptyDir: {} - name: aws-config - {{- end }} - {{- if .Values.configs.styles }} - - configMap: - name: argocd-custom-styles - name: custom-styles - {{- end }} - {{- if .Values.configs.knownHosts }} - - configMap: + - name: plugins-home + emptyDir: {} + - name: tmp + emptyDir: {} + - name: ssh-known-hosts + configMap: name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - {{- end }} - - configMap: + - name: tls-certs + configMap: name: argocd-tls-certs-cm - name: tls-certs + - name: styles + configMap: + name: argocd-styles-cm + optional: true - name: argocd-repo-server-tls secret: + secretName: argocd-repo-server-tls + optional: true items: - key: tls.crt path: tls.crt @@ -379,10 +395,15 @@ spec: path: tls.key - key: ca.crt path: ca.crt + - name: argocd-dex-server-tls + secret: + secretName: argocd-dex-server-tls optional: true - secretName: argocd-repo-server-tls - - emptyDir: {} - name: plugins-home + items: + - key: tls.crt + path: tls.crt + - key: ca.crt + path: ca.crt {{- with .Values.server.initContainers }} initContainers: {{- toYaml . | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index c73d189c..f4c5d533 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -1,7 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: @@ -22,6 +22,7 @@ rules: - argoproj.io resources: - applications + - applicationsets - appprojects {{- if .Values.server.extensions.enabled }} - argocdextensions diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index bb798cf9..23f9b6b3 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -343,8 +343,8 @@ spec: and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: Plugin holds config management plugin specific + options properties: env: description: Env is a list of environment variable entries @@ -689,8 +689,7 @@ spec: and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management plugin - specific options + description: Plugin holds config management plugin specific options properties: env: description: Env is a list of environment variable entries @@ -1045,8 +1044,8 @@ spec: and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: Plugin holds config management plugin specific + options properties: env: description: Env is a list of environment variable entries @@ -1417,8 +1416,8 @@ spec: from Git. type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: Plugin holds config management plugin + specific options properties: env: description: Env is a list of environment variable @@ -1761,8 +1760,8 @@ spec: and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: Plugin holds config management plugin specific + options properties: env: description: Env is a list of environment variable @@ -1813,6 +1812,10 @@ spec: reconciled using the latest git version format: date-time type: string + resourceHealthSource: + description: 'ResourceHealthSource indicates where the resource health + status is stored: inline if not set or appTree' + type: string resources: description: Resources is a list of Kubernetes resources managed by this application @@ -1849,6 +1852,9 @@ spec: description: SyncStatusCode is a type which represents possible comparison results type: string + syncWave: + format: int64 + type: integer version: type: string type: object @@ -2095,8 +2101,8 @@ spec: and is only valid for applications sourced from Git. type: string plugin: - description: ConfigManagementPlugin holds config management - plugin specific options + description: Plugin holds config management plugin specific + options properties: env: description: Env is a list of environment variable diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 2a6c56ec..f95a76ca 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -9,7 +9,6 @@ metadata: {{- with .Values.crds.annotations }} {{- toYaml . | nindent 4 }} {{- end }} - controller-gen.kubebuilder.io/version: v0.3.0 labels: app.kubernetes.io/name: applicationsets.argoproj.io app.kubernetes.io/part-of: argocd @@ -2381,6 +2380,8 @@ spec: properties: api: type: string + appSecretName: + type: string labels: items: type: string @@ -2403,6 +2404,31 @@ spec: - owner - repo type: object + gitlab: + properties: + api: + type: string + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object requeueAfterSeconds: format: int64 type: integer @@ -2664,6 +2690,31 @@ spec: type: object scmProvider: properties: + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object bitbucket: properties: allBranches: @@ -2768,6 +2819,8 @@ spec: type: boolean api: type: string + appSecretName: + type: string organization: type: string tokenRef: @@ -3065,6 +3118,29 @@ spec: - spec type: object type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object type: object type: array template: @@ -4534,6 +4610,8 @@ spec: properties: api: type: string + appSecretName: + type: string labels: items: type: string @@ -4556,6 +4634,31 @@ spec: - owner - repo type: object + gitlab: + properties: + api: + type: string + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object requeueAfterSeconds: format: int64 type: integer @@ -4817,6 +4920,31 @@ spec: type: object scmProvider: properties: + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object bitbucket: properties: allBranches: @@ -4921,6 +5049,8 @@ spec: type: boolean api: type: string + appSecretName: + type: string organization: type: string tokenRef: @@ -5218,6 +5348,29 @@ spec: - spec type: object type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object type: object type: array mergeKeys: @@ -5552,6 +5705,8 @@ spec: properties: api: type: string + appSecretName: + type: string labels: items: type: string @@ -5574,6 +5729,31 @@ spec: - owner - repo type: object + gitlab: + properties: + api: + type: string + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object requeueAfterSeconds: format: int64 type: integer @@ -5835,6 +6015,31 @@ spec: type: object scmProvider: properties: + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object bitbucket: properties: allBranches: @@ -5939,6 +6144,8 @@ spec: type: boolean api: type: string + appSecretName: + type: string organization: type: string tokenRef: @@ -6236,8 +6443,33 @@ spec: - spec type: object type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object type: object type: array + goTemplate: + type: boolean syncPolicy: properties: preserveResourcesOnDeletion: diff --git a/charts/argo-cd/templates/crds/crd-project.yaml b/charts/argo-cd/templates/crds/crd-project.yaml index ae4645cd..81e57d82 100644 --- a/charts/argo-cd/templates/crds/crd-project.yaml +++ b/charts/argo-cd/templates/crds/crd-project.yaml @@ -167,6 +167,10 @@ spec: for apps which have orphaned resources type: boolean type: object + permitOnlyProjectScopedClusters: + description: PermitOnlyProjectScopedClusters determines whether destinations + can only reference clusters which are project-scoped + type: boolean roles: description: Roles are user defined RBAC roles associated with this project @@ -229,6 +233,12 @@ spec: - keyID type: object type: array + sourceNamespaces: + description: SourceNamespaces defines the namespaces application resources + are allowed to be created in + items: + type: string + type: array sourceRepos: description: SourceRepos contains list of repository URLs which can be used for deployment From 77de11bcab8622002bf9595ffb16a705aec5a96e Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 25 Oct 2022 23:33:26 +0200 Subject: [PATCH 0420/1248] chore(github): Bump GitHub actions versions (#1575) Signed-off-by: Petr Drastil --- .github/workflows/lint-and-test.yml | 5 +++-- .github/workflows/pr-title.yml | 2 +- .github/workflows/publish.yml | 2 +- scripts/lint.sh | 2 +- 4 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 605c9f9e..504f9fb0 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -26,10 +26,10 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.3.0 + uses: helm/chart-testing-action@v2.3.1 with: # Note: Also update in scripts/lint.sh - version: v3.7.0 + version: v3.7.1 - name: List changed charts id: list-changed @@ -41,6 +41,7 @@ jobs: echo "::set-output name=changed::true" echo "::set-output name=changed_charts::$charts" fi + - name: Run chart-testing (lint) run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index f42d814f..a636b08b 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@v4 + - uses: amannn/action-semantic-pull-request@v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 901c2f63..ac6f0137 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -39,7 +39,7 @@ jobs: git checkout origin/gh-pages index.yaml - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.4.0 + uses: helm/chart-releaser-action@v1.4.1 with: config: "./.github/configs/cr.yaml" env: diff --git a/scripts/lint.sh b/scripts/lint.sh index 4fcf0870..b44a6cee 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -9,7 +9,7 @@ echo -e "\n-- Linting all Helm Charts --\n" docker run \ -v "$SRCROOT:/workdir" \ --entrypoint /bin/sh \ - quay.io/helmpack/chart-testing:v3.7.0 \ + quay.io/helmpack/chart-testing:v3.7.1 \ -c cd /workdir \ ct lint \ --config .github/configs/ct-lint.yaml \ From 5c8681bd3ec0f78994b47adb1be845b814a66df0 Mon Sep 17 00:00:00 2001 From: Filipe Date: Thu, 27 Oct 2022 00:11:16 +1300 Subject: [PATCH 0421/1248] fix(argo-cd): Chart NOTES nil references (#1582) Signed-off-by: Filipe Santos --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/NOTES.txt | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7a9cb49b..c235fd96 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.8.0 +version: 5.8.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgraded Argo CD to 2.5.0" + - "[Fixed]: Chart NOTES invalid yaml references" diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 852577da..b4a7a233 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -64,8 +64,8 @@ After reaching the UI the first time you can login with username: admin and the kubectl -n {{ .Release.Namespace }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d (You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://argo-cd.readthedocs.io/en/stable/getting_started/#4-login-using-the-cli) -{{ else if or (index .Values.server.config "dex.config") (index .Values.server.config "oidc.config") -}} +{{ else if or (index .Values.configs.cm "dex.config") (index .Values.configs.cm "oidc.config") -}} After reaching the UI the first time you can login using Dex or OIDC. {{ else -}} -After reaching the UI the first time you cannot login with username and password since you've disabled it. You should enable admin back or configure Dex via `server.config.dex.config` or OIDC via `server.config.oidc.config`. +After reaching the UI the first time you cannot login with username and password since you've disabled it. You should enable admin back or configure Dex via `configs.cm.dex.config` or OIDC via `configs.cm.oidc.config`. {{ end -}} From aa669028b899eef65415f9dc730815b4bef9b7a6 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 26 Oct 2022 15:18:59 +0200 Subject: [PATCH 0422/1248] docs(argo-cd): Improve documentation (#1584) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 7 ++++--- charts/argo-cd/values.yaml | 31 ++++++++++++++++++++++--------- 3 files changed, 30 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c235fd96..4059d31b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.8.1 +version: 5.8.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Chart NOTES invalid yaml references" + - "[Changed]: Added example how to provide OIDC CA certificate" + - "[Changed]: Added missing URL parameter for OIDC configuration" + - "[Changed]: Improve documentation default values" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f4a238ac..11e5b7c6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -333,7 +333,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | -| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of certmanager resources rendered by this helm chart | +| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | apiVersionOverrides.pdb | string | `""` | String to override apiVersion of pod disruption budgets rendered by this helm chart | @@ -351,7 +351,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| global.additionalLabels | object | `{}` | Additional labels to add to all resources | +| global.additionalLabels | object | `{}` | Common labels for the all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | @@ -363,7 +363,7 @@ NAME: my-release | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | | global.podAnnotations | object | `{}` | Annotations for the all deployed pods | | global.podLabels | object | `{}` | Labels for the all deployed pods | -| global.securityContext | object | `{}` | Toggle and define securityContext. See [values.yaml] | +| global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | ## Argo CD Configs @@ -378,6 +378,7 @@ NAME: my-release | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | | configs.cm.create | bool | `true` | Create the argocd-cm configmap for [Declarative setup] | +| configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpgKeys | object | `{}` (See [values.yaml]) | [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 11b6d568..85ad2636 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -12,7 +12,7 @@ kubeVersionOverride: "" # If you want to template helm charts but cannot access k8s API server # you can set api versions here apiVersionOverrides: - # -- String to override apiVersion of certmanager resources rendered by this helm chart + # -- String to override apiVersion of cert-manager resources rendered by this helm chart certmanager: "" # cert-manager.io/v1 # -- String to override apiVersion of GKE resources rendered by this helm chart cloudgoogle: "" # cloud.google.com/v1 @@ -40,7 +40,13 @@ crds: # -- Annotations to be added to all CRDs annotations: {} +## Globally shared configuration global: + # -- Common labels for the all resources + additionalLabels: {} + # app: argo-cd + + # Default image used by all components image: # -- If defined, a repository applied to all Argo CD deployments repository: quay.io/argoproj/argocd @@ -52,16 +58,21 @@ global: # -- Secrets with credentials to pull images from a private registry imagePullSecrets: [] + # Default logging options used by all components logging: # -- Set the global logging format. Either: `text` or `json` format: text # -- Set the global logging level. One of: `debug`, `info`, `warn` or `error` level: info + # -- Annotations for the all deployed pods podAnnotations: {} + # -- Labels for the all deployed pods podLabels: {} - # -- Toggle and define securityContext. See [values.yaml] + + # -- Toggle and define pod-level security context. + # @default -- `{}` (See [values.yaml]) securityContext: {} # runAsUser: 999 # runAsGroup: 999 @@ -73,10 +84,6 @@ global: # hostnames: # - git.myhostname - # -- Additional labels to add to all resources - additionalLabels: {} - # app: argo-cd - networkPolicy: # -- Create NetworkPolicy objects for all components create: false @@ -94,6 +101,9 @@ configs: # -- Annotations to be added to argocd-cm configmap annotations: {} + # -- Argo CD's externally facing base URL (optional). Required when configuring SSO + url: "" + # -- The name of tracking label used by Argo CD for resource pruning # @default -- Defaults to app.kubernetes.io/instance application.instanceLabelKey: argocd.argoproj.io/instance @@ -135,6 +145,10 @@ configs: # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 # clientID: CLIENT_ID # clientSecret: $oidc.azuread.clientSecret + # rootCA: | + # -----BEGIN CERTIFICATE----- + # ... encoded certificate data here ... + # -----END CERTIFICATE----- # requestedIDTokenClaims: # groups: # essential: true @@ -373,6 +387,8 @@ configs: # -- Annotations to be added to `configs.repositories` Secret repositoriesAnnotations: {} + # Argo CD sensitive data + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/#sensitive-data-and-sso-client-secrets secret: # -- Create the argocd-secret createSecret: true @@ -555,7 +571,6 @@ controller: ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ - ## readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1320,7 +1335,6 @@ server: ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ - ## readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1839,7 +1853,6 @@ repoServer: ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ - ## readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 From 55b8b34d20ebaf38fa05e1113daf30220d11e725 Mon Sep 17 00:00:00 2001 From: Nick Fisher Date: Wed, 26 Oct 2022 21:04:37 -0400 Subject: [PATCH 0423/1248] fix(argo-workflows): serviceaccount rbac when sso is enabled (#1586) Signed-off-by: Nick Fisher Signed-off-by: Nick Fisher --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-config-map.yaml | 4 ---- .../templates/server/server-cluster-roles.yaml | 6 +++--- 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0c3dbf47..72940816 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.4 +version: 0.20.5 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Enable to set different imagePullPolicy for mainContainer and executor" + - "[Fixed]: Removed invalid rbac block from configmap" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 0e79514c..07b47d03 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -131,10 +131,6 @@ data: name: {{ .clientSecret.name }} key: {{ .clientSecret.key }} redirectUrl: {{ .redirectUrl }} - {{- with .rbac }} - rbac: - enabled: {{ .enabled }} - {{- end }} {{- if .scopes }} scopes: {{ toYaml .scopes | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 66944647..c3c4e688 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -30,7 +30,7 @@ rules: - list - watch - delete - {{- if .Values.server.sso }} +{{- if .Values.server.sso }} - apiGroups: - "" resources: @@ -46,7 +46,7 @@ rules: - secrets verbs: - create - {{- if .Values.server.sso.rbac }} + {{- if .Values.server.sso.rbac }} - apiGroups: - "" resources: @@ -55,8 +55,8 @@ rules: - get - list - watch - {{- end }} {{- end }} +{{- end }} - apiGroups: - "" resources: From 563e1b355223e4da236516efb008f3ce2be4a014 Mon Sep 17 00:00:00 2001 From: Ashlin Eldridge Date: Thu, 27 Oct 2022 22:18:07 +1000 Subject: [PATCH 0424/1248] Fix incorrect applicationSet property in README (#1590) Based on [here](https://github.com/argoproj/argo-helm/blob/55b8b34d20ebaf38fa05e1113daf30220d11e725/charts/argo-cd/templates/argocd-applicationset/deployment.yaml#L9), I think `replicas` should be `replicaCount` (though `replicas` would be more consistent). Signed-off-by: Ashlin Eldridge Signed-off-by: Ashlin Eldridge --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/README.md.gotmpl | 4 ++-- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4059d31b..0912b56c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.8.2 +version: 5.8.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,6 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Added example how to provide OIDC CA certificate" - - "[Changed]: Added missing URL parameter for OIDC configuration" - - "[Changed]: Improve documentation default values" + - "[Changed]: Fixed documentation for applicationSet HA examples" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 11e5b7c6..5cecc0b5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -42,7 +42,7 @@ repoServer: minReplicas: 2 applicationSet: - replicas: 2 + replicaCount: 2 ``` ### HA mode without autoscaling @@ -61,7 +61,7 @@ repoServer: replicas: 2 applicationSet: - replicas: 2 + replicaCount: 2 ``` ### Synchronizing Changes from Original Repository diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 0fb649cd..b75e549e 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -41,7 +41,7 @@ repoServer: minReplicas: 2 applicationSet: - replicas: 2 + replicaCount: 2 ``` ### HA mode without autoscaling @@ -60,7 +60,7 @@ repoServer: replicas: 2 applicationSet: - replicas: 2 + replicaCount: 2 ``` ### Synchronizing Changes from Original Repository From 229ca3902a5318cf7c258a9d5fc634a16f79ac42 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 28 Oct 2022 10:49:37 +0200 Subject: [PATCH 0425/1248] fix(argo-cd): Remove AWS volume from server (#1591) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ---- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0912b56c..ff000ae9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.8.3 +version: 5.8.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Fixed documentation for applicationSet HA examples" + - "[Removed]: AWS volume from server component" diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 023cc22d..50a1da04 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -276,8 +276,6 @@ spec: name: argocd-dex-server-tls - mountPath: /home/argocd name: plugins-home - - mountPath: /home/argocd/.aws - name: aws-config - mountPath: /shared/app/custom name: styles - mountPath: /tmp @@ -364,8 +362,6 @@ spec: {{- with .Values.server.volumes }} {{- toYaml . | nindent 6}} {{- end }} - - name: aws-config - emptyDir: {} {{- if .Values.server.extensions.enabled }} - name: extensions emptyDir: {} From 2cdd2ba687b4c631f84cc08adbc881e27bab1403 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 28 Oct 2022 12:18:04 +0200 Subject: [PATCH 0426/1248] chore(argo-cd): Cleanup Redis manifest (#1577) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 +- .../argo-cd/templates/redis/deployment.yaml | 121 +++++++++--------- 2 files changed, 66 insertions(+), 60 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ff000ae9..f3aac41e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.8.4 +version: 5.8.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: AWS volume from server component" + - "[Changed]: Cleanup indentation in Redis deployment manifest" + - "[Fixed]: Global image pull policy works with Redis" diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 066146cf..23bd61fb 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -1,9 +1,9 @@ -{{- $redisHa := (index .Values "redis-ha") -}} +{{- $redisHa := index .Values "redis-ha" -}} {{- if and .Values.redis.enabled (not $redisHa.enabled) -}} apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "argo-cd.redis.fullname" . }} + name: {{ include "argo-cd.redis.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} spec: @@ -12,111 +12,116 @@ spec: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} template: metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 8 }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.redis.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.redis.podAnnotations) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 8 }} - {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.redis.podLabels) }} - {{- toYaml . | nindent 8 }} - {{- end }} spec: {{- with .Values.redis.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} - serviceAccountName: {{ template "argo-cd.redisServiceAccountName" . }} - {{- if .Values.redis.securityContext }} - securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }} + {{- with .Values.redis.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} + {{- with .Values.redis.initContainers }} + initContainers: + {{- toYaml . | nindent 6 }} {{- end }} containers: - - name: {{ template "argo-cd.redis.fullname" . }} + - name: {{ .Values.redis.name }} + image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.image.imagePullPolicy }} args: - --save - "" - --appendonly - "no" {{- with .Values.redis.extraArgs }} - {{- . | toYaml | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} - image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} - imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}} - {{- if .Values.redis.containerSecurityContext }} - securityContext: {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }} - {{- end }} - {{- if .Values.redis.env }} + {{- with .Values.redis.env }} env: -{{- toYaml .Values.redis.env | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.redis.envFrom }} - envFrom: {{- toYaml . | nindent 8 }} + envFrom: + {{- toYaml . | nindent 8 }} {{- end }} ports: - - containerPort: {{ .Values.redis.containerPort }} - name: redis -{{- if .Values.redis.volumeMounts }} - volumeMounts: -{{- toYaml .Values.redis.volumeMounts | nindent 10 }} -{{- end }} + - name: redis + containerPort: {{ .Values.redis.containerPort }} + protocol: TCP resources: -{{- toYaml .Values.redis.resources | nindent 10 }} + {{- toYaml .Values.redis.resources | nindent 10 }} + {{- with .Values.redis.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.redis.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 10 }} + {{- end }} {{- if .Values.redis.metrics.enabled }} - name: metrics + image: {{ .Values.redis.metrics.image.repository }}:{{ .Values.redis.metrics.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.metrics.image.imagePullPolicy }} env: - name: REDIS_ADDR value: {{ printf "redis://localhost:%v" .Values.redis.containerPort }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: {{ printf "0.0.0.0:%v" .Values.redis.metrics.containerPort }} - image: {{ .Values.redis.metrics.image.repository }}:{{ .Values.redis.metrics.image.tag }} - imagePullPolicy: {{ .Values.redis.metrics.image.imagePullPolicy}} ports: - - containerPort: {{ .Values.redis.metrics.containerPort }} - name: metrics + - name: metrics + containerPort: {{ .Values.redis.metrics.containerPort }} protocol: TCP - resources: {{- toYaml .Values.redis.metrics.resources | nindent 10 }} + resources: + {{- toYaml .Values.redis.metrics.resources | nindent 10 }} {{- with .Values.redis.containerSecurityContext }} - securityContext: {{- toYaml . | nindent 10 }} + securityContext: + {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- with .Values.redis.extraContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} - {{- if .Values.redis.nodeSelector }} + {{- with .Values.redis.extraContainers }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.redis.nodeSelector }} nodeSelector: -{{- toYaml .Values.redis.nodeSelector | nindent 8 }} - {{- end }} - {{- if .Values.redis.tolerations }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.redis.tolerations }} tolerations: -{{- toYaml .Values.redis.tolerations | nindent 8 }} - {{- end }} - {{- if .Values.redis.affinity }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.redis.affinity }} affinity: -{{- toYaml .Values.redis.affinity | nindent 8 }} - {{- end }} - {{- with .Values.redis.topologySpreadConstraints }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.redis.topologySpreadConstraints }} topologySpreadConstraints: - {{- range $constraint := . }} + {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} {{- if not $constraint.labelSelector }} labelSelector: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" $ }}-{{ $.Values.redis.name }} {{- end }} + {{- end }} {{- end }} - {{- end }} -{{- if .Values.redis.volumes }} + {{- with .Values.redis.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + {{- with .Values.redis.volumes }} volumes: -{{- toYaml .Values.redis.volumes | nindent 8}} -{{- end }} - {{- if .Values.redis.initContainers }} - initContainers: - {{- toYaml .Values.redis.initContainers | nindent 6 }} + {{- toYaml . | nindent 8}} {{- end }} -{{- if .Values.redis.priorityClassName }} - priorityClassName: {{ .Values.redis.priorityClassName }} -{{- end }} {{- end }} From 90aa8962a02b3d478bf73ff1c4c5ba12152875a9 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 29 Oct 2022 11:23:40 +0200 Subject: [PATCH 0427/1248] fix(argo-cd): Fix migration path for server configs (#1585) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/templates/NOTES.txt | 4 ++-- charts/argo-cd/templates/argocd-configs/argocd-cm.yaml | 2 +- charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml | 2 +- 4 files changed, 6 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f3aac41e..6172e302 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.8.5 +version: 5.8.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,5 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Cleanup indentation in Redis deployment manifest" - - "[Fixed]: Global image pull policy works with Redis" + - "[Fixed]: Migration of configs for users who create them manually" diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index b4a7a233..6e50612a 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -34,10 +34,10 @@ DEPRECATED option repoServer.logFormat - Use configs.params.repoServer.log.forma {{- if .Values.repoServer.logLevel }} DEPRECATED option repoServer.logLevel - Use configs.params.repoServer.log.level {{- end }} -{{- if or .Values.server.config .Values.server.configEnabled .Values.server.configAnnotations }} +{{- if or .Values.server.config (hasKey .Values.server "configEnabled") .Values.server.configAnnotations }} DEPRECATED option server.config - Use configs.cm {{- end }} -{{- if or .Values.server.rbacConfig .Values.server.rbacConfigCreate .Values.server.rbacConfigAnnotations }} +{{- if or .Values.server.rbacConfig (hasKey .Values.server "rbacConfigCreate") .Values.server.rbacConfigAnnotations }} DEPRECATED option server.rbacConfig - Use configs.rbac {{- end }} {{- if .Values.controller.service }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 9db8f771..7e9055eb 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -1,4 +1,4 @@ -{{- if (coalesce .Values.server.configEnabled .Values.configs.cm.create) }} +{{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index 6e8decd0..92730bf5 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -1,4 +1,4 @@ -{{- if (coalesce .Values.server.rbacConfigCreate .Values.configs.rbac.create) }} +{{- if (hasKey .Values.server "rbacConfigCreate") | ternary .Values.server.rbacConfigCreate .Values.configs.rbac.create }} apiVersion: v1 kind: ConfigMap metadata: From 3eaad42bb4b957976fcf6250341f8a6e518a12fe Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 29 Oct 2022 21:08:16 +0200 Subject: [PATCH 0428/1248] fix(argo-cd): Type conversion for ConfigMaps values (#1594) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 8 ++++---- charts/argo-cd/templates/NOTES.txt | 2 +- charts/argo-cd/templates/_helpers.tpl | 8 +++++--- charts/argo-cd/templates/argocd-configs/argocd-cm.yaml | 2 +- charts/argo-cd/templates/argocd-server/clusterrole.yaml | 2 +- charts/argo-cd/values.yaml | 8 ++++---- 7 files changed, 18 insertions(+), 16 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6172e302..3dfc4f4e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.8.6 +version: 5.8.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Migration of configs for users who create them manually" + - "[Fixed]: Type conversion for ConfigMap values" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5cecc0b5..f075bded 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -370,11 +370,11 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | -| configs.cm."admin.enabled" | string | `"true"` | Enable local admin user | +| configs.cm."admin.enabled" | bool | `true` | Enable local admin user | | configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning | -| configs.cm."exec.enabled" | string | `"false"` | Enable exec feature in Argo UI | -| configs.cm."server.rbac.log.enforce.enable" | string | `"false"` | Enable logs RBAC enforcement | -| configs.cm."timeout.hard.reconciliation" | string | `"0"` | Timeout to refresh application data as well as target manifests cache | +| configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | +| configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | +| configs.cm."timeout.hard.reconciliation" | int | `0` | Timeout to refresh application data as well as target manifests cache | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | | configs.cm.create | bool | `true` | Create the argocd-cm configmap for [Declarative setup] | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 6e50612a..70181f17 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -58,7 +58,7 @@ In order to access the server UI you have the following options: - Set the `configs.params."server.insecure"` in the values file and terminate SSL at your ingress: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-2-multiple-ingress-objects-and-hosts -{{ if eq (index (coalesce .Values.server.config .Values.configs.cm) "admin.enabled") "true" -}} +{{ if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "admin.enabled")) "true" -}} After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running: kubectl -n {{ .Release.Namespace }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index ccbae4be..ac497dda 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -184,7 +184,9 @@ Merge Argo Configuration with Preset Configuration {{- define "argo-cd.config.cm" -}} {{- $config := coalesce .Values.server.config (omit .Values.configs.cm "create" "annotations") -}} {{- $preset := include "argo-cd.config.cm.presets" . | fromYaml | default dict -}} -{{- mergeOverwrite $preset $config | toYaml }} +{{- range $key, $value := mergeOverwrite $preset $config }} +{{ $key }}: {{ toString $value | toYaml }} +{{- end }} {{- end -}} {{/* @@ -209,8 +211,8 @@ Merge Argo Params Configuration with Preset Configuration */}} {{- define "argo-cd.config.params" -}} {{- $config := omit .Values.configs.params "annotations" }} -{{- $preset := include "argo-cd.config.params.presets" $ | fromYaml | default dict -}} +{{- $preset := include "argo-cd.config.params.presets" . | fromYaml | default dict -}} {{- range $key, $value := mergeOverwrite $preset $config }} -{{ $key }}: {{ $value | quote }} +{{ $key }}: {{ toString $value | toYaml }} {{- end }} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 7e9055eb..6da8be0a 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -12,5 +12,5 @@ metadata: {{- end }} {{- end }} data: - {{- include "argo-cd.config.cm" . | nindent 2 }} + {{- include "argo-cd.config.cm" . | trim | nindent 2 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index c892f111..ee6015be 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -27,7 +27,7 @@ rules: - pods/log verbs: - get - {{- if eq (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled") "true" }} + {{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }} - apiGroups: - "" resources: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 85ad2636..b5eb4700 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -110,21 +110,21 @@ configs: # -- Enable logs RBAC enforcement ## Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement - server.rbac.log.enforce.enable: "false" + server.rbac.log.enforce.enable: false # -- Enable exec feature in Argo UI ## Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/rbac/#exec-resource - exec.enabled: "false" + exec.enabled: false # -- Enable local admin user ## Ref: https://argo-cd.readthedocs.io/en/latest/faq/#how-to-disable-admin-user - admin.enabled: "true" + admin.enabled: true # -- Timeout to discover if a new manifests version got published to the repository timeout.reconciliation: 180s # -- Timeout to refresh application data as well as target manifests cache - timeout.hard.reconciliation: "0" + timeout.hard.reconciliation: 0 # Dex configuration # dex.config: | From 38a895706d2d8810995cd57af90a31e3d2d4aed4 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 30 Oct 2022 16:37:04 +0100 Subject: [PATCH 0429/1248] feat(argo-cd): Add probes for ApplicationSet controller (#1532) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +-- charts/argo-cd/README.md | 12 ++++++++ .../argocd-applicationset/deployment.yaml | 20 +++++++++++++ charts/argo-cd/values.yaml | 30 +++++++++++++++++++ 4 files changed, 64 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3dfc4f4e..790dad26 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.8.7 +version: 5.9.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Type conversion for ConfigMap values" + - "[Added]: Optional probes for ApplicationSet controller" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f075bded..abd3cc7c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -929,6 +929,12 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application set controller | | applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application set controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | +| applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| applicationSet.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| applicationSet.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| applicationSet.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.logFormat | string | `""` (defaults to global.logging.format) | ApplicationSet controller log format. Either `text` or `json` | | applicationSet.logLevel | string | `""` (defaults to global.logging.level) | ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | @@ -957,6 +963,12 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.podLabels | object | `{}` | Labels for the controller pods | | applicationSet.podSecurityContext | object | `{}` | Pod Security Context | | applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | +| applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | +| applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| applicationSet.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| applicationSet.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | | applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. | | applicationSet.securityContext | object | `{}` | Security Context | diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 2dbc5b70..4da9130e 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -76,6 +76,26 @@ spec: - name: webhook containerPort: 7000 protocol: TCP + {{- if .Values.applicationSet.livenessProbe.enabled }} + livenessProbe: + tcpSocket: + port: probe + initialDelaySeconds: {{ .Values.applicationSet.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.applicationSet.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.applicationSet.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.applicationSet.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.applicationSet.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.applicationSet.readinessProbe.enabled }} + readinessProbe: + tcpSocket: + port: probe + initialDelaySeconds: {{ .Values.applicationSet.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.applicationSet.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.applicationSet.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.applicationSet.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.applicationSet.readinessProbe.failureThreshold }} + {{- end }} resources: {{- toYaml .Values.applicationSet.resources | nindent 12 }} securityContext: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b5eb4700..1aa676ce 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2173,6 +2173,36 @@ applicationSet: # runAsNonRoot: true # runAsUser: 1000 + ## Probes for ApplicationSet controller (optional) + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + readinessProbe: + # -- Enable Kubernetes liveness probe for ApplicationSet controller + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + + livenessProbe: + # -- Enable Kubernetes liveness probe for ApplicationSet controller + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + # -- Resource limits and requests for the controller pods. resources: {} # We usually recommend not to specify default resources and to leave this as a conscious From 41100692088371490d9193aacda6177535bcc026 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 30 Oct 2022 18:47:57 +0100 Subject: [PATCH 0430/1248] chore(argo-cd): Remove liveness probe from application controller (#1581) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 5 ----- .../statefulset.yaml | 9 --------- charts/argo-cd/templates/dex/deployment.yaml | 16 ++++++++++------ charts/argo-cd/values.yaml | 13 +------------ 5 files changed, 13 insertions(+), 34 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 790dad26..3be4a362 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.5.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.9.0 +version: 5.9.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +22,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Optional probes for ApplicationSet controller" + - "[Removed]: Liveness probe for application controller" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index abd3cc7c..21865a05 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -441,11 +441,6 @@ NAME: my-release | controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | | controller.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | controller.initContainers | list | `[]` | Init containers to add to the application controller pod | -| controller.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | -| controller.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | -| controller.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | -| controller.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | -| controller.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | | controller.metrics.applicationLabels.labels | list | `[]` | Additional labels | | controller.metrics.enabled | bool | `false` | Deploy metrics service | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 018b5e0d..c19c4a4d 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -231,15 +231,6 @@ spec: - name: metrics containerPort: {{ .Values.controller.containerPort }} protocol: TCP - livenessProbe: - httpGet: - path: /healthz - port: metrics - initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.controller.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }} readinessProbe: httpGet: path: /healthz diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index ad0d0384..778246b6 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -98,18 +98,22 @@ spec: httpGet: path: /healthz/live port: metrics - {{- with .Values.dex.livenessProbe }} - {{- omit . "enabled" | toYaml | nindent 10 }} - {{- end }} + initialDelaySeconds: {{ .Values.dex.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.dex.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.dex.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.dex.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.dex.livenessProbe.failureThreshold }} {{- end }} {{- if .Values.dex.readinessProbe.enabled }} readinessProbe: httpGet: path: /healthz/ready port: metrics - {{- with .Values.dex.readinessProbe }} - {{- omit . "enabled" | toYaml | nindent 10 }} - {{- end }} + initialDelaySeconds: {{ .Values.dex.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.dex.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.dex.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.dex.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.dex.readinessProbe.failureThreshold }} {{- end }} volumeMounts: - name: static-files diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1aa676ce..4ef06d74 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -569,7 +569,7 @@ controller: # -- Application controller listening port containerPort: 8082 - ## Readiness and liveness probes for default backend + # Rediness probe for application controller ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded @@ -582,17 +582,6 @@ controller: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - livenessProbe: - # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded - failureThreshold: 3 - # -- Number of seconds after the container has started before [probe] is initiated - initialDelaySeconds: 10 - # -- How often (in seconds) to perform the [probe] - periodSeconds: 10 - # -- Minimum consecutive successes for the [probe] to be considered successful after having failed - successThreshold: 1 - # -- Number of seconds after which the [probe] times out - timeoutSeconds: 1 # -- Additional volumeMounts to the application controller main container volumeMounts: [] From b249ebf2a9a08efa1f5c230d4f0e00ce5fd822d4 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 30 Oct 2022 19:05:06 +0100 Subject: [PATCH 0431/1248] chore(github): Add dependabot.yml (#1595) Signed-off-by: Petr Drastil --- .github/dependabot.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..0a4fd6ca --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ +## Reference: https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: weekly + day: "saturday" From 3d9e2f35a6e6249c27fd4ccd8129622d886ef4ea Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 30 Oct 2022 20:12:46 +0100 Subject: [PATCH 0432/1248] feat(argo-cd): Set container security contexts (#1579) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 9 +- charts/argo-cd/README.md | 29 +-- charts/argo-cd/README.md.gotmpl | 7 +- .../statefulset.yaml | 6 +- .../argocd-applicationset/deployment.yaml | 6 +- .../bots/slack/deployment.yaml | 22 ++- .../argocd-notifications/deployment.yaml | 23 +-- .../argocd-repo-server/deployment.yaml | 10 +- .../templates/argocd-server/deployment.yaml | 16 +- charts/argo-cd/templates/dex/deployment.yaml | 27 ++- .../argo-cd/templates/redis/deployment.yaml | 8 +- charts/argo-cd/values.yaml | 171 ++++++++++++------ 12 files changed, 195 insertions(+), 139 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3be4a362..454b186c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,9 @@ apiVersion: v2 appVersion: v2.5.0 +kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.9.1 +version: 5.10.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,4 +23,8 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: Liveness probe for application controller" + - "[Security]: Use recommended container security contexts by default" + - "[Added]: Container security context for server UI extensions sidecar" + - "[Fixed]: Redis metrics sidecar now uses correct configuration option" + - "[Removed]: ApplicationSet securityContext in favor of global.securityContext" + - "[Removed]: Notification securityContext in favor of global.securityContext" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 21865a05..597ac46e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -101,6 +101,11 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref== 1.22. + ### 5.5.20 This version moved API version templates into dedicated helper. If you are using these in your umbrella @@ -312,7 +317,7 @@ server: ## Prerequisites -- Kubernetes 1.7+ +- Kubernetes: `>=1.22.0-0` - Helm v3.0.0+ ## Installing the Chart @@ -431,7 +436,7 @@ NAME: my-release | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPort | int | `8082` | Application controller listening port | -| controller.containerSecurityContext | object | `{}` | Application controller container-level security context | +| controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | @@ -502,7 +507,7 @@ NAME: my-release | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | -| repoServer.containerSecurityContext | object | `{}` | Repo server container-level security context | +| repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | @@ -596,9 +601,10 @@ NAME: my-release | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.containerPort | int | `8080` | Configures the server port | -| server.containerSecurityContext | object | `{}` | Servers container-level security context | +| server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | +| server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | | server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | | server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | @@ -732,7 +738,7 @@ server: | dex.containerPortGrpc | int | `5557` | Container port for gRPC access | | dex.containerPortHttp | int | `5556` | Container port for HTTP access | | dex.containerPortMetrics | int | `5558` | Container port for metrics access | -| dex.containerSecurityContext | object | `{}` | Dex container-level security context | +| dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.enabled | bool | `true` | Enable dex | | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | @@ -805,7 +811,7 @@ server: |-----|------|---------|-------------| | redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | redis.containerPort | int | `6379` | Redis container port | -| redis.containerSecurityContext | object | `{}` | Redis container-level security context | +| redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | @@ -817,6 +823,7 @@ server: | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | +| redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | | redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | | redis.metrics.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | @@ -849,7 +856,7 @@ server: | redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | | redis.priorityClassName | string | `""` | Priority class for redis | | redis.resources | object | `{}` | Resource limits and requests for redis | -| redis.securityContext | object | `{"runAsNonRoot":true,"runAsUser":999}` | Redis pod-level security context | +| redis.securityContext | object | See [values.yaml] | Redis pod-level security context | | redis.service.annotations | object | `{}` | Redis service annotations | | redis.service.labels | object | `{}` | Additional redis service labels | | redis.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | @@ -913,6 +920,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | +| applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | @@ -956,7 +964,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods | | applicationSet.podLabels | object | `{}` | Labels for the controller pods | -| applicationSet.podSecurityContext | object | `{}` | Pod Security Context | | applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | | applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | @@ -966,7 +973,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | | applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. | -| applicationSet.securityContext | object | `{}` | Security Context | | applicationSet.service.annotations | object | `{}` | Application set service annotations | | applicationSet.service.labels | object | `{}` | Application set service labels | | applicationSet.service.port | int | `7000` | Application set service port | @@ -993,7 +999,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.affinity | object | `{}` | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | | notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | -| notifications.bots.slack.containerSecurityContext | object | `{}` | Container Security Context | +| notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | | notifications.bots.slack.enabled | bool | `false` | Enable slack bot | | notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | | notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | @@ -1006,7 +1012,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | | notifications.bots.slack.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | -| notifications.bots.slack.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | | notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | | notifications.bots.slack.service.port | int | `80` | Service port for Slack bot | | notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | @@ -1016,7 +1021,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.bots.slack.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | | notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | -| notifications.containerSecurityContext | object | `{}` | Container Security Context | +| notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index b75e549e..bedc3579 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -100,6 +100,11 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref== 1.22. + ### 5.5.20 This version moved API version templates into dedicated helper. If you are using these in your umbrella @@ -312,7 +317,7 @@ server: ## Prerequisites -- Kubernetes 1.7+ +- {{ template "chart.kubeVersionLine" . }} - Helm v3.0.0+ ## Installing the Chart diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index c19c4a4d..ab867956 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -81,10 +81,6 @@ spec: image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} name: {{ .Values.controller.name }} - {{- with .Values.controller.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} env: {{- with .Values.controller.env }} {{- toYaml . | nindent 10 }} @@ -242,6 +238,8 @@ spec: failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }} workingDir: /home/argocd volumeMounts: {{- with .Values.controller.volumeMounts }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 4da9130e..60b2316c 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -28,8 +28,10 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.securityContext }} securityContext: - {{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.applicationSet.podSecurityContext) | nindent 8 }} + {{- toYaml . | nindent 8 }} + {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} @@ -99,7 +101,7 @@ spec: resources: {{- toYaml .Values.applicationSet.resources | nindent 12 }} securityContext: - {{- toYaml .Values.applicationSet.securityContext | nindent 12 }} + {{- toYaml .Values.applicationSet.containerSecurityContext | nindent 12 }} volumeMounts: {{- with .Values.applicationSet.extraVolumeMounts }} {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index f51d2497..4ad822ce 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -20,14 +20,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} serviceAccountName: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} - securityContext: {{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.notifications.securityContext) | nindent 8 }} containers: - name: {{ template "argo-cd.notifications.fullname" . }}-bot image: {{ default .Values.global.image.repository .Values.notifications.bots.slack.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.bots.slack.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.bots.slack.image.pullPolicy }} - resources: - {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} command: - argocd-notifications - bot @@ -35,19 +36,20 @@ spec: ports: - containerPort: 8080 name: http - {{- with .Values.notifications.bots.slack.containerSecurityContext }} - securityContext: {{- toYaml . | nindent 12 }} - {{- end }} + resources: + {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} + securityContext: + {{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }} {{- with .Values.notifications.bots.slack.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.bots.slack.affinity }} + {{- with .Values.notifications.bots.slack.affinity }} affinity: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.bots.slack.tolerations }} + {{- end }} + {{- with .Values.notifications.bots.slack.tolerations }} tolerations: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} {{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 40c3e076..47d262a1 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -38,30 +38,16 @@ spec: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }} - resources: - {{- toYaml .Values.notifications.resources | nindent 12 }} command: - argocd-notifications - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} - {{- if .Values.notifications.metrics.enabled }} - --metrics-port={{ .Values.notifications.metrics.port }} - {{- end }} - --namespace={{ .Release.Namespace }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} - workingDir: /app - ports: - {{- if .Values.notifications.metrics.enabled }} - - containerPort: {{ .Values.notifications.metrics.port }} - name: metrics - protocol: TCP - {{- end }} - {{- if .Values.notifications.containerSecurityContext }} - securityContext: {{- toYaml .Values.notifications.containerSecurityContext | nindent 12 }} - {{- end }} {{- with .Values.notifications.extraEnv }} env: {{- toYaml . | nindent 12 }} @@ -70,6 +56,15 @@ spec: envFrom: {{- toYaml . | nindent 12 }} {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.notifications.metrics.port }} + protocol: TCP + resources: + {{- toYaml .Values.notifications.resources | nindent 12 }} + securityContext: + {{- toYaml .Values.notifications.containerSecurityContext | nindent 12 }} + workingDir: /app volumeMounts: - name: tls-certs mountPath: /app/config/tls diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 57e011c4..84874423 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -55,10 +55,6 @@ spec: {{- with .Values.repoServer.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} env: {{- with .Values.repoServer.env }} {{- toYaml . | nindent 10 }} @@ -254,10 +250,10 @@ spec: timeoutSeconds: {{ .Values.repoServer.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.repoServer.readinessProbe.successThreshold }} failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }} - {{- with .Values.repoServer.resources }} resources: - {{- toYaml . | nindent 10 }} - {{- end }} + {{- toYaml .Values.repoServer.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} {{- with .Values.repoServer.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 50a1da04..cd560163 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -52,10 +52,6 @@ spec: {{- with .Values.server.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} env: {{- with .Values.server.env }} {{- toYaml . | nindent 10 }} @@ -309,10 +305,10 @@ spec: timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.server.readinessProbe.successThreshold }} failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }} - {{- with .Values.server.resources }} resources: - {{- toYaml . | nindent 10 }} - {{- end }} + {{- toYaml .Values.server.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.server.containerSecurityContext | nindent 10 }} {{- with .Values.server.lifecycle }} lifecycle: {{- toYaml . | nindent 10 }} @@ -324,11 +320,13 @@ spec: - name: argocd-extensions image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }} imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }} + resources: + {{- toYaml .Values.server.extensions.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.server.extensions.containerSecurityContext | nindent 10 }} volumeMounts: - name: extensions mountPath: /tmp/extensions/ - resources: - {{- toYaml .Values.server.extensions.resources | nindent 10 }} {{- end }} {{- with .Values.server.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 778246b6..243720b7 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -36,12 +36,6 @@ spec: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - resources: - {{- toYaml .Values.dex.resources | nindent 10 }} - {{- with .Values.dex.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} command: - cp - -n @@ -52,6 +46,10 @@ spec: name: static-files - mountPath: /tmp name: dexconfig + resources: + {{- toYaml .Values.dex.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} {{- with .Values.dex.initContainers }} {{- toYaml . | nindent 6 }} {{- end }} @@ -64,10 +62,7 @@ spec: args: - rundex {{- with .Values.dex.extraArgs }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.dex.containerSecurityContext }} - securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 8 }} {{- end }} env: {{- with .Values.dex.env }} @@ -115,18 +110,20 @@ spec: successThreshold: {{ .Values.dex.readinessProbe.successThreshold }} failureThreshold: {{ .Values.dex.readinessProbe.failureThreshold }} {{- end }} + resources: + {{- toYaml .Values.dex.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} volumeMounts: + {{- with .Values.dex.volumeMounts }} + {{- toYaml . | nindent 8 }} + {{- end }} - name: static-files mountPath: /shared - name: dexconfig mountPath: /tmp - name: argocd-dex-server-tls mountPath: /tls - {{- with .Values.dex.volumeMounts }} - {{- toYaml . | nindent 8 }} - {{- end }} - resources: - {{- toYaml .Values.dex.resources | nindent 10 }} {{- with .Values.dex.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 23bd61fb..f37964e8 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -63,10 +63,8 @@ spec: protocol: TCP resources: {{- toYaml .Values.redis.resources | nindent 10 }} - {{- with .Values.redis.containerSecurityContext }} securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} + {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }} {{- with .Values.redis.volumeMounts }} volumeMounts: {{- toYaml . | nindent 10 }} @@ -86,10 +84,8 @@ spec: protocol: TCP resources: {{- toYaml .Values.redis.metrics.resources | nindent 10 }} - {{- with .Values.redis.containerSecurityContext }} securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} + {{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }} {{- end }} {{- with .Values.redis.extraContainers }} {{- toYaml . | nindent 6 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4ef06d74..1b09b3d9 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -558,13 +558,16 @@ controller: podLabels: {} # -- Application controller container-level security context + # @default -- See [values.yaml] containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true - # runAsNonRoot: true + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Application controller listening port containerPort: 8082 @@ -814,6 +817,7 @@ dex: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] + # Argo CD init image that creates Dex config initImage: # -- Argo CD init image repository # @default -- `""` (defaults to global.image.repository) @@ -842,6 +846,18 @@ dex: # -- Labels to be added to the Dex server pods podLabels: {} + # -- Dex container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + ## Probes for Dex server ## Supported from Dex >= 2.28.0 livenessProbe: @@ -922,14 +938,6 @@ dex: # -- Priority class for dex priorityClassName: "" - # -- Dex container-level security context - containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true - # -- Resource limits and requests for dex resources: {} # limits: @@ -1021,6 +1029,22 @@ redis: # -- Labels to be added to the Redis server pods podLabels: {} + # -- Redis pod-level security context + # @default -- See [values.yaml] + securityContext: + runAsNonRoot: true + runAsUser: 999 + seccompProfile: + type: RuntimeDefault + + # -- Redis container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -1039,19 +1063,6 @@ redis: # -- Priority class for redis priorityClassName: "" - # -- Redis container-level security context - containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true - - # -- Redis pod-level security context - securityContext: - runAsNonRoot: true - runAsUser: 999 - serviceAccount: # -- Create a service account for the redis pod create: false @@ -1113,6 +1124,19 @@ redis: imagePullPolicy: IfNotPresent # -- Port to use for redis-exporter sidecar containerPort: 9121 + + # -- Redis exporter security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + # -- Resource limits and requests for redis-exporter sidecar resources: {} # limits: @@ -1371,13 +1395,17 @@ server: # -- Priority class for the Argo CD server priorityClassName: "" - # -- Servers container-level security context + # -- Server container-level security context + # @default -- See [values.yaml] containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Resource limits and requests for the Argo CD server resources: {} @@ -1732,6 +1760,18 @@ server: # -- Image pull policy for extensions imagePullPolicy: IfNotPresent + # -- Server UI extensions container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + # -- Resource limits and requests for the argocd-extensions container resources: {} # limits: @@ -1895,12 +1935,16 @@ repoServer: priorityClassName: "" # -- Repo server container-level security context + # @default -- See [values.yaml] containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Resource limits and requests for the repo server pods resources: {} @@ -2149,18 +2193,17 @@ applicationSet: # -- Labels for the controller pods podLabels: {} - # -- Pod Security Context - podSecurityContext: {} - # fsGroup: 2000 - - # -- Security Context - securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 + # -- ApplicationSet controller container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Probes for ApplicationSet controller (optional) ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ @@ -2440,8 +2483,17 @@ notifications: # -- Labels to be applied to the controller Pods podLabels: {} - # -- Container Security Context - containerSecurityContext: {} + # -- Notification controller container-level security Context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Priority class for the controller pods priorityClassName: "" @@ -2810,12 +2862,17 @@ notifications: # -- Annotations applied to created service account annotations: {} - # -- Pod Security Context - securityContext: + # -- Slack bot container-level security Context + # @default -- See [values.yaml] + containerSecurityContext: runAsNonRoot: true - - # -- Container Security Context - containerSecurityContext: {} + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Resource limits and requests for the Slack bot resources: {} From 9819da3434ec0973561096f3380ed8b726027372 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 30 Oct 2022 21:44:13 +0100 Subject: [PATCH 0433/1248] feat(argo-cd): Support custom TLS certificates for Dex (#1477) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 9 +++---- charts/argo-cd/README.md | 6 +++++ charts/argo-cd/templates/_helpers.tpl | 3 ++- .../argocd-dex-server-tls-secret.yaml | 24 +++++++++++++++++++ charts/argo-cd/templates/dex/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 17 +++++++++++++ 6 files changed, 55 insertions(+), 7 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 454b186c..e070c765 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.10.0 +version: 5.11.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,8 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Security]: Use recommended container security contexts by default" - - "[Added]: Container security context for server UI extensions sidecar" - - "[Fixed]: Redis metrics sidecar now uses correct configuration option" - - "[Removed]: ApplicationSet securityContext in favor of global.securityContext" - - "[Removed]: Notification securityContext in favor of global.securityContext" + - "[Added]: Added option to use custom TLS certs for Dex" + - "[Security]: TLS strict mode is enforced for custom Dex certificates" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 597ac46e..b9675b4c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -735,6 +735,12 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| | dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret | +| dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | +| dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) | +| dex.certificateSecret.enabled | bool | `false` | Create argocd-dex-server-tls secret | +| dex.certificateSecret.key | string | `""` | Certificate private key | +| dex.certificateSecret.labels | object | `{}` | Labels to be added to argocd-dex-server-tls secret | | dex.containerPortGrpc | int | `5557` | Container port for gRPC access | | dex.containerPortHttp | int | `5556` | Container port for HTTP access | | dex.containerPortMetrics | int | `5558` | Container port for metrics access | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index ac497dda..7a8be757 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -198,7 +198,8 @@ repo.server: "{{ include "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServe redis.server: {{ . | quote }} {{- end }} {{- if .Values.dex.enabled }} -server.dex.server: {{ include "argo-cd.dex.server" . }} +server.dex.server: {{ include "argo-cd.dex.server" . | quote }} +server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }} {{- end }} {{- range $component := tuple "controller" "server" "reposerver" }} {{ $component }}.log.format: {{ $.Values.global.logging.format | quote }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml new file mode 100644 index 00000000..7e3ae6b0 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.dex.enabled .Values.dex.certificateSecret.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: argocd-dex-server-tls + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" "dex-server-tls") | nindent 4 }} + {{- with .Values.dex.certificateSecret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.dex.certificateSecret.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +type: kubernetes.io/tls +data: + {{- with .Values.dex.certificateSecret.ca }} + ca.crt: {{ . | b64enc | quote }} + {{- end }} + tls.crt: {{ .Values.dex.certificateSecret.crt | b64enc | quote }} + tls.key: {{ .Values.dex.certificateSecret.key | b64enc | quote }} +{{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 243720b7..69653da0 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -13,6 +13,9 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if .Values.dex.certificateSecret.enabled }} + checksum/dex-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-dex-server-tls.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.dex.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1b09b3d9..7b1ca8f6 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -840,6 +840,23 @@ dex: # - secretRef: # name: secret-name + # TLS certificate configuration via Secret + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-dex-server + ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart Dex automatically without extra controllers. + certificateSecret: + # -- Create argocd-dex-server-tls secret + enabled: false + # -- Labels to be added to argocd-dex-server-tls secret + labels: {} + # -- Annotations to be added to argocd-dex-server-tls secret + annotations: {} + # -- Certificate authority. Required for self-signed certificates. + ca: '' + # -- Certificate private key + key: '' + # -- Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) + crt: '' + # -- Annotations to be added to the Dex server pods podAnnotations: {} From caf1f4de023e2140127f928e99573b507ca78ae0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 30 Oct 2022 23:03:30 +0100 Subject: [PATCH 0434/1248] feat(argo-cd): Support manually managed TLS certificate for Server (#1534) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 12 ++-- charts/argo-cd/templates/NOTES.txt | 3 + .../argocd-configs/argocd-server-tls.yaml | 21 ++++++ .../templates/argocd-server/certificate.yaml | 10 +-- charts/argo-cd/values.yaml | 67 ++++++++++++------- 6 files changed, 81 insertions(+), 38 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-server-tls.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e070c765..42369875 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.11.0 +version: 5.12.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Added option to use custom TLS certs for Dex" - - "[Security]: TLS strict mode is enforced for custom Dex certificates" + - "[Added]: New TLS server configuration via server.certificateSecret" + - "[Deprecated]: TLS configuration via configs.secret.argocdServerTlsConfig" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b9675b4c..3c48a8dd 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -414,7 +414,6 @@ NAME: my-release | configs.secret.annotations | object | `{}` | Annotations to be added to argocd-secret | | configs.secret.argocdServerAdminPassword | string | `""` | Bcrypt hashed admin password | | configs.secret.argocdServerAdminPasswordMtime | string | `""` (defaults to current time) | Admin password modification time. Eg. `"2006-01-02T15:04:05Z"` | -| configs.secret.argocdServerTlsConfig | object | `{}` | Argo TLS Data | | configs.secret.bitbucketServerSecret | string | `""` | Shared secret for authenticating BitbucketServer webhook events | | configs.secret.bitbucketUUID | string | `""` | UUID for authenticating Bitbucket webhook events | | configs.secret.createSecret | bool | `true` | Create the argocd-secret | @@ -586,9 +585,9 @@ NAME: my-release | server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo CD server [HPA] | | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | -| server.certificate.additionalHosts | list | `[]` | Certificate manager additional hosts | +| server.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | -| server.certificate.duration | string | `""` | The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration | +| server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | @@ -597,8 +596,13 @@ NAME: my-release | server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | -| server.certificate.renewBefore | string | `""` | How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration | +| server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | +| server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret | +| server.certificateSecret.crt | string | `""` | Certificate data | +| server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | +| server.certificateSecret.key | string | `""` | Private Key of the certificate | +| server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 70181f17..b34e22b4 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -40,6 +40,9 @@ DEPRECATED option server.config - Use configs.cm {{- if or .Values.server.rbacConfig (hasKey .Values.server "rbacConfigCreate") .Values.server.rbacConfigAnnotations }} DEPRECATED option server.rbacConfig - Use configs.rbac {{- end }} +{{- if .Values.configs.secret.argocdServerTlsConfig }} +DEPRECATED option config.secret.argocdServerTlsConfig - Use server.certificate or server.certificateSecret +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-server-tls.yaml b/charts/argo-cd/templates/argocd-configs/argocd-server-tls.yaml new file mode 100644 index 00000000..1e9f8dd3 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-server-tls.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.server.certificateSecret.enabled (not .Values.server.certificate.enabled) }} +apiVersion: v1 +kind: Secret +metadata: + name: argocd-server-tls + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "server-tls") | nindent 4 }} + {{- with .Values.server.certificateSecret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.server.certificateSecret.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +type: kubernetes.io/tls +data: + tls.crt: {{ .Values.server.certificateSecret.crt | b64enc | quote }} + tls.key: {{ .Values.server.certificateSecret.key | b64enc | quote }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 617c1495..ed844aa2 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -2,10 +2,11 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: + secretName: {{ .Values.server.certificate.secretName }} commonName: {{ .Values.server.certificate.domain | quote }} dnsNames: - {{ .Values.server.certificate.domain | quote }} @@ -15,6 +16,9 @@ spec: {{- with .Values.server.certificate.duration }} duration: {{ . | quote }} {{- end }} + {{- with .Values.server.certificate.renewBefore }} + renewBefore: {{ . | quote }} + {{- end }} issuerRef: {{- with .Values.server.certificate.issuer.group }} group: {{ . | quote }} @@ -25,8 +29,4 @@ spec: privateKey: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.server.certificate.renewBefore }} - renewBefore: {{ . | quote }} - {{- end }} - secretName: {{ .Values.server.certificate.secretName | quote }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7b1ca8f6..397a51a0 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -415,16 +415,10 @@ configs: # LDAP_PASSWORD: "mypassword" # -- Argo TLS Data - argocdServerTlsConfig: - {} - # key: - # crt: | - # -----BEGIN CERTIFICATE----- - # - # -----END CERTIFICATE----- - # -----BEGIN CERTIFICATE----- - # - # -----END CERTIFICATE----- + # DEPRECATED - Use server.certificate or server.certificateSecret + # argocdServerTlsConfig: + # key: '' + # crt: '' # -- Bcrypt hashed admin password ## Argo expects the password in the secret to be bcrypt hashed. You can create this hash with @@ -1433,16 +1427,34 @@ server: # cpu: 50m # memory: 64Mi - ## Certificate configuration + # TLS certificate configuration via cert-manager + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: # -- Deploy a Certificate resource (requires cert-manager) enabled: false + # -- The name of the Secret that will be automatically created and managed by this Certificate resource + secretName: argocd-server-tls # -- Certificate primary domain (commonName) domain: argocd.example.com - # -- The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration + # -- Certificate Subject Alternate Names (SANs) + additionalHosts: [] + # -- The requested 'duration' (i.e. lifetime) of the certificate. + # @default -- `""` (defaults to 2160h = 90d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal duration: "" - # -- How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration + # -- How long before the expiry a certificate should be renewed. + # @default -- `""` (defaults to 360h = 15d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal renewBefore: "" + # Certificate issuer + ## Ref: https://cert-manager.io/docs/concepts/issuer + issuer: + # -- Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` + group: "" + # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` + kind: "" + # -- Certificate isser name. Eg. `letsencrypt` + name: "" # Private key of the certificate privateKey: # -- Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` @@ -1453,17 +1465,20 @@ server: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 - issuer: - # -- Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` - group: "" - # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` - kind: "" - # -- Certificate isser name. Eg. `letsencrypt` - name: "" - # -- Certificate manager additional hosts - additionalHosts: [] - # -- The name of the Secret that will be automatically created and managed by this Certificate resource - secretName: argocd-server-tls + + # TLS certificate configuration via Secret + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server + certificateSecret: + # -- Create argocd-server-tls secret + enabled: false + # -- Annotations to be added to argocd-server-tls secret + annotations: {} + # -- Labels to be added to argocd-server-tls secret + labels: {} + # -- Private Key of the certificate + key: '' + # -- Certificate data + crt: '' ## Server service configuration service: @@ -1591,7 +1606,7 @@ server: # -- Ingress TLS configuration tls: [] - # - secretName: argocd-tls-certificate + # - secretName: your-certificate-name # hosts: # - argocd.example.com @@ -1657,7 +1672,7 @@ server: # -- Ingress TLS configuration for dedicated [gRPC-ingress] tls: [] - # - secretName: argocd-tls-certificate + # - secretName: your-certificate-name # hosts: # - argocd.example.com From 02463f30097fa5ee96ebd5f20c8e4f7b036413f2 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 31 Oct 2022 00:48:09 +0100 Subject: [PATCH 0435/1248] fix(argo-cd): Don't install CRDs for disabled components (#1596) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/templates/crds/crd-applicationset.yaml | 2 +- charts/argo-cd/templates/crds/crd-extension.yaml | 2 +- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 42369875..8b6dd1ed 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.12.0 +version: 5.12.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: New TLS server configuration via server.certificateSecret" - - "[Deprecated]: TLS configuration via configs.secret.argocdServerTlsConfig" + - "[Fixed]: Don't install CRDs for disabled components" diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index f95a76ca..48dd57c5 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -1,4 +1,4 @@ -{{- if .Values.crds.install }} +{{- if and .Values.crds.install .Values.applicationSet.enabled }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: diff --git a/charts/argo-cd/templates/crds/crd-extension.yaml b/charts/argo-cd/templates/crds/crd-extension.yaml index 4105cbe7..802f0e8c 100644 --- a/charts/argo-cd/templates/crds/crd-extension.yaml +++ b/charts/argo-cd/templates/crds/crd-extension.yaml @@ -1,4 +1,4 @@ -{{- if .Values.crds.install }} +{{- if and .Values.crds.install .Values.server.extensions.enabled }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: From 48ab48a280495a06d972e7f7b39ceb5b526a85f7 Mon Sep 17 00:00:00 2001 From: Eric Cimino <58572548+cimin0@users.noreply.github.com> Date: Mon, 31 Oct 2022 17:38:24 +0000 Subject: [PATCH 0436/1248] fix(argo-cd): update network policy port name (#1603) Signed-off-by: Eric Cimino --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/networkpolicy.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8b6dd1ed..4cd42c50 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.12.1 +version: 5.12.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Don't install CRDs for disabled components" + - "[Fixed]: Update network policy to fix prometheus scraping for argocd-application-controller" diff --git a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml index 9116fbcf..bbb6b324 100644 --- a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml @@ -10,7 +10,7 @@ spec: - from: - namespaceSelector: {} ports: - - port: controller + - port: metrics podSelector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} From 82b726bab5c8b59a8a31cd8d52f3dc28eeb465a0 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 1 Nov 2022 18:26:18 +0900 Subject: [PATCH 0437/1248] chore(argo-workflows): Update ArgoWorkflows to v3.4.3 (#1610) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 72940816..4a4315f5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.2 +appVersion: v3.4.3 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.5 +version: 0.20.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Removed invalid rbac block from configmap" + - "[Changed]: Update ArgoWorkflows to v3.4.3" From 579f11407abff8e442d6c0b2e712057c2d05f981 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 1 Nov 2022 15:57:19 +0100 Subject: [PATCH 0438/1248] fix(argo-cd): Replace coalesce with merge for old config values (#1612) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 2 +- charts/argo-cd/templates/argocd-configs/argocd-cm.yaml | 2 +- charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4cd42c50..103e96a5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.12.2 +version: 5.12.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Update network policy to fix prometheus scraping for argocd-application-controller" + - "[Fixed]: Merging of old configs with newly defined sections to get default values" diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 7a8be757..5bdbd871 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -182,7 +182,7 @@ ui.cssurl: "./custom/custom.styles.css" Merge Argo Configuration with Preset Configuration */}} {{- define "argo-cd.config.cm" -}} -{{- $config := coalesce .Values.server.config (omit .Values.configs.cm "create" "annotations") -}} +{{- $config := (mergeOverwrite (deepCopy (omit .Values.configs.cm "create" "annotations")) (.Values.server.config | default dict)) -}} {{- $preset := include "argo-cd.config.cm.presets" . | fromYaml | default dict -}} {{- range $key, $value := mergeOverwrite $preset $config }} {{ $key }}: {{ toString $value | toYaml }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 6da8be0a..a9ff71d9 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -5,7 +5,7 @@ metadata: name: argocd-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cm") | nindent 4 }} - {{- with (coalesce .Values.server.configAnnotations .Values.configs.cm.annotations) }} + {{- with (mergeOverwrite (deepCopy .Values.configs.cm.annotations) (.Values.server.configAnnotations | default dict)) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index 92730bf5..8ebb43d2 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -5,13 +5,13 @@ metadata: name: argocd-rbac-cm labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "rbac-cm") | nindent 4 }} - {{- with (coalesce .Values.server.rbacConfigAnnotations .Values.configs.rbac.annotations) }} + {{- with (mergeOverwrite (deepCopy .Values.configs.rbac.annotations) (.Values.server.rbacConfigAnnotations | default dict)) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- with (coalesce .Values.server.rbacConfig (omit .Values.configs.rbac "create" "annotations")) }} +{{- with (mergeOverwrite (deepCopy (omit .Values.configs.rbac "create" "annotations")) (.Values.server.rbacConfig | default dict)) }} data: {{- toYaml . | nindent 2 }} {{- end }} From 1b2e7ca9845297834bb3b4a6d4d7d5b5b4b6fe25 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 1 Nov 2022 20:26:44 +0100 Subject: [PATCH 0439/1248] feat(argo-cd): Add revisionHistoryLimit (#1599) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 5 +++-- charts/argo-cd/README.md | 2 +- .../argocd-application-controller/statefulset.yaml | 9 +++++---- .../templates/argocd-applicationset/deployment.yaml | 1 + .../argocd-notifications/bots/slack/deployment.yaml | 10 ++++++---- .../templates/argocd-notifications/deployment.yaml | 2 ++ .../templates/argocd-repo-server/deployment.yaml | 8 ++++---- charts/argo-cd/templates/argocd-server/deployment.yaml | 8 ++++---- charts/argo-cd/templates/dex/deployment.yaml | 2 ++ charts/argo-cd/templates/redis/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 7 +++---- 11 files changed, 33 insertions(+), 23 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 103e96a5..d9ebf450 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.12.3 +version: 5.13.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Merging of old configs with newly defined sections to get default values" + - "[Added]: Option global.revisionHistoryLimit for deployments" + - "[Changed]: Forced Slack bot deployment strategy to Recreate" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3c48a8dd..b40f2354 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -368,6 +368,7 @@ NAME: my-release | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | | global.podAnnotations | object | `{}` | Annotations for the all deployed pods | | global.podLabels | object | `{}` | Labels for the all deployed pods | +| global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | ## Argo CD Configs @@ -1029,7 +1030,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | | notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | -| notifications.bots.slack.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | | notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index ab867956..282bfe1f 100755 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -1,16 +1,17 @@ apiVersion: apps/v1 kind: StatefulSet metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: + replicas: {{ .Values.controller.replicas }} + # TODO: Remove for breaking release as history limit cannot be patched + revisionHistoryLimit: 5 + serviceName: {{ include "argo-cd.controller.fullname" . }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} - serviceName: {{ template "argo-cd.controller.fullname" . }} - revisionHistoryLimit: 5 - replicas: {{ .Values.controller.replicas }} template: metadata: annotations: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 60b2316c..49c31ad0 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -7,6 +7,7 @@ metadata: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: replicas: {{ .Values.applicationSet.replicaCount }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index 4ad822ce..2f0d0d94 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -2,12 +2,14 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot + name: {{ include "argo-cd.notifications.fullname" . }}-bot labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} spec: + replicas: 1 + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} strategy: - {{- .Values.notifications.bots.slack.updateStrategy | toYaml | nindent 4 }} + type: Recreate selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} @@ -24,9 +26,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.notificationsBotsSlackServiceAccountName" . }} containers: - - name: {{ template "argo-cd.notifications.fullname" . }}-bot + - name: {{ include "argo-cd.notifications.fullname" . }}-bot image: {{ default .Values.global.image.repository .Values.notifications.bots.slack.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.bots.slack.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.bots.slack.image.pullPolicy }} command: diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 47d262a1..a14be88c 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -6,6 +6,8 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: + replicas: 1 + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} strategy: type: Recreate selector: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 84874423..3437b8d3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -5,13 +5,13 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: + {{- if not .Values.repoServer.autoscaling.enabled }} + replicas: {{ .Values.repoServer.replicas }} + {{- end }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }} - revisionHistoryLimit: 5 - {{- if (ne .Values.repoServer.autoscaling.enabled true) }} - replicas: {{ .Values.repoServer.replicas }} - {{- end }} template: metadata: annotations: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index cd560163..0bbd03f5 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -5,13 +5,13 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: + {{- if not .Values.server.autoscaling.enabled }} + replicas: {{ .Values.server.replicas }} + {{- end }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} - revisionHistoryLimit: 5 - {{- if (ne .Values.server.autoscaling.enabled true) }} - replicas: {{ .Values.server.replicas }} - {{- end }} template: metadata: annotations: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 69653da0..bbb16e44 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -6,6 +6,8 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} spec: + replicas: 1 + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index f37964e8..238af4d0 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -7,6 +7,8 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} spec: + replicas: 1 + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 397a51a0..b476c592 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -46,6 +46,9 @@ global: additionalLabels: {} # app: argo-cd + # -- Number of old deployment ReplicaSets to retain. The rest will be garbage collected. + revisionHistoryLimit: 3 + # Default image used by all components image: # -- If defined, a repository applied to all Argo CD deployments @@ -2839,10 +2842,6 @@ notifications: ## You have to set secret.notifiers.slack.signingSecret enabled: false - # -- The deployment strategy to use to replace existing pods with new ones - updateStrategy: - type: Recreate - ## Slack bot Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ pdb: From 06343a9fe68a9acb13bd088ea2dee12048b70fa3 Mon Sep 17 00:00:00 2001 From: Dong Wang Date: Wed, 2 Nov 2022 15:31:11 +0800 Subject: [PATCH 0440/1248] Upgrade Argo Image to the latest (#1614) Signed-off-by: Dong Wang Signed-off-by: Dong Wang --- charts/argo-cd/Chart.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d9ebf450..7ab1179a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.0 +appVersion: v2.5.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.0 +version: 5.13.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Option global.revisionHistoryLimit for deployments" - - "[Changed]: Forced Slack bot deployment strategy to Recreate" + - "[Security]: Upgrade image tag to include fixes for CVE-2022-3786 and CVE-2022-3602" From 91f051afcdc744f52435134e95b780abb4b165f4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 3 Nov 2022 17:36:37 +0900 Subject: [PATCH 0441/1248] chore(argo-cd): Update redis-ha (#1617) Signed-off-by: yu-croco --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 72afb402..7a069ce9 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.2 -digest: sha256:b6dc7774d0cc20a7a889d10e61f3dd653bdacd7836558f4875688b5cb5051d80 -generated: "2022-09-19T12:39:19.736045+02:00" + version: 4.22.3 +digest: sha256:ef6269e4e073dad10c230ccfb069fc013608111c895c5e7568450bb3967cf195 +generated: "2022-11-03T12:04:33.673857+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7ab1179a..099ff4ef 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.1 +version: 5.13.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,9 +18,9 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.2 + version: 4.22.3 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Security]: Upgrade image tag to include fixes for CVE-2022-3786 and CVE-2022-3602" + - "[Changed]: Update redis-ha" From 22496be7d76a9b7776ea31f67bef895c1a507ed4 Mon Sep 17 00:00:00 2001 From: tvandewalle <1022306+tvandewalle@users.noreply.github.com> Date: Sun, 6 Nov 2022 00:19:22 -0400 Subject: [PATCH 0442/1248] fix(argo-cd): Add /tmp voulmeMount to extensions container (#1620) * Fixes #1619 - Add /tmp voulmeMount to extensions container Signed-off-by: Tim Van de Walle * Bump version, add change notes Signed-off-by: Tim Van de Walle Signed-off-by: Tim Van de Walle --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 099ff4ef..0f0ecb1d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.2 +version: 5.13.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update redis-ha" + - "[Fixed]: Add /tmp volumeMount to extensions container" diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 0bbd03f5..86739bdd 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -327,6 +327,8 @@ spec: volumeMounts: - name: extensions mountPath: /tmp/extensions/ + - name: tmp + mountPath: /tmp {{- end }} {{- with .Values.server.nodeSelector }} nodeSelector: From 48360eeb953fcacf5c6298df2ce35c05d1052858 Mon Sep 17 00:00:00 2001 From: Elad Dolev Date: Sun, 6 Nov 2022 23:13:13 +0200 Subject: [PATCH 0443/1248] fix(argo-cd): Add missing ClusterRole permissions to argo-cd-server to manage Application in all namespaces (#1621) Signed-off-by: Elad Dolev --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/clusterrole.yaml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0f0ecb1d..be90ddc4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.3 +version: 5.13.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Add /tmp volumeMount to extensions container" + - "[Fixed]: Add missing ClusterRole permissions to argo-cd-server to manage Application in all namespaces" diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index ee6015be..2caa4dd0 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -42,5 +42,6 @@ rules: verbs: - get - list + - update - watch {{- end }} From e22ee52520d6dbec80a0f6d6cef1205baffb246f Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 7 Nov 2022 22:54:50 +0100 Subject: [PATCH 0444/1248] fix(argo-cd): Use Dex non-distroless image (#1626) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index be90ddc4..61b89efc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.4 +version: 5.13.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing ClusterRole permissions to argo-cd-server to manage Application in all namespaces" + - "[Fixed]: Use regular Dex image to fix permission issues" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b40f2354..38ee5826 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -757,7 +757,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.35.3-distroless"` | Dex image tag | +| dex.image.tag | string | `"v2.35.3"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b476c592..1dfae6c1 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -805,7 +805,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.35.3-distroless + tag: v2.35.3 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From c82b03eac1cbe1dc28e14e3152199c52c82128cb Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 8 Nov 2022 17:04:31 +0100 Subject: [PATCH 0445/1248] chore(argo-cd): Upgrade Argo CD to 2.5.2 (#1628) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 61b89efc..5d4aad14 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.1 +appVersion: v2.5.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.5 +version: 5.13.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Use regular Dex image to fix permission issues" + - "[Changed]: Upgrade Argo CD to 2.5.2" From 826ae0f1777f641f4fbb3036f5756e78df7e066e Mon Sep 17 00:00:00 2001 From: Max Kochubey <20810306+maxkochubey@users.noreply.github.com> Date: Thu, 10 Nov 2022 03:36:13 +0300 Subject: [PATCH 0446/1248] Allow to add custom artifact repository (#1453) Signed-off-by: Max Kochubey <20810306+maxkochubey@users.noreply.github.com> Signed-off-by: Max Kochubey <20810306+maxkochubey@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + charts/argo-workflows/README.md.gotmpl | 4 ++-- .../controller/workflow-controller-config-map.yaml | 4 ++++ charts/argo-workflows/values.yaml | 14 ++++++++++++++ 5 files changed, 23 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 4a4315f5..0d728963 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.3 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.6 +version: 0.20.7 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update ArgoWorkflows to v3.4.3" + - "[Added]: customArtifactRepository value was added" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 3d9c4d10..b02fcc11 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -220,6 +220,7 @@ Fields to note: | artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | +| customArtifactRepository | object | `{}` | The section of custom artifact repository. Will be added to the config in case useDefaultArtifactRepo is set to false | | useDefaultArtifactRepo | bool | `false` | Influences the creation of the ConfigMap for the workflow-controller itself. | | useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 1a9e3e56..28ee4fdc 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -42,7 +42,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if not (or (hasPrefix "workflow" .Key) (hasPrefix "controller" .Key) (hasPrefix "executor" .Key) (hasPrefix "server" .Key) (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) (hasPrefix "mainContainer" .Key) ) }} + {{- if not (or (hasPrefix "workflow" .Key) (hasPrefix "controller" .Key) (hasPrefix "executor" .Key) (hasPrefix "server" .Key) (hasPrefix "artifactRepository" .Key) (hasPrefix "customArtifact" .Key) (hasPrefix "use" .Key) (hasPrefix "mainContainer" .Key) ) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} @@ -102,7 +102,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if or (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) }} + {{- if or (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) (hasPrefix "customArtifact" .Key) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 07b47d03..f7df450d 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -92,6 +92,10 @@ data: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} + {{- else }} + {{- if .Values.customArtifactRepository }} + artifactRepository: {{- toYaml .Values.customArtifactRepository | nindent 6 }} + {{- end }} {{- end }} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 1e2faa30..c8a68bcf 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -602,3 +602,17 @@ artifactRepository: # accountKeySecret: # name: my-azure-storage-credentials # key: account-access-key + +# -- The section of custom artifact repository. +# Will be added to the config in case useDefaultArtifactRepo is set to false +customArtifactRepository: {} +# customArtifactRepository: +# archiveLogs: true +# artifactory: +# repoUrl: https://artifactory.example.com/raw +# usernameSecret: +# name: artifactory-creds +# key: username +# passwordSecret: +# name: artifactory-creds +# key: password From 1f42ea74f55e1d1f87115c9e31a91eeefd8ccaa0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 10 Nov 2022 02:55:40 +0100 Subject: [PATCH 0447/1248] fix(argo-cd): Use raw json for cluster credentials for Vault compatibility (#1634) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5d4aad14..01ad0b08 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.6 +version: 5.13.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Argo CD to 2.5.2" + - "[Fixed]: Use raw json format for cluster credentials for Vault plugin compatibility" diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index fce3211e..7438d029 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -26,6 +26,5 @@ stringData: clusterResources: {{ .clusterResources | quote }} {{- end }} {{- end }} - config: | - {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toPrettyJson | nindent 4 }} + config: {{ required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toRawJson }} {{- end }} From 07c6fc368a58f08228ec64579e79661db174c52a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 11 Nov 2022 03:11:27 +0100 Subject: [PATCH 0448/1248] fix(argo-cd): Cluster credentials config should be a string (#1636) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 01ad0b08..ac34b43e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.7 +version: 5.13.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Use raw json format for cluster credentials for Vault plugin compatibility" + - "[Fixed]: Cluster credentials JSON config must be always converted to the string" diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index 7438d029..aba14db7 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -26,5 +26,6 @@ stringData: clusterResources: {{ .clusterResources | quote }} {{- end }} {{- end }} - config: {{ required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toRawJson }} + config: | + {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toRawJson | nindent 4 }} {{- end }} From 050027ad6595fac630e057cbcd9416c8e6b2ca52 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 14 Nov 2022 20:20:11 +0900 Subject: [PATCH 0449/1248] fix(argo-workflows): Added missing attribute for sso (#1641) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0d728963..fd9bc5a1 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.3 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.7 +version: 0.20.8 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: customArtifactRepository value was added" + - "[Fixed]: add missing attribute for sso" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index f7df450d..78041a8f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -135,6 +135,10 @@ data: name: {{ .clientSecret.name }} key: {{ .clientSecret.key }} redirectUrl: {{ .redirectUrl }} + {{- with .rbac }} + rbac: + enabled: {{ .enabled }} + {{- end }} {{- if .scopes }} scopes: {{ toYaml .scopes | nindent 8 }} {{- end }} From cde6e849a39c19b0a2624db4cdf4cfc182e2827e Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 17 Nov 2022 16:26:18 +0100 Subject: [PATCH 0450/1248] docs(argo-cd): Improve changelog information (#1652) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 28 ++++++++++++++++++++++++---- charts/argo-cd/README.md.gotmpl | 28 ++++++++++++++++++++++++---- 3 files changed, 50 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac34b43e..df01cfe0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.8 +version: 5.13.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Cluster credentials JSON config must be always converted to the string" + - "[Changed]: Document imporatant changes in changelog" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 38ee5826..67463204 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -84,8 +84,6 @@ git diff v1.8.7 v2.0.0 -- manifests/install.yaml Changes in the `CustomResourceDefinition` resources shall be fixed easily by copying 1:1 from the [`manifests/crds` folder](https://github.com/argoproj/argo-cd/tree/master/manifests/crds) into this [`charts/argo-cd/templates/crds` folder](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd/templates/crds). -## Upgrading - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -101,10 +99,31 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref== 1.22. +This version hardens security by configuring default container security contexts and adds hard requirement for Kubernetes 1.22+ to work properly. +The change aligns chart with officially [supported versions](https://argo-cd.readthedocs.io/en/release-2.5/operator-manual/installation/#supported-versions) by upstream project. + +### 5.7.0 + +This version introcudes new `configs.cm` and `configs.rbac` sections that replaces `server.config` and `server.rbacConfig` respectively. +Please move your current configuration to the new place. The Argo CD RBAC config now also sets defaults in the `argocd-rbac-cm`. +If you have manually created this ConfigMap please ensure templating is disabled so you will not lose your changes. ### 5.5.20 @@ -1087,6 +1106,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ +[changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [Declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index bedc3579..d23df0e7 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -83,8 +83,6 @@ git diff v1.8.7 v2.0.0 -- manifests/install.yaml Changes in the `CustomResourceDefinition` resources shall be fixed easily by copying 1:1 from the [`manifests/crds` folder](https://github.com/argoproj/argo-cd/tree/master/manifests/crds) into this [`charts/argo-cd/templates/crds` folder](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd/templates/crds). -## Upgrading - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -100,10 +98,31 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref== 1.22. +This version hardens security by configuring default container security contexts and adds hard requirement for Kubernetes 1.22+ to work properly. +The change aligns chart with officially [supported versions](https://argo-cd.readthedocs.io/en/release-2.5/operator-manual/installation/#supported-versions) by upstream project. + +### 5.7.0 + +This version introcudes new `configs.cm` and `configs.rbac` sections that replaces `server.config` and `server.rbacConfig` respectively. +Please move your current configuration to the new place. The Argo CD RBAC config now also sets defaults in the `argocd-rbac-cm`. +If you have manually created this ConfigMap please ensure templating is disabled so you will not lose your changes. ### 5.5.20 @@ -495,6 +514,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ +[changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [Declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup From 6f3c468639aaab9a6c56f73a25653aefd69eece0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 20 Nov 2022 14:29:41 +0100 Subject: [PATCH 0451/1248] chore(argo-cd): Consolidated GnuPG configuration (#1609) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 7 +++- charts/argo-cd/README.md | 11 ++--- charts/argo-cd/README.md.gotmpl | 5 ++- charts/argo-cd/templates/NOTES.txt | 6 +++ .../argocd-configs/argocd-gpg-keys-cm.yaml | 4 +- charts/argo-cd/values.yaml | 42 ++++++++----------- 6 files changed, 39 insertions(+), 36 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index df01cfe0..d1873f11 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.13.9 +version: 5.14.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,7 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Document imporatant changes in changelog" + - "[Added]: Configuration option configs.gpg" + - "[Deprecated]: Configuration option configs.gpgKeys" + - "[Deprecated]: Configuration option configs.gpgKeysAnnotations" + - "[Fixed]: Documentation for declarative setup" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 67463204..a1e4a6aa 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -11,7 +11,7 @@ This is a **community maintained** chart. This chart installs [argo-cd](https:// The default installation is intended to be similar to the provided Argo CD [releases](https://github.com/argoproj/argo-cd/releases). -If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative set up](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) of Argo CD. +If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative setup] of Argo CD. For instance, rather than adding repositories and their keys in your Helm values, you could deploy [SealedSecrets](https://github.com/bitnami-labs/sealed-secrets) with contents as seen in this [repositories section](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories) or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.). ## High Availability @@ -402,12 +402,12 @@ NAME: my-release | configs.cm."timeout.hard.reconciliation" | int | `0` | Timeout to refresh application data as well as target manifests cache | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | -| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [Declarative setup] | +| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] | | configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | -| configs.gpgKeys | object | `{}` (See [values.yaml]) | [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring | -| configs.gpgKeysAnnotations | object | `{}` | GnuPG key ring annotations | +| configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | +| configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | | configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts | | configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | @@ -1109,8 +1109,9 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters -[Declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup +[declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup [gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ +[GnuPG]: https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index d23df0e7..a844449a 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -10,7 +10,7 @@ This is a **community maintained** chart. This chart installs [argo-cd](https:// The default installation is intended to be similar to the provided Argo CD [releases](https://github.com/argoproj/argo-cd/releases). -If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative set up](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) of Argo CD. +If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative setup] of Argo CD. For instance, rather than adding repositories and their keys in your Helm values, you could deploy [SealedSecrets](https://github.com/bitnami-labs/sealed-secrets) with contents as seen in this [repositories section](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories) or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.). ## High Availability @@ -517,8 +517,9 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters -[Declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup +[declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup [gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ +[GnuPG]: https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index b34e22b4..9b0d86ce 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -43,6 +43,12 @@ DEPRECATED option server.rbacConfig - Use configs.rbac {{- if .Values.configs.secret.argocdServerTlsConfig }} DEPRECATED option config.secret.argocdServerTlsConfig - Use server.certificate or server.certificateSecret {{- end }} +{{- if .Values.configs.gpgKeys }} +DEPRECATED option configs.gpgKeys - Use config.gpg.keys +{{- end }} +{{- if .Values.configs.gpgKeysAnnotations }} +DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml index 737887ab..2837a46b 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -4,13 +4,13 @@ metadata: name: argocd-gpg-keys-cm labels: {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} - {{- with .Values.configs.gpgKeysAnnotations }} + {{- with (mergeOverwrite (deepCopy .Values.configs.gpg.annotations) (.Values.configs.gpgKeysAnnotations | default dict)) -}} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- with .Values.configs.gpgKeys }} +{{- with (mergeOverwrite (deepCopy .Values.configs.gpg.keys) (.Values.configs.gpgKeys | default dict)) -}} data: {{- toYaml . | nindent 2 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1dfae6c1..641caa2f 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -98,7 +98,7 @@ configs: # General Argo CD configuration ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml cm: - # -- Create the argocd-cm configmap for [Declarative setup] + # -- Create the argocd-cm configmap for [declarative setup] create: true # -- Annotations to be added to argocd-cm configmap @@ -234,6 +234,22 @@ configs: # The scope value can be a string, or a list of strings. scopes: "[groups]" + # GnuPG public keys for commit verification + ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/ + gpg: + # -- Annotations to be added to argocd-gpg-keys-cm configmap + annotations: {} + + # -- [GnuPG] public keys to add to the keyring + # @default -- `{}` (See [values.yaml]) + ## Note: Public keys should be exported with `gpg --export --armor ` + keys: {} + # 4AEE18F83AFDEB23: | + # -----BEGIN PGP PUBLIC KEY BLOCK----- + # ... + # -----END PGP PUBLIC KEY BLOCK----- + + # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) ## Ref: @@ -261,30 +277,6 @@ configs: # insecure: false # caData: "" - # -- GnuPG key ring annotations - gpgKeysAnnotations: {} - # -- [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring - # @default -- `{}` (See [values.yaml]) - gpgKeys: {} - # 4AEE18F83AFDEB23: | - # -----BEGIN PGP PUBLIC KEY BLOCK----- - # - # mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta - # x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT - # SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ - # 7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa - # buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v - # yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs - # b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW - # BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf - # DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6 - # 9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws - # +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5 - # 4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O - # j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48= - # =Bvzs - # -----END PGP PUBLIC KEY BLOCK----- - # -- Known Hosts configmap annotations knownHostsAnnotations: {} knownHosts: From 7105de193a4cc349bb22da9ee960dba7a93510a0 Mon Sep 17 00:00:00 2001 From: Allex Date: Mon, 21 Nov 2022 11:39:36 +0100 Subject: [PATCH 0452/1248] fix(argo-cd): Invalid argocd-gpg-keys-cm template (#1656) The template removed a little too much whitespace resulting in an invalid ConfigMap. Error: ``` Error: YAML parse error on argocd/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml: error converting YAML to JSON: yaml: line 10: mapping values are not allowed in this context ``` Signed-off-by: Allex Signed-off-by: Allex --- charts/argo-cd/Chart.yaml | 2 +- .../argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d1873f11..6af8b608 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.14.0 +version: 5.14.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml index 2837a46b..72f9823b 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -4,13 +4,13 @@ metadata: name: argocd-gpg-keys-cm labels: {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.gpg.annotations) (.Values.configs.gpgKeysAnnotations | default dict)) -}} + {{ with (mergeOverwrite (deepCopy .Values.configs.gpg.annotations) (.Values.configs.gpgKeysAnnotations | default dict)) -}} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- with (mergeOverwrite (deepCopy .Values.configs.gpg.keys) (.Values.configs.gpgKeys | default dict)) -}} +{{ with (mergeOverwrite (deepCopy .Values.configs.gpg.keys) (.Values.configs.gpgKeys | default dict)) -}} data: {{- toYaml . | nindent 2 }} {{- end }} From 16cf7af98bb1f555454f702594e15d5737bacb3c Mon Sep 17 00:00:00 2001 From: emmayylu <44856279+emmayylu@users.noreply.github.com> Date: Wed, 23 Nov 2022 00:17:56 -0700 Subject: [PATCH 0453/1248] feat(argo-workflows): Allow controller to whitelist secrets (#1646) * allow users to whitelist secrets Signed-off-by: emmayylu <84873428+yolu-kxs@users.noreply.github.com> * remove unnecessary if-statement Signed-off-by: emmayylu <44856279+emmayylu@users.noreply.github.com> * use square bracket for array Signed-off-by: emmayylu <44856279+emmayylu@users.noreply.github.com> * fix typo and update readme Signed-off-by: emmayylu <44856279+emmayylu@users.noreply.github.com> Signed-off-by: emmayylu <84873428+yolu-kxs@users.noreply.github.com> Signed-off-by: emmayylu <44856279+emmayylu@users.noreply.github.com> Co-authored-by: emmayylu <84873428+yolu-kxs@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-cluster-roles.yaml | 11 +++++++++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index fd9bc5a1..60d71bf1 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.3 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.8 +version: 0.20.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: add missing attribute for sso" + - "[Fixed]: allow users to optionally whitelist secrets" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b02fcc11..3f60f868 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -107,6 +107,7 @@ Fields to note: | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | | controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | +| controller.rbac.secretWhitelist | list | `[]` | Allows controller to get, list, and watch certain k8s secrets | | controller.replicas | int | `1` | The number of controller pods to run | | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 4b0f389a..34f91c0d 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -164,6 +164,17 @@ rules: resourceNames: {{/* for HTTP templates */}} - argo-workflows-agent-ca-certificates +{{- with .Values.controller.rbac.secretWhitelist }} +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + resourceNames: {{- toYaml . | nindent 4 }} +{{- end }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index c8a68bcf..3a371a8f 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -70,6 +70,8 @@ controller: rbac: # -- Adds Role and RoleBinding for the controller. create: true + # -- Allows controller to get, list, and watch certain k8s secrets + secretWhitelist: [] # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: From 062417e30db4bf82d85f71cd87b7aecdb5be2470 Mon Sep 17 00:00:00 2001 From: Eugene Lugovtsov <34510252+EugeneLugovtsov@users.noreply.github.com> Date: Fri, 25 Nov 2022 02:35:40 +0200 Subject: [PATCH 0454/1248] feat(argo-workflows): Add labels for ServiceAccounts (#1665) * Add labels for ServiceAccounts Signed-off-by: Eugene Lugovtsov * fix workflow serviceaccount labels Signed-off-by: Eugene Lugovtsov * fix docs Signed-off-by: Eugene Lugovtsov Signed-off-by: Eugene Lugovtsov --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 3 +++ .../templates/controller/workflow-controller-sa.yaml | 3 +++ charts/argo-workflows/templates/controller/workflow-sa.yaml | 3 +++ charts/argo-workflows/templates/server/server-sa.yaml | 3 +++ charts/argo-workflows/values.yaml | 6 ++++++ 6 files changed, 20 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 60d71bf1..4935775b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.3 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.9 +version: 0.20.10 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: allow users to optionally whitelist secrets" + - "[Added]: Add labels to ServiceAccounts." diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 3f60f868..58e88acf 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -62,6 +62,7 @@ Fields to note: | workflow.rbac.create | bool | `true` | Adds Role and RoleBinding for the above specified service account to be able to run workflows. A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) | | workflow.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | +| workflow.serviceAccount.labels | object | `{}` | Labels applied to created service account | | workflow.serviceAccount.name | string | `"argo-workflow"` | Service account which is used to run workflows | ### Workflow Controller @@ -114,6 +115,7 @@ Fields to note: | controller.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | the controller container's securityContext | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.create | bool | `true` | Create a service account for the controller | +| controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `""` | Service account name | | controller.serviceAnnotations | object | `{}` | Annotations to be applied to the controller Service | | controller.serviceLabels | object | `{}` | Optional labels to add to the controller Service | @@ -200,6 +202,7 @@ Fields to note: | server.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsNonRoot":true}` | Servers container-level security context | | server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | server.serviceAccount.create | bool | `true` | Create a service account for the server | +| server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `""` | Service account name | | server.serviceAnnotations | object | `{}` | Annotations to be applied to the UI Service | | server.serviceLabels | object | `{}` | Optional labels to add to the UI Service | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index 3acc93ab..36245900 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -5,6 +5,9 @@ metadata: name: {{ template "argo-workflows.controllerServiceAccountName" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- with .Values.controller.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{ with .Values.controller.serviceAccount.annotations }} annotations: {{- toYaml .| nindent 4 }} diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 43e6cbf6..8928b32e 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -7,6 +7,9 @@ metadata: name: {{ $.Values.workflow.serviceAccount.name }} labels: {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} + {{- with $.Values.workflow.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with $namespace }} namespace: {{ . }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml index 5525d7af..2f6644ed 100644 --- a/charts/argo-workflows/templates/server/server-sa.yaml +++ b/charts/argo-workflows/templates/server/server-sa.yaml @@ -5,6 +5,9 @@ metadata: name: {{ template "argo-workflows.serverServiceAccountName" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.server.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 3a371a8f..703bb77b 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -41,6 +41,8 @@ workflow: serviceAccount: # -- Specifies whether a service account should be created create: false + # -- Labels applied to created service account + labels: {} # -- Annotations applied to created service account annotations: {} # -- Service account which is used to run workflows @@ -181,6 +183,8 @@ controller: create: true # -- Service account name name: "" + # -- Labels applied to created service account + labels: {} # -- Annotations applied to created service account annotations: {} @@ -366,6 +370,8 @@ server: create: true # -- Service account name name: "" + # -- Labels applied to created service account + labels: {} # -- Annotations applied to created service account annotations: {} From a93c45cdc7ae773b66304caa7158da1cc1cebd37 Mon Sep 17 00:00:00 2001 From: Zadkiel Aharonian Date: Fri, 25 Nov 2022 18:39:50 +0100 Subject: [PATCH 0455/1248] fix(argo-cd): deprecate server.extraArgs."--insecure" (#1669) Signed-off-by: GitHub Signed-off-by: GitHub --- charts/argo-cd/Chart.yaml | 7 ++----- charts/argo-cd/templates/NOTES.txt | 3 +++ 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6af8b608..8b52e886 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.14.1 +version: 5.14.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,7 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Configuration option configs.gpg" - - "[Deprecated]: Configuration option configs.gpgKeys" - - "[Deprecated]: Configuration option configs.gpgKeysAnnotations" - - "[Fixed]: Documentation for declarative setup" + - "[Deprecated]: Configuration option server.extraArgs."--insecure"" diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 9b0d86ce..60e23c90 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -28,6 +28,9 @@ DEPRECATED option server.logFormat - Use configs.params.server.log.format {{- if .Values.server.logLevel }} DEPRECATED option server.logLevel - Use configs.params.server.log.level {{- end }} +{{- if has "--insecure" .Values.server.extraArgs }} +DEPRECATED option server.extraArgs."--insecure" - Use configs.params.server.insecure +{{- end }} {{- if .Values.repoServer.logFormat }} DEPRECATED option repoServer.logFormat - Use configs.params.repoServer.log.format {{- end }} From 77d8a11dd88a229671e2143824b5f54fd2687811 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 26 Nov 2022 10:08:11 +0900 Subject: [PATCH 0456/1248] chore(argo-workflows): Support workflow retention (#1668) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 6 ++++++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 4935775b..97b0abe5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.3 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.10 +version: 0.20.11 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add labels to ServiceAccounts." + - "[Added]: Support workflow retention" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 58e88acf..711a1f52 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -112,6 +112,7 @@ Fields to note: | controller.replicas | int | `1` | The number of controller pods to run | | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | +| controller.retentionPolicy | object | `{}` | Workflow retention by number of workflows | | controller.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | the controller container's securityContext | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.create | bool | `true` | Create a service account for the controller | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 78041a8f..0f29b576 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -167,3 +167,6 @@ data: {{- with .Values.controller.navColor }} navColor: {{ . }} {{- end }} + {{- with .Values.controller.retentionPolicy }} + retentionPolicy: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 703bb77b..18d28ad4 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -291,6 +291,12 @@ controller: # -- Extra containers to be added to the controller deployment extraContainers: [] + # -- Workflow retention by number of workflows + retentionPolicy: {} + # completed: 10 + # failed: 3 + # errored: 3 + # mainContainer adds default config for main container that could be overriden in workflows template mainContainer: # -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. From ca66f888d54c22284c49710fe0baa2138f74adaf Mon Sep 17 00:00:00 2001 From: smcavallo Date: Mon, 28 Nov 2022 17:08:31 -0500 Subject: [PATCH 0457/1248] feat(argo-cd): Upgrade argocd to v2.5.3 (#1671) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8b52e886..7152bd9f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.2 +appVersion: v2.5.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.14.2 +version: 5.14.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Deprecated]: Configuration option server.extraArgs."--insecure"" + - "[Changed]: Update to app version 2.5.3" From a918b83058ac2c7edd3df985387f89bc2b45a28c Mon Sep 17 00:00:00 2001 From: fsl <1171313930@qq.com> Date: Tue, 29 Nov 2022 10:56:17 +0800 Subject: [PATCH 0458/1248] fix helm install md (#1672) Signed-off-by: fsl <1171313930@qq.com> Signed-off-by: fsl <1171313930@qq.com> --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 36ef70b6..49c0577b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -93,7 +93,7 @@ helm dependency update Minimally: ``` -helm install charts/argo-cd --namespace argocd -n argo-cd +helm install argocd argo/argo-cd -n argocd --create-namespace kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 ``` From c93550224b4381be59cc5448f5871757de5dad3c Mon Sep 17 00:00:00 2001 From: Karl Parry <88431088+karlparry@users.noreply.github.com> Date: Tue, 29 Nov 2022 21:14:17 +0000 Subject: [PATCH 0459/1248] feat(argo-cd): Add Repo Server strict TLS cert support (#1673) Signed-off-by: Karl Parry --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 6 +++++ charts/argo-cd/templates/_helpers.tpl | 1 + .../argocd-repo-server-tls.yaml | 24 +++++++++++++++++++ charts/argo-cd/values.yaml | 17 +++++++++++++ 5 files changed, 50 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7152bd9f..719090f6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.14.3 +version: 5.15.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update to app version 2.5.3" + - "[Added]: Ability to deploy argocd-repo-server-server-tls secret and configure Strict TLS for Repo Server" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a1e4a6aa..d592025e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -522,6 +522,12 @@ NAME: my-release | repoServer.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the repo server [HPA] | | repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] | | repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] | +| repoServer.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-repo-server-tls secret | +| repoServer.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | +| repoServer.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) | +| repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret | +| repoServer.certificateSecret.key | string | `""` | Certificate private key | +| repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | | repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 5bdbd871..bdfa010b 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -194,6 +194,7 @@ Argo Params Default Configuration Presets */}} {{- define "argo-cd.config.params.presets" -}} repo.server: "{{ include "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}" +server.repo.server.strict.tls: {{ .Values.repoServer.certificateSecret.enabled | toString }} {{- with include "argo-cd.redis.server" . }} redis.server: {{ . | quote }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls.yaml b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls.yaml new file mode 100644 index 00000000..7efa2051 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.repoServer.enabled .Values.repoServer.certificateSecret.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: argocd-repo-server-tls + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "repo-server-tls") | nindent 4 }} + {{- with .Values.repoServer.certificateSecret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.repoServer.certificateSecret.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +type: kubernetes.io/tls +data: + {{- with .Values.repoServer.certificateSecret.ca }} + ca.crt: {{ . | b64enc | quote }} + {{- end }} + tls.crt: {{ .Values.repoServer.certificateSecret.crt | b64enc | quote }} + tls.key: {{ .Values.repoServer.certificateSecret.key | b64enc | quote }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 641caa2f..63da9ea1 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1982,6 +1982,23 @@ repoServer: # cpu: 10m # memory: 64Mi + # TLS certificate configuration via Secret + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server + ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. + certificateSecret: + # -- Create argocd-repo-server-tls secret + enabled: false + # -- Annotations to be added to argocd-repo-server-tls secret + annotations: {} + # -- Labels to be added to argocd-repo-server-tls secret + labels: {} + # -- Certificate authority. Required for self-signed certificates. + ca: '' + # -- Certificate private key + key: '' + # -- Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) + crt: '' + ## Repo server service configuration service: # -- Repo server service annotations From 9ae4579297d63bf7228067375c37b857359c845d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 1 Dec 2022 00:25:40 +0900 Subject: [PATCH 0460/1248] chore(argo-workflows): Update Argo Workflows to v3.4.4 (#1674) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 97b0abe5..088afe25 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.3 +appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.11 +version: 0.20.12 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support workflow retention" + - "[Changed]: Update Argo Workflows to v3.4.4" From a0784fddac5e84d793288b295dbfe0b53cf7727e Mon Sep 17 00:00:00 2001 From: Karl Parry <88431088+karlparry@users.noreply.github.com> Date: Wed, 30 Nov 2022 21:38:04 +0000 Subject: [PATCH 0461/1248] fix(argo-cd): Rename tls secret to include the -secret suffix (#1676) - "[Fixed]: TLS secret name so Dex correctly generates the checksum for argocd-dex-server-tls." - "[Fixed]: Standardise the naming convention of the TLS secret manifests." - "[Added]: Add checksum to Repo-Server for the argocd-repo-server-tls secret." Signed-off-by: Karl Parry --- charts/argo-cd/Chart.yaml | 6 ++++-- ...o-server-tls.yaml => argocd-repo-server-tls-secret.yaml} | 0 ...argocd-server-tls.yaml => argocd-server-tls-secret.yaml} | 0 charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +++ charts/argo-cd/templates/dex/deployment.yaml | 2 +- 5 files changed, 8 insertions(+), 3 deletions(-) rename charts/argo-cd/templates/argocd-configs/{argocd-repo-server-tls.yaml => argocd-repo-server-tls-secret.yaml} (100%) rename charts/argo-cd/templates/argocd-configs/{argocd-server-tls.yaml => argocd-server-tls-secret.yaml} (100%) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 719090f6..8fe4e645 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.15.0 +version: 5.15.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to deploy argocd-repo-server-server-tls secret and configure Strict TLS for Repo Server" + - "[Fixed]: TLS secret name so Dex correctly generates the checksum for argocd-dex-server-tls." + - "[Fixed]: Standardise the naming convention of the TLS secret manifests." + - "[Added]: Add checksum to Repo-Server for the argocd-repo-server-tls secret." diff --git a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls.yaml b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls.yaml rename to charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml diff --git a/charts/argo-cd/templates/argocd-configs/argocd-server-tls.yaml b/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml similarity index 100% rename from charts/argo-cd/templates/argocd-configs/argocd-server-tls.yaml rename to charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 3437b8d3..0323e2f1 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -16,6 +16,9 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if .Values.repoServer.certificateSecret.enabled }} + checksum/repo-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-repo-server-tls-secret.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index bbb16e44..5f271bcf 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -16,7 +16,7 @@ spec: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} {{- if .Values.dex.certificateSecret.enabled }} - checksum/dex-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-dex-server-tls.yaml") . | sha256sum }} + checksum/dex-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-dex-server-tls-secret.yaml") . | sha256sum }} {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.dex.podAnnotations) }} {{- range $key, $value := . }} From f25cda30af86dd94663268393e37f88290556488 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 30 Nov 2022 22:57:12 +0100 Subject: [PATCH 0462/1248] chore(argo-cd): Remove duplicate ApplicationSet features (#1598) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 9 ++++---- charts/argo-cd/README.md | 2 -- charts/argo-cd/templates/NOTES.txt | 6 +++++ .../argocd-applicationset/deployment.yaml | 15 +++++------- .../templates/argocd-applicationset/role.yaml | 23 ++++++++++--------- charts/argo-cd/values.yaml | 4 ---- 6 files changed, 29 insertions(+), 30 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8fe4e645..c9944855 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.15.1 +version: 5.15.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,7 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: TLS secret name so Dex correctly generates the checksum for argocd-dex-server-tls." - - "[Fixed]: Standardise the naming convention of the TLS secret manifests." - - "[Added]: Add checksum to Repo-Server for the argocd-repo-server-tls secret." + - "[Changed]: ApplicationSet now automatically detects leader election" + - "[Changed]: Simplified ApplicationSet RBAC rules" + - "[Removed]: Configuration option applicationset.args.debug" + - "[Removed]: Configuration option applicationset.args.enableLeaderElection" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d592025e..4fbf2085 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -950,9 +950,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | -| applicationSet.args.debug | bool | `false` | Print debug logs | | applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.enableLeaderElection | bool | `false` | The default leader election setting | | applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 60e23c90..98bbb96a 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -58,6 +58,12 @@ REMOVED option controller.service - Use controller.metrics {{- if .Values.repoServer.copyutil }} REMOVED option repoSever.copyutil.resources - Use repoServer.resources {{- end }} +{{- if .Values.applicationSet.args.debug }} +REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug +{{- end }} +{{- if .Values.applicationSet.args.enableLeaderElection }} +REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 49c31ad0..ea497e4a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -41,19 +41,16 @@ spec: command: - entrypoint.sh - argocd-applicationset-controller + - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --enable-leader-election={{ gt ( .Values.applicationSet.replicaCount | int64) 1 }} + - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} + - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} + - --policy={{ .Values.applicationSet.args.policy }} + - --dry-run={{ .Values.applicationSet.args.dryRun }} - --logformat - {{ default .Values.global.logging.format .Values.applicationSet.logFormat }} - --loglevel - {{ default .Values.global.logging.level .Values.applicationSet.logLevel }} - - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} - - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} - {{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }} - - --enable-leader-election=true - {{- end }} - - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - - --policy={{ .Values.applicationSet.args.policy }} - - --debug={{ .Values.applicationSet.args.debug }} - - --dry-run={{ .Values.applicationSet.args.dryRun }} {{- with .Values.applicationSet.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index 8f60df1a..a9ec2f92 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -47,9 +47,20 @@ rules: - apiGroups: - "" resources: - - secrets - configmaps verbs: + - create + - update + - delete + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: - get - list - watch @@ -62,16 +73,6 @@ rules: - get - list - watch - # Leader election - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - update - - delete - - patch - apiGroups: - coordination.k8s.io resources: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 63da9ea1..204741a8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2153,12 +2153,8 @@ applicationSet: metricsAddr: :8080 # -- The default health check port probeBindAddr: :8081 - # -- The default leader election setting - enableLeaderElection: false # -- How application is synced between the generator and the cluster policy: sync - # -- Print debug logs - debug: false # -- Enable dry run mode dryRun: false From b97e652f63fe745ed997a9ffb971b2c2db7c9cbf Mon Sep 17 00:00:00 2001 From: John Stewart <32647598+jstewart612@users.noreply.github.com> Date: Wed, 30 Nov 2022 18:25:22 -0500 Subject: [PATCH 0463/1248] feat(argo-cd): Add ability to annotate Deployments and StatefulSets (#1608) * feat(argo-cd): Add ability to annotate Deployments and StatefulSets Signed-off-by: John Stewart * fix: Controller and AppSet controller was mixed Signed-off-by: Marco Kilchhofer Signed-off-by: John Stewart Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 ++--- charts/argo-cd/README.md | 9 +++++++ .../statefulset.yaml | 8 +++++- .../argocd-applicationset/deployment.yaml | 6 +++++ .../bots/slack/deployment.yaml | 8 +++++- .../argocd-notifications/deployment.yaml | 6 +++++ .../argocd-repo-server/deployment.yaml | 6 +++++ .../templates/argocd-server/deployment.yaml | 6 +++++ charts/argo-cd/templates/dex/deployment.yaml | 6 +++++ .../argo-cd/templates/redis/deployment.yaml | 6 +++++ charts/argo-cd/values.yaml | 27 +++++++++++++++++++ 11 files changed, 88 insertions(+), 7 deletions(-) mode change 100755 => 100644 charts/argo-cd/templates/argocd-application-controller/statefulset.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c9944855..c2607c73 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.15.2 +version: 5.16.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,7 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: ApplicationSet now automatically detects leader election" - - "[Changed]: Simplified ApplicationSet RBAC rules" - - "[Removed]: Configuration option applicationset.args.debug" - - "[Removed]: Configuration option applicationset.args.enableLeaderElection" + - "[Added]: Ability to annotate Deployment and Statefulset objects for all components" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4fbf2085..6226c73f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -376,6 +376,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Common labels for the all resources | +| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | @@ -389,6 +390,7 @@ NAME: my-release | global.podLabels | object | `{}` | Labels for the all deployed pods | | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | +| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | ## Argo CD Configs @@ -506,6 +508,7 @@ NAME: my-release | controller.serviceAccount.create | bool | `true` | Create a service account for the application controller | | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | +| controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | @@ -533,6 +536,7 @@ NAME: my-release | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | +| repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | @@ -632,6 +636,7 @@ NAME: my-release | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | +| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | @@ -775,6 +780,7 @@ server: | dex.containerPortHttp | int | `5556` | Container port for HTTP access | | dex.containerPortMetrics | int | `5558` | Container port for metrics access | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | +| dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | | dex.enabled | bool | `true` | Enable dex | | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | @@ -848,6 +854,7 @@ server: | redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | redis.containerPort | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | +| redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment | | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | @@ -955,6 +962,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | +| applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | @@ -1056,6 +1064,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | +| notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | | notifications.extraEnv | list | `[]` | Additional container environment variables | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml old mode 100755 new mode 100644 index 282bfe1f..66486b53 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -1,7 +1,13 @@ apiVersion: apps/v1 kind: StatefulSet metadata: - name: {{ include "argo-cd.controller.fullname" . }} + {{- with (mergeOverwrite (deepCopy .Values.global.statefulsetAnnotations) .Values.controller.statefulsetAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + name: {{ template "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ea497e4a..6c48fefb 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -2,6 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.applicationSet.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index 2f0d0d94..da934607 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -2,7 +2,13 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "argo-cd.notifications.fullname" . }}-bot + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + name: {{ template "argo-cd.notifications.fullname" . }}-bot labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index a14be88c..2be14fdd 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -2,6 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.notifications.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 0323e2f1..d8cbb97d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -1,6 +1,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.repoServer.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 86739bdd..7793b11a 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -1,6 +1,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.server.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ template "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5f271bcf..5900070f 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -2,6 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.dex.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ template "argo-cd.dex.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 238af4d0..38ba73be 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -3,6 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.redis.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.redis.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 204741a8..1aa6f4d5 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -68,6 +68,12 @@ global: # -- Set the global logging level. One of: `debug`, `info`, `warn` or `error` level: info + # -- Annotations for the all deployed Statefulsets + statefulsetAnnotations: {} + + # -- Annotations for the all deployed Deployments + deploymentAnnotations: {} + # -- Annotations for the all deployed pods podAnnotations: {} @@ -540,6 +546,9 @@ controller: # - secretRef: # name: secret-name + # -- Annotations for the application controller StatefulSet + statefulsetAnnotations: {} + # -- Annotations to be added to application controller pods podAnnotations: {} @@ -846,6 +855,9 @@ dex: # -- Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) crt: '' + # -- Annotations to be added to the Dex server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to the Dex server pods podAnnotations: {} @@ -1029,6 +1041,9 @@ redis: # - secretRef: # name: secret-name + # -- Annotations to be added to the Redis server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to the Redis server pods podAnnotations: {} @@ -1343,6 +1358,9 @@ server: # @default -- `""` (defaults to global.logging.level) # logLevel: "" + # -- Annotations to be added to server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to server pods podAnnotations: {} @@ -1898,6 +1916,9 @@ repoServer: # @default -- `""` (defaults to global.logging.format) # logLevel: "" + # -- Annotations to be added to repo server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to repo server pods podAnnotations: {} @@ -2227,6 +2248,9 @@ applicationSet: # If not set and create is true, a name is generated using the fullname template name: "" + # -- Annotations to be added to ApplicationSet controller Deployment + deploymentAnnotations: {} + # -- Annotations for the controller pods podAnnotations: {} @@ -2517,6 +2541,9 @@ notifications: # service.slack: | # token: $slack-token + # -- Annotations to be applied to the notifications controller Deployment + deploymentAnnotations: {} + # -- Annotations to be applied to the controller Pods podAnnotations: {} From 48e16abc42371429b4d7cfdeba626f70582fa55b Mon Sep 17 00:00:00 2001 From: Daniel Iziourov Date: Fri, 2 Dec 2022 11:29:25 +0100 Subject: [PATCH 0464/1248] chore(argo-workflows): removed deprecated Role rbac (#1681) Signed-off-by: danmx Signed-off-by: danmx --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/controller/workflow-role.yaml | 2 -- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 088afe25..1c520bfa 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.12 +version: 0.21.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo Workflows to v3.4.4" + - "[Removed]: Deprecated Role permission" diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 38c0ed43..fffb38fd 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -49,8 +49,6 @@ rules: - argoproj.io resources: - workflowtasksets/status - {{/* TODO: This resource is for app version <= v3.2, so please remove it when app version v3.2 is no more used. */}} - - workflowtasksets verbs: - patch {{- end }} From 462fde1f299b009c02f8daf83a5198eb75e16837 Mon Sep 17 00:00:00 2001 From: Luke Date: Fri, 2 Dec 2022 06:26:17 -0700 Subject: [PATCH 0465/1248] add with statements around project templates for source/destinations (#1678) Signed-off-by: lukepatrick Signed-off-by: lukepatrick Co-authored-by: Petr Drastil --- .github/workflows/lint-and-test.yml | 2 +- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/templates/projects.yaml | 8 ++++++-- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 504f9fb0..f9f19d6a 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: run: | helm repo add dandydeveloper https://dandydeveloper.github.io/charts/ helm dependency build charts/argo-cd/ - helm template charts/argo-cd/ -s templates/crds/* | kubectl apply -f - + helm template charts/argo-cd/ --set server.extensions.enabled=true -s templates/crds/* | kubectl apply -f - - name: Skip HPA tests of ArgoCD if: contains(steps.list-changed.outputs.changed_charts, 'argo-cd') diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index cba44891..1227df58 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.3 +version: 0.0.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add Extensions" + - "[Changed]: Projects templates" diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml index 5832810b..f3d24f4f 100644 --- a/charts/argocd-apps/templates/projects.yaml +++ b/charts/argocd-apps/templates/projects.yaml @@ -23,10 +23,14 @@ metadata: {{- end }} spec: description: {{ .description }} + {{- with .sourceRepos }} sourceRepos: - {{- toYaml .sourceRepos | nindent 4 }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .destinations }} destinations: - {{- toYaml .destinations | nindent 4 }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .clusterResourceWhitelist }} clusterResourceWhitelist: {{- toYaml . | nindent 4 }} From 216a52d341776a68d960ef751da963f722466225 Mon Sep 17 00:00:00 2001 From: Daniel Iziourov Date: Fri, 2 Dec 2022 14:49:50 +0100 Subject: [PATCH 0466/1248] fix(argo-workflows): missing artifact GC rbac (#1680) According to the documentation: https://argoproj.github.io/argo-workflows/walk-through/artifacts/#artifact-garbage-collection Signed-off-by: danmx Signed-off-by: danmx Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/controller/workflow-role.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 1c520bfa..e4f350fa 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.21.0 +version: 0.22.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Removed]: Deprecated Role permission" + - "[Fixed]: Missing Artifact GC permissions" diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index fffb38fd..51050d0f 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -42,6 +42,7 @@ rules: - argoproj.io resources: - workflowtasksets + - workflowartifactgctasks verbs: - list - watch @@ -49,6 +50,7 @@ rules: - argoproj.io resources: - workflowtasksets/status + - workflowartifactgctasks/status verbs: - patch {{- end }} From 34a33c967f83622b086de824b0e67c83360de791 Mon Sep 17 00:00:00 2001 From: Hyeonmin Park Date: Fri, 2 Dec 2022 23:47:51 +0900 Subject: [PATCH 0467/1248] feat(argo-cd): Set aggregate roles only for using resources, with argocdextensions also (#1679) Signed-off-by: Hyeonmin Park Signed-off-by: Hyeonmin Park Co-authored-by: Petr Drastil Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/templates/aggregate-roles.yaml | 15 +++++++++++++++ charts/argo-cd/values.yaml | 2 +- 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c2607c73..60f974e8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.0 +version: 5.16.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Ability to annotate Deployment and Statefulset objects for all components" + - "[Fixed]: Set aggregate roles only for using resources" + - "[Added]: Add argocdextensions to aggregate roles" + - "[Fixed]: Fix typo of notification.bots.slack.image in values" diff --git a/charts/argo-cd/templates/aggregate-roles.yaml b/charts/argo-cd/templates/aggregate-roles.yaml index 12d0e006..b3893922 100644 --- a/charts/argo-cd/templates/aggregate-roles.yaml +++ b/charts/argo-cd/templates/aggregate-roles.yaml @@ -11,7 +11,12 @@ rules: - argoproj.io resources: - applications + {{- if .Values.applicationSet.enabled }} - applicationsets + {{- end }} + {{- if .Values.server.extensions.enabled }} + - argocdextensions + {{- end }} - appprojects verbs: - get @@ -31,7 +36,12 @@ rules: - argoproj.io resources: - applications + {{- if .Values.applicationSet.enabled }} - applicationsets + {{- end }} + {{- if .Values.server.extensions.enabled }} + - argocdextensions + {{- end }} - appprojects verbs: - create @@ -56,7 +66,12 @@ rules: - argoproj.io resources: - applications + {{- if .Values.applicationSet.enabled }} - applicationsets + {{- end }} + {{- if .Values.server.extensions.enabled }} + - argocdextensions + {{- end }} - appprojects verbs: - create diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1aa6f4d5..aa524ebd 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2890,7 +2890,7 @@ notifications: ## Has higher precedence over `notifications.bots.slack.pdb.minAvailable` maxUnavailable: "" - ## Slack bot imabe + ## Slack bot image image: # -- Repository to use for the Slack bot # @default -- `""` (defaults to global.image.repository) From 7bb7caa2cf4385e8d72b35b7452ab6bb8823f808 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 7 Dec 2022 16:41:34 +0900 Subject: [PATCH 0468/1248] chore(argo-cd): Update ArgoCD to v2.5.4 (#1687) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 60f974e8..ed5ed350 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.3 +appVersion: v2.5.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.1 +version: 5.16.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Set aggregate roles only for using resources" - - "[Added]: Add argocdextensions to aggregate roles" - - "[Fixed]: Fix typo of notification.bots.slack.image in values" + - "[Changed]: Update ArgoCD to v2.5.4" From 5b15810e2dde5e1c387c84269f738c44da9a5e90 Mon Sep 17 00:00:00 2001 From: Pedro Date: Fri, 9 Dec 2022 00:50:05 -0600 Subject: [PATCH 0469/1248] fix(argo-workflows): avoid label exceeding maximum length (#1692) fix(argo-workflows): generated value for app.kubernetes.io/version label for argo-workflows will not exceed maximum length and support image tags with a SHA digest. Signed-off-by: Pedro Salgado Signed-off-by: Pedro Salgado --- charts/argo-workflows/Chart.yaml | 5 ++-- charts/argo-workflows/templates/_helpers.tpl | 26 +++++++++++++++++++ .../workflow-controller-deployment.yaml | 4 +-- .../templates/server/server-deployment.yaml | 4 +-- .../templates/server/server-service.yaml | 2 +- 5 files changed, 34 insertions(+), 7 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index e4f350fa..870bef4b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.0 +version: 0.22.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Missing Artifact GC permissions" + - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63) + - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller/server/executor.image.tag with a SHA digest" diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index f0306cac..a3ce8934 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -45,6 +45,32 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Create kubernetes friendly chart version label for the controller. +Examples: +image.tag = v3.4.4 +output = v3.4.4 + +image.tag = v3.4.4@sha256:d06860f1394a94ac3ff8401126ef32ba28915aa6c3c982c7e607ea0b4dadb696 +output = v3.4.4 +*/}} +{{- define "argo-workflows.controller_chart_version_label" -}} +{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag) "") "" | trunc 63 | quote -}} +{{- end -}} + +{{/* +Create kubernetes friendly chart version label for the server. +Examples: +image.tag = v3.4.4 +output = v3.4.4 + +image.tag = v3.4.4@sha256:d06860f1394a94ac3ff8401126ef32ba28915aa6c3c982c7e607ea0b4dadb696 +output = v3.4.4 +*/}} +{{- define "argo-workflows.server_chart_version_label" -}} +{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-workflows.defaultTag" .) .Values.server.image.tag) "") "" | trunc 63 | quote -}} +{{- end -}} + {{/* Common labels */}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 257b4423..7ce17155 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -4,7 +4,7 @@ metadata: name: {{ template "argo-workflows.controller.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} {{- with .Values.controller.deploymentAnnotations }} annotations: {{- toYaml . | nindent 4 }} @@ -18,7 +18,7 @@ spec: metadata: labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} {{- with.Values.controller.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 53c116e1..e1e9b680 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-workflows.server.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} {{- with .Values.server.deploymentAnnotations }} annotations: {{- toYaml . | nindent 4 }} @@ -19,7 +19,7 @@ spec: metadata: labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} {{- with .Values.server.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 3b147ab2..22fc2b01 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -5,7 +5,7 @@ metadata: name: {{ template "argo-workflows.server.fullname" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} {{- with .Values.server.serviceAnnotations }} annotations: {{- toYaml . | nindent 4 }} From bd7dc0bddfb444708dc6cb0437d49452b7a96428 Mon Sep 17 00:00:00 2001 From: Pedro Date: Fri, 9 Dec 2022 07:07:45 -0600 Subject: [PATCH 0470/1248] fix(argo-events): avoid label exceeding maximum length (#1693) --- charts/argo-events/Chart.yaml | 6 ++-- charts/argo-events/templates/_helpers.tpl | 28 +++++++++++++++++++ .../argo-events-controller/deployment.yaml | 4 +-- .../argo-events-webhook/deployment.yaml | 6 ++-- 4 files changed, 37 insertions(+), 7 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 46c4c6f6..55cd3a95 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.3 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.6 +version: 2.0.7 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,6 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Argo events controller to v1.7.3" + - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63) + - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller/webhook .image.tag with a SHA digest" + - "[Fixed]: webhook.image.tag value now overrides the tag in the webhook deployment" diff --git a/charts/argo-events/templates/_helpers.tpl b/charts/argo-events/templates/_helpers.tpl index efbdc669..c3110b3f 100644 --- a/charts/argo-events/templates/_helpers.tpl +++ b/charts/argo-events/templates/_helpers.tpl @@ -68,6 +68,34 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Create kubernetes friendly chart version label for the controller. + +Examples: +image.tag = v1.7.3 +output = v1.7.3 + +image.tag = v1.7.3@sha256:a40f4f3ea20d354f00ab469a9f73102668fa545c4d632e1a8e11a206ad3093f3 +output = v1.7.3 +*/}} +{{- define "argo-events.controller_chart_version_label" -}} +{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-events.defaultTag" .) .Values.controller.image.tag) "") "" | trunc 63 | quote -}} +{{- end -}} + +{{/* +Create kubernetes friendly chart version label for the events webhook. + +Examples: +image.tag = v1.7.3 +output = v1.7.3 + +image.tag = v1.7.3@sha256:a40f4f3ea20d354f00ab469a9f73102668fa545c4d632e1a8e11a206ad3093f3 +output = v1.7.3 +*/}} +{{- define "argo-events.webhook_chart_version_label" -}} +{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default (include "argo-events.defaultTag" .) .Values.webhook.image.tag) "") "" | trunc 63 | quote -}} +{{- end -}} + {{/* Common labels */}} diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 88ecf66f..ab41c26b 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -4,7 +4,7 @@ metadata: name: {{ include "argo-events.controller.fullname" . }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag | quote }} + app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }} spec: selector: matchLabels: @@ -22,7 +22,7 @@ spec: {{- end }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag | quote }} + app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.controller.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index 8def5183..b030bc7c 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -5,7 +5,7 @@ metadata: name: events-webhook labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag | quote }} + app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }} spec: selector: matchLabels: @@ -22,7 +22,7 @@ spec: {{- end }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 8 }} - app.kubernetes.io/version: {{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag | quote }} + app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.webhook.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} @@ -37,7 +37,7 @@ spec: {{- end }} containers: - name: {{ .Values.webhook.name }} - image: {{ default .Values.global.image.repository .Values.webhook.image.repository }}:{{ default (include "argo-events.defaultTag" .) .Values.controller.image.tag }} + image: {{ default .Values.global.image.repository .Values.webhook.image.repository }}:{{ default (include "argo-events.defaultTag" .) .Values.webhook.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.webhook.image.imagePullPolicy }} args: - webhook-service From f5c5c141c55242b9953e7853d1852b4db61f0242 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 10 Dec 2022 23:50:31 +0900 Subject: [PATCH 0471/1248] feat(argocd-apps): Support sourceNamespaces for AppProject (#1698) Signed-off-by: yu-croco --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/templates/projects.yaml | 4 ++++ charts/argocd-apps/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 1227df58..7a5840b7 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.4 +version: 0.0.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Projects templates" + - "[Added]: Support sourceNamespaces for AppProject" diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml index f3d24f4f..f747d1b6 100644 --- a/charts/argocd-apps/templates/projects.yaml +++ b/charts/argocd-apps/templates/projects.yaml @@ -63,4 +63,8 @@ spec: signatureKeys: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .sourceNamespaces }} + sourceNamespaces: + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 3e0a07f4..b3eaa5d2 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -74,6 +74,8 @@ projects: [] # manualSync: true # signatureKeys: # - keyID: ABCDEF1234567890 +# sourceNamespaces: +# - argocd # -- Deploy Argo CD ApplicationSets within this helm release # @default -- `[]` (See [values.yaml]) From bc70281ca4302db25dcbe4036d14092f727a0eee Mon Sep 17 00:00:00 2001 From: Jellyfrog Date: Tue, 13 Dec 2022 07:19:17 +0100 Subject: [PATCH 0472/1248] feat(argo-cd): Add annotations to PrometheusRule (#1700) --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/prometheusrule.yaml | 4 ++++ charts/argo-cd/values.yaml | 1 + 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ed5ed350..d5216722 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.2 +version: 5.16.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update ArgoCD to v2.5.4" + - "[Added]: Add annotations to PrometheusRule" diff --git a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml index 485ed1aa..c44a63f5 100644 --- a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml @@ -14,6 +14,10 @@ metadata: {{- if .Values.controller.metrics.rules.additionalLabels }} {{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }} {{- end }} + {{- with .Values.controller.metrics.rules.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: groups: - name: argocd diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index aa524ebd..041221d8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -705,6 +705,7 @@ controller: # prometheus: kube-prometheus # namespace: monitoring # additionalLabels: {} + # annotations: {} ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. clusterAdminAccess: From 3644e714d812ee0c37a4b53be6677521e8a593fa Mon Sep 17 00:00:00 2001 From: Viacheslav Vasilyev Date: Tue, 13 Dec 2022 23:31:00 +0200 Subject: [PATCH 0473/1248] fix(argo-cd): Prevent could not parse 0 warning (#1704) Prevent could not parse 0 warning Signed-off-by: Viacheslav Vasilyev Signed-off-by: Viacheslav Vasilyev --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d5216722..9ab58783 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.3 +version: 5.16.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Add annotations to PrometheusRule" + - "[Fixed]: Prevent could not parse 0 warning" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6226c73f..b65562d7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -401,7 +401,7 @@ NAME: my-release | configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | -| configs.cm."timeout.hard.reconciliation" | int | `0` | Timeout to refresh application data as well as target manifests cache | +| configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | | configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 041221d8..29ac4419 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -133,7 +133,7 @@ configs: timeout.reconciliation: 180s # -- Timeout to refresh application data as well as target manifests cache - timeout.hard.reconciliation: 0 + timeout.hard.reconciliation: 0s # Dex configuration # dex.config: | From e9495d3c1080b0946ea62374eb9a3b420c10ac30 Mon Sep 17 00:00:00 2001 From: Marco Lecheler Date: Wed, 14 Dec 2022 22:12:57 +0100 Subject: [PATCH 0474/1248] docs(argo-cd): Fix Argo CD value description typos for AppSet and Notification controllers (#1706) * docs(argo-cd): rename 'application set' to 'ApplicationSet' * docs(argo-cd): add ApplicationSet prefix for controller * docs(argo-cd): fix ApplicationSet to PascalCase * docs(argo-cd): fix notification controller description for logFormat/logLevel * docs(argo-cd): add notification prefix to values file description * chore(argo-cd): bump chart version * chore(argo-cd): add changelog * chore: generate helm-docs Signed-off-by: Marco Lecheler --- charts/argo-cd/Chart.yaml | 5 ++-- charts/argo-cd/README.md | 50 ++++++++++++++++++------------------ charts/argo-cd/values.yaml | 52 +++++++++++++++++++------------------- 3 files changed, 54 insertions(+), 53 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9ab58783..66852cca 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.4 +version: 5.16.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Prevent could not parse 0 warning" + - "[Docs]: Updated ApplicationSet value documentation" + - "[Docs]: Updated notification value documentation" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b65562d7..99108a06 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -965,14 +965,14 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | -| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | -| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the controller | -| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | +| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | +| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the ApplicationSet controller | +| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the ApplicationSet controller | | applicationSet.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | applicationSet.extraVolumes | list | `[]` | List of extra volumes to add | -| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application set controller | -| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application set controller | -| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application set controller | +| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the ApplicationSet controller | +| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller | +| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | | applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | @@ -997,15 +997,15 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | -| applicationSet.name | string | `"applicationset-controller"` | Application Set controller name string | +| applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string | | applicationSet.nodeSelector | object | `{}` | [Node selector] | | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | | applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | -| applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods | -| applicationSet.podLabels | object | `{}` | Labels for the controller pods | +| applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | +| applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | | applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | | applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | @@ -1014,11 +1014,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | -| applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. | -| applicationSet.service.annotations | object | `{}` | Application set service annotations | -| applicationSet.service.labels | object | `{}` | Application set service labels | -| applicationSet.service.port | int | `7000` | Application set service port | -| applicationSet.service.portName | string | `"webhook"` | Application set service port name | +| applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. | +| applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations | +| applicationSet.service.labels | object | `{}` | ApplicationSet service labels | +| applicationSet.service.port | int | `7000` | ApplicationSet service port | +| applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | | applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | @@ -1028,7 +1028,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | | applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | | applicationSet.webhook.ingress.hosts | list | `[]` | List of ingress hosts | -| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | +| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | | applicationSet.webhook.ingress.labels | object | `{}` | Additional ingress labels | | applicationSet.webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | | applicationSet.webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths | @@ -1061,22 +1061,22 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | | notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | -| notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | +| notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.enabled | bool | `true` | Enable notifications controller | -| notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | +| notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | | notifications.extraEnv | list | `[]` | Additional container environment variables | -| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | +| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller | | notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | notifications.extraVolumes | list | `[]` | List of extra volumes to add | | notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller | | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| notifications.logFormat | string | `""` (defaults to global.logging.format) | Application controller log format. Either `text` or `json` | -| notifications.logLevel | string | `""` (defaults to global.logging.level) | Application controller log level. One of: `debug`, `info`, `warn`, `error` | +| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` | +| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | | notifications.metrics.port | int | `9001` | Metrics port | | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | @@ -1096,12 +1096,12 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb | | notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | | notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | -| notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods | -| notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods | -| notifications.priorityClassName | string | `""` | Priority class for the controller pods | -| notifications.resources | object | `{}` | Resource limits and requests for the controller | +| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | +| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | +| notifications.priorityClassName | string | `""` | Priority class for the notifications controller pods | +| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller | | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | -| notifications.secret.create | bool | `true` | Whether helm chart creates controller secret | +| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 29ac4419..776eb9f8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2132,7 +2132,7 @@ applicationSet: # -- Enable ApplicationSet controller enabled: true - # -- Application Set controller name string + # -- ApplicationSet controller name string name: applicationset-controller # -- The number of ApplicationSet controller pods to run @@ -2156,13 +2156,13 @@ applicationSet: ## ApplicationSet controller image image: - # -- Repository to use for the application set controller + # -- Repository to use for the ApplicationSet controller # @default -- `""` (defaults to global.image.repository) repository: "" - # -- Tag to use for the application set controller + # -- Tag to use for the ApplicationSet controller # @default -- `""` (defaults to global.image.tag) tag: "" - # -- Image pull policy for the application set controller + # -- Image pull policy for the ApplicationSet controller # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -2187,7 +2187,7 @@ applicationSet: # @default -- `""` (defaults to global.logging.level) logLevel: "" - # -- Additional containers to be added to the applicationset controller pod + # -- Additional containers to be added to the ApplicationSet controller pod extraContainers: [] ## Metrics service configuration @@ -2227,15 +2227,15 @@ applicationSet: # -- Prometheus ServiceMonitor annotations annotations: {} - ## Application set service configuration + ## ApplicationSet service configuration service: - # -- Application set service annotations + # -- ApplicationSet service annotations annotations: {} - # -- Application set service labels + # -- ApplicationSet service labels labels: {} - # -- Application set service port + # -- ApplicationSet service port port: 7000 - # -- Application set service port name + # -- ApplicationSet service port name portName: webhook serviceAccount: @@ -2252,10 +2252,10 @@ applicationSet: # -- Annotations to be added to ApplicationSet controller Deployment deploymentAnnotations: {} - # -- Annotations for the controller pods + # -- Annotations for the ApplicationSet controller pods podAnnotations: {} - # -- Labels for the controller pods + # -- Labels for the ApplicationSet controller pods podLabels: {} # -- ApplicationSet controller container-level security context @@ -2300,7 +2300,7 @@ applicationSet: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 - # -- Resource limits and requests for the controller pods. + # -- Resource limits and requests for the ApplicationSet controller pods. resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -2338,12 +2338,12 @@ applicationSet: # -- List of extra cli args to add extraArgs: [] - # -- Environment variables to pass to the controller + # -- Environment variables to pass to the ApplicationSet controller extraEnv: [] # - name: "MY_VAR" # value: "value" - # -- envFrom to pass to the controller + # -- envFrom to pass to the ApplicationSet controller # @default -- `[]` (See [values.yaml]) extraEnvFrom: [] # - configMapRef: @@ -2361,7 +2361,7 @@ applicationSet: annotations: {} # -- Additional ingress labels labels: {} - # -- Defines which ingress controller will implement the resource + # -- Defines which ingress ApplicationSet controller will implement the resource ingressClassName: "" # -- List of ingress hosts @@ -2452,7 +2452,7 @@ notifications: # environmentName: staging secret: - # -- Whether helm chart creates controller secret + # -- Whether helm chart creates notifications controller secret create: true # -- key:value pairs of annotations to be added to the secret @@ -2474,20 +2474,20 @@ notifications: # email-password: # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ - # -- Application controller log format. Either `text` or `json` + # -- Notifications controller log format. Either `text` or `json` # @default -- `""` (defaults to global.logging.format) logFormat: "" - # -- Application controller log level. One of: `debug`, `info`, `warn`, `error` + # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error` # @default -- `""` (defaults to global.logging.level) logLevel: "" - # -- Extra arguments to provide to the controller + # -- Extra arguments to provide to the notifications controller extraArgs: [] # -- Additional container environment variables extraEnv: [] - # -- envFrom to pass to the controller + # -- envFrom to pass to the notifications controller # @default -- `[]` (See [values.yaml]) extraEnvFrom: [] # - configMapRef: @@ -2545,10 +2545,10 @@ notifications: # -- Annotations to be applied to the notifications controller Deployment deploymentAnnotations: {} - # -- Annotations to be applied to the controller Pods + # -- Annotations to be applied to the notifications controller Pods podAnnotations: {} - # -- Labels to be applied to the controller Pods + # -- Labels to be applied to the notifications controller Pods podLabels: {} # -- Notification controller container-level security Context @@ -2563,10 +2563,10 @@ notifications: drop: - ALL - # -- Priority class for the controller pods + # -- Priority class for the notifications controller pods priorityClassName: "" - # -- Resource limits and requests for the controller + # -- Resource limits and requests for the notifications controller resources: {} # limits: # cpu: 100m @@ -2589,7 +2589,7 @@ notifications: # -- Labels applied to created service account labels: {} cm: - # -- Whether helm chart creates controller config map + # -- Whether helm chart creates notifications controller config map create: true # -- Contains centrally managed global application subscriptions From ed24a954677708636c1fbd2edefc3ae8e94b787a Mon Sep 17 00:00:00 2001 From: Nolan Emirot Date: Wed, 14 Dec 2022 22:03:15 -0800 Subject: [PATCH 0475/1248] chore(argo-cd): add new api version for cert-manager (#1713) chore: add new api version for cert-manager Signed-off-by: Nolan Emirot --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/templates/_versions.tpl | 2 ++ 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 66852cca..8f6e7b45 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.5 +version: 5.16.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Docs]: Updated ApplicationSet value documentation" - - "[Docs]: Updated notification value documentation" + - "[chore]: Update new api-version for cert-manager" diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 8e108bfe..2f2c61f9 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -55,6 +55,8 @@ Return the appropriate apiVersion for cert-manager {{- print .Values.apiVersionOverrides.certmanager -}} {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}} {{- print "cert-manager.io/v1" -}} +{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}} +{{- print "cert-manager.io/v1beta1" -}} {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}} {{- print "cert-manager.io/v1alpha3" -}} {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}} From 9e523b0538e353628818d983e133d6b72abdf161 Mon Sep 17 00:00:00 2001 From: Vadim Grek Date: Thu, 15 Dec 2022 10:33:36 +0200 Subject: [PATCH 0476/1248] chore(argo-events): use policy/v1 for poddisruptionbudgets, when available (#1710) * Use policy/v1 for poddisruptionbudgets, when available Signed-off-by: Vadim Grek --- charts/argo-events/Chart.yaml | 6 ++---- charts/argo-events/templates/_helpers.tpl | 11 +++++++++++ .../templates/argo-events-controller/pdb.yaml | 2 +- .../templates/argo-events-webhook/pdb.yaml | 2 +- 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 55cd3a95..39bf0659 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.3 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.7 +version: 2.0.8 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,6 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63) - - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller/webhook .image.tag with a SHA digest" - - "[Fixed]: webhook.image.tag value now overrides the tag in the webhook deployment" + - "[Fixed]: use policy/v1 for poddisruptionbudgets, when available diff --git a/charts/argo-events/templates/_helpers.tpl b/charts/argo-events/templates/_helpers.tpl index c3110b3f..d18f2ca9 100644 --- a/charts/argo-events/templates/_helpers.tpl +++ b/charts/argo-events/templates/_helpers.tpl @@ -125,3 +125,14 @@ Return the default Argo Events app version {{- define "argo-events.defaultTag" -}} {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} + +{{/* +Define Pdb apiVersion +*/}} +{{- define "argo-events.pdb.apiVersion" -}} +{{- if .Capabilities.APIVersions.Has "policy/v1" }} +{{- printf "policy/v1" -}} +{{- else }} +{{- printf "policy/v1beta1" -}} +{{- end }} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/pdb.yaml b/charts/argo-events/templates/argo-events-controller/pdb.yaml index 576fcfcf..f1a7b721 100644 --- a/charts/argo-events/templates/argo-events-controller/pdb.yaml +++ b/charts/argo-events/templates/argo-events-controller/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: policy/v1beta1 +apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.controller.fullname" . }} diff --git a/charts/argo-events/templates/argo-events-webhook/pdb.yaml b/charts/argo-events/templates/argo-events-webhook/pdb.yaml index 3bf08225..15bf97bf 100644 --- a/charts/argo-events/templates/argo-events-webhook/pdb.yaml +++ b/charts/argo-events/templates/argo-events-webhook/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.webhook.enabled .Values.webhook.pdb.enabled (not .Values.controller.rbac.namespaced) }} -apiVersion: policy/v1beta1 +apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.webhook.fullname" . }} From 69feaadde74e46bf9fa412b451d00f2c3849976f Mon Sep 17 00:00:00 2001 From: Chris Reiche <35380634+creiche@users.noreply.github.com> Date: Fri, 16 Dec 2022 19:45:25 -0500 Subject: [PATCH 0477/1248] feat(argo-events): Add the ability to change the port for argo-events webhook (#1712) --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/README.md | 1 + .../argo-events/templates/argo-events-webhook/deployment.yaml | 4 +++- charts/argo-events/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 39bf0659..fa40f90f 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.3 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.8 +version: 2.0.9 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: use policy/v1 for poddisruptionbudgets, when available + - "[Added]: Ability to specify port for webhook deployment" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 9a66aa06..30f26f30 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -155,6 +155,7 @@ done | webhook.pdb.labels | object | `{}` | Labels to be added to admission webhook pdb | | webhook.podAnnotations | object | `{}` | Annotations to be added to event controller pods | | webhook.podLabels | object | `{}` | Labels to be added to event controller pods | +| webhook.port | int | `443` | Port to listen on | | webhook.priorityClassName | string | `""` | Priority class for the event controller pods | | webhook.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | webhook.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index b030bc7c..2f0478af 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -50,6 +50,8 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: PORT + value: "{{ .Values.webhook.port }}" {{- with .Values.webhook.env }} {{- toYaml . | nindent 8 }} {{- end }} @@ -63,7 +65,7 @@ spec: {{- end }} ports: - name: webhook - containerPort: 443 + containerPort: {{ .Values.webhook.port }} protocol: TCP livenessProbe: tcpSocket: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 87c6ccf0..094a3638 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -315,6 +315,9 @@ webhook: # -- Labels to be added to event controller pods podLabels: {} + # -- Port to listen on + port: 443 + # -- Event controller container-level security context containerSecurityContext: {} # capabilities: From 5047f3c11973e74321288f1ceb41a65aa608ba9c Mon Sep 17 00:00:00 2001 From: Yannay Hammer Date: Sat, 17 Dec 2022 13:35:55 +0200 Subject: [PATCH 0478/1248] chore(argo-cd): Update ArgoCD to v2.5.5 (#1715) Signed-off-by: Yannay Hammer Signed-off-by: Yannay Hammer --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8f6e7b45..b1591a5f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.4 +appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.6 +version: 5.16.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[chore]: Update new api-version for cert-manager" + - "[chore]: Update ArgoCD to v2.5.5" From 3dcd161bf185edcaac94c7a6c0657870ce16ea85 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 18 Dec 2022 10:12:59 +0900 Subject: [PATCH 0479/1248] chore(github): bump helm/kind-action from 1.4.0 to 1.5.0 (#1714) chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index f9f19d6a..33942db0 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -58,7 +58,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@v1.4.0 + uses: helm/kind-action@v1.5.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 3c8ad7be8973cafb8a05f127503f0511f619599d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 19 Dec 2022 08:41:56 +0900 Subject: [PATCH 0480/1248] feat(argo-workflows): Support images property to workflow-controller-configmap for emissary executor (#1708) * feat(argo-workflows): Support images property to workflow-controller-configmap for emissary executor Signed-off-by: yu-croco * chore(argo-workflows): adopt concise name Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 ++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 9 +++++++++ 4 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 870bef4b..68a28c43 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.1 +version: 0.22.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63) - - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller/server/executor.image.tag with a SHA digest" + - "[Added]: Support images property to workflow-controller-configmap for emissary executor" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 711a1f52..571ef659 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -45,6 +45,7 @@ Fields to note: | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | | createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| emissary.images | list | `[]` | The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template | | images.pullPolicy | string | `"Always"` | imagePullPolicy to apply to all containers | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 0f29b576..fc223926 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -170,3 +170,6 @@ data: {{- with .Values.controller.retentionPolicy }} retentionPolicy: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.emissary.images }} + images: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 18d28ad4..95d1351f 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -630,3 +630,12 @@ customArtifactRepository: {} # passwordSecret: # name: artifactory-creds # key: password + +emissary: + # -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. + ## See more: https://argoproj.github.io/argo-workflows/workflow-executors/#emissary-emissary + images: [] + # argoproj/argosay:v2: + # cmd: [/argosay] + # docker/whalesay:latest: + # cmd: [/bin/bash] From 56f3b77fd1a059fff8a80587c4c54d1555d49779 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 19 Dec 2022 18:07:44 +0900 Subject: [PATCH 0481/1248] chore(argo-workflows): Support missing configurations to workflow controller cm (#1716) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 +++-- charts/argo-workflows/README.md | 2 ++ .../workflow-controller-config-map.yaml | 5 +++++ charts/argo-workflows/values.yaml | 19 +++++++++++++++++++ 4 files changed, 29 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 68a28c43..ff38bb28 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.2 +version: 0.22.3 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support images property to workflow-controller-configmap for emissary executor" + - "[Added]: Support nodeEvents property to workflow-controller-configmap" + - "[Added]: Support kubeConfig property to workflow-controller-configmap" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 571ef659..b775c939 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -83,6 +83,7 @@ Fields to note: | controller.instanceID.enabled | bool | `false` | Configures the controller to filter workflow submissions to only those which have a matching instanceID attribute. | | controller.instanceID.explicitID | string | `""` | Use a custom instanceID | | controller.instanceID.useReleaseName | bool | `false` | Use ReleaseName as instanceID | +| controller.kubeConfig | object | `{}` (See [values.yaml]) | Configure when workflow controller runs in a different k8s cluster with the workflow workloads, or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. | | controller.links | list | `[]` | Configure Argo Server to show custom [links] | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | @@ -100,6 +101,7 @@ Fields to note: | controller.name | string | `"workflow-controller"` | Workflow controller name string | | controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace | | controller.navColor | string | `""` | Set ui navigation bar background color | +| controller.nodeEvents.enabled | bool | `true` | Enable to emit events on node completion. | | controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | | controller.parallelism | string | `nil` | parallelism dictates how many workflows can be running at the same time | | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index fc223926..ea4660e0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -173,3 +173,8 @@ data: {{- with .Values.emissary.images }} images: {{- toYaml . | nindent 6 }} {{- end }} + nodeEvents: + enabled: {{ .Values.controller.nodeEvents.enabled }} + {{- with .Values.controller.kubeConfig }} + kubeConfig: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 95d1351f..3f643906 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -297,6 +297,25 @@ controller: # failed: 3 # errored: 3 + nodeEvents: + # -- Enable to emit events on node completion. + ## This can take up a lot of space in k8s (typically etcd) resulting in errors when trying to create new events: + ## "Unable to create audit event: etcdserver: mvcc: database space exceeded" + enabled: true + + # -- Configure when workflow controller runs in a different k8s cluster with the workflow workloads, + # or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. + # @default -- `{}` (See [values.yaml]) + kubeConfig: {} + # # name of the kubeconfig secret, may not be empty when kubeConfig specified + # secretName: kubeconfig-secret + # # key of the kubeconfig secret, may not be empty when kubeConfig specified + # secretKey: kubeconfig + # # mounting path of the kubeconfig secret, default to /kube/config + # mountPath: /kubeconfig/mount/path + # # volume name when mounting the secret, default to kubeconfig + # volumeName: kube-config-volume + # mainContainer adds default config for main container that could be overriden in workflows template mainContainer: # -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. From c04ff27b341f6ffaf6323ab82788eaf44b22c9e0 Mon Sep 17 00:00:00 2001 From: Karl Parry <88431088+karlparry@users.noreply.github.com> Date: Tue, 20 Dec 2022 11:53:54 +0000 Subject: [PATCH 0482/1248] fix(argo-cd): remove incorrect flag for repoServer TLS secret (#1719) Signed-off-by: Karl Parry Signed-off-by: Karl Parry --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-configs/argocd-repo-server-tls-secret.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b1591a5f..2cd56118 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.7 +version: 5.16.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[chore]: Update ArgoCD to v2.5.5" + - "[fixed]: remove incorrect enabled flag for repoServer TLS secret " diff --git a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml index 7efa2051..b0f35aa2 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.repoServer.enabled .Values.repoServer.certificateSecret.enabled }} +{{- if .Values.repoServer.certificateSecret.enabled }} apiVersion: v1 kind: Secret metadata: From 7e45f5f03fd1606ecb6cfebdc7d094456245ed04 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 20 Dec 2022 22:18:07 +0900 Subject: [PATCH 0483/1248] chore(argo-cd): Support relabelings and metricRelabelings to Notification's ServiceMonitor (#1720) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ .../templates/argocd-notifications/servicemonitor.yaml | 8 ++++++++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2cd56118..bd3982a7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.8 +version: 5.16.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[fixed]: remove incorrect enabled flag for repoServer TLS secret " + - "[Added]: Support relabelings and metricRelabelings to Notification's ServiceMonitor" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 99108a06..02a3a9a8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1085,6 +1085,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| notifications.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| notifications.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | | notifications.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 7f11d08f..2dd280bf 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -35,6 +35,14 @@ spec: tlsConfig: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.notifications.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 776eb9f8..fbf42932 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2534,6 +2534,10 @@ notifications: scheme: "" # -- Prometheus ServiceMonitor tlsConfig tlsConfig: {} + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] # -- Configures notification services such as slack, email or custom webhook # @default -- See [values.yaml] From 4ada750a8479882f7049e66cef85fdc22cf9aec8 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 22 Dec 2022 22:00:38 +0900 Subject: [PATCH 0484/1248] chore(argo-workflows): Add changelog link on README (#1726) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 ++--- charts/argo-workflows/README.md | 5 +++++ charts/argo-workflows/README.md.gotmpl | 5 +++++ 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ff38bb28..c775ebc5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.3 +version: 0.22.4 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support nodeEvents property to workflow-controller-configmap" - - "[Added]: Support kubeConfig property to workflow-controller-configmap" + - "[Added]: Changelog link on README" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b775c939..4c172f29 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -13,6 +13,10 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Usage Notes ### Workflow controller @@ -260,3 +264,4 @@ Fields to note: [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 28ee4fdc..a263139b 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -13,6 +13,10 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Usage Notes ### Workflow controller @@ -135,3 +139,4 @@ Fields to note: [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog From 00ed90f524a98cd48c4cfcbcf2dd30e31c457efc Mon Sep 17 00:00:00 2001 From: Aleksandr Lossenko Date: Sat, 24 Dec 2022 20:41:02 +0100 Subject: [PATCH 0485/1248] chore(argo-events): upgrade argo-events to app version 1.7.4 (#1730) Signed-off-by: Aleksandr Lossenko --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index fa40f90f..91b74800 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.3 +appVersion: v1.7.4 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.9 +version: 2.0.10 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Ability to specify port for webhook deployment" + - "[Changed]: Upgrade Argo events controller to v1.7.4" From 37484603eb7462258506545da678054d460892f3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 25 Dec 2022 20:06:09 +0900 Subject: [PATCH 0486/1248] chore(github): bump actions/stale from 6 to 7 (#1729) chore(deps): bump actions/stale from 6 to 7 Bumps [actions/stale](https://github.com/actions/stale) from 6 to 7. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3637ed8f..3a8e77d1 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v6 + - uses: actions/stale@v7 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From c4d8b37fe49cfcfd09cbd693032ba54a0bc21403 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 25 Dec 2022 22:56:33 +0900 Subject: [PATCH 0487/1248] chore(argocd-apps): Add changelog link on README (#1731) Signed-off-by: yu-croco --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/README.md | 6 ++++++ charts/argocd-apps/README.md.gotmpl | 6 ++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 7a5840b7..4f2d82be 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.5 +version: 0.0.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support sourceNamespaces for AppProject" + - "[Added]: Changelog link on README" diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index fc994888..bc0d0685 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late - CRDs (Application and AppProject) - You need to install them via [argo-cd Helm chart](../argo-cd) or upstream. +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Installation ```console @@ -31,3 +35,5 @@ $ helm install my-release argo/argocd-apps ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog diff --git a/charts/argocd-apps/README.md.gotmpl b/charts/argocd-apps/README.md.gotmpl index 8d628693..e8cb1c17 100644 --- a/charts/argocd-apps/README.md.gotmpl +++ b/charts/argocd-apps/README.md.gotmpl @@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late - CRDs (Application and AppProject) - You need to install them via [argo-cd Helm chart](../argo-cd) or upstream. +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Installation ```console @@ -24,3 +28,5 @@ $ helm install my-release argo/argocd-apps ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog From 2204f028b9ff0a17be888c923bbf7892f0458343 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 27 Dec 2022 21:12:04 +0900 Subject: [PATCH 0488/1248] chore(argo-cd): Update redis-ha to v4.22.4 (#1732) Signed-off-by: yu-croco --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 7a069ce9..a2a5011e 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.3 -digest: sha256:ef6269e4e073dad10c230ccfb069fc013608111c895c5e7568450bb3967cf195 -generated: "2022-11-03T12:04:33.673857+09:00" + version: 4.22.4 +digest: sha256:5df60910862b364ebfb82cba2b2f0951c39ad36446647fb3f501bdeadc92fbd7 +generated: "2022-12-26T22:58:11.561184+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bd3982a7..e8695ca3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.9 +version: 5.16.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,9 +18,9 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.3 + version: 4.22.4 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support relabelings and metricRelabelings to Notification's ServiceMonitor" + - "[Changed]: Update redis-ha to v4.22.4" From fbc8cb263c7b6f53bb73fcab908a13c67b09b617 Mon Sep 17 00:00:00 2001 From: Boris Gershanik Date: Thu, 29 Dec 2022 13:49:10 +0200 Subject: [PATCH 0489/1248] feat(argo-cd): Add hostAliases to ApplicationSet Deployment (#1737) Signed-off-by: Boris Gershanik Signed-off-by: Boris Gershanik --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e8695ca3..236c39c6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.10 +version: 5.16.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update redis-ha to v4.22.4" + - "[Added]: Added HostAliases to ApplicationSet Deployment" diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6c48fefb..ce4cd821 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -40,6 +40,10 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 6 }} + {{- end }} containers: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} From f6c884a0969ebe07e81b1204811dc1b4efc1511d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Dec 2022 16:47:29 +0100 Subject: [PATCH 0490/1248] chore(argo-cd): Remove legacy API versions for PDBs (#1740) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/_versions.tpl | 13 ------------- .../argocd-application-controller/pdb.yaml | 2 +- .../templates/argocd-applicationset/pdb.yaml | 2 +- .../argocd-notifications/bots/slack/pdb.yaml | 2 +- .../argo-cd/templates/argocd-notifications/pdb.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/pdb.yaml | 2 +- charts/argo-cd/templates/argocd-server/pdb.yaml | 2 +- charts/argo-cd/templates/dex/pdb.yaml | 2 +- charts/argo-cd/templates/redis/pdb.yaml | 2 +- charts/argo-cd/values.yaml | 2 -- 12 files changed, 10 insertions(+), 26 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 236c39c6..7e7b4d50 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.11 +version: 5.16.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Added HostAliases to ApplicationSet Deployment" + - "[Removed]: API override for PDB" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 02a3a9a8..49527754 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -360,7 +360,6 @@ NAME: my-release | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | -| apiVersionOverrides.pdb | string | `""` | String to override apiVersion of pod disruption budgets rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 2f2c61f9..b3aa6a41 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -34,19 +34,6 @@ Return the appropriate apiVersion for ingress {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for pod disruption budget -*/}} -{{- define "argo-cd.apiVersion.pdb" -}} -{{- if .Values.apiVersionOverrides.pdb -}} -{{- print .Values.apiVersionOverrides.pdb -}} -{{- else if semverCompare "<1.21-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "policy/v1" -}} -{{- end -}} -{{- end -}} - {{/* Return the appropriate apiVersion for cert-manager */}} diff --git a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml index 8f2531ff..b6804c54 100644 --- a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.controller.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml index d101d576..51974356 100644 --- a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.applicationSet.enabled .Values.applicationSet.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml index 458af6f7..60df983e 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }}-bot diff --git a/charts/argo-cd/templates/argocd-notifications/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/pdb.yaml index 711495a2..f1f32715 100644 --- a/charts/argo-cd/templates/argocd-notifications/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.notifications.enabled .Values.notifications.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml index 7202bd39..318671f0 100644 --- a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.repoServer.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.repoServer.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-server/pdb.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml index 81d3367b..89c54c65 100644 --- a/charts/argo-cd/templates/argocd-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-server/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.server.fullname" . }} diff --git a/charts/argo-cd/templates/dex/pdb.yaml b/charts/argo-cd/templates/dex/pdb.yaml index caa2ab29..45bd0050 100644 --- a/charts/argo-cd/templates/dex/pdb.yaml +++ b/charts/argo-cd/templates/dex/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.dex.enabled .Values.dex.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.dex.fullname" . }} diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 57fb94b3..8be05f93 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -1,6 +1,6 @@ {{- $redisHa := index .Values "redis-ha" -}} {{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.redis.fullname" . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fbf42932..063f215b 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,8 +20,6 @@ apiVersionOverrides: autoscaling: "" # autoscaling/v2 # -- String to override apiVersion of ingresses rendered by this helm chart ingress: "" # networking.k8s.io/v1beta1 - # -- String to override apiVersion of pod disruption budgets rendered by this helm chart - pdb: "" # policy/v1 # -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles From 9c71f1cbabae17b365212377f7148b1484716d03 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Dec 2022 16:54:28 +0100 Subject: [PATCH 0491/1248] chore(argo-cd): Add pdrastil as Argo CD codeowner (#1743) Add pdrastil as Argo CD codeowner Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index c161dac3..aea8942f 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,7 +7,7 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth +/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil # Argo Events /charts/argo-events/ @jbehling @VaibhavPage @pdrastil From def1e657dabec9ed32704306354a209ee2044d83 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Dec 2022 17:26:36 +0100 Subject: [PATCH 0492/1248] chore(argo-cd): Remove legacy API versions for Ingresses (#1742) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/_versions.tpl | 15 ---- .../webhook-ingress.yaml | 53 +++++---------- .../templates/argocd-server/ingress-grpc.yaml | 57 ++++++---------- .../templates/argocd-server/ingress.yaml | 68 ++++++------------- charts/argo-cd/values.yaml | 30 ++------ 7 files changed, 68 insertions(+), 160 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7e7b4d50..4867e68c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.12 +version: 5.16.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: API override for PDB" + - "[Removed]: Legacy API versions for Ingresses" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 49527754..03d9e7f7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -359,7 +359,6 @@ NAME: my-release | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | -| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index b3aa6a41..8240c4b0 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -19,21 +19,6 @@ Return the appropriate apiVersion for autoscaling {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for ingress -*/}} -{{- define "argo-cd.apiVersion.ingress" -}} -{{- if .Values.apiVersionOverrides.ingress -}} -{{- print .Values.apiVersionOverrides.ingress -}} -{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - {{/* Return the appropriate apiVersion for cert-manager */}} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml index affeec86..5285c6f2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml @@ -1,89 +1,72 @@ {{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}} -{{- $serviceName := include "argo-cd.applicationSet.fullname" . -}} {{- $servicePort := .Values.applicationSet.service.portName -}} {{- $paths := .Values.applicationSet.webhook.ingress.paths -}} {{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}} {{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}} -apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: -{{- if .Values.applicationSet.webhook.ingress.annotations }} - annotations: - {{- range $key, $value := .Values.applicationSet.webhook.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - name: {{ template "argo-cd.applicationSet.fullname" . }} + name: {{ include "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} - {{- if .Values.applicationSet.webhook.ingress.labels }} - {{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }} + {{- with .Values.applicationSet.webhook.ingress.labels }} + {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.applicationSet.webhook.ingress.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.applicationSet.webhook.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} - {{- end }} rules: {{- if .Values.applicationSet.webhook.ingress.hosts }} {{- range $host := .Values.applicationSet.webhook.ingress.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.applicationSet.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.applicationSet.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} - {{- if .Values.applicationSet.webhook.ingress.tls }} + {{- with .Values.applicationSet.webhook.ingress.tls }} tls: - {{- toYaml .Values.applicationSet.webhook.ingress.tls | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 54304007..b728a11b 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,89 +1,72 @@ {{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}} -{{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} {{- $pathType := .Values.server.ingressGrpc.pathType -}} -apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: -{{- if .Values.server.ingressGrpc.annotations }} - annotations: - {{- range $key, $value := .Values.server.ingressGrpc.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - name: {{ template "argo-cd.server.fullname" . }}-grpc + name: {{ include "argo-cd.server.fullname" . }}-grpc labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- if .Values.server.ingressGrpc.labels }} - {{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }} + {{- with .Values.server.ingressGrpc.labels }} + {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.server.ingressGrpc.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingressGrpc.ingressClassName }} ingressClassName: {{ . }} {{- end }} - {{- end }} rules: {{- if .Values.server.ingressGrpc.hosts }} {{- range $host := .Values.server.ingressGrpc.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end -}} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end -}} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} - {{- if .Values.server.ingressGrpc.tls }} + {{- with .Values.server.ingressGrpc.tls }} tls: - {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index aeb60d24..52269d0a 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -1,51 +1,45 @@ {{- if .Values.server.ingress.enabled -}} -{{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} {{- $pathType := .Values.server.ingress.pathType -}} -apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: -{{- if .Values.server.ingress.annotations }} - annotations: - {{- range $key, $value := .Values.server.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} - alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | - [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] - {{- end }} -{{- end }} - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- if .Values.server.ingress.labels }} - {{- toYaml .Values.server.ingress.labels | nindent 4 }} + {{- with .Values.server.ingress.labels }} + {{- toYaml . | nindent 4 }} {{- end }} + {{- if .Values.server.ingress.annotations }} + annotations: + {{- range $key, $value := .Values.server.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} + alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | + [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] + {{- end }} + {{- end }} spec: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} - {{- end }} rules: {{- if .Values.server.ingress.hosts }} {{- range $host := .Values.server.ingress.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: Prefix - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ template "argo-cd.server.fullname" $ }}-grpc port: @@ -54,60 +48,42 @@ spec: {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc - servicePort: {{ $servicePort }} - {{- end }} {{- end }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} - {{- if .Values.server.ingress.tls }} + {{- with .Values.server.ingress.tls }} tls: - {{- toYaml .Values.server.ingress.tls | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 063f215b..8228f29e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -18,8 +18,6 @@ apiVersionOverrides: cloudgoogle: "" # cloud.google.com/v1 # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 - # -- String to override apiVersion of ingresses rendered by this helm chart - ingress: "" # networking.k8s.io/v1beta1 # -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles @@ -1590,8 +1588,7 @@ server: ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace - hosts: - [] + hosts: [] # - argocd.example.com # -- List of ingress paths @@ -1600,13 +1597,7 @@ server: # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix # -- Additional ingress paths - extraPaths: - [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + extraPaths: [] # - path: /* # pathType: Prefix # backend: @@ -1616,8 +1607,7 @@ server: # name: use-annotation # -- Ingress TLS configuration - tls: - [] + tls: [] # - secretName: your-certificate-name # hosts: # - argocd.example.com @@ -1656,8 +1646,7 @@ server: ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace ## - hosts: - [] + hosts: [] # - argocd.example.com # -- List of ingress paths for dedicated [gRPC-ingress] @@ -1666,13 +1655,7 @@ server: # -- Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix # -- Additional ingress paths for dedicated [gRPC-ingress] - extraPaths: - [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + extraPaths: [] # - path: /* # pathType: Prefix # backend: @@ -1682,8 +1665,7 @@ server: # name: use-annotation # -- Ingress TLS configuration for dedicated [gRPC-ingress] - tls: - [] + tls: [] # - secretName: your-certificate-name # hosts: # - argocd.example.com From 10e3af1bcfea41c12e6894400e8f098a98f45c1c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 30 Dec 2022 01:31:39 +0900 Subject: [PATCH 0493/1248] chore(argo-workflows): Remove legacy API versions for PDBs (#1741) Signed-off-by: yu-croco Co-authored-by: Petr Drastil --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/_helpers.tpl | 11 ----------- .../workflow-controller-deployment-pdb.yaml | 2 +- .../templates/server/server-deployment-pdb.yaml | 2 +- 4 files changed, 4 insertions(+), 15 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c775ebc5..32108003 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.4 +version: 0.22.5 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Changelog link on README" + - "[Removed]: legacy API versions for PDBs" diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index a3ce8934..057ed5f9 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -129,17 +129,6 @@ Return the appropriate apiVersion for ingress {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for pod disruption budget -*/}} -{{- define "argo-workflows.podDisruptionBudget.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "argo-workflows.kubeVersion" $) -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "policy/v1" -}} -{{- end -}} -{{- end -}} - {{/* Return the target Kubernetes version */}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml index deef3de1..4e7545c7 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.controller.fullname" . }} diff --git a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml index 47be0dd1..d92a4083 100644 --- a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.server.enabled .Values.server.pdb.enabled -}} -apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.server.fullname" . }} From daba66b68c69d37db2fe878f9df4a902978ff479 Mon Sep 17 00:00:00 2001 From: Ramin A Date: Thu, 29 Dec 2022 09:55:31 -0800 Subject: [PATCH 0494/1248] fix(argo-events): Added missing NATS version in values.yaml (#1735) Signed-off-by: Ramin Akhbari Co-authored-by: Petr Drastil --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/README.md | 2 +- charts/argo-events/values.yaml | 4 ++++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 91b74800..ece10ef8 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.4 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.10 +version: 2.0.11 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Argo events controller to v1.7.4" + - "[Fixed]: Added missing NATS version in values.yaml" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 30f26f30..39b46bf5 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -57,7 +57,7 @@ done | configs.jetstream.versions[0].natsImage | string | `"nats:latest"` | | | configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | | | configs.jetstream.versions[0].version | string | `"latest"` | | -| configs.nats.versions | list | `[{"metricsExporterImage":"natsio/prometheus-nats-exporter:latest","natsStreamingImage":"nats-streaming:latest","version":"latest"}]` | Supported versions of NATS event bus | +| configs.nats.versions | list | See [values.yaml] | Supported versions of NATS event bus | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 094a3638..c2436851 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -62,10 +62,14 @@ configs: ## NATS event bus nats: # -- Supported versions of NATS event bus + # @default -- See [values.yaml] versions: - version: latest natsStreamingImage: nats-streaming:latest metricsExporterImage: natsio/prometheus-nats-exporter:latest + - version: 0.22.1 + natsStreamingImage: nats-streaming:0.22.1 + metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 ## JetStream event bus jetstream: From 5bd70fbd24f7303c58e388370144a5cb8f64964d Mon Sep 17 00:00:00 2001 From: huiwq1990 Date: Fri, 30 Dec 2022 13:20:47 +0800 Subject: [PATCH 0495/1248] feat(argo-workflows): add envFrom for main container (#1736) Signed-off-by: huiwq1990 Signed-off-by: huiwq1990 --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../templates/controller/workflow-controller-config-map.yaml | 5 ++++- charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 32108003..c317d053 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.5 +version: 0.22.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Removed]: legacy API versions for PDBs" + - "[Added]: Suuport envFrom for main container" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 4c172f29..42a1e51c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -153,6 +153,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | mainContainer.env | list | `[]` | Adds environment variables for the Workflow main container | +| mainContainer.envFrom | list | `[]` | Adds reference environment variables for the Workflow main container | | mainContainer.imagePullPolicy | string | `""` | imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. | | mainContainer.resources | object | `{}` | Resource limits and requests for the Workflow main container | | mainContainer.securityContext | object | `{}` | sets security context for the Workflow main container | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index ea4660e0..1193163a 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -25,7 +25,7 @@ data: {{- with .Values.controller.initialDelay }} initialDelay: {{ . }} {{- end }} - {{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.securityContext}} + {{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.envFrom .Values.mainContainer.securityContext}} mainContainer: imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.mainContainer.imagePullPolicy }} {{- with .Values.mainContainer.resources }} @@ -34,6 +34,9 @@ data: {{- with .Values.mainContainer.env }} env: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.mainContainer.envFrom }} + envFrom: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.mainContainer.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 3f643906..034c662a 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -324,6 +324,8 @@ mainContainer: resources: {} # -- Adds environment variables for the Workflow main container env: [] + # -- Adds reference environment variables for the Workflow main container + envFrom: [] # -- sets security context for the Workflow main container securityContext: {} From 4b8703db7571b4131262640be1e0fa3efbfcffb6 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 3 Jan 2023 10:46:01 +0900 Subject: [PATCH 0496/1248] chore(argo-workflows): Support podGCDeleteDelayDuration and podGCGracePeriodSeconds (#1728) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-config-map.yaml | 6 ++++++ charts/argo-workflows/values.yaml | 8 ++++++++ 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c317d053..61c78e11 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.6 +version: 0.22.7 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Suuport envFrom for main container" + - "[Added]: Support podGCDeleteDelayDuration and podGCGracePeriodSeconds" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 42a1e51c..19bc0ee2 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -111,6 +111,8 @@ Fields to note: | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | | controller.persistence | object | `{}` | enable persistence using postgres | | controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | +| controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. | +| controller.podGCGracePeriodSeconds | string | `30` seconds (Kubernetes default) | Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. | | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 1193163a..125f48d3 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -181,3 +181,9 @@ data: {{- with .Values.controller.kubeConfig }} kubeConfig: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.podGCGracePeriodSeconds }} + podGCGracePeriodSeconds: {{ . }} + {{- end }} + {{- with .Values.controller.podGCDeleteDelayDuration }} + podGCDeleteDelayDuration: {{ . }} + {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 034c662a..bb102c8b 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -316,6 +316,14 @@ controller: # # volume name when mounting the secret, default to kubeconfig # volumeName: kube-config-volume + # -- Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. + # @default -- `30` seconds (Kubernetes default) + podGCGracePeriodSeconds: + + # -- The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. + # @default -- `5s` (Argo Workflows default) + podGCDeleteDelayDuration: "" + # mainContainer adds default config for main container that could be overriden in workflows template mainContainer: # -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. From 45861fadb78bc79456b97f636a5ab05bf1b8890a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 4 Jan 2023 10:49:30 +0100 Subject: [PATCH 0497/1248] docs(argo-cd): Improve documentation for extra containers (#1747) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 675 +++++++++++++++++-------------------- 3 files changed, 318 insertions(+), 365 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4867e68c..a3f338f0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.13 +version: 5.16.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: Legacy API versions for Ingresses" + - "[Docs]: Added sample how to provide K8s credentials plugin" + - "[Docs]: Added sample how to provide Argo config management plugin" + - "[Docs]: Removed samples that injects tools into incorrect controllers" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 03d9e7f7..f71184f3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -639,7 +639,7 @@ NAME: my-release | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | | server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | -| server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions | +| server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | | server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8228f29e..010d7cbe 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -520,14 +520,6 @@ controller: # # -- define the application controller `--repo-server-timeout-seconds` # repoServerTimeoutSeconds: "60" - # DEPRECATED - Use configs.params to override - # -- Application controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - # logFormat: "" - # -- Application controller log level. One of: `debug`, `info`, `warn` or `error` - # @default -- `""` (defaults to global.logging.level) - # logLevel: "" - # -- Additional command line arguments to pass to application controller extraArgs: [] @@ -542,6 +534,35 @@ controller: # - secretRef: # name: secret-name + # -- Additional containers to be added to the application controller pod + extraContainers: [] + + # -- Init containers to add to the application controller pod + ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin + ## you could use this (and the same in the server pod) to provide such executable + ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + initContainers: [] + # - name: download-tools + # image: alpine:3 + # command: [sh, -c] + # args: + # - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip && + # unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + + # -- Additional volumeMounts to the application controller main container + volumeMounts: [] + # - mountPath: /usr/local/bin/kubelogin + # name: custom-tools + # subPath: kubelogin + + # -- Additional volumes to the application controller pod + volumes: [] + # - name: custom-tools + # emptyDir: {} + # -- Annotations for the application controller StatefulSet statefulsetAnnotations: {} @@ -551,6 +572,15 @@ controller: # -- Labels to be added to application controller pods podLabels: {} + # -- Resource limits and requests for the application controller pods + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + # -- Application controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -580,12 +610,6 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - # -- Additional volumeMounts to the application controller main container - volumeMounts: [] - - # -- Additional volumes to the application controller pod - volumes: [] - # -- [Node selector] nodeSelector: {} @@ -606,15 +630,6 @@ controller: # -- Priority class for the application controller pods priorityClassName: "" - # -- Resource limits and requests for the application controller pods - resources: {} - # limits: - # cpu: 500m - # memory: 512Mi - # requests: - # cpu: 250m - # memory: 256Mi - serviceAccount: # -- Create a service account for the application controller create: true @@ -716,28 +731,6 @@ controller: # -- List of custom rules for the application controller's ClusterRole resource rules: [] - # -- Additional containers to be added to the application controller pod - extraContainers: [] - - # -- Init containers to add to the application controller pod - ## If your target Kubernetes cluster(s) require a custom auth provider executable - ## you could use this (and the same in the server pod) to bootstrap - ## that executable into your Argo CD container - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - ## Dex dex: # -- Enable dex @@ -835,6 +828,18 @@ dex: # - secretRef: # name: secret-name + # -- Additional containers to be added to the dex pod + extraContainers: [] + + # -- Init containers to add to the dex pod + initContainers: [] + + # -- Additional volumeMounts to the dex main container + volumeMounts: [] + + # -- Additional volumes to the dex pod + volumes: [] + # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-dex-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart Dex automatically without extra controllers. @@ -861,6 +866,15 @@ dex: # -- Labels to be added to the Dex server pods podLabels: {} + # -- Resource limits and requests for dex + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + # -- Dex container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -912,12 +926,6 @@ dex: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # -- Additional volumeMounts to the dex main container - volumeMounts: [] - - # -- Additional volumes to the dex pod - volumes: [] - # -- Container port for HTTP access containerPortHttp: 5556 # -- Service port for HTTP access @@ -953,34 +961,6 @@ dex: # -- Priority class for dex priorityClassName: "" - # -- Resource limits and requests for dex - resources: {} - # limits: - # cpu: 50m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi - - # -- Additional containers to be added to the dex pod - extraContainers: [] - - # -- Init containers to add to the dex pod - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - ## Redis redis: # -- Enable redis @@ -1022,11 +1002,6 @@ redis: # - --bind # - "0.0.0.0" - # -- Redis container port - containerPort: 6379 - # -- Redis service port - servicePort: 6379 - # -- Environment variables to pass to the Redis server env: [] @@ -1038,6 +1013,18 @@ redis: # - secretRef: # name: secret-name + # -- Additional containers to be added to the redis pod + extraContainers: [] + + # -- Init containers to add to the redis pod + initContainers: [] + + # -- Additional volumeMounts to the redis container + volumeMounts: [] + + # -- Additional volumes to the redis pod + volumes: [] + # -- Annotations to be added to the Redis server Deployment deploymentAnnotations: {} @@ -1047,6 +1034,15 @@ redis: # -- Labels to be added to the Redis server pods podLabels: {} + # -- Resource limits and requests for redis + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + # -- Redis pod-level security context # @default -- See [values.yaml] securityContext: @@ -1063,10 +1059,17 @@ redis: drop: - ALL + # -- Redis container port + containerPort: 6379 + # -- Redis service port + servicePort: 6379 + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} @@ -1091,39 +1094,6 @@ redis: # -- Automount API credentials for the Service Account automountServiceAccountToken: false - # -- Resource limits and requests for redis - resources: {} - # limits: - # cpu: 200m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 64Mi - - # -- Additional volumeMounts to the redis container - volumeMounts: [] - # -- Additional volumes to the redis pod - volumes: [] - - # -- Additional containers to be added to the redis pod - extraContainers: [] - - # -- Init containers to add to the redis pod - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - service: # -- Redis service annotations annotations: {} @@ -1200,7 +1170,6 @@ redis: # -- Prometheus ServiceMonitor annotations annotations: {} - # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted # Check the redis-ha chart for more properties @@ -1347,13 +1316,93 @@ server: # -- Specify postStart and preStop lifecycle hooks for your argo-cd-server container lifecycle: {} - # DEPRECATED - Use configs.params to override - # -- Argo CD server log format: Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - # logFormat: "" - # -- Argo CD server log level. One of: `debug`, `info`, `warn` or `error` - # @default -- `""` (defaults to global.logging.level) - # logLevel: "" + ## Argo UI extensions + ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. + ## Ref: https://github.com/argoproj-labs/argocd-extensions + extensions: + # -- Enable support for Argo UI extensions + enabled: false + + ## Argo UI extensions image + image: + # -- Repository to use for extensions image + repository: "ghcr.io/argoproj-labs/argocd-extensions" + # -- Tag to use for extensions image + tag: "v0.1.0" + # -- Image pull policy for extensions + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- Server UI extensions container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + + # -- Resource limits and requests for the argocd-extensions container + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + + # -- Additional containers to be added to the server pod + ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + extraContainers: [] + # - name: my-sidecar + # image: nginx:latest + # - name: lemonldap-ng-controller + # image: lemonldapng/lemonldap-ng-controller:0.2.0 + # args: + # - /lemonldap-ng-controller + # - --alsologtostderr + # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration + # env: + # - name: POD_NAME + # valueFrom: + # fieldRef: + # fieldPath: metadata.name + # - name: POD_NAMESPACE + # valueFrom: + # fieldRef: + # fieldPath: metadata.namespace + # volumeMounts: + # - name: copy-portal-skins + # mountPath: /srv/var/lib/lemonldap-ng/portal/skins + + # -- Init containers to add to the server pod + ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin + ## you could use this (and the same in the application controller pod) to provide such executable + ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + initContainers: [] + # - name: download-tools + # image: alpine:3 + # command: [sh, -c] + # args: + # - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip && + # unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + + # -- Additional volumeMounts to the server main container + volumeMounts: [] + # - mountPath: /usr/local/bin/kubelogin + # name: custom-tools + # subPath: kubelogin + + # -- Additional volumes to the server pod + volumes: [] + # - name: custom-tools + # emptyDir: {} # -- Annotations to be added to server Deployment deploymentAnnotations: {} @@ -1364,6 +1413,15 @@ server: # -- Labels to be added to server pods podLabels: {} + # -- Resource limits and requests for the Argo CD server + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + # -- Configures the server port containerPort: 8080 @@ -1392,12 +1450,6 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - # -- Additional volumeMounts to the server main container - volumeMounts: [] - - # -- Additional volumes to the server pod - volumes: [] - # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -1428,15 +1480,6 @@ server: drop: - ALL - # -- Resource limits and requests for the Argo CD server - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 50m - # memory: 64Mi - # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: @@ -1727,86 +1770,6 @@ server: # enabled: true # responseCodeName: RESPONSE_CODE - # -- Additional containers to be added to the server pod - ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. - extraContainers: [] - # - name: my-sidecar - # image: nginx:latest - # - name: lemonldap-ng-controller - # image: lemonldapng/lemonldap-ng-controller:0.2.0 - # args: - # - /lemonldap-ng-controller - # - --alsologtostderr - # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration - # env: - # - name: POD_NAME - # valueFrom: - # fieldRef: - # fieldPath: metadata.name - # - name: POD_NAMESPACE - # valueFrom: - # fieldRef: - # fieldPath: metadata.namespace - # volumeMounts: - # - name: copy-portal-skins - # mountPath: /srv/var/lib/lemonldap-ng/portal/skins - - # -- Init containers to add to the server pod - ## If your target Kubernetes cluster(s) require a custom auth provider executable - ## you could use this (and the same in the application controller pod) to bootstrap - ## that executable into your Argo CD container - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - - ## Argo UI extensions - ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. - ## Ref: https://github.com/argoproj-labs/argocd-extensions - extensions: - # -- Enable support for Argo UI extensions - enabled: false - - ## Argo UI extensions image - image: - # -- Repository to use for extensions image - repository: "ghcr.io/argoproj-labs/argocd-extensions" - # -- Tag to use for extensions image - tag: "v0.1.0" - # -- Image pull policy for extensions - imagePullPolicy: IfNotPresent - - # -- Server UI extensions container-level security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - # -- Resource limits and requests for the argocd-extensions container - resources: {} - # limits: - # cpu: 50m - # memory: 128Mi - # requests: - # cpu: 10m - # memory: 64Mi - ## Repo Server repoServer: # -- Repo server name @@ -1863,13 +1826,13 @@ repoServer: image: # -- Repository to use for the repo server # @default -- `""` (defaults to global.image.repository) - repository: "" # defaults to global.image.repository + repository: "" # -- Tag to use for the repo server # @default -- `""` (defaults to global.image.tag) - tag: "" # defaults to global.image.tag + tag: "" # -- Image pull policy for the repo server # @default -- `""` (defaults to global.image.imagePullPolicy) - imagePullPolicy: "" # IfNotPresent + imagePullPolicy: "" # -- Secrets with credentials to pull images from a private registry # @default -- `[]` (defaults to global.imagePullSecrets) @@ -1889,13 +1852,43 @@ repoServer: # - secretRef: # name: secret-name - # DEPRECATED - Use configs.params to override - # -- Repo server log format: Either `text` or `json` - # @default -- `""` (defaults to global.logging.level) - # logFormat: "" - # -- Repo server log level. One of: `debug`, `info`, `warn` or `error` - # @default -- `""` (defaults to global.logging.format) - # logLevel: "" + # -- Additional containers to be added to the repo server pod + ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ + extraContainers: [] + # - name: cmp + # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server + # command: [/var/run/argocd/argocd-cmp-server] + # image: busybox # This can be off-the-shelf or custom-built image + # securityContext: + # runAsNonRoot: true + # runAsUser: 999 + # volumeMounts: + # - mountPath: /var/run/argocd + # name: var-files + # - mountPath: /home/argocd/cmp-server/plugins + # name: plugins + # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. + # - mountPath: /home/argocd/cmp-server/config/plugin.yaml + # subPath: plugin.yaml + # name: cmp-plugin + # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps + # # mitigate path traversal attacks. + # - mountPath: /tmp + # name: cmp-tmp + + # -- Init containers to add to the repo server pods + initContainers: [] + + # -- Additional volumeMounts to the repo server main container + volumeMounts: [] + + # -- Additional volumes to the repo server pod + volumes: [] + # - name: cmp-plugin + # configMap: + # name: cmp-plugin + # - name: cmp-tmp + # emptyDir: {} # -- Annotations to be added to repo server Deployment deploymentAnnotations: {} @@ -1906,6 +1899,15 @@ repoServer: # -- Labels to be added to repo server pods podLabels: {} + # -- Resource limits and requests for the repo server pods + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + # -- Configures the repo server port containerPort: 8081 @@ -1934,17 +1936,6 @@ repoServer: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - # -- Additional volumeMounts to the repo server main container - volumeMounts: [] - - # -- Additional volumes to the repo server pod - volumes: [] - ## Use init containers to configure custom tooling - ## https://argo-cd.readthedocs.io/en/stable/operator-manual/custom_tools/ - ## When using the volumes & volumeMounts section bellow, please comment out those above. - # - name: custom-tools - # emptyDir: {} - # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -1975,15 +1966,6 @@ repoServer: drop: - ALL - # -- Resource limits and requests for the repo server pods - resources: {} - # limits: - # cpu: 50m - # memory: 128Mi - # requests: - # cpu: 10m - # memory: 64Mi - # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. @@ -2077,9 +2059,6 @@ repoServer: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # -- Additional containers to be added to the repo server pod - extraContainers: [] - # -- Repo server rbac rules rbac: [] # - apiGroups: @@ -2091,22 +2070,6 @@ repoServer: # - list # - watch - # -- Init containers to add to the repo server pods - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - ## ApplicationSet controller applicationSet: # -- Enable ApplicationSet controller @@ -2150,6 +2113,13 @@ applicationSet: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] + # -- ApplicationSet controller log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + args: # -- The default metric address metricsAddr: :8080 @@ -2160,16 +2130,31 @@ applicationSet: # -- Enable dry run mode dryRun: false - # -- ApplicationSet controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" + # -- List of extra cli args to add + extraArgs: [] + + # -- Environment variables to pass to the ApplicationSet controller + extraEnv: [] + # - name: "MY_VAR" + # value: "value" + + # -- envFrom to pass to the ApplicationSet controller + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name # -- Additional containers to be added to the ApplicationSet controller pod extraContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + + # -- List of extra volumes to add + extraVolumes: [] + ## Metrics service configuration metrics: # -- Deploy metrics service @@ -2238,6 +2223,15 @@ applicationSet: # -- Labels for the ApplicationSet controller pods podLabels: {} + # -- Resource limits and requests for the ApplicationSet controller pods. + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + # -- ApplicationSet controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -2280,19 +2274,6 @@ applicationSet: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 - # -- Resource limits and requests for the ApplicationSet controller pods. - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - # -- [Node selector] nodeSelector: {} @@ -2305,32 +2286,6 @@ applicationSet: # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. priorityClassName: "" - # -- List of extra mounts to add (normally used with extraVolumes) - extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - - # -- List of extra volumes to add - extraVolumes: [] - # - name: foobar - # emptyDir: {} - - # -- List of extra cli args to add - extraArgs: [] - - # -- Environment variables to pass to the ApplicationSet controller - extraEnv: [] - # - name: "MY_VAR" - # value: "value" - - # -- envFrom to pass to the ApplicationSet controller - # @default -- `[]` (See [values.yaml]) - extraEnvFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name - ## Webhook for the Git Generator ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) webhook: @@ -2384,9 +2339,6 @@ notifications: # -- Notifications controller name string name: notifications-controller - # -- Assign custom [affinity] rules - affinity: {} - # -- Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates argocdUrl: @@ -2422,8 +2374,32 @@ notifications: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # -- [Node selector] - nodeSelector: {} + # -- Notifications controller log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + + # -- Extra arguments to provide to the notifications controller + extraArgs: [] + + # -- Additional container environment variables + extraEnv: [] + + # -- envFrom to pass to the notifications controller + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + + # -- List of extra volumes to add + extraVolumes: [] # -- Define user-defined context ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/#defining-user-defined-context @@ -2454,37 +2430,6 @@ notifications: # email-password: # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ - # -- Notifications controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" - - # -- Extra arguments to provide to the notifications controller - extraArgs: [] - - # -- Additional container environment variables - extraEnv: [] - - # -- envFrom to pass to the notifications controller - # @default -- `[]` (See [values.yaml]) - extraEnvFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name - - # -- List of extra mounts to add (normally used with extraVolumes) - extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - - # -- List of extra volumes to add - extraVolumes: [] - # - name: foobar - # emptyDir: {} - metrics: # -- Enables prometheus metrics server enabled: false @@ -2535,6 +2480,15 @@ notifications: # -- Labels to be applied to the notifications controller Pods podLabels: {} + # -- Resource limits and requests for the notifications controller + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + # -- Notification controller container-level security Context # @default -- See [values.yaml] containerSecurityContext: @@ -2547,18 +2501,18 @@ notifications: drop: - ALL + # -- [Node selector] + nodeSelector: {} + + # -- [Tolerations] for use with node taints + tolerations: [] + + # -- Assign custom [affinity] rules + affinity: {} + # -- Priority class for the notifications controller pods priorityClassName: "" - # -- Resource limits and requests for the notifications controller - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - serviceAccount: # -- Specifies whether a service account should be created create: true @@ -2809,9 +2763,6 @@ notifications: # ] # }] - # -- [Tolerations] for use with node taints - tolerations: [] - # -- The trigger defines the condition when the notification should be sent ## For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/ triggers: {} From 7992b5d04b9ea0d13a3ae7799e042cf9056eb6cd Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 9 Jan 2023 18:03:26 -0600 Subject: [PATCH 0498/1248] feat(argo-workflows): Add helper function to determine image value, minus tag (#1754) We have a situation where we want to exclude the registry so that images can be pulled from in-network mirrors. Currently when you exclude the registry, you get stuck with a prefixing forward slash. Had to keep the tags in the manifest files because helm template requires a colon in the image value. Otherwise I'd move it into the helper function. image entries changed: server, controller, executor Signed-off-by: jmeridth Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/_helpers.tpl | 11 +++++++++++ .../controller/workflow-controller-deployment.yaml | 4 ++-- .../templates/server/server-deployment.yaml | 2 +- 4 files changed, 16 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 61c78e11..25aa9fd6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.7 +version: 0.22.8 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support podGCDeleteDelayDuration and podGCGracePeriodSeconds" + - "[Added]: Helm helper function to allow image registry to be absent" diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 057ed5f9..7719052d 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -142,3 +142,14 @@ Return the default Argo Workflows app version {{- define "argo-workflows.defaultTag" -}} {{- default .Chart.AppVersion .Values.images.tag }} {{- end -}} + +{{/* +Return full image name including or excluding registry based on existence +*/}} +{{- define "argo-workflows.image" -}} +{{- if and .image.registry .image.repository -}} + {{ .image.registry }}/{{ .image.repository }} +{{- else -}} + {{ .image.repository }} +{{- end -}} +{{- end -}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 7ce17155..b90122ca 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -34,14 +34,14 @@ spec: {{- end }} containers: - name: controller - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" + image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" imagePullPolicy: {{ .Values.images.pullPolicy }} command: [ "workflow-controller" ] args: - "--configmap" - "{{ template "argo-workflows.controller.fullname" . }}-configmap" - "--executor-image" - - "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" + - "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" - "--loglevel" - "{{ .Values.controller.logging.level }}" - "--gloglevel" diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index e1e9b680..70b1495c 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} containers: - name: argo-server - image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" + image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.server.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" imagePullPolicy: {{ .Values.images.pullPolicy }} securityContext: {{- toYaml .Values.server.securityContext | nindent 12 }} From c5648d5c9f1e5c8a08690618f8ab0b76e4d8bacd Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 10 Jan 2023 09:58:45 +0100 Subject: [PATCH 0499/1248] chore(argo-cd): Consolidate cluster-wide RBAC (#1597) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 9 ++++--- charts/argo-cd/README.md | 6 ++--- charts/argo-cd/templates/NOTES.txt | 12 +++++++++ .../clusterrole.yaml | 27 ++++++++++--------- .../clusterrolebinding.yaml | 11 ++++---- .../argocd-repo-server/clusterrole.yaml | 27 ++++++++++--------- .../clusterrolebinding.yaml | 9 ++++--- .../templates/argocd-server/clusterrole.yaml | 3 ++- .../argocd-server/clusterrolebinding.yaml | 11 ++++---- charts/argo-cd/values.yaml | 21 +++------------ 10 files changed, 70 insertions(+), 66 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a3f338f0..912ffeff 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.14 +version: 5.16.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,7 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Docs]: Added sample how to provide K8s credentials plugin" - - "[Docs]: Added sample how to provide Argo config management plugin" - - "[Docs]: Removed samples that injects tools into incorrect controllers" + - "[Added]: Option createClusterRoles to enable cluster roles from one place" + - "[Deprecated]: Option controller.clusterAdminAccess.enabled" + - "[Deprecated]: Option server.clusterAdminAccess.enabled" + - "[Deprecated]: Option repoServer.clusterAdminAccess.enabled" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f71184f3..ec1213f8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -362,7 +362,8 @@ NAME: my-release | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | -| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources | +| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | @@ -451,7 +452,6 @@ NAME: my-release |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | -| controller.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPort | int | `8082` | Application controller listening port | @@ -529,7 +529,6 @@ NAME: my-release | repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret | | repoServer.certificateSecret.key | string | `""` | Certificate private key | | repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | -| repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | @@ -631,7 +630,6 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 98bbb96a..30138ee4 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -52,6 +52,18 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys {{- if .Values.configs.gpgKeysAnnotations }} DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations {{- end }} +{{- if hasKey .Values "createAggregateRoles" }} +DEPRECATED option createAggregateRoles - Use global.rbac.aggregatedRoles +{{- end }} +{{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} +{{- if hasKey (.Values.server.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} +{{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml index 0aa82961..5ebe00b3 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml @@ -1,23 +1,24 @@ -{{- if .Values.controller.clusterAdminAccess.enabled }} +{{- $config := .Values.controller.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: {{- if .Values.controller.clusterRoleRules.enabled }} - {{- toYaml .Values.controller.clusterRoleRules.rules | nindent 0 }} + {{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }} {{- else }} -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml index 86d7c883..39ee80a6 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if .Values.controller.clusterAdminAccess.enabled }} +{{- $config := .Values.controller.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.controllerServiceAccountName" . }} + name: {{ include "argo-cd.controllerServiceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml index 4ea41da3..21dff1a9 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml @@ -1,23 +1,24 @@ -{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} rules: {{- if .Values.repoServer.clusterRoleRules.enabled }} - {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 0 }} + {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 2 }} {{- else }} -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml index 9757912e..c3e21edb 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServerServiceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 2caa4dd0..0f26d470 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -1,4 +1,5 @@ -{{- if .Values.server.clusterAdminAccess.enabled }} +{{- $config := .Values.server.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 9f5a960d..72e4d450 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if .Values.server.clusterAdminAccess.enabled }} +{{- $config := .Values.server.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.serverServiceAccountName" . }} + name: {{ include "argo-cd.serverServiceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 010d7cbe..d799dcb9 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -19,9 +19,12 @@ apiVersionOverrides: # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 -# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds +# -- Create aggregated roles that extend existing cluster roles to interact with argo-cd resources ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: false +# -- Create cluster roles for cluster-wide installation. +## Used when you manage applications in the same cluster where Argo CD runs +createClusterRoles: true openshift: # -- enables using arbitrary uid for argo repo server @@ -718,11 +721,6 @@ controller: # additionalLabels: {} # annotations: {} - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: true - ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off clusterRoleRules: @@ -1732,12 +1730,6 @@ server: # -- Termination policy of Openshift Route termination_policy: None - ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: true - GKEbackendConfig: # -- Enable BackendConfig custom resource for Google Kubernetes Engine enabled: false @@ -2031,11 +2023,6 @@ repoServer: # -- Prometheus ServiceMonitor annotations annotations: {} - ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant cluster rights to Argo CD repo server. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: false ## Enable Custom Rules for the Repo server's Cluster Role resource ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off From 31242020c44e75815945aed42a8244a7c13d9dd7 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 10 Jan 2023 13:31:57 +0100 Subject: [PATCH 0500/1248] feat(argo-cd): Allow templated values for init and extra containers (#1749) --- charts/argo-cd/Chart.yaml | 9 ++-- charts/argo-cd/README.md | 3 ++ .../statefulset.yaml | 10 ++-- .../argocd-applicationset/deployment.yaml | 6 ++- .../argocd-notifications/deployment.yaml | 51 +++++++++++-------- .../argocd-repo-server/deployment.yaml | 48 ++++++++--------- .../templates/argocd-server/deployment.yaml | 14 ++--- charts/argo-cd/templates/dex/deployment.yaml | 44 ++++++++-------- .../argo-cd/templates/redis/deployment.yaml | 10 ++-- charts/argo-cd/values.yaml | 26 +++++++++- 10 files changed, 128 insertions(+), 93 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 912ffeff..45ff4446 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.15 +version: 5.17.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,7 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Option createClusterRoles to enable cluster roles from one place" - - "[Deprecated]: Option controller.clusterAdminAccess.enabled" - - "[Deprecated]: Option server.clusterAdminAccess.enabled" - - "[Deprecated]: Option repoServer.clusterAdminAccess.enabled" + - "[Added]: Support for extraContainers and initContainers for applicationSet and notifications" + - "[Added]: Support for use of Helm templates for extraContainers and initContainers" + - "[Docs]: Added notes about custom Helm template support" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ec1213f8..dabacfe7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -970,6 +970,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller | | applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod | | applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | applicationSet.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -1063,6 +1064,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | +| notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod | | notifications.extraEnv | list | `[]` | Additional container environment variables | | notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller | | notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | @@ -1071,6 +1073,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | +| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod | | notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` | | notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 66486b53..208545e0 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -257,7 +257,11 @@ spec: - mountPath: /home/argocd name: argocd-home {{- with .Values.controller.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.controller.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: @@ -304,10 +308,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.controller.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ce4cd821..0c3862de 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -125,8 +125,12 @@ spec: - mountPath: /tmp name: tmp {{- with .Values.applicationSet.extraContainers }} - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} + {{- with .Values.applicationSet.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 2be14fdd..7ee9f8f4 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -81,12 +81,39 @@ spec: {{- with .Values.notifications.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} + {{- with .Values.notifications.extraContainers }} + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + {{- with .Values.notifications.initContainers }} + initContainers: + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + {{- with .Values.notifications.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} volumes: - - configMap: + {{- with .Values.notifications.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: tls-certs + configMap: name: argocd-tls-certs-cm - name: tls-certs - name: argocd-repo-server-tls secret: + secretName: argocd-repo-server-tls + optional: true items: - key: tls.crt path: tls.crt @@ -94,24 +121,4 @@ spec: path: tls.key - key: ca.crt path: ca.crt - optional: true - secretName: argocd-repo-server-tls - {{- with .Values.notifications.extraVolumes }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index d8cbb97d..04117ba3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -264,7 +264,30 @@ spec: securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} {{- with .Values.repoServer.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + initContainers: + - command: + - cp + - -n + - /usr/local/bin/argocd + - /var/run/argocd/argocd-cmp-server + image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} + name: copyutil + {{- with .Values.repoServer.resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.repoServer.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + volumeMounts: + - mountPath: /var/run/argocd + name: var-files + {{- with .Values.repoServer.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.repoServer.nodeSelector }} nodeSelector: @@ -328,29 +351,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - initContainers: - - command: - - cp - - -n - - /usr/local/bin/argocd - - /var/run/argocd/argocd-cmp-server - image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - name: copyutil - {{- with .Values.repoServer.resources }} - resources: - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with .Values.repoServer.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} - volumeMounts: - - mountPath: /var/run/argocd - name: var-files - {{- with .Values.repoServer.initContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.repoServer.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 7793b11a..c38d9348 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -319,9 +319,6 @@ spec: lifecycle: {{- toYaml . | nindent 10 }} {{- end }} - {{- with .Values.server.extraContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- if .Values.server.extensions.enabled }} - name: argocd-extensions image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }} @@ -336,6 +333,13 @@ spec: - name: tmp mountPath: /tmp {{- end }} + {{- with .Values.server.extraContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.server.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- with .Values.server.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -406,10 +410,6 @@ spec: path: tls.crt - key: ca.crt path: ca.crt - {{- with .Values.server.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.server.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5900070f..bd0362b3 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -43,27 +43,6 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} - initContainers: - - name: copyutil - image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - command: - - cp - - -n - - /usr/local/bin/argocd - - /shared/argocd-dex - volumeMounts: - - mountPath: /shared - name: static-files - - mountPath: /tmp - name: dexconfig - resources: - {{- toYaml .Values.dex.resources | nindent 10 }} - securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} - {{- with .Values.dex.initContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -136,7 +115,28 @@ spec: - name: argocd-dex-server-tls mountPath: /tls {{- with .Values.dex.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + initContainers: + - name: copyutil + image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} + command: + - cp + - -n + - /usr/local/bin/argocd + - /shared/argocd-dex + volumeMounts: + - mountPath: /shared + name: static-files + - mountPath: /tmp + name: dexconfig + resources: + {{- toYaml .Values.dex.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- with .Values.dex.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.dex.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 38ba73be..6c6a4dbe 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -41,10 +41,6 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} - {{- with .Values.redis.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.redis.name }} image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} @@ -96,7 +92,11 @@ spec: {{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }} {{- end }} {{- with .Values.redis.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.redis.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.redis.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d799dcb9..9fad462e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -439,6 +439,7 @@ configs: # } # -- Array of extra K8s manifests to deploy +## Note: Supports use of custom Helm templates extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 # kind: SecretProviderClass @@ -538,12 +539,14 @@ controller: # name: secret-name # -- Additional containers to be added to the application controller pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the application controller pod ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin ## you could use this (and the same in the server pod) to provide such executable ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + ## Note: Supports use of custom Helm templates initContainers: [] # - name: download-tools # image: alpine:3 @@ -827,9 +830,11 @@ dex: # name: secret-name # -- Additional containers to be added to the dex pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the dex pod + ## Note: Supports use of custom Helm templates initContainers: [] # -- Additional volumeMounts to the dex main container @@ -1012,9 +1017,11 @@ redis: # name: secret-name # -- Additional containers to be added to the redis pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the redis pod + ## Note: Supports use of custom Helm templates initContainers: [] # -- Additional volumeMounts to the redis container @@ -1353,7 +1360,7 @@ server: # memory: 64Mi # -- Additional containers to be added to the server pod - ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + ## Note: Supports use of custom Helm templates extraContainers: [] # - name: my-sidecar # image: nginx:latest @@ -1846,11 +1853,13 @@ repoServer: # -- Additional containers to be added to the repo server pod ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ + ## Note: Supports use of custom Helm templates extraContainers: [] # - name: cmp # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server # command: [/var/run/argocd/argocd-cmp-server] - # image: busybox # This can be off-the-shelf or custom-built image + # # This can be off-the-shelf or custom-built image + # image: busybox # securityContext: # runAsNonRoot: true # runAsUser: 999 @@ -2134,8 +2143,13 @@ applicationSet: # name: secret-name # -- Additional containers to be added to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates extraContainers: [] + # -- Init containers to add to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates + initContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] @@ -2382,6 +2396,14 @@ notifications: # - secretRef: # name: secret-name + # -- Additional containers to be added to the notifications controller pod + ## Note: Supports use of custom Helm templates + extraContainers: [] + + # -- Init containers to add to the notifications controller pod + ## Note: Supports use of custom Helm templates + initContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] From 136d8c4fca96cfad3736ba44ea4df17195c343da Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 11 Jan 2023 15:33:30 +0900 Subject: [PATCH 0501/1248] chore(argo-cd): Update Argo CD to v2.5.6 (#1757) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 45ff4446..7e45a587 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.5 +appVersion: v2.5.6 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.0 +version: 5.17.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support for extraContainers and initContainers for applicationSet and notifications" - - "[Added]: Support for use of Helm templates for extraContainers and initContainers" - - "[Docs]: Added notes about custom Helm template support" + - "[Changed]: Update Argo CD to v2.5.6" From 5c6ad38b15fccd082da657bc577d23a803808d09 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 07:39:58 +0100 Subject: [PATCH 0502/1248] chore(deps): bump helm/chart-releaser-action from 1.4.1 to 1.5.0 (#1752) Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action) from 1.4.1 to 1.5.0. - [Release notes](https://github.com/helm/chart-releaser-action/releases) - [Commits](https://github.com/helm/chart-releaser-action/compare/v1.4.1...v1.5.0) --- updated-dependencies: - dependency-name: helm/chart-releaser-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ac6f0137..cb56596b 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -39,7 +39,7 @@ jobs: git checkout origin/gh-pages index.yaml - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.4.1 + uses: helm/chart-releaser-action@v1.5.0 with: config: "./.github/configs/cr.yaml" env: From 2777121707ccb8a9cdc45e84b496fea2568db483 Mon Sep 17 00:00:00 2001 From: Kiyoshi Muranaka Date: Wed, 18 Jan 2023 11:38:50 +0900 Subject: [PATCH 0503/1248] feat(argo-rollouts): Add support for topologySpreadConstraints (#1755) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/README.md.gotmpl | 1 + .../templates/controller/deployment.yaml | 12 ++++++++++++ .../templates/dashboard/deployment.yaml | 12 ++++++++++++ charts/argo-rollouts/values.yaml | 18 ++++++++++++++++++ 6 files changed, 48 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6688d9b0..913a190a 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.3.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.1 +version: 2.21.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoRollouts to v1.3.1" + - "[Added]: Add support for topologySpreadConstraints" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index e471d284..43f68a05 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -88,6 +88,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | | podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | @@ -145,6 +146,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | | dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints | +| dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server | ## Upgrading @@ -174,6 +176,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 445c84db..1a587350 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -96,6 +96,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index d06c0c92..d6adf9cf 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -83,6 +83,18 @@ spec: affinity: {{- toYaml .Values.controller.affinity | nindent 8 }} {{- end }} + {{- with .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + app.kubernetes.io/component: {{ $.Values.controller.component }} + {{- include "argo-rollouts.selectorLabels" $ | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index a84d4bbf..ebf9ce8b 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -65,6 +65,18 @@ spec: affinity: {{- toYaml .Values.dashboard.affinity | nindent 8 }} {{- end }} + {{- with .Values.dashboard.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-rollouts.selectorLabels" $ | nindent 12 }} + app.kubernetes.io/component: {{ $.Values.dashboard.component }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.dashboard.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f74ed7a1..43d322c2 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -47,6 +47,15 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the controller + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- [priorityClassName] for the controller priorityClassName: "" # -- The number of controller pods to run @@ -194,6 +203,15 @@ dashboard: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the dashboard server + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- [priorityClassName] for the dashboard server priorityClassName: "" From 0d57f6ec17d24ae0786ceb85615991bf1d6a24b7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 18 Jan 2023 15:44:21 +0900 Subject: [PATCH 0504/1248] chore(argo-cd): Update Argo CD to v2.5.7 (#1769) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7e45a587..0f294c96 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.6 +appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.1 +version: 5.17.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.6" + - "[Changed]: Update Argo CD to v2.5.7" From f3888bc99609cb82e1bda47a30dfc8c88c3cefb6 Mon Sep 17 00:00:00 2001 From: Victor Login Date: Wed, 18 Jan 2023 19:00:59 +0600 Subject: [PATCH 0505/1248] chore(argo-cd): Update Argo CD extensions to v0.2.1 (#1770) Signed-off-by: Victor Login Signed-off-by: Victor Login --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0f294c96..bc3ac6d1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.2 +version: 5.17.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.7" + - "[Changed]: Update Argo CD extensions to v0.2.1" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index dabacfe7..d1ad8c14 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -639,7 +639,7 @@ NAME: my-release | server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | | server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | -| server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | +| server.extensions.image.tag | string | `"v0.2.1"` | Tag to use for extensions image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9fad462e..cd0bee81 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1333,7 +1333,7 @@ server: # -- Repository to use for extensions image repository: "ghcr.io/argoproj-labs/argocd-extensions" # -- Tag to use for extensions image - tag: "v0.1.0" + tag: "v0.2.1" # -- Image pull policy for extensions # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 206d4922bfdf0b757ea9885204cc3f4cfc56a7e1 Mon Sep 17 00:00:00 2001 From: Pedro Date: Thu, 19 Jan 2023 04:37:18 -0600 Subject: [PATCH 0506/1248] fix(argo-rollouts): avoid label exceeding maximum length (#1694) * fix(argo-rollouts): generated value for app.kubernetes.io/version label for argo-rollouts will not exceed maximum length and support passing a SHA digest. Signed-off-by: Pedro Salgado * fix: Add missing double quote in changelog Signed-off-by: Marco Kilchhofer Signed-off-by: Pedro Salgado Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 5 +++-- charts/argo-rollouts/templates/_helpers.tpl | 16 +++++++++++++++- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 913a190a..a15ecf9b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.3.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.2 +version: 2.21.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add support for topologySpreadConstraints" + - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" + - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller.image.tag with a SHA digest" diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 94733603..46ebaea5 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -31,6 +31,20 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Create kubernetes friendly chart version label. + +Examples: +image.tag = v1.3.1 +output = v1.3.1 + +image.tag = v1.3.1@sha256:38828e693b02e6f858d89fa22a9d9811d3d7a2430a1d4c7d687b6f509775c6ce +output = v1.3.1 +*/}} +{{- define "argo-rollouts.chart_version_label" -}} +{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default .Chart.AppVersion $.Values.controller.image.tag) "") "" | trunc 63 | quote -}} +{{- end -}} + {{/* Common labels */}} @@ -38,7 +52,7 @@ Common labels helm.sh/chart: {{ include "argo-rollouts.chart" . }} {{ include "argo-rollouts.selectorLabels" . }} {{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ default .Chart.AppVersion $.Values.controller.image.tag | quote }} +app.kubernetes.io/version: {{ include "argo-rollouts.chart_version_label" . }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argo-rollouts From 132449caccd9cbb65499c7b1ac625fbc5dc76809 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 19 Jan 2023 15:14:02 -0600 Subject: [PATCH 0507/1248] chore(argo-rollouts): Upgrade argo-rollouts to 1.4.0 (#1774) Fixes #1763 Signed-off-by: jmeridth Signed-off-by: jmeridth --- charts/argo-rollouts/Chart.yaml | 7 +- .../templates/controller/clusterrole.yaml | 22 ++++- .../templates/controller/role.yaml | 99 +++++++++++++++++-- .../templates/crds/analysis-run-crd.yaml | 3 + .../templates/crds/analysis-template-crd.yaml | 3 + .../crds/cluster-analysis-template-crd.yaml | 3 + .../templates/crds/rollout-crd.yaml | 39 ++++++++ .../templates/dashboard/clusterrole.yaml | 7 +- 8 files changed, 166 insertions(+), 17 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a15ecf9b..89ff80ef 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.3.1 +appVersion: v1.4.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.3 +version: 2.22.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" - - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller.image.tag with a SHA digest" + - "[Changed]: Upgrade ArgoRollouts to v1.4.0" diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index b8fdf475..eaaadd24 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -89,7 +89,7 @@ rules: - create - get - update -# secret access to run analysis templates which reference secrets, allow init containers to manipulate secrets +# secret read access to run analysis templates which reference secrets - apiGroups: - "" resources: @@ -99,9 +99,6 @@ rules: - get - list - watch - - create - - patch - - update # pod list/update needed for updating ephemeral data - apiGroups: - "" @@ -110,6 +107,7 @@ rules: verbs: - list - update + - watch # pods eviction needed for restart - apiGroups: - "" @@ -223,4 +221,20 @@ rules: - list - update - patch +- apiGroups: + - traefik.containo.us + resources: + - traefikservices + verbs: + - watch + - get + - update +- apiGroups: + - apisix.apache.org + resources: + - apisixroutes + verbs: + - watch + - get + - update {{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 81ce8542..8c7aa9d4 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -56,7 +56,19 @@ rules: - update - patch - delete +# deployments and podtemplates read access needed for workload reference support +- apiGroups: + - "" + - apps + resources: + - deployments + - podtemplates + verbs: + - get + - list + - watch # services patch needed to update selector of canary/stable/active/preview services +# services create needed to create and delete services for experiments - apiGroups: - "" resources: @@ -66,8 +78,18 @@ rules: - list - watch - patch -# secret access to run analysis templates which reference secrets -# configmap access to read notification-engine configuration + - create + - delete +# leases create/get/update needed for leader election +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update +# secret read access to run analysis templates which reference secrets - apiGroups: - "" resources: @@ -77,9 +99,6 @@ rules: - get - list - watch - - create - - patch - - update # pod list/update needed for updating ephemeral data - apiGroups: - "" @@ -88,6 +107,7 @@ rules: verbs: - list - update + - watch # pods eviction needed for restart - apiGroups: - "" @@ -129,15 +149,17 @@ rules: - update - patch - delete -# virtualservice access needed for using the Istio provider +# virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io resources: - virtualservices + - destinationrules verbs: - watch - get - update + - patch - list # trafficsplit access needed for using the SMI provider - apiGroups: @@ -150,4 +172,69 @@ rules: - get - update - patch +# ambassador access needed for Ambassador provider +- apiGroups: + - getambassador.io + - x.getambassador.io + resources: + - mappings + - ambassadormappings + verbs: + - create + - watch + - get + - update + - list + - delete +# Endpoints and TargetGroupBindings needed for ALB target group verification +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get +- apiGroups: + - elbv2.k8s.aws + resources: + - targetgroupbindings + verbs: + - list + - get +# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualservices + verbs: + - watch + - get + - list +# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualnodes + - virtualrouters + verbs: + - watch + - get + - list + - update + - patch +- apiGroups: + - traefik.containo.us + resources: + - traefikservices + verbs: + - watch + - get + - update +- apiGroups: + - apisix.apache.org + resources: + - apisixroutes + verbs: + - watch + - get + - update {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 0d95f6f5..70187985 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -2742,6 +2742,9 @@ spec: type: array insecure: type: boolean + jsonBody: + type: object + x-kubernetes-preserve-unknown-fields: true jsonPath: type: string method: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 862af976..c2846186 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -2738,6 +2738,9 @@ spec: type: array insecure: type: boolean + jsonBody: + type: object + x-kubernetes-preserve-unknown-fields: true jsonPath: type: string method: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 60604611..a00f68fe 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -2738,6 +2738,9 @@ spec: type: array insecure: type: boolean + jsonBody: + type: object + x-kubernetes-preserve-unknown-fields: true jsonPath: type: string method: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index ec58d318..3f6ea749 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -89,6 +89,12 @@ spec: revisionHistoryLimit: format: int32 type: integer + rollbackWindow: + properties: + revisions: + format: int32 + type: integer + type: object selector: properties: matchExpressions: @@ -397,6 +403,9 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + minPodsPerReplicaSet: + format: int32 + type: integer pingPong: properties: pingService: @@ -713,6 +722,20 @@ spec: required: - mappings type: object + apisix: + properties: + route: + properties: + name: + type: string + rules: + items: + type: string + type: array + required: + - name + type: object + type: object appMesh: properties: virtualNodeGroup: @@ -770,6 +793,14 @@ spec: items: type: string type: array + tcpRoutes: + items: + properties: + port: + format: int64 + type: integer + type: object + type: array tlsRoutes: items: properties: @@ -794,6 +825,14 @@ spec: items: type: string type: array + tcpRoutes: + items: + properties: + port: + format: int64 + type: integer + type: object + type: array tlsRoutes: items: properties: diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 6a84102d..5f05d6e6 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -44,17 +44,18 @@ rules: - get - list - watch - # deployments and podtemplates read access needed for workload reference support - apiGroups: - - "" - apps resources: - deployments - - podtemplates verbs: - get - list - watch + {{- if not .Values.dashboard.readonly }} + - update + - patch + {{- end }} - apiGroups: - apps resources: From 45c1534eeb03ee2a6cf89d2a2f10de2a00d206f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?carlos=20gonz=C3=A1lez?= Date: Thu, 19 Jan 2023 23:14:49 +0100 Subject: [PATCH 0508/1248] feat(argo-cd): Add labels for argocd-secret (#1779) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-cd): add secret labels field (#1778) Signed-off-by: carlos gonzález Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bc3ac6d1..0b495196 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.4 +version: 5.18.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD extensions to v0.2.1" + - "[Added]: Extra secret labels with .Values.configs.secret.labels" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d1ad8c14..278f1680 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -442,6 +442,7 @@ NAME: my-release | configs.secret.githubSecret | string | `""` | Shared secret for authenticating GitHub webhook events | | configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events | | configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events | +| configs.secret.labels | object | `{}` | Labels to be added to argocd-secret | | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | | configs.tlsCerts | object | See [values.yaml] | TLS certificate | | configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index f289480d..84a51197 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -5,6 +5,9 @@ metadata: name: argocd-secret labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }} + {{- with .Values.configs.secret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.configs.secret.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cd0bee81..98b62c1e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -392,6 +392,8 @@ configs: secret: # -- Create the argocd-secret createSecret: true + # -- Labels to be added to argocd-secret + labels: {} # -- Annotations to be added to argocd-secret annotations: {} From 9905dcca8eae8f2499c18c31475ad117b12611ad Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 20 Jan 2023 08:33:55 -0600 Subject: [PATCH 0509/1248] fix(argo-cd): Update CONTRIBUTING docs (#1782) * Update CONTRIBUTING - [x] versioning details - [x] remove broken links - [x] fix markdown linting errors - [x] README.md updating clarification * Rename variable in helm-docs script * Update argo-cd README * Add blurb about mandatory Chart versioning * Reword artifacthub changes section in CONTRIBUTING * Reorder/restructure CONTRIBUTING.md * Update argo-cd chart version * Add section in CONTRIBUTING about semantic title linting Signed-off-by: jmeridth Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- CONTRIBUTING.md | 125 +++++++++++++++++++------------- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 5 +- charts/argo-cd/README.md.gotmpl | 5 +- scripts/helm-docs.sh | 6 +- 5 files changed, 85 insertions(+), 60 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 49c0577b..f8753d60 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,38 +2,87 @@ Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently. - -# Pull Requests +## Pull Requests All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project. +### Pull Request Title Linting + +We lint the title of your pull request to ensure it follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) specification. This is done using GitHub actions and the [action-semantic-pull-request](.github/workflows/pr-title.yml) workflow. We require the scope of the change to be included in the title. The scope should be the name of the chart you are changing. For example, if you are changing the `argo-cd` chart, the title of your pull request should be `fix(argo-cd): Fix typo in values.yaml`. + +## Documentation + +The documentation for each chart is generated with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation. + +We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges): + +```shell +./scripts/helm-docs.sh +``` + +> **Note** +> When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file. + +### Updating a chart README.md + +When updating the `README.md.gotmpl` inside a chart directory you must to run the `helm-docs` script to generate the updated `README.md` file. To reiterate, you should not edit the `README.md` file manually. It will be generated by the following command: + +```shell +./scripts/helm-docs.sh +``` + +> **Note** +> If you see changes to unrelated chart `README.md` files you may have accidentally updated a `README.md.gotmpl` file in another chart's folder unintentionally or someone else failed to run this script. Please revert those changes if you do not intend them to be a part of your pull request. + ## Versioning -Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease). +Each chart's version follows the [semver standard](https://semver.org/). + +New charts should start at version `1.0.0`, if it's considered stable. If it isn't considered stable, it must be released as `prerelease`. Any breaking changes to a chart (backwards incompatible) require: - * Bump of the current Major version of the chart - * State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades)) +* Bump of the current Major version of the chart +* State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` + +### New Application Versions + +When selecting new application versions ensure you make the following changes: + +* `values.yaml`: Bump all instances of the container image version +* `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version` + +Please ensure chart version changes adhere to semantic versioning standards: + +* Major: Large chart rewrites, major non-backwards compatible or destructive changes +* Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes +* Patch: App version patch updates, backwards compatible optional chart features ### Immutability Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error. +### Chart Versioning + +Currently we require a chart version bump for every change to a chart, including updating information for older verions. This may change in the future. ### Artifact Hub Annotations Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub. - * [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/) +* [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/) #### Changelog We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release. -Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: +Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). -``` +A new `artifacthub.io/changes` needs to be written covering only the changes since the previous release. + +Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: + +```yaml name: argo-cd version: 3.4.1 ... @@ -45,67 +94,54 @@ annotations: - "[Deprecated]: Something deprecated" - "[Removed]: Something was removed" - "[Fixed]: Something was fixed" - - "[Security]": Some Security Patch was included" + - "[Security]: Some Security Patch was included" ``` -## Documentation +## Testing -The documentation for each chart is done with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation. - -We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges): - -``` -bash scripts/helm-docs.sh -``` - -**NOTE**: When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file. - - - -# Testing - -## Testing Argo Workflows Changes +### Testing Argo Workflows Changes Minimally: -``` +```shell helm install charts/argo-workflows -n argo argo version ``` Follow this instructions for running a hello world workflow. -## Testing Argo CD Changes +### Testing Argo CD Changes Clean-up: -``` +```shell helm delete argo-cd --purge kubectl delete crd -l app.kubernetes.io/part-of=argocd ``` Pre-requisites: -``` + +```shell helm repo add redis-ha https://dandydeveloper.github.io/charts/ helm dependency update ``` Minimally: -``` +```shell helm install argocd argo/argo-cd -n argocd --create-namespace kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 ``` In a new terminal: -``` +```shell argocd version --server localhost:8080 --insecure # reset password to 'Password1!' kubectl -n argocd patch secret argocd-secret \ -p '{"stringData": { - "admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O", - "admin.passwordMtime": "'$(date +%FT%T%Z)'" + "admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O", + "admin.passwordMtime": "'$(date +%FT%T%Z)'" }}' argocd login localhost:8080 --username admin --password 'Password1!' @@ -114,38 +150,25 @@ argocd login localhost:8080 --username admin --password 'Password1!' Create and sync app: -``` +```shell argocd app create guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --path guestbook --project default --repo https://github.com/argoproj/argocd-example-apps.git argocd app sync guestbook ``` -## New Application Versions - -When raising application versions ensure you make the following changes: - -- `values.yaml`: Bump all instances of the container image version -- `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version` - -Please ensure chart version changes adhere to semantic versioning standards: - -- Patch: App version patch updates, backwards compatible optional chart features -- Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes -- Major: Large chart rewrites, major non-backwards compatible or destructive changes - -## Testing Charts +### Testing Charts As part of the Continuous Integration system we run Helm's [Chart Testing](https://github.com/helm/chart-testing) tool. -The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames. +The checks for Chart Testing are stricter than the standard Helm requirements. For example, fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames. Linting configuration can be found in [ct-lint.yaml](./.github/configs/ct-lint.yaml) The linting can be invoked manually with the following command: -``` +```shell ./scripts/lint.sh ``` ## Publishing Changes -Changes are automatically publish whenever a commit is merged to main. The CI job (see `./.github/workflows/publish.yml`). +Changes are automatically publish whenever a commit is merged to the `main` branch by the CI job (see `./.github/workflows/publish.yml`). diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0b495196..df9f69ed 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.18.0 +version: 5.18.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Extra secret labels with .Values.configs.secret.labels" + - "[Fixed]: README information about 5.12.0 TLS changes" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 278f1680..ec342a3d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -111,8 +111,9 @@ This version reduces history limit for Argo CD deployment replicas to 3 to provi ### 5.12.0 -This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server. -If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret. +If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead. +For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`. +For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys. ### 5.10.0 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index a844449a..b41f82c0 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -110,8 +110,9 @@ This version reduces history limit for Argo CD deployment replicas to 3 to provi ### 5.12.0 -This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server. -If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret. +If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead. +For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`. +For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys. ### 5.10.0 diff --git a/scripts/helm-docs.sh b/scripts/helm-docs.sh index e8ade437..5669f91c 100755 --- a/scripts/helm-docs.sh +++ b/scripts/helm-docs.sh @@ -1,11 +1,11 @@ #!/bin/bash ## Reference: https://github.com/norwoodj/helm-docs set -eux -CHART_DIR="$(cd "$(dirname "$0")/.." && pwd)" -echo "$CHART_DIR" +REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)" +echo "$REPO_ROOT" echo "Running Helm-Docs" docker run \ - -v "$CHART_DIR:/helm-docs" \ + -v "$REPO_ROOT:/helm-docs" \ -u $(id -u) \ jnorwood/helm-docs:v1.9.1 From 4dd31571b3ce2d90bd3598ca020e70cd887c6d23 Mon Sep 17 00:00:00 2001 From: Richard Johansson Date: Fri, 20 Jan 2023 17:41:52 +0100 Subject: [PATCH 0510/1248] feat(argo-rollouts): Added flags to toggle provider-specific RBAC (#1777) * Toggle for provider-specific RBAC + Added missing RBAC rules Signed-off-by: Richard Johansson * Updated docs with new Helm values Signed-off-by: Richard Johansson * Added a general flag providerRBAC.enabled to toggle all of the providers Signed-off-by: Richard Johansson * Aligned with main Signed-off-by: Richard Johansson * Corrected inline comments Signed-off-by: Richard Johansson * Fixed incorrect inline comments Signed-off-by: Richard Johansson Signed-off-by: Richard Johansson --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 8 ++++++++ .../templates/controller/clusterrole.yaml | 20 ++++++++++++++++++- .../templates/controller/role.yaml | 20 ++++++++++++++++++- charts/argo-rollouts/values.yaml | 20 +++++++++++++++++++ 5 files changed, 68 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 89ff80ef..a9968a4f 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.0 +version: 2.22.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoRollouts to v1.4.0" + - "[Added]: Flags to toggle provider-specific RBAC rules in Role and ClusterRole" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 43f68a05..73581f4e 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -55,6 +55,14 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret | | notifications.templates | object | `{}` | Notification templates | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | +| providerRBAC.enabled | bool | `true` | Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole | +| providerRBAC.providers.ambassador | bool | `true` | Adds RBAC rules for the Ambassador provider | +| providerRBAC.providers.apisix | bool | `true` | Adds RBAC rules for the Apisix provider | +| providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider | +| providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider | +| providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider | +| providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider | +| providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider | ### Controller diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index eaaadd24..964daed3 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -149,6 +149,8 @@ rules: - update - patch - delete +{{- if .Values.providerRBAC.enabled }} +{{- if .Values.providerRBAC.providers.istio }} # virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io @@ -161,6 +163,8 @@ rules: - update - patch - list +{{- end }} +{{- if .Values.providerRBAC.providers.smi }} # trafficsplit access needed for using the SMI provider - apiGroups: - split.smi-spec.io @@ -172,6 +176,8 @@ rules: - get - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.ambassador }} # ambassador access needed for Ambassador provider - apiGroups: - getambassador.io @@ -186,7 +192,9 @@ rules: - update - list - delete -# Endpoints and TargetGroupBindings needed for ALB target group verification +{{- end }} +{{- if .Values.providerRBAC.providers.awsLoadBalancerController }} +# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller - apiGroups: - "" resources: @@ -200,6 +208,8 @@ rules: verbs: - list - get +{{- end }} +{{- if .Values.providerRBAC.providers.awsAppMesh }} # AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider - apiGroups: - appmesh.k8s.aws @@ -221,6 +231,9 @@ rules: - list - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.traefik }} +# Traefik access needed when using the Traefik provider - apiGroups: - traefik.containo.us resources: @@ -229,6 +242,9 @@ rules: - watch - get - update +{{- end }} +{{- if .Values.providerRBAC.providers.apisix }} +# Access needed when using the Apisix provider - apiGroups: - apisix.apache.org resources: @@ -238,3 +254,5 @@ rules: - get - update {{- end }} +{{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 8c7aa9d4..72ebdbc9 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -149,6 +149,8 @@ rules: - update - patch - delete +{{- if .Values.providerRBAC.enabled }} +{{- if .Values.providerRBAC.providers.istio }} # virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io @@ -161,6 +163,8 @@ rules: - update - patch - list +{{- end }} +{{- if .Values.providerRBAC.providers.smi }} # trafficsplit access needed for using the SMI provider - apiGroups: - split.smi-spec.io @@ -172,6 +176,8 @@ rules: - get - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.ambassador }} # ambassador access needed for Ambassador provider - apiGroups: - getambassador.io @@ -186,7 +192,9 @@ rules: - update - list - delete -# Endpoints and TargetGroupBindings needed for ALB target group verification +{{- end }} +{{- if .Values.providerRBAC.providers.awsLoadBalancerController }} +# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller - apiGroups: - "" resources: @@ -200,6 +208,8 @@ rules: verbs: - list - get +{{- end }} +{{- if .Values.providerRBAC.providers.awsAppMesh }} # AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider - apiGroups: - appmesh.k8s.aws @@ -221,6 +231,9 @@ rules: - list - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.traefik }} +# Traefik access needed when using the Traefik provider - apiGroups: - traefik.containo.us resources: @@ -229,6 +242,9 @@ rules: - watch - get - update +{{- end }} +{{- if .Values.providerRBAC.providers.apisix }} +# Access needed when using the Apisix provider - apiGroups: - apisix.apache.org resources: @@ -238,3 +254,5 @@ rules: - get - update {{- end }} +{{- end }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 43d322c2..eb077221 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -190,6 +190,26 @@ podLabels: {} imagePullSecrets: [] # - name: argo-pull-secret +providerRBAC: + # -- Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole + enabled: true + # providerRBAC.enabled must be true in order to toggle the individual providers + providers: + # -- Adds RBAC rules for the Istio provider + istio: true + # -- Adds RBAC rules for the SMI provider + smi: true + # -- Adds RBAC rules for the Ambassador provider + ambassador: true + # -- Adds RBAC rules for the AWS Load Balancer Controller provider + awsLoadBalancerController: true + # -- Adds RBAC rules for the AWS App Mesh provider + awsAppMesh: true + # -- Adds RBAC rules for the Traefik provider + traefik: true + # -- Adds RBAC rules for the Apisix provider + apisix: true + dashboard: # -- Deploy dashboard server enabled: false From 5b9f624ba21f167bb55d948f0c5042383c87678d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 10:24:46 +0100 Subject: [PATCH 0511/1248] feat(argo-cd): Consolidate certificate config for repositories (#1786) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 14 ++- charts/argo-cd/README.md.gotmpl | 5 + charts/argo-cd/templates/NOTES.txt | 12 +++ .../argocd-ssh-known-hosts-cm.yaml | 15 ++- .../argocd-configs/argocd-tls-certs-cm.yaml | 15 ++- charts/argo-cd/values.yaml | 102 ++++++++---------- 7 files changed, 98 insertions(+), 71 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index df9f69ed..daad23a9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.18.1 +version: 5.19.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: README information about 5.12.0 TLS changes" + - "[Added]: Option configs.ssh.extraHosts that allows to keep original SSH known list" + - "[Changed]: Option configs.knownHosts deprecated as moved to configs.ssh" + - "[Changed]: Option configs.tlsCerts deprecated as moved to configs.tls" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ec342a3d..37a2dc19 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.19.0 + +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. + ### 5.13.0 This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter. @@ -410,8 +415,6 @@ NAME: my-release | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | -| configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts | -| configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | @@ -444,9 +447,12 @@ NAME: my-release | configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events | | configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events | | configs.secret.labels | object | `{}` | Labels to be added to argocd-secret | +| configs.ssh.annotations | object | `{}` | Annotations to be added to argocd-ssh-known-hosts-cm configmap | +| configs.ssh.extraHosts | string | `""` | Additional known hosts for private repositories | +| configs.ssh.knownHosts | string | See [values.yaml] | Known hosts to be added to the known host list by default. | | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | -| configs.tlsCerts | object | See [values.yaml] | TLS certificate | -| configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | +| configs.tls.annotations | object | `{}` | Annotations to be added to argocd-tls-certs-cm configmap | +| configs.tls.certificates | object | `{}` (See [values.yaml]) | TLS certificates for Git repositories | ## Argo CD Controller diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index b41f82c0..fde0c0c8 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.19.0 + +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. + ### 5.13.0 This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter. diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 30138ee4..c5c5e7c5 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -64,6 +64,18 @@ DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles {{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }} DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles {{- end }} +{{- if .Values.configs.knownHostsAnnotations }} +DEPRECATED option configs.knownHostsAnnotations - Use configs.ssh.annotations +{{- end }} +{{- if hasKey .Values.configs "knownHosts" }} +DEPRECATED option configs.knownHosts.data.ssh_known_hosts - Use configs.ssh.knownHosts +{{- end }} +{{- if .Values.configs.tlsCertsAnnotations }} +DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations +{{- end }} +{{- if hasKey .Values.configs "tlsCerts" }} +DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 844f492d..03c306d4 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -3,11 +3,20 @@ kind: ConfigMap metadata: name: argocd-ssh-known-hosts-cm labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "ssh-known-hosts-cm") | nindent 4 }} - {{- with .Values.configs.knownHostsAnnotations }} + {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} + {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) -}} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- toYaml .Values.configs.knownHosts | nindent 0 }} +data: + ssh_known_hosts: | + {{- if hasKey .Values.configs "knownHosts" }} + {{- .Values.configs.knownHosts.data.ssh_known_hosts | nindent 4 }} + {{- else }} + {{- .Values.configs.ssh.knownHosts | nindent 4 }} + {{- end }} + {{- with .Values.configs.ssh.extraHosts }} + {{- . | nindent 4 }} + {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 74b21181..8e5c7c88 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -3,13 +3,20 @@ kind: ConfigMap metadata: name: argocd-tls-certs-cm labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "tls-certs-cm") | nindent 4 }} - {{- with .Values.configs.tlsCertsAnnotations }} + {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} + {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) -}} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- with .Values.configs.tlsCerts }} -{{- toYaml . | nindent 0 }} +{{- if hasKey .Values.configs "tlsCerts" }} + {{- with .Values.configs.tlsCerts }} + {{- toYaml . | nindent 0 }} + {{- end }} +{{- else }} +{{- with .Values.configs.tls.certificates }} +data: + {{- toYaml . | nindent 2 }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 98b62c1e..5e73d218 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -254,6 +254,41 @@ configs: # ... # -----END PGP PUBLIC KEY BLOCK----- + # SSH known hosts for Git repositories + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#ssh-known-host-public-keys + ssh: + # -- Annotations to be added to argocd-ssh-known-hosts-cm configmap + annotations: {} + + # -- Known hosts to be added to the known host list by default. + # @default -- See [values.yaml] + knownHosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + + # -- Additional known hosts for private repositories + extraHosts: '' + + # Repository TLS certificates + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories-using-self-signed-tls-certificates-or-are-signed-by-custom-ca + tls: + # -- Annotations to be added to argocd-tls-certs-cm configmap + annotations: {} + + # -- TLS certificates for Git repositories + # @default -- `{}` (See [values.yaml]) + certificates: {} + # server.example.com: | + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) @@ -282,64 +317,15 @@ configs: # insecure: false # caData: "" - # -- Known Hosts configmap annotations - knownHostsAnnotations: {} - knownHosts: - data: - # -- Known Hosts - # @default -- See [values.yaml] - ssh_known_hosts: | - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== - github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= - gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf - gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 - ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - # -- TLS certificate configmap annotations - tlsCertsAnnotations: {} - # -- TLS certificate - # @default -- See [values.yaml] - tlsCerts: - {} - # data: - # argocd.example.com: | - # -----BEGIN CERTIFICATE----- - # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL - # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE - # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 - # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda - # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT - # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES - # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi - # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 - # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc - # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u - # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G - # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ - # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E - # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko - # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J - # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u - # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO - # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 - # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 - # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ - # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn - # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx - # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 - # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT - # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr - # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO - # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so - # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr - # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 - # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W - # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK - # XWyb96wrUlv+E8I= - # -----END CERTIFICATE----- + # DEPRECATED - Moved to configs.ssh.annotations + # knownHostsAnnotations: {} + # DEPRECATED - Moved to configs.ssh.knownHosts + # knownHosts: {} + + # DEPRECATED - Moved to configs.tls.annotations + # tlsCertsAnnotations: {} + # DEPRECATED - Moved to configs.tls.certificates + # tlsCerts: {} # -- Repository credentials to be used as Templates for other repos ## Creates a secret for each key/value specified below to create repository credentials From e91bc78a4a337ab014adb19611dfb8f2b5ce707f Mon Sep 17 00:00:00 2001 From: Pedro Date: Sat, 21 Jan 2023 05:37:52 -0600 Subject: [PATCH 0512/1248] feat(argocd-image-updater): prevent generation of label value of invalid length (#1691) * feat(argocd-image-updater): prevent label from being greater than 63 characters. Signed-off-by: Pedro Salgado * fix: Add missing double quote in changelog Signed-off-by: Marco Kilchhofer Signed-off-by: Pedro Salgado Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer Co-authored-by: Jason Meridth --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/templates/_helpers.tpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 049ed8ce..5147ea82 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.1 +version: 0.8.2 appVersion: v0.12.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add support for additional initContainers and additional volume/volumeMounts" + - "[Changed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" diff --git a/charts/argocd-image-updater/templates/_helpers.tpl b/charts/argocd-image-updater/templates/_helpers.tpl index 5c0be1da..934d894c 100644 --- a/charts/argocd-image-updater/templates/_helpers.tpl +++ b/charts/argocd-image-updater/templates/_helpers.tpl @@ -38,7 +38,7 @@ Common labels helm.sh/chart: {{ include "argocd-image-updater.chart" . }} {{ include "argocd-image-updater.selectorLabels" . }} {{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +app.kubernetes.io/version: {{ .Chart.AppVersion | trunc 63 | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }} From 58f587618fbabe601d0f433d8a2d935069fbffdf Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 13:07:14 +0100 Subject: [PATCH 0513/1248] fix(argo-cd): Consolidate and fix container ports (#1788) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 7 +- charts/argo-cd/README.md | 25 ++-- charts/argo-cd/templates/NOTES.txt | 21 +++ .../statefulset.yaml | 15 ++- .../argocd-applicationset/deployment.yaml | 11 +- .../argocd-notifications/deployment.yaml | 4 +- .../argocd-repo-server/deployment.yaml | 6 +- .../templates/argocd-server/aws/service.yaml | 4 +- .../templates/argocd-server/deployment.yaml | 12 +- .../templates/argocd-server/service.yaml | 6 +- charts/argo-cd/templates/dex/deployment.yaml | 6 +- .../argo-cd/templates/redis/deployment.yaml | 8 +- charts/argo-cd/values.yaml | 124 +++++++++++------- 13 files changed, 152 insertions(+), 97 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index daad23a9..e75156e7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.0 +version: 5.19.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Option configs.ssh.extraHosts that allows to keep original SSH known list" - - "[Changed]: Option configs.knownHosts deprecated as moved to configs.ssh" - - "[Changed]: Option configs.tlsCerts deprecated as moved to configs.tls" + - "[Fixed]: Container port configuration now properly sets the listening port" + - "[Changed]: Container ports consolidated from various places to new containerPorts sections" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 37a2dc19..ca54a9bc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -462,7 +462,7 @@ NAME: my-release | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | -| controller.containerPort | int | `8082` | Application controller listening port | +| controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | @@ -539,7 +539,8 @@ NAME: my-release | repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | -| repoServer.containerPort | int | `8081` | Configures the repo server port | +| repoServer.containerPorts.metrics | int | `8084` | Metrics container port | +| repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | | repoServer.env | list | `[]` | Environment variables to pass to repo server | @@ -638,7 +639,8 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.containerPort | int | `8080` | Configures the server port | +| server.containerPorts.metrics | int | `8082` | Metrics container port | +| server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | | server.env | list | `[]` | Environment variables to pass to Argo CD server | @@ -728,7 +730,6 @@ NAME: my-release | server.service.labels | object | `{}` | Server service labels | | server.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | | server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | -| server.service.namedTargetPort | bool | `true` | Use named target port for argocd | | server.service.nodePortHttp | int | `30080` | Server service http port for NodePort service type (only if `server.service.type` is set to "NodePort") | | server.service.nodePortHttps | int | `30443` | Server service https port for NodePort service type (only if `server.service.type` is set to "NodePort") | | server.service.servicePortHttp | int | `80` | Server service http port | @@ -780,9 +781,9 @@ server: | dex.certificateSecret.enabled | bool | `false` | Create argocd-dex-server-tls secret | | dex.certificateSecret.key | string | `""` | Certificate private key | | dex.certificateSecret.labels | object | `{}` | Labels to be added to argocd-dex-server-tls secret | -| dex.containerPortGrpc | int | `5557` | Container port for gRPC access | -| dex.containerPortHttp | int | `5556` | Container port for HTTP access | -| dex.containerPortMetrics | int | `5558` | Container port for metrics access | +| dex.containerPorts.grpc | int | `5557` | gRPC container port | +| dex.containerPorts.http | int | `5556` | HTTP container port | +| dex.containerPorts.metrics | int | `5558` | Metrics container port | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | | dex.enabled | bool | `true` | Enable dex | @@ -856,7 +857,8 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | -| redis.containerPort | int | `6379` | Redis container port | +| redis.containerPorts.metrics | int | `9121` | Metrics container port | +| redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | | redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment | | redis.enabled | bool | `true` | Enable redis | @@ -869,7 +871,6 @@ server: | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | -| redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | | redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | | redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | @@ -962,9 +963,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | | applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | -| applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | +| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | +| applicationSet.containerPorts.probe | int | `8081` | Probe container port | +| applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | @@ -1067,6 +1069,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | | notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | +| notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index c5c5e7c5..210cf3bb 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -88,6 +88,27 @@ REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug {{- if .Values.applicationSet.args.enableLeaderElection }} REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas {{- end }} +{{- if .Values.controller.containerPort }} +REMOVED option controller.containerPort - Use controller.containerPorts +{{- end }} +{{- if .Values.server.containerPort }} +REMOVED option server.containerPort - Use server.containerPorts +{{- end }} +{{- if .Values.repoServer.containerPort }} +REMOVED option repoServer.containerPort - Use repoServer.containerPorts +{{- end }} +{{- if .Values.applicationSet.args.metricsAddr }} +REMOVED option applicationSet.args.metricsAddr - Use applicationSet.containerPorts +{{- end }} +{{- if .Values.applicationSet.args.probeBindAddr }} +REMOVED option applicationSet.args.probeBindAddr - Use applicationSet.containerPorts +{{- end }} +{{- if .Values.redis.containerPort }} +REMOVED option redis.containerPort - Use redis.containerPorts +{{- end }} +{{- if .Values.redis.metrics.containerPort }} +REMOVED option redis.metrics.containerPort - Use redis.containerPorts +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 208545e0..d853a856 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -44,6 +44,13 @@ spec: containers: - command: - argocd-application-controller + - --metrics-port={{ .Values.controller.containerPorts.metrics }} + {{- if .Values.controller.metrics.applicationLabels.enabled }} + {{- range .Values.controller.metrics.applicationLabels.labels }} + - --metrics-application-labels + - {{ . }} + {{- end }} + {{- end }} {{- with .Values.controller.args.statusProcessors }} - --status-processors - {{ . | quote }} @@ -76,12 +83,6 @@ spec: - --loglevel - {{ . | quote }} {{- end }} - {{- if .Values.controller.metrics.applicationLabels.enabled }} - {{- range .Values.controller.metrics.applicationLabels.labels }} - - --metrics-application-labels - - {{ . }} - {{- end }} - {{- end }} {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} @@ -232,7 +233,7 @@ spec: {{- end }} ports: - name: metrics - containerPort: {{ .Values.controller.containerPort }} + containerPort: {{ .Values.controller.containerPorts.metrics }} protocol: TCP readinessProbe: httpGet: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 0c3862de..6fd9170c 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -51,10 +51,11 @@ spec: command: - entrypoint.sh - argocd-applicationset-controller + - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} + - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} + - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - --enable-leader-election={{ gt ( .Values.applicationSet.replicaCount | int64) 1 }} - - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} - - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} - --policy={{ .Values.applicationSet.args.policy }} - --dry-run={{ .Values.applicationSet.args.dryRun }} - --logformat @@ -78,13 +79,13 @@ spec: {{- end }} ports: - name: metrics - containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }} + containerPort: {{ .Values.applicationSet.containerPorts.metrics }} protocol: TCP - name: probe - containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }} + containerPort: {{ .Values.applicationSet.containerPorts.probe }} protocol: TCP - name: webhook - containerPort: 7000 + containerPort: {{ .Values.applicationSet.containerPorts.webhook }} protocol: TCP {{- if .Values.applicationSet.livenessProbe.enabled }} livenessProbe: diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 7ee9f8f4..85d586cc 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -48,9 +48,9 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }} command: - argocd-notifications + - --metrics-port={{ .Values.notifications.containerPorts.metrics }} - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} - - --metrics-port={{ .Values.notifications.metrics.port }} - --namespace={{ .Release.Namespace }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- range .Values.notifications.extraArgs }} @@ -66,7 +66,7 @@ spec: {{- end }} ports: - name: metrics - containerPort: {{ .Values.notifications.metrics.port }} + containerPort: {{ .Values.notifications.containerPorts.metrics }} protocol: TCP resources: {{- toYaml .Values.notifications.resources | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 04117ba3..c786d714 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -53,6 +53,8 @@ spec: - entrypoint.sh args: - argocd-repo-server + - --port={{ .Values.repoServer.containerPorts.server }} + - --metrics-port={{ .Values.repoServer.containerPorts.metrics }} {{- with .Values.repoServer.logFormat }} - --logformat - {{ . | quote }} @@ -236,10 +238,10 @@ spec: name: tmp ports: - name: repo-server - containerPort: {{ .Values.repoServer.containerPort }} + containerPort: {{ .Values.repoServer.containerPorts.server }} protocol: TCP - name: metrics - containerPort: 8084 + containerPort: {{ .Values.repoServer.containerPorts.metrics }} protocol: TCP livenessProbe: httpGet: diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index 4adcd82d..a0368023 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -12,11 +12,11 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: server - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: server selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index c38d9348..2f510bc3 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -47,6 +47,8 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server + - --port={{ .Values.server.containerPorts.server }} + - --metrics-port={{ .Values.server.containerPorts.metrics }} {{- with .Values.server.logFormat }} - --logformat - {{ . | quote }} @@ -287,16 +289,16 @@ spec: name: extensions {{- end }} ports: - - name: {{ .Values.server.name }} - containerPort: {{ .Values.server.containerPort }} + - name: server + containerPort: {{ .Values.server.containerPorts.server }} protocol: TCP - name: metrics - containerPort: 8083 + containerPort: {{ .Values.server.containerPorts.metrics }} protocol: TCP livenessProbe: httpGet: path: /healthz?full=true - port: {{ .Values.server.containerPort }} + port: server initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }} @@ -305,7 +307,7 @@ spec: readinessProbe: httpGet: path: /healthz - port: {{ .Values.server.containerPort }} + port: server initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }} diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 1dc04116..879bdb32 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -19,14 +19,14 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: {{ .Values.server.containerPorts.server }} {{- if eq .Values.server.service.type "NodePort" }} nodePort: {{ .Values.server.service.nodePortHttp }} {{- end }} - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: {{ .Values.server.containerPorts.server }} {{- if eq .Values.server.service.type "NodePort" }} nodePort: {{ .Values.server.service.nodePortHttps }} {{- end }} @@ -49,4 +49,4 @@ spec: {{- end }} {{- with .Values.server.service.sessionAffinity }} sessionAffinity: {{ . }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index bd0362b3..1b3b4338 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -70,13 +70,13 @@ spec: {{- end }} ports: - name: http - containerPort: {{ .Values.dex.containerPortHttp }} + containerPort: {{ .Values.dex.containerPorts.http }} protocol: TCP - name: grpc - containerPort: {{ .Values.dex.containerPortGrpc }} + containerPort: {{ .Values.dex.containerPorts.grpc }} protocol: TCP - name: metrics - containerPort: {{ .Values.dex.containerPortMetrics }} + containerPort: {{ .Values.dex.containerPorts.metrics }} protocol: TCP {{- if .Values.dex.livenessProbe.enabled }} livenessProbe: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 6c6a4dbe..c2f17a45 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -63,7 +63,7 @@ spec: {{- end }} ports: - name: redis - containerPort: {{ .Values.redis.containerPort }} + containerPort: {{ .Values.redis.containerPorts.redis }} protocol: TCP resources: {{- toYaml .Values.redis.resources | nindent 10 }} @@ -79,12 +79,12 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.metrics.image.imagePullPolicy }} env: - name: REDIS_ADDR - value: {{ printf "redis://localhost:%v" .Values.redis.containerPort }} + value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS - value: {{ printf "0.0.0.0:%v" .Values.redis.metrics.containerPort }} + value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} ports: - name: metrics - containerPort: {{ .Values.redis.metrics.containerPort }} + containerPort: {{ .Values.redis.containerPorts.metrics }} protocol: TCP resources: {{- toYaml .Values.redis.metrics.resources | nindent 10 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5e73d218..e7207863 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -575,6 +575,11 @@ controller: # cpu: 250m # memory: 256Mi + # Application controller container ports + containerPorts: + # -- Metrics container port + metrics: 8082 + # -- Application controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -587,9 +592,6 @@ controller: drop: - ALL - # -- Application controller listening port - containerPort: 8082 - # Rediness probe for application controller ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ readinessProbe: @@ -866,6 +868,16 @@ dex: # cpu: 10m # memory: 32Mi + # Dex container ports + # NOTE: These ports are currently hardcoded and cannot be changed + containerPorts: + # -- HTTP container port + http: 5556 + # -- gRPC container port + grpc: 5557 + # -- Metrics container port + metrics: 5558 + # -- Dex container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -893,6 +905,7 @@ dex: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + readinessProbe: # -- Enable Kubernetes readiness probe for Dex >= 2.28.0 enabled: false @@ -917,20 +930,14 @@ dex: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # -- Container port for HTTP access - containerPortHttp: 5556 # -- Service port for HTTP access servicePortHttp: 5556 # -- Service port name for HTTP access servicePortHttpName: http - # -- Container port for gRPC access - containerPortGrpc: 5557 # -- Service port for gRPC access servicePortGrpc: 5557 # -- Service port name for gRPC access servicePortGrpcName: grpc - # -- Container port for metrics access - containerPortMetrics: 5558 # -- Service port for metrics access servicePortMetrics: 5558 @@ -1044,6 +1051,13 @@ redis: seccompProfile: type: RuntimeDefault + # Redis container ports + containerPorts: + # -- Redis container port + redis: 6379 + # -- Metrics container port + metrics: 9121 + # -- Redis container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1052,8 +1066,6 @@ redis: drop: - ALL - # -- Redis container port - containerPort: 6379 # -- Redis service port servicePort: 6379 @@ -1103,8 +1115,6 @@ redis: tag: 1.26.0-debian-10-r2 # -- redis-exporter image PullPolicy imagePullPolicy: IfNotPresent - # -- Port to use for redis-exporter sidecar - containerPort: 9121 # -- Redis exporter security context # @default -- See [values.yaml] @@ -1415,8 +1425,24 @@ server: # cpu: 50m # memory: 64Mi - # -- Configures the server port - containerPort: 8080 + # Server container ports + containerPorts: + # -- Server container port + server: 8080 + # -- Metrics container port + metrics: 8082 + + # -- Server container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ @@ -1431,6 +1457,7 @@ server: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + livenessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1461,18 +1488,6 @@ server: # -- Priority class for the Argo CD server priorityClassName: "" - # -- Server container-level security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: @@ -1546,10 +1561,6 @@ server: servicePortHttpName: http # -- Server service https port name, can be used to route traffic via istio servicePortHttpsName: https - # -- Use named target port for argocd - ## Named target ports are not supported by GCE health checks, so when deploying argocd on GKE - ## and exposing it via GCE ingress, the health checks fail and the load balancer returns a 502. - namedTargetPort: true # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from @@ -1897,8 +1908,24 @@ repoServer: # cpu: 10m # memory: 64Mi - # -- Configures the repo server port - containerPort: 8081 + # Repo server container ports + containerPorts: + # -- Repo server container port + server: 8081 + # -- Metrics container port + metrics: 8084 + + # -- Repo server container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ @@ -1913,6 +1940,7 @@ repoServer: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + livenessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1943,18 +1971,6 @@ repoServer: # -- Priority class for the repo server priorityClassName: "" - # -- Repo server container-level security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. @@ -2105,10 +2121,6 @@ applicationSet: logLevel: "" args: - # -- The default metric address - metricsAddr: :8080 - # -- The default health check port - probeBindAddr: :8081 # -- How application is synced between the generator and the cluster policy: sync # -- Enable dry run mode @@ -2221,6 +2233,15 @@ applicationSet: # cpu: 100m # memory: 128Mi + # ApplicationSet controller container ports + containerPorts: + # -- Metrics container port + metrics: 8080 + # -- Probe container port + probe: 8081 + # -- Webhook container port + webhook: 7000 + # -- ApplicationSet controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -2486,6 +2507,11 @@ notifications: # cpu: 100m # memory: 128Mi + # Notification controller container ports + containerPorts: + # -- Metrics container port + metrics: 9001 + # -- Notification controller container-level security Context # @default -- See [values.yaml] containerSecurityContext: From 0f2856ea416ae45e06382e63e2cb9ef083cb318d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 13:18:53 +0100 Subject: [PATCH 0514/1248] fix(argo-cd): Add missing options for mounting service account tokens (#1787) Signed-off-by: Petr Drastil Co-authored-by: Jason Meridth --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 12 +++++++----- charts/argo-cd/values.yaml | 22 +++++++++++----------- 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e75156e7..8799e3eb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.1 +version: 5.19.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Container port configuration now properly sets the listening port" - - "[Changed]: Container ports consolidated from various places to new containerPorts sections" + - "[Fixed]: Added missing options for automounting service tokens for applicationset and notifications controllers" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ca54a9bc..03243652 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1026,10 +1026,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | | applicationSet.service.port | int | `7000` | ApplicationSet service port | | applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | -| applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account | -| applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| applicationSet.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| applicationSet.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | -| applicationSet.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | | applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | | applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | @@ -1116,9 +1117,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | | notifications.serviceAccount.labels | object | `{}` | Labels applied to created service account | -| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | +| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | | notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e7207863..7f06a376 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2205,15 +2205,16 @@ applicationSet: portName: webhook serviceAccount: - # -- Specifies whether a service account should be created + # -- Create ApplicationSet controller service account create: true - # -- Annotations to add to the service account + # -- ApplicationSet controller service account name + name: argocd-applicationset-controller + # -- Annotations applied to created service account annotations: {} # -- Labels applied to created service account labels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true # -- Annotations to be added to ApplicationSet controller Deployment deploymentAnnotations: {} @@ -2537,18 +2538,17 @@ notifications: priorityClassName: "" serviceAccount: - # -- Specifies whether a service account should be created + # -- Create notifications controller service account create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template + # -- Notification controller service account name name: argocd-notifications-controller - # -- Annotations applied to created service account annotations: {} - # -- Labels applied to created service account labels: {} + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true + cm: # -- Whether helm chart creates notifications controller config map create: true From adc526612fa553d1e9dfe8c213be6294dc023281 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 20:11:02 +0100 Subject: [PATCH 0515/1248] fix(argo-cd): Redis service have invalid targetPort (#1792) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/redis/service.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8799e3eb..b7e63216 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.2 +version: 5.19.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Added missing options for automounting service tokens for applicationset and notifications controllers" + - "[Fixed]: Fixed invalid port on redis service" diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index af273d71..6e949fd4 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -19,7 +19,7 @@ spec: ports: - name: redis port: {{ .Values.redis.servicePort }} - targetPort: {{ .Values.redis.containerPort }} + targetPort: redis selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 4 }} {{- end }} From b4de202859d65343dc32d88364aa3dd368ba7d27 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 22 Jan 2023 18:20:30 +0100 Subject: [PATCH 0516/1248] chore(argo-cd): Decouple Redis exporter from metrics service (#1791) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 13 ++-- .../argo-cd/templates/redis/deployment.yaml | 10 +-- charts/argo-cd/values.yaml | 67 +++++++++++-------- 4 files changed, 53 insertions(+), 41 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b7e63216..b39e40b7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.3 +version: 5.19.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Fixed invalid port on redis service" + - "[Changed]: Decoupled redis metrics exporter from metrics service" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 03243652..41ab164f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -864,6 +864,12 @@ server: | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | +| redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | +| redis.exporter.enabled | bool | `true` | Enable Prometheus redis-exporter sidecar | +| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis exporter | +| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | +| redis.exporter.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | +| redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | @@ -871,12 +877,7 @@ server: | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | -| redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | -| redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | -| redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | -| redis.metrics.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | -| redis.metrics.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | -| redis.metrics.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | +| redis.metrics.enabled | bool | `false` | Deploy metrics service | | redis.metrics.service.annotations | object | `{}` | Metrics service annotations | | redis.metrics.service.clusterIP | string | `"None"` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | redis.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index c2f17a45..6f23e44e 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -73,10 +73,10 @@ spec: volumeMounts: {{- toYaml . | nindent 10 }} {{- end }} - {{- if .Values.redis.metrics.enabled }} + {{- if .Values.redis.exporter.enabled }} - name: metrics - image: {{ .Values.redis.metrics.image.repository }}:{{ .Values.redis.metrics.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.metrics.image.imagePullPolicy }} + image: {{ .Values.redis.exporter.image.repository }}:{{ .Values.redis.exporter.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.exporter.image.imagePullPolicy }} env: - name: REDIS_ADDR value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} @@ -87,9 +87,9 @@ spec: containerPort: {{ .Values.redis.containerPorts.metrics }} protocol: TCP resources: - {{- toYaml .Values.redis.metrics.resources | nindent 10 }} + {{- toYaml .Values.redis.exporter.resources | nindent 10 }} securityContext: - {{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }} + {{- toYaml .Values.redis.exporter.containerSecurityContext | nindent 10 }} {{- end }} {{- with .Values.redis.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7f06a376..75296bd9 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -991,6 +991,42 @@ redis: # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent + # Prometheus redis-exporter sidecar + exporter: + # -- Enable Prometheus redis-exporter sidecar + enabled: true + + # Prometheus redis-exporter image + image: + # -- redis-exporter image repository + repository: public.ecr.aws/bitnami/redis-exporter + # -- redis-exporter image tag + tag: 1.26.0-debian-10-r2 + # -- Image pull policy for the Redis exporter + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- Redis exporter security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + + # -- Resource limits and requests for redis-exporter sidecar + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + # -- Secrets with credentials to pull images from a private registry # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] @@ -1106,36 +1142,10 @@ redis: labels: {} metrics: - # -- Deploy metrics service and redis-exporter sidecar + # -- Deploy metrics service enabled: false - image: - # -- redis-exporter image repository - repository: public.ecr.aws/bitnami/redis-exporter - # -- redis-exporter image tag - tag: 1.26.0-debian-10-r2 - # -- redis-exporter image PullPolicy - imagePullPolicy: IfNotPresent - # -- Redis exporter security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - # -- Resource limits and requests for redis-exporter sidecar - resources: {} - # limits: - # cpu: 50m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi + # Redis metrics service configuration service: # -- Metrics service type type: ClusterIP @@ -1149,6 +1159,7 @@ redis: servicePort: 9121 # -- Metrics service port name portName: http-metrics + serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false From 885959311f6214bc6da9b461ec89b2d0ef44ea87 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 22 Jan 2023 20:22:41 +0100 Subject: [PATCH 0517/1248] fix(argo-cd): Fix annotations for ssh and tls configs (#1793) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml | 2 +- .../argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b39e40b7..200889de 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.4 +version: 5.19.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Decoupled redis metrics exporter from metrics service" + - "[Fixed]: Annotations for tls and ssh sections works as expected" diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 03c306d4..7b8e5d0b 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -4,7 +4,7 @@ metadata: name: argocd-ssh-known-hosts-cm labels: {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) -}} + {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 8e5c7c88..1ba0176d 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -4,7 +4,7 @@ metadata: name: argocd-tls-certs-cm labels: {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) -}} + {{- with (mergeOverwrite (deepCopy .Values.configs.tls.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 0578482bd69c2cf341e34893e916d638002d546d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 24 Jan 2023 01:15:46 +0100 Subject: [PATCH 0518/1248] chore(argo-cd): Upgrade Redis exporter image (#1795) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 200889de..d08ba1c3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.5 +version: 5.19.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Annotations for tls and ssh sections works as expected" + - "[Changed]: Upgrade Redis exporter image to 1.45.0" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 41ab164f..04441317 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -868,7 +868,7 @@ server: | redis.exporter.enabled | bool | `true` | Enable Prometheus redis-exporter sidecar | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | -| redis.exporter.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | +| redis.exporter.image.tag | string | `"1.45.0"` | redis-exporter image tag | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 75296bd9..76ad809d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1001,7 +1001,7 @@ redis: # -- redis-exporter image repository repository: public.ecr.aws/bitnami/redis-exporter # -- redis-exporter image tag - tag: 1.26.0-debian-10-r2 + tag: 1.45.0 # -- Image pull policy for the Redis exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 73e6f1913eb5cab2504f906163abe940e622dbbe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ole=20Markus=20Kristiansen=20Tern=C3=B8?= <79976935+oterno@users.noreply.github.com> Date: Wed, 25 Jan 2023 22:46:14 +0100 Subject: [PATCH 0519/1248] feat(argo-events): Added support for extra k8s manifests (#1797) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-events): Added support for extra k8s manifests Signed-off-by: Ole Markus Kristiansen Ternø <79976935+oterno@users.noreply.github.com> * added value example for extraObjects Signed-off-by: Ole Markus Kristiansen Ternø <79976935+oterno@users.noreply.github.com> Signed-off-by: Ole Markus Kristiansen Ternø <79976935+oterno@users.noreply.github.com> --- charts/argo-events/Chart.yaml | 4 +-- charts/argo-events/README.md | 1 + .../templates/extra-manifests.yaml | 4 +++ charts/argo-events/values.yaml | 29 +++++++++++++++++++ 4 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 charts/argo-events/templates/extra-manifests.yaml diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index ece10ef8..757a3608 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.4 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.11 +version: 2.1.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Added missing NATS version in values.yaml" + - "[Added]: Additional manifests to deploy within the chart" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 39b46bf5..48597a86 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -62,6 +62,7 @@ done | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | | createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-events crds Only applies for cluster-wide installation (`controller.rbac.namespaced: false`) | +| extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override "argo-events.fullname" template | | global.additionalLabels | object | `{}` | Additional labels to add to all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | diff --git a/charts/argo-events/templates/extra-manifests.yaml b/charts/argo-events/templates/extra-manifests.yaml new file mode 100644 index 00000000..a9bb3b6b --- /dev/null +++ b/charts/argo-events/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraObjects }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index c2436851..89a7323d 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -99,6 +99,35 @@ configs: configReloaderImage: natsio/nats-server-config-reloader:latest startCommand: /nats-server +# -- Array of extra K8s manifests to deploy +## Note: Supports use of custom Helm templates +extraObjects: [] + # - apiVersion: secrets-store.csi.x-k8s.io/v1 + # kind: SecretProviderClass + # metadata: + # name: argo-events-secrets-store + # spec: + # provider: aws + # parameters: + # objects: | + # - objectName: "argo-events" + # objectType: "secretsmanager" + # jmesPath: + # - path: "client_id" + # objectAlias: "client_id" + # - path: "client_secret" + # objectAlias: "client_secret" + # secretObjects: + # - data: + # - key: client_id + # objectName: client_id + # - key: client_secret + # objectName: client_secret + # secretName: argo-events-secrets-store + # type: Opaque + # labels: + # app.kubernetes.io/part-of: argocd + ## Argo Events controller controller: # -- Argo Events controller name string From 9fb1f9d0913faaa51a6e07e1a058939a5ff4b8ea Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 26 Jan 2023 17:22:40 +0900 Subject: [PATCH 0520/1248] chore(argo-cd): Update Argo CD to v2.5.8 (#1798) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d08ba1c3..6c2ab6d2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.7 +appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.6 +version: 5.19.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Redis exporter image to 1.45.0" + - "[Changed]: Update Argo CD to v2.5.8" From 5335a75fbcbb8bdd87d19fa088c9420a0ea8f990 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 26 Jan 2023 13:06:19 +0100 Subject: [PATCH 0521/1248] fix(argo-cd): Disable Redis exporter by default (#1799) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 14 ++++++++------ charts/argo-cd/values.yaml | 27 ++++++++++++++++----------- 3 files changed, 28 insertions(+), 19 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6c2ab6d2..06a52a3a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.7 +version: 5.19.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.8" + - "[Changed]: Disable Redis exporter by default" + - "[Changed]: Use bitnami Redis exporter image for redis-ha" + - "[Docs]: Fixed defaults for Redis exporter" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 04441317..5d7cb0d7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -865,14 +865,14 @@ server: | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | | redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | -| redis.exporter.enabled | bool | `true` | Enable Prometheus redis-exporter sidecar | -| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis exporter | -| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | -| redis.exporter.image.tag | string | `"1.45.0"` | redis-exporter image tag | +| redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | +| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | +| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | -| redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | +| redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | @@ -927,7 +927,9 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | -| redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | +| redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | +| redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 76ad809d..ec37a3f8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -988,21 +988,21 @@ redis: repository: public.ecr.aws/docker/library/redis # -- Redis tag tag: 7.0.5-alpine - # -- Redis imagePullPolicy - imagePullPolicy: IfNotPresent + # -- Redis image pull policy + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" - # Prometheus redis-exporter sidecar + ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar - enabled: true - - # Prometheus redis-exporter image + enabled: false + ## Prometheus redis-exporter image image: - # -- redis-exporter image repository + # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter - # -- redis-exporter image tag + # -- Tag to use for the redis-exporter tag: 1.45.0 - # -- Image pull policy for the Redis exporter + # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1190,9 +1190,14 @@ redis: redis-ha: # -- Enables the Redis HA subchart and disables the custom Redis single node deployment enabled: false + ## Prometheus redis-exporter sidecar exporter: - # -- If `true`, the prometheus exporter sidecar is enabled - enabled: true + # -- Enable Prometheus redis-exporter sidecar + enabled: false + # -- Repository to use for the redis-exporter + image: public.ecr.aws/bitnami/redis-exporter + # -- Tag to use for the redis-exporter + tag: 1.45.0 persistentVolume: # -- Configures persistency on Redis nodes enabled: false From 36cd83081cfaf4d2f83c737e007563710dfc5869 Mon Sep 17 00:00:00 2001 From: Wojciech Date: Fri, 27 Jan 2023 15:45:49 +0100 Subject: [PATCH 0522/1248] feat(argo-cd): Add log settings and extraArgs to Slack bot (#1802) * Add log settings and extraArgs to Slack bot Signed-off-by: duxet * Fix readme Signed-off-by: duxet --------- Signed-off-by: duxet --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 3 +++ .../argocd-notifications/bots/slack/deployment.yaml | 5 +++++ charts/argo-cd/values.yaml | 10 ++++++++++ 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 06a52a3a..2b9d215f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.8 +version: 5.19.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Disable Redis exporter by default" - - "[Changed]: Use bitnami Redis exporter image for redis-ha" - - "[Docs]: Fixed defaults for Redis exporter" + - "[Added]: Added logFormat, logLevel and extraArgs to Slack bot" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5d7cb0d7..54a11752 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1054,10 +1054,13 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | | notifications.bots.slack.enabled | bool | `false` | Enable slack bot | +| notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot | | notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | | notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | | notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | | notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | +| notifications.bots.slack.logFormat | string | `""` (defaults to global.logging.format) | Slack bot log format. Either `text` or `json` | +| notifications.bots.slack.logLevel | string | `""` (defaults to global.logging.level) | Slack bot log level. One of: `debug`, `info`, `warn`, `error` | | notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | | notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb | | notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot | diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index da934607..90fcf78c 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -40,6 +40,11 @@ spec: command: - argocd-notifications - bot + - --loglevel={{ default .Values.global.logging.level .Values.notifications.bots.slack.logLevel }} + - --logformat={{ default .Values.global.logging.format .Values.notifications.bots.slack.logFormat }} + {{- range .Values.notifications.bots.slack.extraArgs }} + - {{ . | squote }} + {{- end }} workingDir: /app ports: - containerPort: 8080 diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ec37a3f8..1a6bdda4 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2881,6 +2881,16 @@ notifications: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] + # -- Slack bot log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Slack bot log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + + # -- List of extra cli args to add for Slack bot + extraArgs: [] + service: # -- Service annotations for Slack bot annotations: {} From 790438efebf423c2d56cb4b93471f4adb3fcd448 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 28 Jan 2023 00:18:43 +0100 Subject: [PATCH 0523/1248] chore(argo-cd): Upgrade redis to 7.0.7 to avoid CVE-2022-3996 (#1803) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2b9d215f..fb267492 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.9 +version: 5.19.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Added logFormat, logLevel and extraArgs to Slack bot" + - "[Security]: Upgrade redis to 7.0.7 to avoid CVE-2022-3996" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 54a11752..a7c8c287 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -874,7 +874,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -932,7 +932,7 @@ The main options are listed here: | redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1a6bdda4..5cff8168 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -987,7 +987,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.5-alpine + tag: 7.0.7-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1218,7 +1218,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.5-alpine + tag: 7.0.7-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: From 369136b69a7c41c395a8d701195333708b4d6459 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 28 Jan 2023 22:40:50 +0900 Subject: [PATCH 0524/1248] chore(argo-cd): Update Argo CD to v2.5.9 (#1805) --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fb267492..4056760b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.8 +appVersion: v2.5.9 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.10 +version: 5.19.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Security]: Upgrade redis to 7.0.7 to avoid CVE-2022-3996" + - "[Changed]: Update Argo CD to v2.5.9" From 231cfcb20a92a66ad6de5e3f8faaa420c810c854 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 06:16:13 -0600 Subject: [PATCH 0525/1248] chore(argo-events): Upgrade Argo Events to v1.7.5 (#1809) --- charts/argo-events/Chart.yaml | 6 +++--- .../templates/argo-events-controller/rbac.yaml | 12 +++++++++++- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 757a3608..c98ab3ae 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.4 +appVersion: v1.7.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.0 +version: 2.1.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Additional manifests to deploy within the chart" + - "[Changed]: Update Argo Events to v1.7.5" diff --git a/charts/argo-events/templates/argo-events-controller/rbac.yaml b/charts/argo-events/templates/argo-events-controller/rbac.yaml index c69c4419..1d9a2e55 100644 --- a/charts/argo-events/templates/argo-events-controller/rbac.yaml +++ b/charts/argo-events/templates/argo-events-controller/rbac.yaml @@ -71,7 +71,6 @@ rules: - pods - pods/exec - configmaps - - secrets - services - persistentvolumeclaims verbs: @@ -82,6 +81,17 @@ rules: - update - patch - delete +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - get + - list + - update + - patch + - delete - apiGroups: - apps resources: From c7b972c3afb283c50b250ea9856760c9f5539b35 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 30 Jan 2023 00:23:04 +0900 Subject: [PATCH 0526/1248] fix(argo-cd): Align changelog structure to show changelogs on Artifact Hub (#1810) fixed(argo-cd): Align changelog structure to show changelogs on Artifact Hub Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4056760b..8f9c7d79 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.9 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.11 +version: 5.19.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.9" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From b6922aed2fc4d87a162e23f64dd8d36410031b41 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 30 Jan 2023 01:01:21 +0900 Subject: [PATCH 0527/1248] fix(github): Align changelog structure to show changelogs on Artifact Hub (#1811) fix(doc): Align changelog structure to show changelogs on Artifact Hub Signed-off-by: yu-croco --- CONTRIBUTING.md | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f8753d60..535bbbb3 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -80,21 +80,35 @@ Changes on a chart must be documented in a chart specific changelog in the `Char A new `artifacthub.io/changes` needs to be written covering only the changes since the previous release. -Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: +Each change requires a new bullet point following the pattern. See more information [Artifact Hub annotations in Helm Chart.yaml file](https://artifacthub.io/docs/topics/annotations/helm/). + +```yaml +- kind: {type} + description: {description} +``` + +You can use the following template: ```yaml name: argo-cd -version: 3.4.1 +version: 5.19.12 ... annotations: artifacthub.io/changes: | - - "[Added]: Something New was added" - - "[Changed]: Changed Something within this chart" - - "[Changed]: Changed Something else within this chart" - - "[Deprecated]: Something deprecated" - - "[Removed]: Something was removed" - - "[Fixed]: Something was fixed" - - "[Security]: Some Security Patch was included" + - kind: added + description: Something New was added + - kind: changed + description: Changed Something within this chart + - kind: changed + description: Changed Something else within this chart + - kind: deprecated + description: Something deprecated + - kind: removed + description: Something was removed + - kind: fixed + description: Something was fixed + - kind: security + description: Some Security Patch was included ``` ## Testing From bdbfaa25233e7db0a3c0a3c1b440b0146e2955b4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 30 Jan 2023 03:48:27 +0900 Subject: [PATCH 0528/1248] fix(argo-workflows): Align changelog structure to show changelogs on Artifact Hub (#1812) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 25aa9fd6..37846bed 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.8 +version: 0.22.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Helm helper function to allow image registry to be absent" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From 4c018a495450e9de40d9b24b32c1dcc557449bf3 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 12:59:32 -0600 Subject: [PATCH 0529/1248] fix(argocd-image-updater): Align changelog structure (#1816) --- charts/argocd-image-updater/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 5147ea82..c88296f1 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.2 +version: 0.8.3 appVersion: v0.12.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From f299ae3025f547c150a0d031db36382988fc01d1 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 13:07:33 -0600 Subject: [PATCH 0530/1248] fix(argo-events): Align changelog structure (#1813) relates to #1808 Was fixed already for [argo-cd](https://github.com/argoproj/argo-helm/pull/1810) and [argo-workflows](https://github.com/argoproj/argo-helm/pull/1812) Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index c98ab3ae..160f6cf6 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.1 +version: 2.1.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo Events to v1.7.5" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From e3ae99b74db033c659f1962392ca14a107af730b Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 13:14:11 -0600 Subject: [PATCH 0531/1248] fix(argo-rollouts): Align changelog structure (#1814) relates to #1808 Signed-off-by: jmeridth --- charts/argo-rollouts/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a9968a4f..2beb83ff 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.1 +version: 2.22.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Flags to toggle provider-specific RBAC rules in Role and ClusterRole" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From 8a1c4f0ad6cad127e7148509a5087a1a5bf51075 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 13:17:35 -0600 Subject: [PATCH 0532/1248] fix(argocd-apps): Align changelog structure (#1815) relates to #1808 Signed-off-by: jmeridth Co-authored-by: Petr Drastil --- charts/argocd-apps/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 4f2d82be..422dc686 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.6 +version: 0.0.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Changelog link on README" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From 28abc348ac60863cca9f099d4e33ab209c1a96aa Mon Sep 17 00:00:00 2001 From: Ben Hayden Date: Wed, 1 Feb 2023 15:07:07 -0600 Subject: [PATCH 0533/1248] chore(argocd-image-updater): Update Argo CD Image Updater to v0.12.2 (#1819) Signed-off-by: Ben Hayden --- charts/argocd-image-updater/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index c88296f1..5d599c41 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.3 -appVersion: v0.12.0 +version: 0.8.4 +appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Update Argo CD Image Updater to v0.12.2 From 92f83fca3ef11fe1ba144bd106867ff23435ebeb Mon Sep 17 00:00:00 2001 From: ArsenyBelorukov <52857617+ArsenyBelorukov@users.noreply.github.com> Date: Thu, 2 Feb 2023 04:11:10 +0000 Subject: [PATCH 0534/1248] fix(argo-cd): fixed maxUnavailable value in redis-PDB (#1820) fixed maxUnavailable value in redis-PDB Signed-off-by: ArsenyBelorukov Co-authored-by: Jason Meridth --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/redis/pdb.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8f9c7d79..118ed99e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.9 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.12 +version: 5.19.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + description: Fixed maxUnavailable value in redis-PDB diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 8be05f93..223c5758 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} {{- end }} spec: - {{- with .Values.dex.pdb.maxUnavailable }} + {{- with .Values.redis.pdb.maxUnavailable }} maxUnavailable: {{ . }} {{- else }} minAvailable: {{ .Values.redis.pdb.minAvailable | default 0 }} From 5687377d8ff4bcd8095207a1480dbbff13d7e117 Mon Sep 17 00:00:00 2001 From: Marcel Hoyer Date: Thu, 2 Feb 2023 22:56:18 +0100 Subject: [PATCH 0535/1248] chore(argo-cd): Update Argo CD to v2.5.10 (#1822) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 118ed99e..37c612bc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.9 +appVersion: v2.5.10 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.13 +version: 5.19.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Fixed maxUnavailable value in redis-PDB + - kind: changed + description: Update Argo CD to v2.5.10 From 05c79e322a6d1f54a70840dd9649d9b9cb5ef8a2 Mon Sep 17 00:00:00 2001 From: Tone Date: Mon, 6 Feb 2023 05:40:13 +0100 Subject: [PATCH 0536/1248] feat(argo-cd): Configurable `dnsPolicy` / `hostNetwork` (#1821) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 6 ++++++ .../statefulset.yaml | 2 ++ .../argocd-repo-server/deployment.yaml | 2 ++ .../templates/argocd-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 18 ++++++++++++++++++ 6 files changed, 33 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 37c612bc..ce2b91c1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.10 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.14 +version: 5.19.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Update Argo CD to v2.5.10 + - kind: added + description: Configurable dnsPolicy / hostNetwork diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a7c8c287..02482d75 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -464,10 +464,12 @@ NAME: my-release | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | +| controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | | controller.extraContainers | list | `[]` | Additional containers to be added to the application controller pod | +| controller.hostNetwork | bool | `false` | Host Network for application controller pods | | controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller | | controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller | | controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | @@ -543,10 +545,12 @@ NAME: my-release | repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | +| repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | | repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod | +| repoServer.hostNetwork | bool | `false` | Host Network for Repo server pods | | repoServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the repo server | | repoServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the repo server | | repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | @@ -643,6 +647,7 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | +| server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | @@ -653,6 +658,7 @@ NAME: my-release | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | +| server.hostNetwork | bool | `false` | Host Network for Server pods | | server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server | | server.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Argo CD server | | server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index d853a856..634431dd 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -312,3 +312,5 @@ spec: {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} + hostNetwork: {{ .Values.controller.hostNetwork }} + dnsPolicy: {{ .Values.controller.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index c786d714..a39c007c 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -356,3 +356,5 @@ spec: {{- with .Values.repoServer.priorityClassName }} priorityClassName: {{ . }} {{- end }} + hostNetwork: {{ .Values.repoServer.hostNetwork }} + dnsPolicy: {{ .Values.repoServer.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 2f510bc3..aa06bf25 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -415,3 +415,5 @@ spec: {{- with .Values.server.priorityClassName }} priorityClassName: {{ . }} {{- end }} + hostNetwork: {{ .Values.server.hostNetwork }} + dnsPolicy: {{ .Values.server.dnsPolicy }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5cff8168..c3f6fdab 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -580,6 +580,12 @@ controller: # -- Metrics container port metrics: 8082 + # -- Host Network for application controller pods + hostNetwork: false + + # -- Alternative DNS policy for application controller pods + dnsPolicy: "ClusterFirst" + # -- Application controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1448,6 +1454,12 @@ server: # -- Metrics container port metrics: 8082 + # -- Host Network for Server pods + hostNetwork: false + + # -- Alternative DNS policy for Server pods + dnsPolicy: "ClusterFirst" + # -- Server container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1931,6 +1943,12 @@ repoServer: # -- Metrics container port metrics: 8084 + # -- Host Network for Repo server pods + hostNetwork: false + + # -- Alternative DNS policy for Repo server pods + dnsPolicy: "ClusterFirst" + # -- Repo server container-level security context # @default -- See [values.yaml] containerSecurityContext: From 0d3150ce670346e07533965e0beec8e62fabffce Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 7 Feb 2023 16:02:23 +0100 Subject: [PATCH 0537/1248] feat(argo-cd): Upgrade Argo CD to 2.6.0 (#1758) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 10 +- charts/argo-cd/README.md | 7 +- charts/argo-cd/templates/NOTES.txt | 12 + charts/argo-cd/templates/_helpers.tpl | 5 +- .../argocd-applicationset/deployment.yaml | 78 +- .../templates/argocd-server/deployment.yaml | 6 + .../templates/crds/crd-application.yaml | 1862 +++++++- .../templates/crds/crd-applicationset.yaml | 4048 ++++++++++++++++- charts/argo-cd/values.yaml | 22 +- 9 files changed, 6001 insertions(+), 49 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ce2b91c1..c5f6c5fb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.10 +appVersion: v2.6.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.15 +version: 5.20.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,7 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Configurable dnsPolicy / hostNetwork + - kind: changed + description: Upgrade Argo CD to 2.6.0 + - kind: deprecated + description: ApplicationSet args, logFormat and logLevel superseded by configs.params diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 02482d75..652620e5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -415,6 +415,8 @@ NAME: my-release | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | +| configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | +| configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | @@ -971,8 +973,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | -| applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | +| applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | @@ -996,8 +997,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | applicationSet.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| applicationSet.logFormat | string | `""` (defaults to global.logging.format) | ApplicationSet controller log format. Either `text` or `json` | -| applicationSet.logLevel | string | `""` (defaults to global.logging.level) | ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 210cf3bb..002d3844 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -76,6 +76,18 @@ DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations {{- if hasKey .Values.configs "tlsCerts" }} DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates {{- end }} +{{- if .Values.applicationSet.logFormat }} +DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format +{{- end }} +{{- if .Values.applicationSet.logLevel }} +DEPRECATED option applicationSet.logLevel - Use configs.params.applicationsetcontroller.log.level +{{- end }} +{{- if .Values.applicationSet.args.policy }} +DEPRECATED option applicationSet.args.policy - Use configs.params.applicationsetcontroller.policy +{{- end }} +{{- if .Values.applicationSet.args.dryRun }} +DEPRECATED option applicationSet.args.dryRun - Use configs.params.applicationsetcontroller.dryRun +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index bdfa010b..bd99fc9d 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -202,10 +202,13 @@ redis.server: {{ . | quote }} server.dex.server: {{ include "argo-cd.dex.server" . | quote }} server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }} {{- end }} -{{- range $component := tuple "controller" "server" "reposerver" }} +{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" }} {{ $component }}.log.format: {{ $.Values.global.logging.format | quote }} {{ $component }}.log.level: {{ $.Values.global.logging.level | quote }} {{- end }} +{{- if .Values.applicationSet.enabled }} +applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.replicaCount | int64) 1 }} +{{- end }} {{- end -}} {{/* diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6fd9170c..82324f4d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -54,14 +54,20 @@ spec: - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} - - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - - --enable-leader-election={{ gt ( .Values.applicationSet.replicaCount | int64) 1 }} - - --policy={{ .Values.applicationSet.args.policy }} - - --dry-run={{ .Values.applicationSet.args.dryRun }} + {{- with .Values.applicationSet.args.policy }} + - --policy={{ . }} + {{- end }} + {{- with .Values.applicationSet.args.dryRun }} + - --dry-run={{ . }} + {{- end }} + {{- with .Values.applicationSet.logFormat }} - --logformat - - {{ default .Values.global.logging.format .Values.applicationSet.logFormat }} + - {{ . }} + {{- end }} + {{- with .Values.applicationSet.logLevel }} - --loglevel - - {{ default .Values.global.logging.level .Values.applicationSet.logLevel }} + - {{ . }} + {{- end }} {{- with .Values.applicationSet.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} @@ -73,6 +79,66 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.leader.election + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespace + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + key: repo.server + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.policy + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.debug + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.dryrun + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.progressive.rollouts + name: argocd-cmd-params-cm + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index aa06bf25..b0ed47d4 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -262,6 +262,12 @@ spec: name: argocd-cmd-params-cm key: application.namespaces optional: true + - name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.enable.proxy.extension + optional: true {{- with .Values.server.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 23f9b6b3..ae0f7295 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -151,6 +151,14 @@ spec: which to sync the application to If omitted, will use the revision specified in app spec. type: string + revisions: + description: Revisions is the list of revision (Git) or chart + version (Helm) which to sync each source in sources field for + the application to If omitted, will use the revision specified + in app spec. + items: + type: string + type: array source: description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and @@ -366,7 +374,35 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -380,6 +416,271 @@ spec: required: - repoURL type: object + sources: + description: Sources overrides the source definition set in the + application. This is typically set in a Rollback operation and + is nil during a Sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + type: array syncOptions: description: SyncOptions provide per-sync sync-options, e.g. Validate=false items: @@ -711,7 +1012,32 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -725,6 +1051,264 @@ spec: required: - repoURL type: object + sources: + description: Sources is a reference to the location of the application's + manifests or chart + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being + used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to + helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to + force applying common annotations to resources for Kustomize + apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source + to sync the application to. In case of Git, this can be commit, + tag, or branch. If omitted, will equal to HEAD. In case of + Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array syncPolicy: description: SyncPolicy controls when and how a sync will be performed properties: @@ -747,6 +1331,19 @@ spec: (default: false)' type: boolean type: object + managedNamespaceMetadata: + description: ManagedNamespaceMetadata controls metadata in the + given namespace (if CreateNamespace=true) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: description: Retry controls failed sync retry behavior properties: @@ -784,7 +1381,6 @@ spec: required: - destination - project - - source type: object status: description: ApplicationStatus contains status information for the application @@ -850,6 +1446,12 @@ spec: description: Revision holds the revision the sync was performed against type: string + revisions: + description: Revisions holds the revision of each source in + sources field the sync was performed against + items: + type: string + type: array source: description: Source is a reference to the application source used for the sync operation @@ -1067,7 +1669,35 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -1082,10 +1712,278 @@ spec: required: - repoURL type: object + sources: + description: Sources is a reference to the application sources + used for the sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + type: array required: - deployedAt - id - - revision type: object type: array observedAt: @@ -1208,6 +2106,14 @@ spec: (Helm) which to sync the application to If omitted, will use the revision specified in app spec. type: string + revisions: + description: Revisions is the list of revision (Git) or + chart version (Helm) which to sync each source in sources + field for the application to If omitted, will use the + revision specified in app spec. + items: + type: string + type: array source: description: Source overrides the source definition set in the application. This is typically set in a Rollback @@ -1440,7 +2346,37 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -1455,6 +2391,291 @@ spec: required: - repoURL type: object + sources: + description: Sources overrides the source definition set + in the application. This is typically set in a Rollback + operation and is nil during a Sync operation + items: + description: ApplicationSource contains all required + information about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan + a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles + do not exist locally by not appending them + to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during manifest + generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the + Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource + definition installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to + be passed to helm template, typically defined + as a block + type: string + version: + description: Version is the Helm version to + use for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of + additional annotations to add to rendered + manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the + Git repository, and is only valid for applications + sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin + specific options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the + variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an + array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map + type parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a + string type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source + within sources field. This field will not be used + if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. In case + of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. In case of Helm, + this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array syncOptions: description: SyncOptions provide per-sync sync-options, e.g. Validate=false @@ -1564,6 +2785,12 @@ spec: description: Revision holds the revision this sync operation was performed to type: string + revisions: + description: Revisions holds the revision this sync operation + was performed for respective indexed source in sources field + items: + type: string + type: array source: description: Source records the application source information of the sync, used for comparing auto-sync @@ -1784,7 +3011,37 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -1799,6 +3056,284 @@ spec: required: - repoURL type: object + sources: + description: Source records the application source information + of the sync, used for comparing auto-sync + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block + type: string + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array required: - revision type: object @@ -1862,6 +3397,14 @@ spec: sourceType: description: SourceType specifies the type of this application type: string + sourceTypes: + description: SourceTypes specifies the type of the sources included + in the application + items: + description: ApplicationSourceType specifies the type of the application's + source + type: string + type: array summary: description: Summary contains a list of URLs and container images used by this application @@ -2125,7 +3668,37 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -2140,14 +3713,297 @@ spec: required: - repoURL type: object + sources: + description: Sources is a reference to the application's multiple + sources used for comparison + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block + type: string + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array required: - destination - - source type: object revision: description: Revision contains information about the revision the comparison has been performed to type: string + revisions: + description: Revisions contains information about the revisions + of multiple sources the comparison has been performed to + items: + type: string + type: array status: description: Status is the sync state of the comparison type: string diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 48dd57c5..7a15b67d 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -278,7 +278,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -286,6 +305,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -297,6 +475,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -321,7 +510,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -565,7 +753,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -573,6 +780,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -584,6 +950,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -608,7 +985,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -641,6 +1017,8 @@ spec: - path type: object type: array + pathParamPrefix: + type: string repoURL: type: string requeueAfterSeconds: @@ -854,7 +1232,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -862,6 +1259,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -873,6 +1429,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -897,13 +1464,13 @@ spec: required: - destination - project - - source type: object required: - metadata - spec type: object required: + - pathParamPrefix - repoURL - revision type: object @@ -1119,7 +1686,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1127,6 +1713,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -1138,6 +1883,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -1162,7 +1918,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -1414,7 +2169,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1422,6 +2196,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -1433,6 +2366,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -1457,7 +2401,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -1701,7 +2644,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1709,6 +2671,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -1720,6 +2841,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -1744,7 +2876,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -1777,6 +2908,8 @@ spec: - path type: object type: array + pathParamPrefix: + type: string repoURL: type: string requeueAfterSeconds: @@ -1990,7 +3123,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1998,6 +3150,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -2009,6 +3320,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -2033,13 +3355,13 @@ spec: required: - destination - project - - source type: object required: - metadata - spec type: object required: + - pathParamPrefix - repoURL - revision type: object @@ -2255,7 +3577,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -2263,6 +3604,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -2274,6 +3774,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -2298,7 +3809,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -2638,7 +4148,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -2646,6 +4175,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -2657,6 +4345,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -2681,7 +4380,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3068,7 +4766,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3076,6 +4793,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3087,6 +4963,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3111,7 +4998,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3349,7 +5235,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3357,6 +5262,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3368,6 +5432,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3392,7 +5467,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3644,7 +5718,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3652,6 +5745,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3663,6 +5915,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3687,7 +5950,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3931,7 +6193,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3939,6 +6220,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3950,6 +6390,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3974,7 +6425,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -4007,6 +6457,8 @@ spec: - path type: object type: array + pathParamPrefix: + type: string repoURL: type: string requeueAfterSeconds: @@ -4220,7 +6672,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -4228,6 +6699,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -4239,6 +6869,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -4263,13 +6904,13 @@ spec: required: - destination - project - - source type: object required: - metadata - spec type: object required: + - pathParamPrefix - repoURL - revision type: object @@ -4485,7 +7126,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -4493,6 +7153,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -4504,6 +7323,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -4528,7 +7358,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -4868,7 +7697,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -4876,6 +7724,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -4887,6 +7894,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -4911,7 +7929,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -5298,7 +8315,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -5306,6 +8342,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -5317,6 +8512,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -5341,7 +8547,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -5583,7 +8788,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -5591,6 +8815,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -5602,6 +8985,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -5626,7 +9020,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -5963,7 +9356,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -5971,6 +9383,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -5982,6 +9553,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -6006,7 +9588,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -6393,7 +9974,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -6401,6 +10001,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -6412,6 +10171,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -6436,7 +10206,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -6470,6 +10239,37 @@ spec: type: array goTemplate: type: boolean + strategy: + properties: + rollingSync: + properties: + steps: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + maxUpdate: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + type: array + type: object + type: + type: string + type: object syncPolicy: properties: preserveResourcesOnDeletion: @@ -6681,7 +10481,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -6689,6 +10508,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -6700,6 +10678,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -6724,7 +10713,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -6736,6 +10724,24 @@ spec: type: object status: properties: + applicationStatus: + items: + properties: + application: + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + status: + type: string + required: + - application + - message + - status + type: object + type: array conditions: items: properties: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c3f6fdab..6e885f10 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -205,6 +205,12 @@ configs: # -- Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. reposerver.parallelism.limit: 0 + ## ApplicationSet Properties + # -- Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` + applicationsetcontroller.policy: sync + # -- Enables use of the Progressive Syncs capability + applicationsetcontroller.enable.progressive.syncs: false + # Argo CD RBAC policy configuration ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbac: @@ -2147,18 +2153,14 @@ applicationSet: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # -- ApplicationSet controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" - - args: + # -- DEPRECATED - ApplicationSet controller command line flags + args: {} + # DEPRECATED - Use configs.params.applicationsetcontroller.policy to override # -- How application is synced between the generator and the cluster - policy: sync + # policy: sync + # DEPRECATED - Use configs.params.applicationsetcontroller.dryrun to override # -- Enable dry run mode - dryRun: false + # dryRun: false # -- List of extra cli args to add extraArgs: [] From b1be8fabd462229b0f5acfad528208eed6146c2d Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 7 Feb 2023 09:11:10 -0600 Subject: [PATCH 0538/1248] chore(argo-workflows): Update Argo Workflows to v3.4.5 (#1828) Signed-off-by: jmeridth Co-authored-by: Petr Drastil --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 37846bed..8ba37092 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.4 +appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.9 +version: 0.22.10 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Upgrade Argo Workflows to v3.4.5 From 3bede30d3909a2c3d0c48aef3ccc6ddb4a557730 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 8 Feb 2023 02:09:40 +0100 Subject: [PATCH 0539/1248] fix(argo-cd): Fix ApplicationSet CRD for pathParamPrefix (#1829) fix(argo-cd): Fix ApplicationSet CRD for pathParamPrefix Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/templates/crds/crd-applicationset.yaml | 6 +++--- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c5f6c5fb..af4de156 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.0 +version: 5.20.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,7 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to 2.6.0 - - kind: deprecated - description: ApplicationSet args, logFormat and logLevel superseded by configs.params + - kind: fixed + description: Sync latest ApplicationSet CRD diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 7a15b67d..43452242 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -1470,7 +1470,6 @@ spec: - spec type: object required: - - pathParamPrefix - repoURL - revision type: object @@ -3361,7 +3360,6 @@ spec: - spec type: object required: - - pathParamPrefix - repoURL - revision type: object @@ -6910,7 +6908,6 @@ spec: - spec type: object required: - - pathParamPrefix - repoURL - revision type: object @@ -10736,10 +10733,13 @@ spec: type: string status: type: string + step: + type: string required: - application - message - status + - step type: object type: array conditions: From e17d218600091b20a57310df07fbba2d35ae715f Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 8 Feb 2023 17:41:16 +0100 Subject: [PATCH 0540/1248] docs(argo-cd): Remove incorrect deprecation note (#1830) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/NOTES.txt | 3 --- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index af4de156..47438c33 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.1 +version: 5.20.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Sync latest ApplicationSet CRD + - kind: removed + description: Removed incorrect deprecation note diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 002d3844..d79d95f0 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -52,9 +52,6 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys {{- if .Values.configs.gpgKeysAnnotations }} DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations {{- end }} -{{- if hasKey .Values "createAggregateRoles" }} -DEPRECATED option createAggregateRoles - Use global.rbac.aggregatedRoles -{{- end }} {{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }} DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles {{- end }} From eb102d27aa1f84811e4873a781d867ba81cb3cfd Mon Sep 17 00:00:00 2001 From: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Date: Wed, 8 Feb 2023 15:14:07 -0500 Subject: [PATCH 0541/1248] feat(argo-cd): Upgrade Argo CD to 2.6.1 (#1832) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 47438c33..321bd352 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.0 +appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.2 +version: 5.20.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: removed - description: Removed incorrect deprecation note + - kind: changed + description: Upgrade Argo CD to 2.6.1 From 31768175b92e708ebb447dace0a54e1b0df1a7ef Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Fri, 10 Feb 2023 07:43:38 +0900 Subject: [PATCH 0542/1248] feat(argocd-apps): multiple sources for Application and ApplicationSet (#1831) * feat(argocd-apps): multiple sources for application and applicationset Signed-off-by: toyamagu * fix typo Signed-off-by: toyamagu2021@gmail.com --------- Signed-off-by: toyamagu Signed-off-by: toyamagu2021@gmail.com Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 6 ++-- .../applications-multiple-sources-values.yaml | 28 +++++++++++++++++ .../argocd-apps/ci/applications-values.yaml | 30 +++++++++++++++++++ ...plicationsets-multiple-sources-values.yaml | 24 +++++++++++++++ .../ci/applicationsets-values.yaml | 3 +- .../argocd-apps/templates/applications.yaml | 8 ++++- .../templates/applicationsets.yaml | 8 ++++- charts/argocd-apps/values.yaml | 8 +++++ 8 files changed, 108 insertions(+), 7 deletions(-) create mode 100644 charts/argocd-apps/ci/applications-multiple-sources-values.yaml create mode 100644 charts/argocd-apps/ci/applications-values.yaml create mode 100644 charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 422dc686..1a2c0914 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.7 +version: 0.0.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,5 +14,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: added + description: Multiple sources for Application and ApplicationSet diff --git a/charts/argocd-apps/ci/applications-multiple-sources-values.yaml b/charts/argocd-apps/ci/applications-multiple-sources-values.yaml new file mode 100644 index 00000000..4d21403b --- /dev/null +++ b/charts/argocd-apps/ci/applications-multiple-sources-values.yaml @@ -0,0 +1,28 @@ +# Test with multi-source applications + +applications: +- name: argocd-application-multiple-sources + additionalLabels: {} + additionalAnnotations: {} + finalizers: + - resources-finalizer.argocd.argoproj.io + project: default + sources: + - chart: elasticsearch + repoURL: https://helm.elastic.co + targetRevision: 8.5.1 + - repoURL: https://github.com/argoproj/argocd-example-apps.git + path: guestbook + targetRevision: HEAD + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml new file mode 100644 index 00000000..4d708a16 --- /dev/null +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -0,0 +1,30 @@ +# Test with applications + +applications: +- name: argocd-application + additionalLabels: {} + additionalAnnotations: {} + finalizers: + - resources-finalizer.argocd.argoproj.io + project: default + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: guestbook + directory: + recurse: true + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas + info: + - name: url + value: https://argoproj.github.io/ diff --git a/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml b/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml new file mode 100644 index 00000000..f1dd7cda --- /dev/null +++ b/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml @@ -0,0 +1,24 @@ +# Test with multi-source applicationsets + +applicationsets: +- name: applicationset-multiple-sources + generators: + - list: + elements: + - cluster: default-cluster + url: https://kubernetes.default.svc + template: + metadata: + name: '{{cluster}}-guestbook' + spec: + project: default + sources: + - chart: elasticsearch + repoURL: https://helm.elastic.co + targetRevision: 8.5.1 + - repoURL: https://github.com/argoproj/argocd-example-apps.git + path: guestbook + targetRevision: HEAD + destination: + server: '{{url}}' + namespace: default diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index a76ed41a..2258f422 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -1,8 +1,7 @@ # Test with applicationsets applicationsets: -- name: guestbook - namespace: default # Only for test purpose. +- name: applicationset additionalLabels: {} additionalAnnotations: {} # See PR #10026 (ArgoCD v2.5 or later) diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index ea63fc25..fee643d8 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -23,8 +23,14 @@ metadata: {{- end }} spec: project: {{ tpl .project $ }} + {{- with .source }} source: - {{- toYaml .source | nindent 4 }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .sources }} + sources: + {{- toYaml . | nindent 4 }} + {{- end }} destination: {{- toYaml .destination | nindent 4 }} {{- with .syncPolicy }} diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index 20898d0a..aa7a3b79 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -52,8 +52,14 @@ spec: {{- with .spec }} spec: project: {{ tpl .project $ }} + {{- with .source }} source: - {{- toYaml .source | nindent 8 }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .sources }} + sources: + {{- toYaml . | nindent 8 }} + {{- end }} destination: {{- toYaml .destination | nindent 8 }} {{- with .syncPolicy }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index b3eaa5d2..62a2509c 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -15,6 +15,14 @@ applications: [] # path: guestbook # directory: # recurse: true +# # ArgoCD v2.6 or later +# sources: +# - chart: elasticsearch +# repoURL: https://helm.elastic.co +# targetRevision: 8.5.1 +# - repoURL: https://github.com/argoproj/argocd-example-apps.git +# path: guestbook +# targetRevision: HEAD # destination: # server: https://kubernetes.default.svc # namespace: guestbook From c08fc230d75c85b2c9a07138c5c7b7bc957b98df Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Thu, 9 Feb 2023 21:31:49 -0800 Subject: [PATCH 0543/1248] fix(argo-workflows): clean subresource permissions (#1835) --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-cluster-roles.yaml | 7 ++++++- .../templates/server/server-cluster-roles.yaml | 9 +++++++-- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8ba37092..0fe6953a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.10 +version: 0.22.11 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Workflows to v3.4.5 + description: Cleaned RBAC permissions for subresources (pods/log, pods/exec). diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 34f91c0d..bb08306b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -14,7 +14,6 @@ rules: - "" resources: - pods - - pods/exec verbs: - create - get @@ -23,6 +22,12 @@ rules: - update - patch - delete +- apiGroups: + - "" + resources: + - pods/exec + verbs: + - create - apiGroups: - "" resources: diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index c3c4e688..c7d18f50 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -23,13 +23,18 @@ rules: - "" resources: - pods - - pods/exec - - pods/log verbs: - get - list - watch - delete +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - list {{- if .Values.server.sso }} - apiGroups: - "" From a915e774a53edfb76b654e214aa5de794bf419b2 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 13 Feb 2023 12:22:15 +0100 Subject: [PATCH 0544/1248] fix(argo-cd): Fix invalid progressive sync parameter (#1839) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 321bd352..40aed46f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.3 +version: 5.20.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to 2.6.1 + - kind: fixed + description: Fixed invalid ApplicationSet progressive sync parameter diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 82324f4d..ff99bd07 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -136,7 +136,7 @@ spec: - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS valueFrom: configMapKeyRef: - key: applicationsetcontroller.enable.progressive.rollouts + key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true {{- with .Values.applicationSet.extraEnvFrom }} From 4a56a4d7f019f61a4aa2ee348562998f1aa34870 Mon Sep 17 00:00:00 2001 From: nicogl Date: Tue, 14 Feb 2023 09:21:29 -0300 Subject: [PATCH 0545/1248] fix(argo-cd): Add quotes on Ingress Host to allow wildcards (#1841) * Add quotes on Ingress Host to allow wildcards Signed-off-by: nicogl * Update Chart.yaml Signed-off-by: nicogl --------- Signed-off-by: nicogl --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 40aed46f..8bb57d7d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.4 +version: 5.20.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Fixed invalid ApplicationSet progressive sync parameter + description: Fixed missing quotes on Ingress host diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 52269d0a..0e064b0b 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -29,7 +29,7 @@ spec: rules: {{- if .Values.server.ingress.hosts }} {{- range $host := .Values.server.ingress.hosts }} - - host: {{ $host }} + - host: {{ $host | quote }} http: paths: {{- with $extraPaths }} From d59ae7bd757f43ad73b118628c732f7da717e7de Mon Sep 17 00:00:00 2001 From: Loris Date: Wed, 15 Feb 2023 01:11:16 +0100 Subject: [PATCH 0546/1248] feat(argo-cd): Add dnsConfig and dnsPolicy for pods (#1773) feat(argo-cd): Add dnsConfig and dnsPolicy for pods (#1771) Signed-off-by: Loris Torikian Co-authored-by: Loris Torikian Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 ++-- charts/argo-cd/README.md | 14 +++++++++ charts/argo-cd/README.md.gotmpl | 1 + .../statefulset.yaml | 4 +++ .../argocd-applicationset/deployment.yaml | 5 +++ .../bots/slack/deployment.yaml | 5 +++ .../argocd-notifications/deployment.yaml | 5 +++ .../argocd-repo-server/deployment.yaml | 4 +++ .../templates/argocd-server/deployment.yaml | 4 +++ charts/argo-cd/templates/dex/deployment.yaml | 5 +++ .../argo-cd/templates/redis/deployment.yaml | 5 +++ charts/argo-cd/values.yaml | 31 +++++++++++++++++++ 12 files changed, 86 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8bb57d7d..8b857298 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.5 +version: 5.21.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Fixed missing quotes on Ingress host + - kind: added + description: Allow dnsConfig pod configuration diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 652620e5..fe125210 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -466,6 +466,7 @@ NAME: my-release | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | +| controller.dnsConfig | object | `{}` | [DNS configuration] | | controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | @@ -547,6 +548,7 @@ NAME: my-release | repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | +| repoServer.dnsConfig | object | `{}` | [DNS configuration] | | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | @@ -649,6 +651,7 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | +| server.dnsConfig | object | `{}` | [DNS configuration] | | server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | @@ -794,6 +797,8 @@ server: | dex.containerPorts.metrics | int | `5558` | Metrics container port | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | +| dex.dnsConfig | object | `{}` | [DNS configuration] | +| dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods | | dex.enabled | bool | `true` | Enable dex | | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | @@ -869,6 +874,8 @@ server: | redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | | redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment | +| redis.dnsConfig | object | `{}` | [DNS configuration] | +| redis.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Redis server pods | | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | @@ -979,6 +986,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | +| applicationSet.dnsConfig | object | `{}` | [DNS configuration] | +| applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | @@ -1058,6 +1067,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | | notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | +| notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | +| notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | | notifications.bots.slack.enabled | bool | `false` | Enable slack bot | | notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot | | notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | @@ -1085,6 +1096,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | +| notifications.dnsConfig | object | `{}` | [DNS configuration] | +| notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | | notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod | @@ -1145,6 +1158,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog +[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index fde0c0c8..6cec3732 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -521,6 +521,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog +[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 634431dd..2ada23b4 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -313,4 +313,8 @@ spec: priorityClassName: {{ . }} {{- end }} hostNetwork: {{ .Values.controller.hostNetwork }} + {{- with .Values.controller.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} dnsPolicy: {{ .Values.controller.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ff99bd07..ca129ffd 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -230,4 +230,9 @@ spec: emptyDir: {} - name: tmp emptyDir: {} + {{- with .Values.applicationSet.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.applicationSet.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index 90fcf78c..b9949aab 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -65,4 +65,9 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.notifications.bots.slack.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.notifications.bots.slack.dnsPolicy }} {{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 85d586cc..474dc01d 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -121,4 +121,9 @@ spec: path: tls.key - key: ca.crt path: ca.crt + {{- with .Values.notifications.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.notifications.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index a39c007c..67ad60f9 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -357,4 +357,8 @@ spec: priorityClassName: {{ . }} {{- end }} hostNetwork: {{ .Values.repoServer.hostNetwork }} + {{- with .Values.repoServer.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} dnsPolicy: {{ .Values.repoServer.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index b0ed47d4..57d1305b 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -422,4 +422,8 @@ spec: priorityClassName: {{ . }} {{- end }} hostNetwork: {{ .Values.server.hostNetwork }} + {{- with .Values.server.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} dnsPolicy: {{ .Values.server.dnsPolicy }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 1b3b4338..9acc0871 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -188,4 +188,9 @@ spec: {{- with .Values.dex.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- with .Values.dex.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.dex.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 6f23e44e..ff4b29b1 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -128,4 +128,9 @@ spec: volumes: {{- toYaml . | nindent 8}} {{- end }} + {{- with .Values.redis.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.redis.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6e885f10..f444e21c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -589,6 +589,8 @@ controller: # -- Host Network for application controller pods hostNetwork: false + # -- [DNS configuration] + dnsConfig: {} # -- Alternative DNS policy for application controller pods dnsPolicy: "ClusterFirst" @@ -890,6 +892,11 @@ dex: # -- Metrics container port metrics: 5558 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for Dex server pods + dnsPolicy: "ClusterFirst" + # -- Dex container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1106,6 +1113,11 @@ redis: # -- Metrics container port metrics: 9121 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for Redis server pods + dnsPolicy: "ClusterFirst" + # -- Redis container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1463,6 +1475,8 @@ server: # -- Host Network for Server pods hostNetwork: false + # -- [DNS configuration] + dnsConfig: {} # -- Alternative DNS policy for Server pods dnsPolicy: "ClusterFirst" @@ -1952,6 +1966,8 @@ repoServer: # -- Host Network for Repo server pods hostNetwork: false + # -- [DNS configuration] + dnsConfig: {} # -- Alternative DNS policy for Repo server pods dnsPolicy: "ClusterFirst" @@ -2279,6 +2295,11 @@ applicationSet: # -- Webhook container port webhook: 7000 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for ApplicationSet controller pods + dnsPolicy: "ClusterFirst" + # -- ApplicationSet controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -2549,6 +2570,11 @@ notifications: # -- Metrics container port metrics: 9001 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for notifications controller Pods + dnsPolicy: "ClusterFirst" + # -- Notification controller container-level security Context # @default -- See [values.yaml] containerSecurityContext: @@ -2930,6 +2956,11 @@ notifications: # -- Annotations applied to created service account annotations: {} + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for Slack bot pods + dnsPolicy: "ClusterFirst" + # -- Slack bot container-level security Context # @default -- See [values.yaml] containerSecurityContext: From 70fd1b3fe64e127a28780c33dc25b7f9670be753 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 17 Feb 2023 17:23:33 +0900 Subject: [PATCH 0547/1248] chore(argo-cd): Upgrade Argo CD to v2.6.2 (#1844) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8b857298..7519bc45 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.1 +appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.21.0 +version: 5.21.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Allow dnsConfig pod configuration + - kind: changed + description: Upgrade Argo CD to v2.6.2 From 51386c69be246d233d106ca97d33fda6b63b0caa Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 17 Feb 2023 17:38:17 +0100 Subject: [PATCH 0548/1248] feat(argo-cd): Add global affinity configuration (#1794) --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 23 +++++--- charts/argo-cd/README.md.gotmpl | 4 ++ charts/argo-cd/templates/_common.tpl | 54 +++++++++++++++++++ .../statefulset.yaml | 6 +-- .../argocd-applicationset/deployment.yaml | 6 +-- .../bots/slack/deployment.yaml | 6 +-- .../argocd-notifications/deployment.yaml | 6 +-- .../argocd-repo-server/deployment.yaml | 6 +-- .../templates/argocd-server/deployment.yaml | 6 +-- charts/argo-cd/templates/dex/deployment.yaml | 4 +- .../argo-cd/templates/redis/deployment.yaml | 4 +- charts/argo-cd/values.yaml | 25 +++++++++ 13 files changed, 115 insertions(+), 41 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7519bc45..76bdbde6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.21.1 +version: 5.22.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.6.2 + - kind: added + description: Global affinity configuration diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index fe125210..2533c180 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.21.0 + +This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. + ### 5.19.0 This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. @@ -381,6 +385,9 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Common labels for the all resources | +| global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | +| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `soft` or `hard` | +| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | @@ -460,7 +467,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| controller.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | @@ -529,7 +536,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| repoServer.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | @@ -622,7 +629,7 @@ NAME: my-release | server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] | | server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | -| server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | @@ -785,7 +792,7 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| -| dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| dex.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret | | dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | | dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) | @@ -869,7 +876,7 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| -| redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| redis.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | redis.containerPorts.metrics | int | `9121` | Metrics container port | | redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | @@ -979,7 +986,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | +| applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | @@ -1063,9 +1070,9 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| notifications.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | -| notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.bots.slack.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | | notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | | notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 6cec3732..f450e0e7 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.21.0 + +This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. + ### 5.19.0 This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index f5154e47..2ba53d8c 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -63,3 +63,57 @@ app.kubernetes.io/instance: {{ .context.Release.Name }} app.kubernetes.io/component: {{ .component }} {{- end }} {{- end }} + +{{/* +Common affinity definition +Pod affinity + - Soft prefers different nodes + - Hard requires different nodes and prefers different availibility zones +Node affinity + - Soft prefers given user expressions + - Hard requires given user expressions +*/}} +{{- define "argo-cd.affinity" -}} +{{- with .component.affinity -}} + {{- toYaml . -}} +{{- else -}} +{{- $preset := .context.Values.global.affinity -}} +podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + {{- if (eq $preset.podAntiAffinity "soft") }} + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: kubernetes.io/hostname + {{- else }} + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: topology.kubernetes.io/zone + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: kubernetes.io/hostname + {{- end }} +{{- with $preset.nodeAffinity.matchExpressions }} +nodeAffinity: + {{- if (eq $preset.nodeAffinity.type "soft") }} + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + preference: + matchExpressions: + {{- toYaml . | nindent 6 }} + {{- else }} + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + {{- toYaml . | nindent 6 }} + {{- end }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 2ada23b4..0a161362 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -264,6 +264,8 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.controller) | nindent 8 }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -272,10 +274,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.controller.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ca129ffd..462ebcba 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -198,14 +198,12 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) | nindent 8 }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.applicationSet.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index b9949aab..2749cb2b 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -53,14 +53,12 @@ spec: {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} securityContext: {{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications.bots.slack) | nindent 8 }} {{- with .Values.notifications.bots.slack.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.bots.slack.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.notifications.bots.slack.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 474dc01d..5efc0965 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -88,14 +88,12 @@ spec: initContainers: {{- tpl (toYaml . ) $ | nindent 8 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) | nindent 8 }} {{- with .Values.notifications.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.notifications.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 67ad60f9..00e73d8a 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -291,6 +291,8 @@ spec: {{- with .Values.repoServer.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) | nindent 8 }} {{- with .Values.repoServer.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -299,10 +301,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.repoServer.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 57d1305b..bb394006 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -348,6 +348,8 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.server) | nindent 8 }} {{- with .Values.server.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -356,10 +358,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.server.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 9acc0871..7fea0b48 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -146,10 +146,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.dex.affinity }} affinity: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.dex) | nindent 8 }} {{- with .Values.dex.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ff4b29b1..ffff4bad 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -106,10 +106,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.affinity }} affinity: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.redis) | nindent 8 }} {{- with .Values.redis.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f444e21c..b3706c5a 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -92,12 +92,29 @@ global: # hostnames: # - git.myhostname + # Default network policy rules used by all components networkPolicy: # -- Create NetworkPolicy objects for all components create: false # -- Default deny all ingress traffic defaultDenyIngress: false + # Default affinity preset for all components + affinity: + # -- Default pod anti-affinity rules. Either: `soft` or `hard` + podAntiAffinity: soft + # Node affinity rules + nodeAffinity: + # -- Default node affinity rules. Either: `soft` or `hard` + type: hard + # -- Default match expressions for node affinity + matchExpressions: [] + # - key: topology.kubernetes.io/zone + # operator: In + # values: + # - antarctica-east1 + # - antarctica-west1 + ## Argo Configs configs: # General Argo CD configuration @@ -627,6 +644,7 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the application controller @@ -965,6 +983,7 @@ dex: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to dex @@ -1136,6 +1155,7 @@ redis: tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to redis @@ -1523,6 +1543,7 @@ server: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server @@ -2014,6 +2035,7 @@ repoServer: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the repo server @@ -2349,6 +2371,7 @@ applicationSet: tolerations: [] # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. @@ -2594,6 +2617,7 @@ notifications: tolerations: [] # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Priority class for the notifications controller pods @@ -2983,6 +3007,7 @@ notifications: # memory: 128Mi # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- [Tolerations] for use with node taints From 63b741ed580be65282a957855787f94ffc00b3b1 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 19 Feb 2023 13:38:02 +0100 Subject: [PATCH 0549/1248] chore(argo-cd): Group component templates together (#1847) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/templates/_helpers.tpl | 100 +++++++++++++------------- 2 files changed, 53 insertions(+), 53 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 76bdbde6..efd96096 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.22.0 +version: 5.22.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Global affinity configuration + - kind: changed + description: Grouped component templates together diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index bd99fc9d..76abc8d2 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -8,6 +8,17 @@ to 63 chars and it includes 10 chars of hash and a separating '-'. {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 52 | trimSuffix "-" -}} {{- end -}} +{{/* +Create the name of the controller service account to use +*/}} +{{- define "argo-cd.controllerServiceAccountName" -}} +{{- if .Values.controller.serviceAccount.create -}} + {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.controller.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create dex name and version as used by the chart label. */}} @@ -26,6 +37,17 @@ Create Dex server endpoint {{- printf "%s://%s:%d" $scheme $host $port }} {{- end }} +{{/* +Create the name of the dex service account to use +*/}} +{{- define "argo-cd.dexServiceAccountName" -}} +{{- if .Values.dex.serviceAccount.create -}} + {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.dex.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create redis name and version as used by the chart label. */}} @@ -53,56 +75,6 @@ Return Redis server endpoint {{- end }} {{- end -}} -{{/* -Create argocd server name and version as used by the chart label. -*/}} -{{- define "argo-cd.server.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd repo-server name and version as used by the chart label. -*/}} -{{- define "argo-cd.repoServer.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd application set name and version as used by the chart label. -*/}} -{{- define "argo-cd.applicationSet.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd notifications name and version as used by the chart label. -*/}} -{{- define "argo-cd.notifications.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the controller service account to use -*/}} -{{- define "argo-cd.controllerServiceAccountName" -}} -{{- if .Values.controller.serviceAccount.create -}} - {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.controller.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the dex service account to use -*/}} -{{- define "argo-cd.dexServiceAccountName" -}} -{{- if .Values.dex.serviceAccount.create -}} - {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.dex.serviceAccount.name }} -{{- end -}} -{{- end -}} - {{/* Create the name of the redis service account to use */}} @@ -114,6 +86,13 @@ Create the name of the redis service account to use {{- end -}} {{- end -}} +{{/* +Create argocd server name and version as used by the chart label. +*/}} +{{- define "argo-cd.server.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the Argo CD server service account to use */}} @@ -125,6 +104,13 @@ Create the name of the Argo CD server service account to use {{- end -}} {{- end -}} +{{/* +Create argocd repo-server name and version as used by the chart label. +*/}} +{{- define "argo-cd.repoServer.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the repo-server service account to use */}} @@ -136,6 +122,13 @@ Create the name of the repo-server service account to use {{- end -}} {{- end -}} +{{/* +Create argocd application set name and version as used by the chart label. +*/}} +{{- define "argo-cd.applicationSet.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the application set service account to use */}} @@ -147,6 +140,13 @@ Create the name of the application set service account to use {{- end -}} {{- end -}} +{{/* +Create argocd notifications name and version as used by the chart label. +*/}} +{{- define "argo-cd.notifications.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the notifications service account to use */}} From 99932a96c28af3d06432ace85dc00b52abcbae5d Mon Sep 17 00:00:00 2001 From: Vadim Grek Date: Tue, 21 Feb 2023 03:14:33 +0200 Subject: [PATCH 0550/1248] chore(argo-events): Upgrade Argo Events to v1.7.6 (#1849) --- charts/argo-events/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 160f6cf6..9318cb85 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.5 +appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.2 +version: 2.1.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Upgrade Argo Events to v1.7.6 From 2ae7e1ad0dc7a7cb64a1bf03c38a151f207291d3 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 23 Feb 2023 17:57:15 +0100 Subject: [PATCH 0551/1248] chore(argo-cd): Remove notification bot (#1854) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 26 ----- charts/argo-cd/templates/_helpers.tpl | 11 -- .../bots/slack/deployment.yaml | 71 ------------ .../argocd-notifications/bots/slack/pdb.yaml | 26 ----- .../argocd-notifications/bots/slack/role.yaml | 27 ----- .../bots/slack/rolebinding.yaml | 13 --- .../bots/slack/service.yaml | 19 ---- .../bots/slack/serviceaccount.yaml | 15 --- charts/argo-cd/values.yaml | 105 ------------------ 10 files changed, 3 insertions(+), 316 deletions(-) delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index efd96096..2d1a2cc3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.22.1 +version: 5.23.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Grouped component templates together + - kind: removed + description: Removed notification bot that is no longer supported diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2533c180..6b2a88af 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1072,32 +1072,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | -| notifications.bots.slack.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | -| notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | -| notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | -| notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | -| notifications.bots.slack.enabled | bool | `false` | Enable slack bot | -| notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot | -| notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | -| notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | -| notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | -| notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| notifications.bots.slack.logFormat | string | `""` (defaults to global.logging.format) | Slack bot log format. Either `text` or `json` | -| notifications.bots.slack.logLevel | string | `""` (defaults to global.logging.level) | Slack bot log level. One of: `debug`, `info`, `warn`, `error` | -| notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | -| notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb | -| notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot | -| notifications.bots.slack.pdb.labels | object | `{}` | Labels to be added to Slack bot pdb | -| notifications.bots.slack.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | -| notifications.bots.slack.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | -| notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | -| notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | -| notifications.bots.slack.service.port | int | `80` | Service port for Slack bot | -| notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | -| notifications.bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | -| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 76abc8d2..377a07e1 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -158,17 +158,6 @@ Create the name of the notifications service account to use {{- end -}} {{- end -}} -{{/* -Create the name of the notifications bots slack service account to use -*/}} -{{- define "argo-cd.notificationsBotsSlackServiceAccountName" -}} -{{- if .Values.notifications.bots.slack.serviceAccount.create -}} - {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.bots.slack.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.notifications.bots.slack.serviceAccount.name }} -{{- end -}} -{{- end -}} - {{/* Argo Configuration Preset Values (Incluenced by Values configuration) */}} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml deleted file mode 100644 index 2749cb2b..00000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ /dev/null @@ -1,71 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - name: {{ template "argo-cd.notifications.fullname" . }}-bot - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} -spec: - replicas: 1 - revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} - strategy: - type: Recreate - selector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} - template: - metadata: - labels: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 8 }} - spec: - {{- with .Values.notifications.bots.slack.imagePullSecrets | default .Values.global.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.global.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "argo-cd.notificationsBotsSlackServiceAccountName" . }} - containers: - - name: {{ include "argo-cd.notifications.fullname" . }}-bot - image: {{ default .Values.global.image.repository .Values.notifications.bots.slack.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.bots.slack.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.bots.slack.image.pullPolicy }} - command: - - argocd-notifications - - bot - - --loglevel={{ default .Values.global.logging.level .Values.notifications.bots.slack.logLevel }} - - --logformat={{ default .Values.global.logging.format .Values.notifications.bots.slack.logFormat }} - {{- range .Values.notifications.bots.slack.extraArgs }} - - {{ . | squote }} - {{- end }} - workingDir: /app - ports: - - containerPort: 8080 - name: http - resources: - {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} - securityContext: - {{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }} - affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications.bots.slack) | nindent 8 }} - {{- with .Values.notifications.bots.slack.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.bots.slack.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.bots.slack.dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - dnsPolicy: {{ .Values.notifications.bots.slack.dnsPolicy }} -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml deleted file mode 100644 index 60df983e..00000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "argo-cd.notifications.fullname" . }}-bot - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} - {{- with .Values.notifications.bots.slack.pdb.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.notifications.bots.slack.pdb.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - {{- with .Values.notifications.bots.slack.pdb.maxUnavailable }} - maxUnavailable: {{ . }} - {{- else }} - minAvailable: {{ .Values.notifications.bots.slack.pdb.minAvailable | default 0 }} - {{- end }} - selector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml deleted file mode 100644 index 26df5b9c..00000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - get - - list - - watch - - update - - patch -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml deleted file mode 100644 index 80813f5e..00000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "argo-cd.notifications.fullname" . }}-bot -subjects: -- kind: ServiceAccount - name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml deleted file mode 100644 index 5cbbd2b1..00000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot - {{- if .Values.notifications.bots.slack.service.annotations }} - annotations: - {{- toYaml .Values.notifications.bots.slack.service.annotations | nindent 4 }} - {{- end }} -spec: - ports: - - name: http - port: {{ .Values.notifications.bots.slack.service.port }} - protocol: TCP - targetPort: http - selector: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} - type: {{ .Values.notifications.bots.slack.service.type }} -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml deleted file mode 100644 index bdffa2cf..00000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.notifications.bots.slack.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} -{{- if .Values.notifications.bots.slack.serviceAccount.annotations }} - annotations: - {{- range $key, $value := .Values.notifications.bots.slack.serviceAccount.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} -{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b3706c5a..1c6837d7 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2910,108 +2910,3 @@ notifications: # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers # defaultTriggers: | # - on-sync-status-unknown - - ## The optional bot component simplifies managing subscriptions - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ - bots: - slack: - # -- Enable slack bot - ## You have to set secret.notifiers.slack.signingSecret - enabled: false - - ## Slack bot Pod Disruption Budget - ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ - pdb: - # -- Deploy a [PodDisruptionBudget] for the Slack bot - enabled: false - # -- Labels to be added to Slack bot pdb - labels: {} - # -- Annotations to be added to Slack bot pdb - annotations: {} - # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) - # @default -- `""` (defaults to 0 if not specified) - minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). - ## Has higher precedence over `notifications.bots.slack.pdb.minAvailable` - maxUnavailable: "" - - ## Slack bot image - image: - # -- Repository to use for the Slack bot - # @default -- `""` (defaults to global.image.repository) - repository: "" - # -- Tag to use for the Slack bot - # @default -- `""` (defaults to global.image.tag) - tag: "" - # -- Image pull policy for the Slack bot - # @default -- `""` (defaults to global.image.imagePullPolicy) - imagePullPolicy: "" - - # -- Secrets with credentials to pull images from a private registry - # @default -- `[]` (defaults to global.imagePullSecrets) - imagePullSecrets: [] - - # -- Slack bot log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- Slack bot log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" - - # -- List of extra cli args to add for Slack bot - extraArgs: [] - - service: - # -- Service annotations for Slack bot - annotations: {} - # -- Service port for Slack bot - port: 80 - # -- Service type for Slack bot - type: LoadBalancer - - serviceAccount: - # -- Specifies whether a service account should be created - create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template - name: argocd-notifications-bot - - # -- Annotations applied to created service account - annotations: {} - - # -- [DNS configuration] - dnsConfig: {} - # -- Alternative DNS policy for Slack bot pods - dnsPolicy: "ClusterFirst" - - # -- Slack bot container-level security Context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - # -- Resource limits and requests for the Slack bot - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - # -- Assign custom [affinity] rules - # @default -- `{}` (defaults to global.affinity preset) - affinity: {} - - # -- [Tolerations] for use with node taints - tolerations: [] - - # -- [Node selector] - nodeSelector: {} From 4735ea5cfb536a67392a4efc1ca8d4387639384f Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 23 Feb 2023 11:44:01 -0600 Subject: [PATCH 0552/1248] chore(argo-workflows): Update docs to mention why CRDs are in templates folder (#1857) Closes #1785 Borrowed `Custom resource definition` from argo-cd helm chart README and added it to argo-workflows helm chart README Signed-off-by: jmeridth --- CONTRIBUTING.md | 2 +- README.md | 21 +++++++++++++++++++-- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 15 +++++++++++++++ charts/argo-workflows/README.md.gotmpl | 15 +++++++++++++++ 5 files changed, 52 insertions(+), 5 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 535bbbb3..1f7745b5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -122,7 +122,7 @@ helm install charts/argo-workflows -n argo argo version ``` -Follow this instructions for running a hello world workflow. +Follow [these](https://argoproj.github.io/argo-workflows/quick-start/#submitting-an-example-workflow) instructions for running a hello world workflow. ### Testing Argo CD Changes diff --git a/README.md b/README.md index 1d96a35f..210b9a83 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: -``` +```bash helm repo add argo https://argoproj.github.io/argo-helm ``` @@ -15,10 +15,27 @@ helm repo add argo https://argoproj.github.io/argo-helm We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details. +### Custom resource definitions + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of the main four charts (argo-cd, argo-workflows, argo-events, argo-rollouts) by using `--set crds.install=false` when installing the chart. + +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `/templates` to address this design decision. + +If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: + +Example: + +```bash +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" + +# Eg. version v2.4.9 +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9" +``` + ### Security Policy If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new). ### Changelog -Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). \ No newline at end of file +Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0fe6953a..5891ca58 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.11 +version: 0.22.12 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: changed - description: Cleaned RBAC permissions for subresources (pods/log, pods/exec). + description: Update documentation to explain why CRDs are in templates folder diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 19bc0ee2..78d5780b 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -13,6 +13,21 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +### Custom resource definitions + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. + +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `/templates` to address this design decision. + +If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: + +```bash +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=" + +# Eg. version v3.3.9 +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index a263139b..0a441821 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -13,6 +13,21 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +### Custom resource definitions + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. + +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `/templates` to address this design decision. + +If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: + +```bash +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=" + +# Eg. version v3.3.9 +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. From 88b92909e6b97bddce6c61f655a9ae677c743600 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 23 Feb 2023 19:11:54 +0100 Subject: [PATCH 0553/1248] chore(argo-cd): Add missing hostAliases to all components (#1848) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 10 +++++----- .../templates/argocd-applicationset/deployment.yaml | 8 ++++---- .../templates/argocd-notifications/deployment.yaml | 4 ++++ .../templates/argocd-repo-server/deployment.yaml | 11 +++++------ .../argo-cd/templates/argocd-server/deployment.yaml | 10 +++++----- charts/argo-cd/templates/dex/deployment.yaml | 10 +++++----- charts/argo-cd/templates/redis/deployment.yaml | 4 ++++ 8 files changed, 35 insertions(+), 28 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2d1a2cc3..2998c691 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.0 +version: 5.23.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: removed - description: Removed notification bot that is no longer supported + - kind: added + description: Missing hostAliases for notification controller and redis diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 0a161362..f8460906 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -37,10 +37,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - command: - argocd-application-controller @@ -285,11 +290,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: {{- with .Values.controller.volumes }} {{- toYaml . | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 462ebcba..6011cd0b 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -35,15 +35,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 5efc0965..e3e7968b 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -37,6 +37,10 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 00e73d8a..28bd3b6d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -40,11 +40,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} @@ -312,11 +316,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: {{- with .Values.repoServer.volumes }} {{- toYaml . | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index bb394006..ea3d3a6e 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -37,10 +37,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} @@ -369,11 +374,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: {{- with .Values.server.volumes }} {{- toYaml . | nindent 6}} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 7fea0b48..d2189cc3 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -39,10 +39,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with.Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -159,11 +164,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: - name: static-files emptyDir: {} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ffff4bad..e23fe46c 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -36,6 +36,10 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.redis.securityContext }} securityContext: {{- toYaml . | nindent 8 }} From f66c40319a280abcf1e831f57ed1190ec264a05b Mon Sep 17 00:00:00 2001 From: Jonathan Muller Date: Fri, 24 Feb 2023 22:56:41 +0100 Subject: [PATCH 0554/1248] chore(argo-workflows): expose option to control the log format/level (#1855) * Allow to change the log format to json Signed-off-by: Jonathan Muller * Documentation, version Signed-off-by: Jonathan Muller --------- Signed-off-by: Jonathan Muller --- charts/argo-workflows/Chart.yaml | 12 +++++++++--- charts/argo-workflows/README.md | 4 ++++ .../controller/workflow-controller-deployment.yaml | 2 ++ .../templates/server/server-deployment.yaml | 6 ++++++ charts/argo-workflows/values.yaml | 10 ++++++++++ 5 files changed, 31 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 5891ca58..b5f88211 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.12 +version: 0.22.13 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,11 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Update documentation to explain why CRDs are in templates folder + - kind: added + description: Added workflow startup option --log-format (defaults to 'text'). + - kind: added + description: Added server startup option --log-format (defaults to 'text'). + - kind: added + description: Added server startup option --loglevel (defaults to 'info'). + - kind: added + description: Added server startup option --gloglevel (defaults to '0'). diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 78d5780b..d6fa862c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -106,6 +106,7 @@ Fields to note: | controller.links | list | `[]` | Configure Argo Server to show custom [links] | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | +| controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | | controller.logging.globallevel | string | `"0"` | Set the glog logging level | | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | @@ -214,6 +215,9 @@ Fields to note: | server.ingress.tls | list | `[]` | Ingress TLS configuration | | server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` | | server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | +| server.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | +| server.logging.globallevel | string | `"0"` | Set the glog logging level | +| server.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | server.name | string | `"server"` | Server name string | | server.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | | server.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the server pods | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index b90122ca..8f4f783f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -46,6 +46,8 @@ spec: - "{{ .Values.controller.logging.level }}" - "--gloglevel" - "{{ .Values.controller.logging.globallevel }}" + - "--log-format" + - "{{ .Values.controller.logging.format }}" {{- if .Values.singleNamespace }} - "--namespaced" {{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 70b1495c..e5230cd0 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -49,6 +49,12 @@ spec: {{- if .Values.singleNamespace }} - "--namespaced" {{- end }} + - "--loglevel" + - "{{ .Values.server.logging.level }}" + - "--gloglevel" + - "{{ .Values.server.logging.globallevel }}" + - "--log-format" + - "{{ .Values.server.logging.format }}" ports: - name: web containerPort: 2746 diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index bb102c8b..904d766b 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -216,6 +216,8 @@ controller: level: info # -- Set the glog logging level globallevel: "0" + # -- Set the logging format (one of: `text`, `json`) + format: "text" # -- Service type of the controller Service serviceType: ClusterIP @@ -469,6 +471,14 @@ server: # extraArgs: # - --auth-mode=server + logging: + # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) + level: info + # -- Set the glog logging level + globallevel: "0" + # -- Set the logging format (one of: `text`, `json`) + format: "text" + # -- Additional volume mounts to the server main container. volumeMounts: [] # -- Additional volumes to the server pod. From 4f48352af1067cd18908cccf8a1e2e9ebb386cd8 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 24 Feb 2023 18:26:24 -0600 Subject: [PATCH 0555/1248] fix(github): Replace deprecated set-output from github-actions (#1860) fix(github): Remove deprecated set-output from github-actions Warning in GitHub Actions: ``` Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ ``` Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 33942db0..0158f3fa 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,8 +38,8 @@ jobs: changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed) charts=$(echo "$changed" | tr '\n' ' ' | xargs) if [[ -n "$changed" ]]; then - echo "::set-output name=changed::true" - echo "::set-output name=changed_charts::$charts" + echo "changed=true" >> $GITHUB_STATE + echo "changed_charts=$charts" >> $GITHUB_STATE fi - name: Run chart-testing (lint) From 3a6617ce8f76284776486007cf3279501068cc83 Mon Sep 17 00:00:00 2001 From: Juan Carrillo Date: Sun, 26 Feb 2023 10:34:01 -0600 Subject: [PATCH 0556/1248] fix(argo-cd): Fix typo in values.yaml (#1862) Signed-off-by: Juan Carrillo --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 14 +++++++------- charts/argo-cd/values.yaml | 18 +++++++++--------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2998c691..138e7c66 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.1 +version: 5.23.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Missing hostAliases for notification controller and redis + - kind: fixed + description: Fixed typos in values.yaml and README.md diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6b2a88af..3cc94e79 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -509,7 +509,7 @@ NAME: my-release | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | | controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller | | controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb | -| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.podLabels | object | `{}` | Labels to be added to application controller pods | @@ -592,7 +592,7 @@ NAME: my-release | repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb | | repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server | | repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb | -| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | | repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | @@ -642,7 +642,7 @@ NAME: my-release | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | -| server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` | +| server.certificate.issuer.name | string | `""` | Certificate issuer name. Eg. `letsencrypt` | | server.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` | | server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | @@ -725,7 +725,7 @@ NAME: my-release | server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb | | server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server | | server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb | -| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | @@ -955,7 +955,7 @@ The main options are listed here: | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | -| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | +| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | @@ -1033,7 +1033,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | -| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | | applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | @@ -1112,7 +1112,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb | | notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller | | notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb | -| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1c6837d7..d7c5c853 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -499,7 +499,7 @@ controller: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `controller.pdb.minAvailable` maxUnavailable: "" @@ -623,7 +623,7 @@ controller: drop: - ALL - # Rediness probe for application controller + # Readiness probe for application controller ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded @@ -1243,7 +1243,7 @@ redis-ha: # -- Tag to use for the redis-exporter tag: 1.45.0 persistentVolume: - # -- Configures persistency on Redis nodes + # -- Configures persistence on Redis nodes enabled: false redis: # -- Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated @@ -1342,7 +1342,7 @@ server: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `server.pdb.minAvailable` maxUnavailable: "" @@ -1380,7 +1380,7 @@ server: lifecycle: {} ## Argo UI extensions - ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. + ## This function in tech preview stage, do expect instability or breaking changes in newer versions. ## Ref: https://github.com/argoproj-labs/argocd-extensions extensions: # -- Enable support for Argo UI extensions @@ -1583,7 +1583,7 @@ server: group: "" # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` kind: "" - # -- Certificate isser name. Eg. `letsencrypt` + # -- Certificate issuer name. Eg. `letsencrypt` name: "" # Private key of the certificate privateKey: @@ -1885,7 +1885,7 @@ repoServer: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `repoServer.pdb.minAvailable` maxUnavailable: "" @@ -2171,7 +2171,7 @@ applicationSet: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `applicationSet.pdb.minAvailable` maxUnavailable: "" @@ -2445,7 +2445,7 @@ notifications: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `notifications.pdb.minAvailable` maxUnavailable: "" From fdebbabf173f5b1f78f78d8113be0399c09f653c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 28 Feb 2023 17:31:51 +0900 Subject: [PATCH 0557/1248] chore(argo-cd): Upgrade Argo CD to v2.6.3 (#1868) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 138e7c66..5d082b2b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.2 +appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.2 +version: 5.23.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Fixed typos in values.yaml and README.md + - kind: changed + description: Upgrade Argo CD to v.2.6.3 From c21aa4c86ab4b03f52653b6b35087ce1fec29cd0 Mon Sep 17 00:00:00 2001 From: ugoogalizer Date: Wed, 1 Mar 2023 08:53:17 +1100 Subject: [PATCH 0558/1248] fix(argo-cd): Added pod exec permission to argo-server Role when exec.enabled is True. (#1867) * Added pods exec to role permissions The argocd-server Role requires the pods/exec create permission in order to be able to start the web based terminal as per: https://argo-cd.readthedocs.io/en/stable/operator-manual/web_based_terminal/ This brings the Role in line with the ClusterRole change already made Signed-off-by: ugoogalizer * bumped version Signed-off-by: ugoogalizer * Added description of change Signed-off-by: ugoogalizer * Removed trailing whitespace Signed-off-by: ugoogalizer --------- Signed-off-by: ugoogalizer Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/role.yaml | 8 ++++++++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5d082b2b..cd17b7ce 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.3 +version: 5.23.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v.2.6.3 + - kind: added + description: Added pod exec permission to argo-server Role when exec.enabled is True. diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index f4c5d533..477aa7a3 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -42,3 +42,11 @@ rules: verbs: - create - list +{{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }} +- apiGroups: + - "" +resources: + - pods/exec +verbs: + - create +{{- end }} From 7b499adc8b59a0561962c6cf4310507e4bb26b2a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 1 Mar 2023 00:30:03 +0100 Subject: [PATCH 0559/1248] fix(argo-cd): Fix indentation for argocd-server role (#1871) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/role.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cd17b7ce..412180ce 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.4 +version: 5.23.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Added pod exec permission to argo-server Role when exec.enabled is True. + - kind: fixed + description: Indentation for argo-server role when exec.enabled is True. diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 477aa7a3..16164a9a 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -45,8 +45,8 @@ rules: {{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }} - apiGroups: - "" -resources: + resources: - pods/exec -verbs: + verbs: - create {{- end }} From 053a338ea9f2c85ed5df37409d4ab1352c43c419 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 2 Mar 2023 15:28:23 +0100 Subject: [PATCH 0560/1248] feat(argo-cd): Add additional global parameters for scheduling (#1846) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 16 ++- charts/argo-cd/README.md | 69 ++++++---- charts/argo-cd/README.md.gotmpl | 7 +- charts/argo-cd/templates/_common.tpl | 15 +- .../statefulset.yaml | 16 ++- .../argocd-applicationset/deployment.yaml | 19 ++- .../argocd-notifications/deployment.yaml | 23 +++- .../argocd-repo-server/deployment.yaml | 16 ++- .../templates/argocd-server/deployment.yaml | 16 ++- charts/argo-cd/templates/dex/deployment.yaml | 20 +-- .../argo-cd/templates/redis/deployment.yaml | 16 ++- charts/argo-cd/values.yaml | 130 +++++++++++++----- 12 files changed, 248 insertions(+), 115 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 412180ce..2760c828 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.5 +version: 5.24.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,15 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Indentation for argo-server role when exec.enabled is True. + - kind: added + description: Global nodeSelector configuration + - kind: added + description: Global tolerations configuration + - kind: added + description: Global topologySpreadConstraints configuration + - kind: added + description: Missing component level topologySpreadConstraints configuration + - kind: added + description: Missing component level priorityClassName configuration + - kind: changed + description: Global affinity preset can be disabled diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3cc94e79..21a945fa 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,7 +105,12 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. -### 5.21.0 +### 5.24.0 + +This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +Default `global.affinity` rules can be disabled when `none` value is used for the preset. + +### 5.22.0 This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. @@ -386,8 +391,8 @@ NAME: my-release |-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Common labels for the all resources | | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | -| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `soft` or `hard` | -| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `soft` or `hard` | +| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | +| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | @@ -398,11 +403,15 @@ NAME: my-release | global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` | | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | +| global.nodeSelector | object | `{}` | Default node selector for all components | | global.podAnnotations | object | `{}` | Annotations for the all deployed pods | | global.podLabels | object | `{}` | Labels for the all deployed pods | +| global.priorityClassName | string | `""` | Default priority class for all components | | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | | global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | +| global.tolerations | object | `{}` | Default tolerations for all components | +| global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components | ## Argo CD Configs @@ -505,7 +514,7 @@ NAME: my-release | controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | controller.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | controller.name | string | `"application-controller"` | Application controller name string | -| controller.nodeSelector | object | `{}` | [Node selector] | +| controller.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | | controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller | | controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb | @@ -513,7 +522,7 @@ NAME: my-release | controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.podLabels | object | `{}` | Labels to be added to application controller pods | -| controller.priorityClassName | string | `""` | Priority class for the application controller pods | +| controller.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the application controller pods | | controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | controller.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | @@ -527,8 +536,8 @@ NAME: my-release | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | | controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | -| controller.tolerations | list | `[]` | [Tolerations] for use with node taints | -| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller | +| controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | | controller.volumes | list | `[]` | Additional volumes to the application controller pod | @@ -588,7 +597,7 @@ NAME: my-release | repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | repoServer.name | string | `"repo-server"` | Repo server name | -| repoServer.nodeSelector | object | `{}` | [Node selector] | +| repoServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb | | repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server | | repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb | @@ -596,7 +605,7 @@ NAME: my-release | repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | | repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | -| repoServer.priorityClassName | string | `""` | Priority class for the repo server | +| repoServer.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the repo server pods | | repoServer.rbac | list | `[]` | Repo server rbac rules | | repoServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | repoServer.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -614,8 +623,8 @@ NAME: my-release | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | | repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account | | repoServer.serviceAccount.name | string | `""` | Repo server service account name | -| repoServer.tolerations | list | `[]` | [Tolerations] for use with node taints | -| repoServer.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the repo server | +| repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | | repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container | | repoServer.volumes | list | `[]` | Additional volumes to the repo server pod | @@ -721,7 +730,7 @@ NAME: my-release | server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | server.name | string | `"server"` | Argo CD server name | -| server.nodeSelector | object | `{}` | [Node selector] | +| server.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb | | server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server | | server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb | @@ -729,7 +738,7 @@ NAME: my-release | server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | -| server.priorityClassName | string | `""` | Priority class for the Argo CD server | +| server.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the Argo CD server pods | | server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | @@ -761,8 +770,8 @@ NAME: my-release | server.serviceAccount.create | bool | `true` | Create server service account | | server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `"argocd-server"` | Server service account name | -| server.tolerations | list | `[]` | [Tolerations] for use with node taints | -| server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | +| server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | | server.volumes | list | `[]` | Additional volumes to the server pod | @@ -840,7 +849,7 @@ server: | dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | dex.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | dex.name | string | `"dex-server"` | Dex name | -| dex.nodeSelector | object | `{}` | [Node selector] | +| dex.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb | | dex.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Dex server | | dex.pdb.labels | object | `{}` | Labels to be added to Dex server pdb | @@ -848,7 +857,7 @@ server: | dex.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods | | dex.podLabels | object | `{}` | Labels to be added to the Dex server pods | -| dex.priorityClassName | string | `""` | Priority class for dex | +| dex.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the dex pods | | dex.readinessProbe.enabled | bool | `false` | Enable Kubernetes readiness probe for Dex >= 2.28.0 | | dex.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | dex.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -865,8 +874,8 @@ server: | dex.servicePortHttp | int | `5556` | Service port for HTTP access | | dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access | | dex.servicePortMetrics | int | `5558` | Service port for metrics access | -| dex.tolerations | list | `[]` | [Tolerations] for use with node taints | -| dex.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to dex | +| dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex | | dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container | | dex.volumes | list | `[]` | Additional volumes to the dex pod | @@ -917,7 +926,7 @@ server: | redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | redis.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | redis.name | string | `"redis"` | Redis name | -| redis.nodeSelector | object | `{}` | [Node selector] | +| redis.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | redis.pdb.annotations | object | `{}` | Annotations to be added to Redis pdb | | redis.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Redis | | redis.pdb.labels | object | `{}` | Labels to be added to Redis pdb | @@ -925,7 +934,7 @@ server: | redis.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods | | redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | -| redis.priorityClassName | string | `""` | Priority class for redis | +| redis.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for redis pods | | redis.resources | object | `{}` | Resource limits and requests for redis | | redis.securityContext | object | See [values.yaml] | Redis pod-level security context | | redis.service.annotations | object | `{}` | Redis service annotations | @@ -935,8 +944,8 @@ server: | redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod | | redis.serviceAccount.name | string | `""` | Service account name for redis pod | | redis.servicePort | int | `6379` | Redis service port | -| redis.tolerations | list | `[]` | [Tolerations] for use with node taints | -| redis.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to redis | +| redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis | | redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | | redis.volumes | list | `[]` | Additional volumes to the redis pod | @@ -1029,7 +1038,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string | -| applicationSet.nodeSelector | object | `{}` | [Node selector] | +| applicationSet.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | @@ -1037,7 +1046,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | | applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | -| applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | +| applicationSet.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the ApplicationSet controller pods | | applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | applicationSet.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -1055,7 +1064,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | | applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | -| applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | +| applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | | applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | | applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | @@ -1107,7 +1117,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | notifications.name | string | `"notifications-controller"` | Notifications controller name string | -| notifications.nodeSelector | object | `{}` | [Node selector] | +| notifications.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook | | notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb | | notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller | @@ -1116,7 +1126,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | -| notifications.priorityClassName | string | `""` | Priority class for the notifications controller pods | +| notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods | | notifications.resources | object | `{}` | Resource limits and requests for the notifications controller | | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | @@ -1128,7 +1138,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | -| notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | +| notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | ---------------------------------------------- diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index f450e0e7..945bab72 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,7 +104,12 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. -### 5.21.0 +### 5.24.0 + +This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +Default `global.affinity` rules can be disabled when `none` value is used for the preset. + +### 5.22.0 This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index 2ba53d8c..dd43d0d5 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -78,16 +78,18 @@ Node affinity {{- toYaml . -}} {{- else -}} {{- $preset := .context.Values.global.affinity -}} +{{- if (eq $preset.podAntiAffinity "soft") }} podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - {{- if (eq $preset.podAntiAffinity "soft") }} - weight: 100 podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} topologyKey: kubernetes.io/hostname - {{- else }} +{{- else if (eq $preset.podAntiAffinity "hard") }} +podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: @@ -99,21 +101,22 @@ podAntiAffinity: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} topologyKey: kubernetes.io/hostname - {{- end }} +{{- end }} {{- with $preset.nodeAffinity.matchExpressions }} +{{- if (eq $preset.nodeAffinity.type "soft") }} nodeAffinity: - {{- if (eq $preset.nodeAffinity.type "soft") }} preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 preference: matchExpressions: {{- toYaml . | nindent 6 }} - {{- else }} +{{- else if (eq $preset.nodeAffinity.type "hard") }} +nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: {{- toYaml . | nindent 6 }} - {{- end }} +{{- end }} {{- end -}} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index f8460906..ad8cbc1b 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -45,6 +45,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - command: @@ -269,17 +272,19 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.controller) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.controller) | nindent 8 }} - {{- with .Values.controller.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.controller.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.tolerations }} + {{- with .Values.controller.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.topologySpreadConstraints }} + {{- with .Values.controller.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -307,9 +312,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.controller.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} hostNetwork: {{ .Values.controller.hostNetwork }} {{- with .Values.controller.dnsConfig }} dnsConfig: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6011cd0b..bbf8d160 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -43,6 +43,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} @@ -198,8 +201,10 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) | nindent 8 }} + {{- trim . | nindent 8 }} + {{- end }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -208,8 +213,16 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.priorityClassName }} - priorityClassName: {{ . }} + {{- with .Values.applicationSet.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.applicationSet.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} volumes: {{- with .Values.applicationSet.extraVolumes }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index e3e7968b..45ba1de0 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -45,6 +45,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} containers: - name: {{ .Values.notifications.name }} @@ -92,18 +95,28 @@ spec: initContainers: {{- tpl (toYaml . ) $ | nindent 8 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) | nindent 8 }} - {{- with .Values.notifications.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.tolerations }} + {{- with .Values.notifications.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.priorityClassName }} - priorityClassName: {{ . }} + {{- with .Values.notifications.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.notifications.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} volumes: {{- with .Values.notifications.extraVolumes }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 28bd3b6d..3e22a00d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -48,6 +48,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} @@ -295,17 +298,19 @@ spec: {{- with .Values.repoServer.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) | nindent 8 }} - {{- with .Values.repoServer.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.repoServer.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.tolerations }} + {{- with .Values.repoServer.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.topologySpreadConstraints }} + {{- with .Values.repoServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -350,9 +355,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.repoServer.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} hostNetwork: {{ .Values.repoServer.hostNetwork }} {{- with .Values.repoServer.dnsConfig }} dnsConfig: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ea3d3a6e..bb2f750b 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -45,6 +45,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} @@ -353,17 +356,19 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.server) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.server) | nindent 8 }} - {{- with .Values.server.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.server.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.tolerations }} + {{- with .Values.server.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.topologySpreadConstraints }} + {{- with .Values.server.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -416,9 +421,6 @@ spec: path: tls.crt - key: ca.crt path: ca.crt - {{- with .Values.server.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} hostNetwork: {{ .Values.server.hostNetwork }} {{- with .Values.server.dnsConfig }} dnsConfig: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index d2189cc3..fd5e00d9 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -47,7 +47,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "argo-cd.dexServiceAccountName" . }} + {{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -143,17 +146,19 @@ spec: {{- with .Values.dex.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} - {{- with .Values.dex.nodeSelector }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.dex) }} + affinity: + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.dex.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.dex.tolerations }} + {{- with .Values.dex.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.dex) | nindent 8 }} - {{- with .Values.dex.topologySpreadConstraints }} + {{- with .Values.dex.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -183,9 +188,6 @@ spec: {{- with .Values.dex.volumes }} {{- toYaml . | nindent 6 }} {{- end }} - {{- with .Values.dex.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- with .Values.dex.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index e23fe46c..389cf678 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -44,6 +44,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} containers: - name: {{ .Values.redis.name }} @@ -102,17 +105,19 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} - {{- with .Values.redis.nodeSelector }} + {{- with .Values.redis.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.tolerations }} + {{- with .Values.redis.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.redis) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.redis) | nindent 8 }} - {{- with .Values.redis.topologySpreadConstraints }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.redis.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -123,9 +128,6 @@ spec: {{- end }} {{- end }} {{- end }} - {{- with .Values.redis.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- with .Values.redis.volumes }} volumes: {{- toYaml . | nindent 8}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d7c5c853..3cc933a6 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -99,13 +99,22 @@ global: # -- Default deny all ingress traffic defaultDenyIngress: false + # -- Default priority class for all components + priorityClassName: "" + + # -- Default node selector for all components + nodeSelector: {} + + # -- Default tolerations for all components + tolerations: {} + # Default affinity preset for all components affinity: - # -- Default pod anti-affinity rules. Either: `soft` or `hard` + # -- Default pod anti-affinity rules. Either: `none`, `soft` or `hard` podAntiAffinity: soft # Node affinity rules nodeAffinity: - # -- Default node affinity rules. Either: `soft` or `hard` + # -- Default node affinity rules. Either: `none`, `soft` or `hard` type: hard # -- Default match expressions for node affinity matchExpressions: [] @@ -115,6 +124,15 @@ global: # - antarctica-east1 # - antarctica-west1 + # -- Default [TopologySpreadConstraints] rules for all components + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector of the component + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + + ## Argo Configs configs: # General Argo CD configuration @@ -637,10 +655,16 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- Priority class for the application controller pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules to the deployment @@ -648,15 +672,13 @@ controller: affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the application controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for the application controller pods - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule serviceAccount: # -- Create a service account for the application controller @@ -978,24 +1000,30 @@ dex: # -- Service port for metrics access servicePortMetrics: 5558 + # -- Priority class for the dex pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] + # -- Assign custom [affinity] rules to the deployment # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to dex + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for dex - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule ## Redis redis: @@ -1148,10 +1176,16 @@ redis: # -- Redis service port servicePort: 6379 + # -- Priority class for redis pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules to the deployment @@ -1159,15 +1193,13 @@ redis: affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to redis + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for redis - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule serviceAccount: # -- Create a service account for the redis pod @@ -1538,24 +1570,30 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- Priority class for the Argo CD server pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] + # -- Assign custom [affinity] rules to the deployment # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for the Argo CD server - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server @@ -2031,22 +2069,28 @@ repoServer: timeoutSeconds: 1 # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] + # -- Assign custom [affinity] rules to the deployment # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the repo server + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule - # -- Priority class for the repo server + # -- Priority class for the repo server pods + # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" # TLS certificate configuration via Secret @@ -2365,16 +2409,28 @@ applicationSet: failureThreshold: 3 # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules # @default -- `{}` (defaults to global.affinity preset) affinity: {} - # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. + # -- Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + + # -- Priority class for the ApplicationSet controller pods + # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" ## Webhook for the Git Generator @@ -2611,16 +2667,28 @@ notifications: - ALL # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules # @default -- `{}` (defaults to global.affinity preset) affinity: {} + # -- Assign custom [TopologySpreadConstraints] rules to the application controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- Priority class for the notifications controller pods + # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" serviceAccount: From 037d3a9e769749ac49d3d6e7dac5417fd673ac7f Mon Sep 17 00:00:00 2001 From: Sergi Alonso <45431066+sergialonsaco@users.noreply.github.com> Date: Thu, 2 Mar 2023 15:56:41 +0100 Subject: [PATCH 0561/1248] fix(argocd-apps): Add revisionHistoryLimit option to apps (#1874) --- charts/argocd-apps/Chart.yaml | 2 +- charts/argocd-apps/ci/applications-values.yaml | 1 + charts/argocd-apps/templates/applications.yaml | 3 +++ charts/argocd-apps/values.yaml | 1 + 4 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 1a2c0914..2f7a6d5c 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.8 +version: 0.0.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml index 4d708a16..9d8b21bf 100644 --- a/charts/argocd-apps/ci/applications-values.yaml +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -20,6 +20,7 @@ applications: automated: prune: false selfHeal: false + revisionHistoryLimit: null ignoreDifferences: - group: apps kind: Deployment diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index fee643d8..df0ea5eb 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -37,6 +37,9 @@ spec: syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .revisionHistoryLimit }} + revisionHistoryLimit: {{ . }} + {{- end }} {{- with .ignoreDifferences }} ignoreDifferences: {{- toYaml . | nindent 4 }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 62a2509c..eb0767b9 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,6 +30,7 @@ applications: [] # automated: # prune: false # selfHeal: false +# revisionHistoryLimit: null # ignoreDifferences: # - group: apps # kind: Deployment From 9663ca2fbdc060166fba7ce19898431c3e5e2b85 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 3 Mar 2023 00:02:33 +0900 Subject: [PATCH 0562/1248] chore(argo-rollouts): Upgrade Argo Rollouts to v.1.4.1 (#1877) * chore(argo-rollouts): Upgrade Argo Rollouts to v.1.4.1 Signed-off-by: yu-croco * chore(argo-rollouts): Add update information Signed-off-by: yu-croco --------- Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 10 ++++++---- charts/argo-rollouts/README.md | 5 +++++ charts/argo-rollouts/README.md.gotmpl | 5 +++++ 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 2beb83ff..a5e8e9c5 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.4.0 +appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.2 +version: 2.22.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,7 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Upgrade Argo Rollouts to v.1.4.1 + - kind: added + description: Put Changelog URL on README.md diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 73581f4e..ee3821bf 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r |:---------------------------------------------------------------------------| | The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | +## Changelog + +For full list of changes please check ArtifactHub [changelog]. + ## Chart Values ### General parameters @@ -188,3 +192,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 1a587350..735dae2c 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r |:---------------------------------------------------------------------------| | The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | +## Changelog + +For full list of changes please check ArtifactHub [changelog]. + ## Chart Values ### General parameters @@ -100,3 +104,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog From 77d9214543eda5c963ab80c2da99b295c6489bba Mon Sep 17 00:00:00 2001 From: Ian Martin Date: Fri, 3 Mar 2023 10:53:18 -0700 Subject: [PATCH 0563/1248] fix(argo-cd): ApplicationSet deployment uses global tolerations (#1881) * ApplicationSet deployment uses global tolerations Fixes #1880 Signed-off-by: Ian Martin * Bump chart version, add artifacthub annotations Signed-off-by: Ian Martin * correct change entry Signed-off-by: Ian Martin --------- Signed-off-by: Ian Martin --- charts/argo-cd/Chart.yaml | 16 +++------------- .../argocd-applicationset/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2760c828..8e1e29f6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.0 +version: 5.24.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,15 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Global nodeSelector configuration - - kind: added - description: Global tolerations configuration - - kind: added - description: Global topologySpreadConstraints configuration - - kind: added - description: Missing component level topologySpreadConstraints configuration - - kind: added - description: Missing component level priorityClassName configuration - - kind: changed - description: Global affinity preset can be disabled + - kind: fixed + description: ApplicationSet utilizes global tolerations diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index bbf8d160..c737fb5e 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -209,7 +209,7 @@ spec: nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.tolerations }} + {{- with .Values.applicationSet.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} From a7a4294a99f20bedc9e90baadfb19a058298703a Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 6 Mar 2023 13:00:30 -0600 Subject: [PATCH 0564/1248] chore(github): Add slack button to README (#1887) * chore(github): Add slack button to README Signed-off-by: jmeridth * Update README.md Co-authored-by: Marco Kilchhofer Signed-off-by: Jason Meridth --------- Signed-off-by: jmeridth Signed-off-by: Jason Meridth Co-authored-by: Marco Kilchhofer --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 210b9a83..ac71eb3e 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ # Argo Helm Charts +[![Slack](https://img.shields.io/badge/slack-%23argo--helm--charts-brightgreen.svg?logo=slack)](https://argoproj.github.io/community/join-slack) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) From 16fe47b908909141d46046d6cc98b1141f9dfd7a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 8 Mar 2023 16:12:58 +0900 Subject: [PATCH 0565/1248] chore(argo-cd): Upgrade Argo CD v2.6.4 (#1891) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8e1e29f6..cc699d33 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.3 +appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.1 +version: 5.24.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: ApplicationSet utilizes global tolerations + - kind: changed + description: Upgrade Argo CD v2.6.4 From 832a1e5c109fe6e4b0134a3bd7371671dbf0ddca Mon Sep 17 00:00:00 2001 From: TheRealNoob Date: Wed, 8 Mar 2023 01:46:33 -0600 Subject: [PATCH 0566/1248] fix(argo-cd): Clarify syntax in values.yaml (#1864) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++++ charts/argo-cd/values.yaml | 16 +++++++++++----- 3 files changed, 18 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cc699d33..bf4ed737 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.2 +version: 5.24.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD v2.6.4 + - kind: fixed + description: Clarify syntax in values.yaml diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 21a945fa..63806eb2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -497,7 +497,11 @@ NAME: my-release | controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | | controller.metrics.applicationLabels.labels | list | `[]` | Additional labels | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.rules.additionalLabels | object | `{}` | PrometheusRule labels | +| controller.metrics.rules.annotations | object | `{}` | PrometheusRule annotations | | controller.metrics.rules.enabled | bool | `false` | Deploy a PrometheusRule for the application controller | +| controller.metrics.rules.namespace | string | `""` | PrometheusRule namespace | +| controller.metrics.rules.selector | object | `{}` | PrometheusRule selector | | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | | controller.metrics.service.annotations | object | `{}` | Metrics service annotations | | controller.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3cc933a6..f0da2fcb 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -736,6 +736,17 @@ controller: rules: # -- Deploy a PrometheusRule for the application controller enabled: false + # -- PrometheusRule namespace + namespace: "" # "monitoring" + # -- PrometheusRule selector + selector: {} + # prometheus: kube-prometheus + + # -- PrometheusRule labels + additionalLabels: {} + # -- PrometheusRule annotations + annotations: {} + # -- PrometheusRule.Spec for the application controller spec: [] # - alert: ArgoAppMissing @@ -762,11 +773,6 @@ controller: # The application [{{`{{$labels.name}}`}} has not been synchronized for over # 12 hours which means that the state of this cloud has drifted away from the # state inside Git. - # selector: - # prometheus: kube-prometheus - # namespace: monitoring - # additionalLabels: {} - # annotations: {} ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off From 71f61651aedc798598fd1501f00869e8fa20ab49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Kukr=C3=A1l?= Date: Thu, 9 Mar 2023 11:48:22 +0100 Subject: [PATCH 0567/1248] fix(argo-cd): skip empty configmap params (#1892) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bf4ed737..17ea8a45 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.3 +version: 5.24.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Clarify syntax in values.yaml + description: Updated argocd-cm to skip empty values diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 377a07e1..2338d1c0 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -174,7 +174,10 @@ Merge Argo Configuration with Preset Configuration {{- $config := (mergeOverwrite (deepCopy (omit .Values.configs.cm "create" "annotations")) (.Values.server.config | default dict)) -}} {{- $preset := include "argo-cd.config.cm.presets" . | fromYaml | default dict -}} {{- range $key, $value := mergeOverwrite $preset $config }} -{{ $key }}: {{ toString $value | toYaml }} +{{- $fmted := $value | toString }} +{{- if not (eq $fmted "") }} +{{ $key }}: {{ $fmted | toYaml }} +{{- end }} {{- end }} {{- end -}} From 9781abdfd8e5b612dcec58f664aea45a4e26c382 Mon Sep 17 00:00:00 2001 From: Christian Groschupp Date: Thu, 9 Mar 2023 13:05:01 +0100 Subject: [PATCH 0568/1248] feat(argo-cd): add parameter env to redis exporter (#1876) Signed-off-by: Christian Groschupp --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/redis/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 17ea8a45..663a1081 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.4 +version: 5.25.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Updated argocd-cm to skip empty values + - kind: added + description: Add parameter env to redis exporter diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 63806eb2..b5e4adba 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -901,6 +901,7 @@ server: | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | | redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | | redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | +| redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 389cf678..3376d732 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -89,6 +89,9 @@ spec: value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} + {{- with .Values.redis.exporter.env }} + {{- toYaml . | nindent 8 }} + {{- end }} ports: - name: metrics containerPort: {{ .Values.redis.containerPorts.metrics }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f0da2fcb..a5b5a989 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1068,6 +1068,8 @@ redis: exporter: # -- Enable Prometheus redis-exporter sidecar enabled: false + # -- Environment variables to pass to the Redis exporter + env: [] ## Prometheus redis-exporter image image: # -- Repository to use for the redis-exporter From 0845b604805ba32db3994e0759d46108dc18428b Mon Sep 17 00:00:00 2001 From: Saad Ali Date: Sun, 12 Mar 2023 19:00:24 +0500 Subject: [PATCH 0569/1248] feat(argo-cd): Added Config Management Plugins cm (#1865) * feat(argo-cd): Added Config Management Plugins cm using sidecar approach Signed-off-by: Saad Ali * fix(argo-cd): Set ConfigMap creation for CMP using sidecar approach to false by default Signed-off-by: Saad Ali --------- Signed-off-by: Saad Ali Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 3 + .../argocd-configs/argocd-cmp-cm.yaml | 24 ++++ charts/argo-cd/values.yaml | 108 ++++++++++++++---- 4 files changed, 115 insertions(+), 26 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 663a1081..ea4a432a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.25.0 +version: 5.26.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Add parameter env to redis exporter + - kind: Added + description: ConfigMap for Config Management Plugins using sidecar approach diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b5e4adba..9606ee6c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -427,6 +427,9 @@ NAME: my-release | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | | configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] | | configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO | +| configs.cmp.annotations | object | `{}` | Annotations to be added to argocd-cmp-cm configmap | +| configs.cmp.create | bool | `false` | Create the argocd-cmp-cm configmap | +| configs.cmp.plugins | object | `{}` | Plugin yaml files to be added to argocd-cmp-cm | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml new file mode 100644 index 00000000..39a6db6b --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml @@ -0,0 +1,24 @@ +{{- if .Values.configs.cmp.create }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cmp-cm + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "cmp-cm") | nindent 4 }} + {{- with .Values.configs.cmp.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +data: + {{- range $cmp_plugin, $cmp_plugin_config := .Values.configs.cmp.plugins }} + {{ $cmp_plugin }}.yaml: | + apiVersion: argoproj.io/v1alpha1 + kind: ConfigManagementPlugin + metadata: + name: {{ $cmp_plugin }} + spec: + {{- toYaml $cmp_plugin_config | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a5b5a989..c1a693a4 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -331,6 +331,49 @@ configs: # ... # -----END CERTIFICATE----- + # ConfigMap for Config Management Plugins + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/ + cmp: + # -- Create the argocd-cmp-cm configmap + create: false + + # -- Annotations to be added to argocd-cmp-cm configmap + annotations: {} + + # -- Plugin yaml files to be added to argocd-cmp-cm + plugins: {} + # --- First plugin + # my-plugin: + # init: + # command: [sh] + # args: [-c, 'echo "Initializing..."'] + # generate: + # command: [sh, -c] + # args: + # - | + # echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}" + # discover: + # fileName: "./subdir/s*.yaml" + # find: + # glob: "**/Chart.yaml" + # command: [sh, -c, find . -name env.yaml] + + # --- Second plugin + # my-plugin2: + # init: + # command: [sh] + # args: [-c, 'echo "Initializing..."'] + # generate: + # command: [sh, -c] + # args: + # - | + # echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}" + # discover: + # fileName: "./subdir/s*.yaml" + # find: + # glob: "**/Chart.yaml" + # command: [sh, -c, find . -name env.yaml] + # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) ## Ref: @@ -1969,27 +2012,46 @@ repoServer: ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ ## Note: Supports use of custom Helm templates extraContainers: [] - # - name: cmp - # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server - # command: [/var/run/argocd/argocd-cmp-server] - # # This can be off-the-shelf or custom-built image - # image: busybox - # securityContext: - # runAsNonRoot: true - # runAsUser: 999 - # volumeMounts: - # - mountPath: /var/run/argocd - # name: var-files - # - mountPath: /home/argocd/cmp-server/plugins - # name: plugins - # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. - # - mountPath: /home/argocd/cmp-server/config/plugin.yaml - # subPath: plugin.yaml - # name: cmp-plugin - # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps - # # mitigate path traversal attacks. - # - mountPath: /tmp - # name: cmp-tmp + # - name: cmp-my-plugin + # command: + # - "/var/run/argocd/argocd-cmp-server" + # image: busybox + # securityContext: + # runAsNonRoot: true + # runAsUser: 999 + # volumeMounts: + # - mountPath: /var/run/argocd + # name: var-files + # - mountPath: /home/argocd/cmp-server/plugins + # name: plugins + # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. + # - mountPath: /home/argocd/cmp-server/config/plugin.yaml + # subPath: my-plugin.yaml + # name: argocd-cmp-cm + # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps + # # mitigate path traversal attacks. + # - mountPath: /tmp + # name: cmp-tmp + # - name: cmp-my-plugin2 + # command: + # - "/var/run/argocd/argocd-cmp-server" + # image: busybox + # securityContext: + # runAsNonRoot: true + # runAsUser: 999 + # volumeMounts: + # - mountPath: /var/run/argocd + # name: var-files + # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. + # - mountPath: /home/argocd/cmp-server/plugins + # name: plugins + # - mountPath: /home/argocd/cmp-server/config/plugin.yaml + # subPath: my-plugin2.yaml + # name: argocd-cmp-cm + # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps + # # mitigate path traversal attacks. + # - mountPath: /tmp + # name: cmp-tmp # -- Init containers to add to the repo server pods initContainers: [] @@ -1999,9 +2061,9 @@ repoServer: # -- Additional volumes to the repo server pod volumes: [] - # - name: cmp-plugin + # - name: argocd-cmp-cm # configMap: - # name: cmp-plugin + # name: argocd-cmp-cm # - name: cmp-tmp # emptyDir: {} From b629a3a0960e466a46bbdabaff4325f5f40bd082 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 15 Mar 2023 03:36:13 +0900 Subject: [PATCH 0570/1248] chore(argo-cd): Upgrade Argo CD v2.6.5 (#1900) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ea4a432a..ccf6f5cd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.4 +appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.0 +version: 5.26.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: Added - description: ConfigMap for Config Management Plugins using sidecar approach + - kind: changed + description: Upgrade Argo CD v2.6.5 From fca26f9e95486edc29e18f2b9263f56dbdb88ad0 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 15 Mar 2023 12:31:24 +0100 Subject: [PATCH 0571/1248] ci(github): Fix CI testing (#1904) Signed-off-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 0158f3fa..5899b559 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,8 +38,8 @@ jobs: changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed) charts=$(echo "$changed" | tr '\n' ' ' | xargs) if [[ -n "$changed" ]]; then - echo "changed=true" >> $GITHUB_STATE - echo "changed_charts=$charts" >> $GITHUB_STATE + echo "changed=true" >> $GITHUB_OUTPUT + echo "changed_charts=$charts" >> $GITHUB_OUTPUT fi - name: Run chart-testing (lint) From 21f4ac8d53a94ada50c91951a4fff2c9a1761bb2 Mon Sep 17 00:00:00 2001 From: Julien Aubert Date: Wed, 15 Mar 2023 14:55:32 +0100 Subject: [PATCH 0572/1248] fix(argo-cd): Use nodeSelector global property as default on ApplicationSet (#1907) fix(argo-cd): Use nodeSelector global property as default value on ApplicationSet Deployment according to the documentation. Signed-off-by: Julien Aubert Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ccf6f5cd..ccb4f7c4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.1 +version: 5.26.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD v2.6.5 + description: Use global.nodeSelector value as default value for nodeSelector on ApplicationSet diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index c737fb5e..6d8e5460 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -205,7 +205,7 @@ spec: affinity: {{- trim . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.nodeSelector }} + {{- with .Values.applicationSet.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} From 96182b4d088b7f759f894abe9e9a2e6cdfd9f6ff Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 16 Mar 2023 02:34:22 +0900 Subject: [PATCH 0573/1248] chore(argo-events): Add install guide on README (#1909) Signed-off-by: yu-croco --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/README.md | 13 +++++++++++++ charts/argo-events/README.md.gotmpl | 13 +++++++++++++ 3 files changed, 29 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 9318cb85..f577f257 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.3 +version: 2.1.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Events to v1.7.6 + - kind: added + description: Add install guide on README diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 48597a86..f06f9d3a 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -17,6 +17,19 @@ To regenerate this document, please run: ./scripts/helm-docs.sh ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-events +NAME: my-release +... +``` + ## Upgrading ### Custom resource definitions diff --git a/charts/argo-events/README.md.gotmpl b/charts/argo-events/README.md.gotmpl index 7ee5cefe..c25a3e97 100644 --- a/charts/argo-events/README.md.gotmpl +++ b/charts/argo-events/README.md.gotmpl @@ -17,6 +17,19 @@ To regenerate this document, please run: ./scripts/helm-docs.sh ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-events +NAME: my-release +... +``` + ## Upgrading ### Custom resource definitions From b34b555b7af250d82717431c561d869c819ad29e Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 15 Mar 2023 20:27:34 +0100 Subject: [PATCH 0574/1248] fix(argo-cd): Use default metrics port for APIServer (#1911) fix(argo-cd): Use default metrics port for argocd-server Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ccb4f7c4..b0d0065d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.2 +version: 5.26.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Use global.nodeSelector value as default value for nodeSelector on ApplicationSet + - kind: fixed + description: Use default metrics port for argocd-server diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 9606ee6c..a71687ed 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -670,7 +670,7 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.containerPorts.metrics | int | `8082` | Metrics container port | +| server.containerPorts.metrics | int | `8083` | Metrics container port | | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c1a693a4..31eda2f6 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1573,7 +1573,7 @@ server: # -- Server container port server: 8080 # -- Metrics container port - metrics: 8082 + metrics: 8083 # -- Host Network for Server pods hostNetwork: false From fa17c46a7398a9ec85b30b4e280b935561e2a3df Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 16 Mar 2023 01:08:55 +0100 Subject: [PATCH 0575/1248] feat(argo-cd): Add ability to add project scoped cluster(s) (#1913) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- .../templates/argocd-configs/cluster-secrets.yaml | 3 +++ charts/argo-cd/values.yaml | 11 +++++++++++ 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b0d0065d..2f77e818 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.3 +version: 5.27.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Use default metrics port for argocd-server + - kind: added + description: Ability to add project scoped cluster(s) diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index aba14db7..c1aaa531 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -26,6 +26,9 @@ stringData: clusterResources: {{ .clusterResources | quote }} {{- end }} {{- end }} + {{- if .project }} + project: {{ .project | quote }} + {{- end }} config: | {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toRawJson | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 31eda2f6..cad9a1b6 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -379,6 +379,7 @@ configs: ## Ref: ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/security/#external-cluster-credentials + ## - https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-scoped-repositories-and-clusters clusterCredentials: [] # - name: mycluster # server: https://mycluster.com @@ -400,6 +401,16 @@ configs: # tlsClientConfig: # insecure: false # caData: "" + # - name: mycluster3-project-scoped + # server: https://mycluster3.com + # labels: {} + # annotations: {} + # project: my-project1 + # config: + # bearerToken: "" + # tlsClientConfig: + # insecure: false + # caData: "" # DEPRECATED - Moved to configs.ssh.annotations # knownHostsAnnotations: {} From 69c3e6086ba86a4b31f5306cb1b75c334279dfeb Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 16 Mar 2023 20:04:52 +0900 Subject: [PATCH 0576/1248] chore(argo-workflows): Add install guide on README (#1908) Signed-off-by: yu-croco Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 10 ++-------- charts/argo-workflows/README.md | 13 +++++++++++++ charts/argo-workflows/README.md.gotmpl | 13 +++++++++++++ 3 files changed, 28 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b5f88211..a69edb0d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.13 +version: 0.22.14 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,10 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Added workflow startup option --log-format (defaults to 'text'). - - kind: added - description: Added server startup option --log-format (defaults to 'text'). - - kind: added - description: Added server startup option --loglevel (defaults to 'info'). - - kind: added - description: Added server startup option --gloglevel (defaults to '0'). + description: Add install guide on README. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d6fa862c..a9f05ab4 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -28,6 +28,19 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-workflows +NAME: my-release +... +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 0a441821..95c626e2 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -28,6 +28,19 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-workflows +NAME: my-release +... +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. From 2563d1e6f94e7102fb403bfa1ca6ece9ca39e3c3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 17 Mar 2023 17:24:44 +0900 Subject: [PATCH 0577/1248] chore(argo-cd): Upgrade Argo CD to v2.6.6 (#1915) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2f77e818..051155f2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.5 +appVersion: v2.6.6 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.0 +version: 5.27.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Ability to add project scoped cluster(s) + - kind: changed + description: Upgrade Argo CD to v2.6.6 From 2d193be5c0694dbe5e1568217a86bbe972bb091d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Emil=20Smole=C5=84ski?= <20775179+moleskin-smile@users.noreply.github.com> Date: Thu, 23 Mar 2023 08:09:03 +0100 Subject: [PATCH 0578/1248] feat(argo-workflows): Add ability to use memoization (#1924) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-cluster-roles.yaml | 4 ++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a69edb0d..b8983739 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.14 +version: 0.22.15 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Add install guide on README. + description: Ability to use memoization feature. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index a9f05ab4..0c4dd649 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -147,6 +147,7 @@ Fields to note: | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | | controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | | controller.rbac.secretWhitelist | list | `[]` | Allows controller to get, list, and watch certain k8s secrets | +| controller.rbac.writeConfigMaps | bool | `false` | Allows controller to create and update ConfigMaps. Enables memoization feature | | controller.replicas | int | `1` | The number of controller pods to run | | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index bb08306b..6b1a724e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -36,6 +36,10 @@ rules: - get - watch - list + {{- if .Values.controller.rbac.writeConfigMaps }} + - create + - update + {{- end}} - apiGroups: - "" resources: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 904d766b..3537ac89 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -74,6 +74,8 @@ controller: create: true # -- Allows controller to get, list, and watch certain k8s secrets secretWhitelist: [] + # -- Allows controller to create and update ConfigMaps. Enables memoization feature + writeConfigMaps: false # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: From ccef4448748601bb253a89fa86ed036b0e620cc1 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 24 Mar 2023 01:08:45 +0100 Subject: [PATCH 0579/1248] chore(argo-cd): Upgrade to appVersion v2.6.7 (#1926) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 051155f2..273a65f7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.6 +appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.1 +version: 5.27.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.6.6 + description: Upgrade Argo CD to v2.6.7 From ceb6011cb666d64c9e36e7daf058102c5f64b6ba Mon Sep 17 00:00:00 2001 From: Miles Armstrong Date: Fri, 24 Mar 2023 09:57:01 +0000 Subject: [PATCH 0580/1248] chore(argo-cd): Update to use Github's new RSA SSH public key (#1927) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 273a65f7..85355364 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.2 +version: 5.27.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.6.7 + description: Update Github RSA SSH public key diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cad9a1b6..8a558c6c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -307,7 +307,7 @@ configs: bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 From b8c86dd91461fb39342074da1e8417f813b74994 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 Mar 2023 15:27:19 +0100 Subject: [PATCH 0581/1248] chore(github): bump actions/stale from 7 to 8 (#1931) chore(deps): bump actions/stale from 7 to 8 Bumps [actions/stale](https://github.com/actions/stale) from 7 to 8. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v7...v8) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3a8e77d1..9b4053bb 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v7 + - uses: actions/stale@v8 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From d959c79775204facd6d413e7af53999b0fd3f776 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 Mar 2023 15:28:31 +0100 Subject: [PATCH 0582/1248] chore(github): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#1930) chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 Bumps [helm/chart-testing-action](https://github.com/helm/chart-testing-action) from 2.3.1 to 2.4.0. - [Release notes](https://github.com/helm/chart-testing-action/releases) - [Commits](https://github.com/helm/chart-testing-action/compare/v2.3.1...v2.4.0) --- updated-dependencies: - dependency-name: helm/chart-testing-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Petr Drastil --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 5899b559..97684b86 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -26,7 +26,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.3.1 + uses: helm/chart-testing-action@v2.4.0 with: # Note: Also update in scripts/lint.sh version: v3.7.1 From d34a3765682b52c6d02726b144759b796e9e3b07 Mon Sep 17 00:00:00 2001 From: LucasBoisserie Date: Tue, 28 Mar 2023 15:48:09 +0200 Subject: [PATCH 0583/1248] fix(argo-cd): Disable hostNetwork field when is set to false (#1934) * fix(argo-cd): fix host network configuration Signed-off-by: LucasBoisserie * update changelog Signed-off-by: LucasBoisserie --------- Signed-off-by: LucasBoisserie --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 2 ++ charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 ++ charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 85355364..bf4000b5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.3 +version: 5.27.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Update Github RSA SSH public key + - kind: fixed + description: Surround with if hostNetwork field to disable it when is set to false diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index ad8cbc1b..0bef6ced 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -312,7 +312,9 @@ spec: path: tls.key - key: ca.crt path: ca.crt + {{- if .Values.controller.hostNetwork }} hostNetwork: {{ .Values.controller.hostNetwork }} + {{- end }} {{- with .Values.controller.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 3e22a00d..4d5fd8dc 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -355,7 +355,9 @@ spec: path: tls.key - key: ca.crt path: ca.crt + {{- if .Values.repoServer.hostNetwork }} hostNetwork: {{ .Values.repoServer.hostNetwork }} + {{- end }} {{- with .Values.repoServer.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index bb2f750b..ddd23a02 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -421,7 +421,9 @@ spec: path: tls.crt - key: ca.crt path: ca.crt + {{- if .Values.server.hostNetwork }} hostNetwork: {{ .Values.server.hostNetwork }} + {{- end }} {{- with .Values.server.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} From af90fd665f82ab314d4fad77b4c6ecbd51ae54ac Mon Sep 17 00:00:00 2001 From: Khanh Ngo Date: Wed, 29 Mar 2023 11:16:34 +0200 Subject: [PATCH 0584/1248] feat(argo-rollouts): support setting pod annotations separately on controller and dashboard (#1928) --- charts/argo-rollouts/Chart.yaml | 6 ++---- charts/argo-rollouts/README.md | 4 +++- charts/argo-rollouts/templates/controller/deployment.yaml | 6 ++++-- charts/argo-rollouts/templates/dashboard/deployment.yaml | 6 ++++-- charts/argo-rollouts/values.yaml | 6 +++++- 5 files changed, 18 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a5e8e9c5..64cc3539 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.3 +version: 2.23.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,7 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Rollouts to v.1.4.1 - kind: added - description: Put Changelog URL on README.md + description: Added the ability to set pod annotations separately on controller and dashboard deployment diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index ee3821bf..1e8a29f0 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -95,13 +95,14 @@ For full list of changes please check ArtifactHub [changelog]. | controller.pdb.labels | object | `{}` | Labels to be added to controller [Pod Disruption Budget] | | controller.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | | controller.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | +| controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.priorityClassName | string | `""` | [priorityClassName] for the controller | | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | -| podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | +| podAnnotations | object | `{}` | Annotations for the all deployed pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | @@ -139,6 +140,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.pdb.labels | object | `{}` | Labels to be added to dashboard [Pod Disruption Budget] | | dashboard.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | | dashboard.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | +| dashboard.podAnnotations | object | `{}` | Annotations to be added to application dashboard pods | | dashboard.podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | dashboard.priorityClassName | string | `""` | [priorityClassName] for the dashboard server | | dashboard.readonly | bool | `false` | Set cluster role to readonly | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index d6adf9cf..ee118e5a 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -15,9 +15,11 @@ spec: replicas: {{ .Values.controller.replicas }} template: metadata: - {{- with .Values.podAnnotations }} + {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.controller.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index ebf9ce8b..0d210934 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -16,9 +16,11 @@ spec: replicas: {{ .Values.dashboard.replicas }} template: metadata: - {{- with .Values.podAnnotations }} + {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.dashboard.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index eb077221..d92e9304 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -41,6 +41,8 @@ extraObjects: [] controller: # -- Value of label `app.kubernetes.io/component` component: rollouts-controller + # -- Annotations to be added to application controller pods + podAnnotations: {} # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -164,7 +166,7 @@ serviceAccount: # -- Annotations to be added to all CRDs crdAnnotations: {} -# -- Annotations to be added to the Rollout pods +# -- Annotations for the all deployed pods podAnnotations: {} # -- Security Context to set on pod level @@ -217,6 +219,8 @@ dashboard: readonly: false # -- Value of label `app.kubernetes.io/component` component: rollouts-dashboard + # -- Annotations to be added to application dashboard pods + podAnnotations: {} # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints From 3c24d55fa4029f83543308a055577457b492e719 Mon Sep 17 00:00:00 2001 From: Gergely Czuczy Date: Thu, 30 Mar 2023 18:33:14 +0200 Subject: [PATCH 0585/1248] feat(argo-cd): Entrypoint can be configured now (#1898) * Entrypoint can be configured now Signed-off-by: Gergely Czuczy * Updated charts.lock after following master Signed-off-by: Gergely Czuczy * Bump version Signed-off-by: Gergely Czuczy --------- Signed-off-by: Gergely Czuczy Signed-off-by: Gergely Czuczy --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 8 ++++---- charts/argo-cd/README.md | 2 ++ .../templates/argocd-applicationset/deployment.yaml | 5 ++++- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 4 +++- charts/argo-cd/values.yaml | 8 ++++++++ 6 files changed, 24 insertions(+), 9 deletions(-) mode change 100755 => 100644 charts/argo-cd/values.yaml diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index a2a5011e..e21296c6 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.4 -digest: sha256:5df60910862b364ebfb82cba2b2f0951c39ad36446647fb3f501bdeadc92fbd7 -generated: "2022-12-26T22:58:11.561184+09:00" + version: 4.22.5 +digest: sha256:d2e927511e515fb862f23dd413ee3a356c855d808f6f9ad1d345ee62b8c7ea16 +generated: "2023-03-30T08:25:32.738257836+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bf4000b5..059c9250 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.4 +version: 5.27.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,10 +18,10 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.4 + version: 4.22.5 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Surround with if hostNetwork field to disable it when is set to false + - kind: changed + description: entrypoint usage can be configured diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a71687ed..2b7d4ea3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,8 @@ NAME: my-release | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | +| global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | +| global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6d8e5460..e4e86570 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -51,8 +51,11 @@ spec: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} + {{- if not .Values.global.entrypoint.useImplicit }} command: - - entrypoint.sh + - {{ .Values.global.entrypoint.entrypoint | quote }} + {{- end }} + args: - argocd-applicationset-controller - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 4d5fd8dc..01a79204 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -56,8 +56,10 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} + {{- if not .Values.global.entrypoint.useImplicit }} command: - - entrypoint.sh + - {{ .Values.global.entrypoint.entrypoint | quote }} + {{- end }} args: - argocd-repo-server - --port={{ .Values.repoServer.containerPorts.server }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml old mode 100755 new mode 100644 index 8a558c6c..41815314 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -132,6 +132,14 @@ global: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # POD entrypoint configuration + entrypoint: + # -- Implicitly use the docker image's entrypoint. This requires the image to have + # ENTRYPOINT set properly + useImplicit: false + # -- The entrypoint to use for the containers. + entrypoint: "entrypoint.sh" + ## Argo Configs configs: From 0697ab1e4b15a0f323469a65f858622a5692f0e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Boniecki?= Date: Sat, 1 Apr 2023 20:40:02 +0000 Subject: [PATCH 0586/1248] fix(argo-events): wire up priorityClassName (#1940) --- charts/argo-events/Chart.yaml | 6 +++--- .../templates/argo-events-controller/deployment.yaml | 3 +++ .../templates/argo-events-webhook/deployment.yaml | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f577f257..a702a625 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.4 +version: 2.1.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Add install guide on README + - kind: fixed + description: priorityClassName was not being set on pods. diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index ab41c26b..0ca65ee2 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -27,6 +27,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.controller.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index 2f0478af..e3839caf 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -27,6 +27,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.webhook.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} From 4ea0119321d9c58c75eaef889033f98994af40a6 Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Mon, 3 Apr 2023 11:58:50 +0200 Subject: [PATCH 0587/1248] feat(argo-cd): Add support for custom Deployment strategy (#1918) Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 6 +++ charts/argo-cd/templates/_common.tpl | 17 +++++++++ .../argocd-applicationset/deployment.yaml | 4 ++ .../argocd-notifications/deployment.yaml | 4 +- .../argocd-repo-server/deployment.yaml | 4 ++ .../templates/argocd-server/deployment.yaml | 4 ++ charts/argo-cd/templates/dex/deployment.yaml | 4 ++ charts/argo-cd/values.yaml | 38 +++++++++++++++++++ 9 files changed, 83 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 059c9250..09552820 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.5 +version: 5.28.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: entrypoint usage can be configured + - kind: added + description: Add support for custom Deployment strategy diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2b7d4ea3..faa37022 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,7 @@ NAME: my-release | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | +| global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | | global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | | global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | @@ -573,6 +574,7 @@ NAME: my-release | repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | +| repoServer.deploymentStrategy | object | `{}` | Deployment strategy to be added to the repo server Deployment | | repoServer.dnsConfig | object | `{}` | [DNS configuration] | | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | @@ -676,6 +678,7 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | +| server.deploymentStrategy | object | `{}` | Deployment strategy to be added to the server Deployment | | server.dnsConfig | object | `{}` | [DNS configuration] | | server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | @@ -822,6 +825,7 @@ server: | dex.containerPorts.metrics | int | `5558` | Metrics container port | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | +| dex.deploymentStrategy | object | `{}` | Deployment strategy to be added to the Dex server Deployment | | dex.dnsConfig | object | `{}` | [DNS configuration] | | dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods | | dex.enabled | bool | `true` | Enable dex | @@ -1012,6 +1016,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | +| applicationSet.deploymentStrategy | object | `{}` | Deployment strategy to be added to the ApplicationSet controller Deployment | | applicationSet.dnsConfig | object | `{}` | [DNS configuration] | | applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | @@ -1097,6 +1102,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | +| notifications.deploymentStrategy | object | `{"type":"Recreate"}` | Deployment strategy to be added to the notifications controller Deployment | | notifications.dnsConfig | object | `{}` | [DNS configuration] | | notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods | | notifications.enabled | bool | `true` | Enable notifications controller | diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index dd43d0d5..bf0c1e84 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -120,3 +120,20 @@ nodeAffinity: {{- end -}} {{- end -}} {{- end -}} + +{{/* +Common deployment strategy definition +- Recreate don't have additional fields, we need to remove them if added by the mergeOverwrite +*/}} +{{- define "argo-cd.strategy" -}} +{{- $preset := . -}} +{{- if (eq $preset.type "Recreate") }} +type: Recreate +{{- else if (eq $preset.type "RollingUpdate") }} +type: RollingUpdate +{{- with $preset.rollingUpdate }} +rollingUpdate: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index e4e86570..76d77b42 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -12,6 +12,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.applicationSet.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} replicas: {{ .Values.applicationSet.replicaCount }} revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 45ba1de0..fc51bb00 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -14,8 +14,10 @@ metadata: spec: replicas: 1 revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.notifications.deploymentStrategy) }} strategy: - type: Recreate + {{- trim . | nindent 4 }} + {{- end }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 01a79204..906a544f 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -11,6 +11,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.repoServer.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} {{- if not .Values.repoServer.autoscaling.enabled }} replicas: {{ .Values.repoServer.replicas }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ddd23a02..a5bea81b 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -11,6 +11,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.server.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} {{- if not .Values.server.autoscaling.enabled }} replicas: {{ .Values.server.replicas }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index fd5e00d9..af6523d5 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -12,6 +12,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.dex.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} replicas: 1 revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 41815314..640f1a48 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -140,6 +140,12 @@ global: # -- The entrypoint to use for the containers. entrypoint: "entrypoint.sh" + # -- Deployment strategy for the all deployed Deployments + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% ## Argo Configs configs: @@ -1093,6 +1099,13 @@ dex: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the Dex server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + ## Redis redis: # -- Enable redis @@ -1665,6 +1678,13 @@ server: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: @@ -2178,6 +2198,13 @@ repoServer: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the repo server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # -- Priority class for the repo server pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2518,6 +2545,13 @@ applicationSet: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the ApplicationSet controller Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # -- Priority class for the ApplicationSet controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2776,6 +2810,10 @@ notifications: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the notifications controller Deployment + deploymentStrategy: + type: Recreate + # -- Priority class for the notifications controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" From a012bd41c9d070d71633aa65d64c644146f719cf Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 4 Apr 2023 20:10:13 +0900 Subject: [PATCH 0588/1248] chore(argo-workflows): Upgrade Argo Workflows to v3.4.6 (#1942) Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b8983739..6524a472 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.5 +appVersion: v3.4.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.15 +version: 0.22.16 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Ability to use memoization feature. + - kind: changed + description: Upgrade Argo Workflows to v3.4.6. From c3759febbd4b6fee5a09aa75f194a018b88869f2 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 6 Apr 2023 16:52:19 +0300 Subject: [PATCH 0589/1248] feat(argocd-image-updater): Add support for pod labels (#1944) Signed-off-by: drfaust92 --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 1 + charts/argocd-image-updater/templates/deployment.yaml | 3 +++ charts/argocd-image-updater/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 5d599c41..f64d558b 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.4 +version: 0.8.5 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: changed - description: Update Argo CD Image Updater to v0.12.2 + description: Added support for pod labels diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 10259e19..5d5c7253 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -106,6 +106,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | nameOverride | string | `""` | Global name (argocd-image-updater.name in _helpers.tpl) override | | nodeSelector | object | `{}` | Kubernetes nodeSelector settings for the deployment | | podAnnotations | object | `{}` | Pod Annotations for the deployment | +| podLabels | object | `{}` | Pod Labels for the deployment | | podSecurityContext | object | `{}` | Pod security context settings for the deployment | | rbac.enabled | bool | `true` | Enable RBAC creation | | replicaCount | int | `1` | Replica count for the deployment. It is not advised to run more than one replica. | diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 61136fb8..936a4a70 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -19,6 +19,9 @@ spec: {{- end }} checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} labels: + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- include "argocd-image-updater.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 9ac3e1ef..90498e26 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -156,6 +156,9 @@ serviceAccount: # -- Pod Annotations for the deployment podAnnotations: {} +# -- Pod Labels for the deployment +podLabels: {} + # -- Pod security context settings for the deployment podSecurityContext: {} # fsGroup: 2000 From b19beee4f8cea0c1b9a37511c92a5e9b09a8e141 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 7 Apr 2023 01:16:40 +0900 Subject: [PATCH 0590/1248] fix(argo-cd): Change default value for global.tolerations, from object to array (#1947) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 09552820..fc35d6b4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.0 +version: 5.28.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Add support for custom Deployment strategy + - kind: fixed + description: Change default value for global.tolerations, from object to array. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index faa37022..a3e43b0f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -413,7 +413,7 @@ NAME: my-release | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | | global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | -| global.tolerations | object | `{}` | Default tolerations for all components | +| global.tolerations | list | `[]` | Default tolerations for all components | | global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components | ## Argo CD Configs diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 640f1a48..40eee8cb 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -106,7 +106,7 @@ global: nodeSelector: {} # -- Default tolerations for all components - tolerations: {} + tolerations: [] # Default affinity preset for all components affinity: From 56136f65185ba97ac14543d49413626dd49e3f78 Mon Sep 17 00:00:00 2001 From: Justin Sievenpiper Date: Thu, 6 Apr 2023 16:43:01 -0700 Subject: [PATCH 0591/1248] feat(argo-workflows): add the ability to declare initContainers (#1923) feat(argo-workflows): add the ability to declare initContainers to server and controller deployments Signed-off-by: Justin Sievenpiper --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-deployment.yaml | 4 ++++ .../argo-workflows/templates/server/server-deployment.yaml | 4 ++++ charts/argo-workflows/values.yaml | 6 ++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6524a472..59a8a66a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.16 +version: 0.23.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.4.6. + - kind: added + description: Added the ability to deploy init containers alongside the controller and server deployments. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 0c4dd649..0cd08319 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -108,6 +108,7 @@ Fields to note: | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | | controller.extraEnv | list | `[]` | Extra environment variables to provide to the controller container | +| controller.extraInitContainers | list | `[]` | Enables init containers to be added to the controller deployment | | controller.image.registry | string | `"quay.io"` | Registry to use for the controller | | controller.image.repository | string | `"argoproj/workflow-controller"` | Registry to use for the controller | | controller.image.tag | string | `""` | Image tag for the workflow controller. Defaults to `.Values.images.tag`. | @@ -215,6 +216,7 @@ Fields to note: | server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary, such as for disabling authentication. | | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | +| server.extraInitContainers | list | `[]` | Enables init containers to be added to the server deployment | | server.image.registry | string | `"quay.io"` | Registry to use for the server | | server.image.repository | string | `"argoproj/argocli"` | Repository to use for the server | | server.image.tag | string | `""` | Image tag for the Argo Workflows server. Defaults to `.Values.images.tag`. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 8f4f783f..021a2e76 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -32,6 +32,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.extraInitContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: controller image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index e5230cd0..552c7d05 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -33,6 +33,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.extraInitContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: argo-server image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.server.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 3537ac89..155a0acd 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -295,6 +295,9 @@ controller: # -- Extra containers to be added to the controller deployment extraContainers: [] + # -- Enables init containers to be added to the controller deployment + extraInitContainers: [] + # -- Workflow retention by number of workflows retentionPolicy: {} # completed: 10 @@ -570,6 +573,9 @@ server: # -- Extra containers to be added to the server deployment extraContainers: [] + # -- Enables init containers to be added to the server deployment + extraInitContainers: [] + # -- Array of extra K8s manifests to deploy extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 From 950c5be7256b0f2a4360de275d56c644e7e8fb42 Mon Sep 17 00:00:00 2001 From: Shawqi <74347460+shaw8ii@users.noreply.github.com> Date: Fri, 7 Apr 2023 15:45:35 +0300 Subject: [PATCH 0592/1248] fix(argo-events): missing argument for toYaml function in deployment template (#1933) * fix(argo-events): missing argument for toYaml function in deployment template Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> * Add description to Chart.yaml Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> * bump version Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> --------- Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> Co-authored-by: Petr Drastil --- charts/argo-events/Chart.yaml | 4 ++-- .../templates/argo-events-controller/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a702a625..f11e6a0a 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.5 +version: 2.1.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: priorityClassName was not being set on pods. + description: fix toYaml function in deployment template for envFrom block diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 0ca65ee2..6f6a965b 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -63,7 +63,7 @@ spec: {{- end }} {{- with .Values.controller.envFrom }} envFrom: - {{- toYaml | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} volumeMounts: - name: config From 7eafaa742e6c14f3ed0d21614f53826848044ec4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 11 Apr 2023 22:33:49 +0900 Subject: [PATCH 0593/1248] chore(argo-cd): Add log format and log level to dex (#1951) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/dex/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 7 +++++++ 4 files changed, 14 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fc35d6b4..be815df3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.1 +version: 5.28.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Change default value for global.tolerations, from object to array. + - kind: added + description: Add log format and log level to dex. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a3e43b0f..b90af7af 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -847,6 +847,8 @@ server: | dex.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | dex.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | dex.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| dex.logFormat | string | `""` (defaults to global.logging.format) | Dex log format. Either `text` or `json` | +| dex.logLevel | string | `""` (defaults to global.logging.level) | Dex log level. One of: `debug`, `info`, `warn`, `error` | | dex.metrics.enabled | bool | `false` | Deploy metrics service | | dex.metrics.service.annotations | object | `{}` | Metrics service annotations | | dex.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index af6523d5..f8342233 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -61,6 +61,8 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.image.imagePullPolicy }} command: - /shared/argocd-dex + - --logformat={{ default .Values.global.logging.format .Values.dex.logFormat }} + - --loglevel={{ default .Values.global.logging.level .Values.dex.logLevel }} args: - rundex {{- with .Values.dex.extraArgs }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 40eee8cb..32b9060c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1106,6 +1106,13 @@ dex: # maxSurge: 25% # maxUnavailable: 25% + # -- Dex log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Dex log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + ## Redis redis: # -- Enable redis From 633954386f82ff86fe1504afbdc92b7673246ff7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 11 Apr 2023 22:50:22 +0900 Subject: [PATCH 0594/1248] fix(argo-workflows): Update outdated content on README (#1948) fix(argo-workflows): Remove outdated content on README Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 ++-- charts/argo-workflows/README.md | 42 +++++++++++++++++++++----- charts/argo-workflows/README.md.gotmpl | 42 +++++++++++++++++++++----- 3 files changed, 73 insertions(+), 17 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 59a8a66a..e648478f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.23.0 +version: 0.23.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Added the ability to deploy init containers alongside the controller and server deployments. + - kind: fixed + description: Update outdated content on README. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 0cd08319..2c8ceb70 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -6,13 +6,6 @@ If you want your deployment of this helm chart to most closely match the [argo C ## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to create these. - -A few options are: - -- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec -- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -28,6 +21,41 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +### ServiceAccount for Workflow Spec +In order for each Workflow run, you create ServiceAccount via `values.yaml` like below. + +```yaml +workflow: + serviceAccount: + create: true + name: "argo-workflow" + rbac: + create: true +controller: + workflowNamespaces: + - default + - foo + - bar +``` + +Set ServiceAccount on Workflow. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: hello-world- +spec: + entrypoint: whalesay + serviceAccountName: argo-workflow # Set ServiceAccount + templates: + - name: whalesay + container: + image: docker/whalesay + command: [ cowsay ] + args: [ "hello world" ] +``` + ## Installing the Chart To install the chart with the release name `my-release`: diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 95c626e2..398a8788 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -6,13 +6,6 @@ If you want your deployment of this helm chart to most closely match the [argo C ## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to create these. - -A few options are: - -- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec -- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -28,6 +21,41 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +### ServiceAccount for Workflow Spec +In order for each Workflow run, you create ServiceAccount via `values.yaml` like below. + +```yaml +workflow: + serviceAccount: + create: true + name: "argo-workflow" + rbac: + create: true +controller: + workflowNamespaces: + - default + - foo + - bar +``` + +Set ServiceAccount on Workflow. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: hello-world- +spec: + entrypoint: whalesay + serviceAccountName: argo-workflow # Set ServiceAccount + templates: + - name: whalesay + container: + image: docker/whalesay + command: [ cowsay ] + args: [ "hello world" ] +``` + ## Installing the Chart To install the chart with the release name `my-release`: From 1d17840549a7956e437069132b0513f6d2e4824a Mon Sep 17 00:00:00 2001 From: Julien Duchesne Date: Wed, 12 Apr 2023 00:52:28 -0400 Subject: [PATCH 0595/1248] chore(argo-workflows): Upgrade Argo Workflows to v3.4.7 (#1954) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index e648478f..bde79c69 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.6 +appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.23.1 +version: 0.23.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Update outdated content on README. + - kind: changed + description: Upgrade Argo Workflows to v3.4.7. From 7eeb70f7117df0e25ebf30ed193c11a3b9960e24 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 13 Apr 2023 18:25:06 +0900 Subject: [PATCH 0596/1248] fix(argo-workflows): Add namespace field to all namespace scoped resources (#1956) Reason: `helm template` doesn't add the namespace field automatically * fix(argo-workflows): Add namespace field to all namespace scoped resources because `helm template` doesn't add the namespace filed automatically Signed-off-by: yu-croco * chore(argo-workflows): bump minor version Signed-off-by: yu-croco * refactor(argo-workflows): reflect review points Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- .../controller/workflow-controller-cluster-roles.yaml | 3 +++ .../controller/workflow-controller-config-map.yaml | 1 + .../templates/controller/workflow-controller-crb.yaml | 7 +++++-- .../controller/workflow-controller-deployment-pdb.yaml | 1 + .../controller/workflow-controller-deployment.yaml | 1 + .../templates/controller/workflow-controller-sa.yaml | 1 + .../templates/controller/workflow-controller-service.yaml | 1 + .../controller/workflow-controller-servicemonitor.yaml | 6 ++---- .../templates/server/server-cluster-roles.yaml | 3 +++ charts/argo-workflows/templates/server/server-crb.yaml | 7 +++++-- .../templates/server/server-deployment-pdb.yaml | 1 + .../argo-workflows/templates/server/server-deployment.yaml | 1 + charts/argo-workflows/templates/server/server-ingress.yaml | 1 + charts/argo-workflows/templates/server/server-sa.yaml | 1 + charts/argo-workflows/templates/server/server-service.yaml | 1 + 16 files changed, 31 insertions(+), 11 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index bde79c69..69cbe88f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.23.2 +version: 0.24.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.4.7. + - kind: fixed + description: Add namespace field to all namespace scoped resources because `helm template` doesn't add the namespace filed automatically. diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 6b1a724e..b5d78afa 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -7,6 +7,9 @@ kind: ClusterRole {{- end }} metadata: name: {{ template "argo-workflows.controller.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 125f48d3..7327ecac 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ template "argo-workflows.controller.fullname" . }}-configmap + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} data: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index c630bac6..9fa7a7f6 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -7,6 +7,9 @@ kind: ClusterRoleBinding {{- end }} metadata: name: {{ template "argo-workflows.controller.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: @@ -20,7 +23,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- @@ -37,6 +40,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml index 4e7545c7..ee38445f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 021a2e76..4ee117b8 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "argo-workflows.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index 36245900..c6a8bf66 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.serviceAccount.labels }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 3ca1afad..5ade3d40 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-workflows.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index f71d3507..29fe1b59 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-workflows.controller.fullname" . }} - {{- with .Values.controller.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.serviceMonitor.namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.serviceMonitor.additionalLabels }} @@ -25,7 +23,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ .Release.Namespace | quote }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index c7d18f50..96f12bfa 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -7,6 +7,9 @@ kind: ClusterRole {{- end }} metadata: name: {{ template "argo-workflows.server.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index 6ac17aef..ec4f6435 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -7,6 +7,9 @@ kind: ClusterRoleBinding {{- end }} metadata: name: {{ template "argo-workflows.server.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: @@ -20,7 +23,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.server.clusterWorkflowTemplates.enabled }} --- @@ -37,6 +40,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end -}} {{- end -}} diff --git a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml index d92a4083..7ea6d465 100644 --- a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 552c7d05..e9da0a1d 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -3,6 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index 969676e1..36209f5b 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -14,6 +14,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- if .Values.server.ingress.labels }} diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml index 2f6644ed..382d565e 100644 --- a/charts/argo-workflows/templates/server/server-sa.yaml +++ b/charts/argo-workflows/templates/server/server-sa.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.serviceAccount.labels }} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 22fc2b01..f7096a8d 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} From 88d690ef62e40547e951d708bcbd6806e8d579ae Mon Sep 17 00:00:00 2001 From: Jakub Oskera Date: Thu, 13 Apr 2023 16:08:34 +0200 Subject: [PATCH 0597/1248] fix(argo-cd): add namespace field for namespace scoped resources (#1937) --- charts/argo-cd/Chart.yaml | 6 +++--- .../templates/argocd-application-controller/metrics.yaml | 1 + .../argocd-application-controller/networkpolicy.yaml | 1 + .../templates/argocd-application-controller/pdb.yaml | 1 + .../argocd-application-controller/prometheusrule.yaml | 4 +--- .../templates/argocd-application-controller/role.yaml | 1 + .../argocd-application-controller/rolebinding.yaml | 1 + .../argocd-application-controller/serviceaccount.yaml | 1 + .../argocd-application-controller/servicemonitor.yaml | 4 +--- .../argocd-application-controller/statefulset.yaml | 1 + .../argo-cd/templates/argocd-applicationset/deployment.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/metrics.yaml | 1 + .../templates/argocd-applicationset/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/pdb.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/role.yaml | 1 + .../templates/argocd-applicationset/rolebinding.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/service.yaml | 1 + .../templates/argocd-applicationset/serviceaccount.yaml | 1 + .../templates/argocd-applicationset/servicemonitor.yaml | 4 +--- .../templates/argocd-applicationset/webhook-ingress.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-cm.yaml | 1 + .../templates/argocd-configs/argocd-cmd-params-cm.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml | 1 + .../argocd-configs/argocd-dex-server-tls-secret.yaml | 1 + .../templates/argocd-configs/argocd-gpg-keys-cm.yaml | 1 + .../templates/argocd-configs/argocd-notifications-cm.yaml | 1 + .../argocd-configs/argocd-notifications-secret.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml | 1 + .../argocd-configs/argocd-repo-server-tls-secret.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 1 + .../templates/argocd-configs/argocd-server-tls-secret.yaml | 1 + .../templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml | 1 + .../argo-cd/templates/argocd-configs/argocd-styles-cm.yaml | 1 + .../templates/argocd-configs/argocd-tls-certs-cm.yaml | 1 + .../argo-cd/templates/argocd-configs/cluster-secrets.yaml | 1 + .../templates/argocd-configs/externalredis-secret.yaml | 1 + .../argocd-configs/repository-credentials-secret.yaml | 1 + .../argo-cd/templates/argocd-configs/repository-secret.yaml | 1 + .../argo-cd/templates/argocd-notifications/deployment.yaml | 1 + charts/argo-cd/templates/argocd-notifications/metrics.yaml | 1 + .../templates/argocd-notifications/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-notifications/pdb.yaml | 1 + charts/argo-cd/templates/argocd-notifications/role.yaml | 1 + .../argo-cd/templates/argocd-notifications/rolebinding.yaml | 1 + .../templates/argocd-notifications/serviceaccount.yaml | 1 + .../templates/argocd-notifications/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/hpa.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/metrics.yaml | 1 + .../argo-cd/templates/argocd-repo-server/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/pdb.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/role.yaml | 1 + .../argo-cd/templates/argocd-repo-server/rolebinding.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/service.yaml | 1 + .../templates/argocd-repo-server/serviceaccount.yaml | 1 + .../templates/argocd-repo-server/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/argocd-server/aws/service.yaml | 1 + charts/argo-cd/templates/argocd-server/certificate.yaml | 1 + charts/argo-cd/templates/argocd-server/deployment.yaml | 1 + .../argo-cd/templates/argocd-server/gke/backendconfig.yaml | 1 + .../argo-cd/templates/argocd-server/gke/frontendconfig.yaml | 1 + .../templates/argocd-server/gke/managedcertificate.yaml | 1 + charts/argo-cd/templates/argocd-server/hpa.yaml | 1 + charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 1 + charts/argo-cd/templates/argocd-server/ingress.yaml | 1 + charts/argo-cd/templates/argocd-server/metrics.yaml | 1 + charts/argo-cd/templates/argocd-server/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-server/openshift/route.yaml | 1 + charts/argo-cd/templates/argocd-server/pdb.yaml | 1 + charts/argo-cd/templates/argocd-server/role.yaml | 1 + charts/argo-cd/templates/argocd-server/rolebinding.yaml | 1 + charts/argo-cd/templates/argocd-server/service.yaml | 1 + charts/argo-cd/templates/argocd-server/serviceaccount.yaml | 1 + charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/dex/deployment.yaml | 1 + charts/argo-cd/templates/dex/networkpolicy.yaml | 1 + charts/argo-cd/templates/dex/pdb.yaml | 1 + charts/argo-cd/templates/dex/role.yaml | 1 + charts/argo-cd/templates/dex/rolebinding.yaml | 1 + charts/argo-cd/templates/dex/service.yaml | 1 + charts/argo-cd/templates/dex/serviceaccount.yaml | 1 + charts/argo-cd/templates/dex/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/networkpolicy-default-deny.yaml | 1 + charts/argo-cd/templates/redis/deployment.yaml | 1 + charts/argo-cd/templates/redis/metrics.yaml | 1 + charts/argo-cd/templates/redis/networkpolicy.yaml | 1 + charts/argo-cd/templates/redis/pdb.yaml | 1 + charts/argo-cd/templates/redis/service.yaml | 1 + charts/argo-cd/templates/redis/serviceaccount.yaml | 1 + charts/argo-cd/templates/redis/servicemonitor.yaml | 4 +--- 90 files changed, 92 insertions(+), 27 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index be815df3..81666537 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.2 +version: 5.29.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Add log format and log level to dex. + - kind: fixed + description: Add namespace field for namespace scoped resources diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml index 88827a85..754b8490 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.controller.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 4 }} {{- with .Values.controller.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml index bbb6b324..e7448c52 100644 --- a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml index b6804c54..7eaf28e1 100644 --- a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml index c44a63f5..86d66564 100644 --- a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: PrometheusRule metadata: name: {{ template "argo-cd.controller.fullname" . }} - {{- if .Values.controller.metrics.rules.namespace }} - namespace: {{ .Values.controller.metrics.rules.namespace }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.rules.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- if .Values.controller.metrics.rules.selector }} diff --git a/charts/argo-cd/templates/argocd-application-controller/role.yaml b/charts/argo-cd/templates/argocd-application-controller/role.yaml index 75aec8db..56ef17b5 100644 --- a/charts/argo-cd/templates/argocd-application-controller/role.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml index f37f4b0c..5f07f109 100644 --- a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index 96d786cd..fe56d376 100644 --- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.controller.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.controller.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 3c8b0ca4..10ba7767 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.controller.fullname" . }} - {{- with .Values.controller.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 0bef6ced..2a067a63 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 76d77b42..90863cce 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index 7a9397cd..fdac0bcf 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.applicationSet.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }} {{- with .Values.applicationSet.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml index 176de64b..81020f54 100644 --- a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml @@ -3,6 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml index 51974356..8f179032 100644 --- a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index a9ec2f92..f8f55405 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml index 91cddeae..8a70526c 100644 --- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index 9e0de533..640b195a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.service.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml index cf5c0ef5..a196626e 100644 --- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.applicationSetServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.applicationSet.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.applicationSet.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index b836ccc5..bb814a25 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -4,9 +4,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} - {{- with .Values.applicationSet.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.applicationSet.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml index 5285c6f2..d98f9423 100644 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml @@ -7,6 +7,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.webhook.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index a9ff71d9..829a6776 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.cm.annotations) (.Values.server.configAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml index 0628ff9c..18fead9b 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cmd-params-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cmd-params-cm") | nindent 4 }} {{- if .Values.configs.params.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml index 39a6db6b..a3400605 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cmp-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "cmp-cm") | nindent 4 }} {{- with .Values.configs.cmp.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml index 7e3ae6b0..c543e8a7 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-dex-server-tls + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" "dex-server-tls") | nindent 4 }} {{- with .Values.dex.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml index 72f9823b..982867f9 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-gpg-keys-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} {{ with (mergeOverwrite (deepCopy .Values.configs.gpg.annotations) (.Values.configs.gpgKeysAnnotations | default dict)) -}} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml index 593da721..c8cdefc4 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-notifications-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index dc5bd383..cde4d555 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-notifications-secret + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.secret.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index 8ebb43d2..c882cb39 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-rbac-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "rbac-cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.rbac.annotations) (.Values.server.rbacConfigAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml index b0f35aa2..4e1b3dc9 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-server-tls + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "repo-server-tls") | nindent 4 }} {{- with .Values.repoServer.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 84a51197..1e69bcea 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-secret + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }} {{- with .Values.configs.secret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml index 1e9f8dd3..c612a62c 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-server-tls + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "server-tls") | nindent 4 }} {{- with .Values.server.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 7b8e5d0b..a7f3abdf 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-ssh-known-hosts-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml index 149104f1..b98e40df 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-styles-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 1ba0176d..6a5a95e5 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-tls-certs-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.tls.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index c1aaa531..259ee348 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .labels }} diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml index 80dfc475..9bfcd983 100644 --- a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .Values.externalRedis.secretAnnotations }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index 96efd67c..748718ab 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-creds-{{ $repo_cred_key }} + namespace: {{ .Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repo-creds {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index bd0c067c..d64ae5cc 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-{{ $repo_key }} + namespace: {{ .Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repository {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index fc51bb00..729e57db 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-notifications/metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml index 3b80e97b..3c30a085 100644 --- a/charts/argo-cd/templates/argocd-notifications/metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.notifications.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 4 }} {{- with .Values.notifications.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml index 6bd0c04e..011a7c33 100644 --- a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml @@ -3,6 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ template "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-notifications/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/pdb.yaml index f1f32715..71619547 100644 --- a/charts/argo-cd/templates/argocd-notifications/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-notifications/role.yaml b/charts/argo-cd/templates/argocd-notifications/role.yaml index 52df9ad1..128c24f5 100644 --- a/charts/argo-cd/templates/argocd-notifications/role.yaml +++ b/charts/argo-cd/templates/argocd-notifications/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml index e78ac5c6..7bc6e1d1 100644 --- a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml index d6219280..aa824242 100644 --- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.notificationsServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.notifications.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.notifications.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 2dd280bf..de3cc5a3 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.notifications.fullname" . }} - {{- if .Values.notifications.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.notifications.metrics.serviceMonitor.namespace }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.notifications.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 906a544f..f5272bc2 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index d7f74320..2cba8324 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-hpa" .Values.repoServer.name)) | nindent 4 }} name: {{ template "argo-cd.repoServer.fullname" . }}-hpa + namespace: {{ .Release.Namespace | quote }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml index 1124057e..b2be38ee 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.repoServer.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-metrics" .Values.repoServer.name)) | nindent 4 }} {{- with .Values.repoServer.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml index 619a65ca..08a1c214 100644 --- a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml index 318671f0..658a1fe3 100644 --- a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} {{- with .Values.repoServer.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-repo-server/role.yaml b/charts/argo-cd/templates/argocd-repo-server/role.yaml index bc422c43..5f9324d5 100644 --- a/charts/argo-cd/templates/argocd-repo-server/role.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml index 3cfa312f..8834b778 100644 --- a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-repo-server/service.yaml b/charts/argo-cd/templates/argocd-repo-server/service.yaml index 541ea41e..c2c43463 100644 --- a/charts/argo-cd/templates/argocd-repo-server/service.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/service.yaml @@ -13,6 +13,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ports: - name: {{ .Values.repoServer.service.portName }} diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml index 71f75583..7b26928f 100644 --- a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.repoServerServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.repoServer.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 82937d9b..aec96461 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.repoServer.fullname" . }} - {{- with .Values.repoServer.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.repoServer.metrics.serviceMonitor.namespace | default }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} {{- with .Values.repoServer.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index a0368023..02c543d5 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -7,6 +7,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-grpc + namespace: {{ .Release.Namespace | quote }} spec: ports: - name: {{ .Values.server.service.servicePortHttpName }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index ed844aa2..eec82ae6 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index a5bea81b..aa7320e7 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml index 69a42093..e2ae3d84 100644 --- a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-cd.apiVersions.cloudgoogle" . }} kind: BackendConfig metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml index 46fc43a9..31687596 100644 --- a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml @@ -3,6 +3,7 @@ apiVersion: networking.gke.io/v1beta1 kind: FrontendConfig metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml index 81e1e710..942c6b3f 100644 --- a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml @@ -3,6 +3,7 @@ apiVersion: networking.gke.io/v1 kind: ManagedCertificate metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: domains: {{- with .Values.server.GKEmanagedCertificate.domains }} diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index af107b7f..cbc17c31 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-hpa" .Values.server.name)) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-hpa + namespace: {{ .Release.Namespace | quote }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index b728a11b..b671f86f 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -7,6 +7,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }}-grpc + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingressGrpc.labels }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 0e064b0b..98ec1cb1 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -7,6 +7,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-server/metrics.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml index bf8ee083..3a9f46f7 100644 --- a/charts/argo-cd/templates/argocd-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.server.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-metrics" .Values.server.name)) | nindent 4 }} {{- with .Values.server.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml index 8300d696..443ff359 100644 --- a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - {} diff --git a/charts/argo-cd/templates/argocd-server/openshift/route.yaml b/charts/argo-cd/templates/argocd-server/openshift/route.yaml index f1fc8012..59313798 100644 --- a/charts/argo-cd/templates/argocd-server/openshift/route.yaml +++ b/charts/argo-cd/templates/argocd-server/openshift/route.yaml @@ -3,6 +3,7 @@ apiVersion: route.openshift.io/v1 kind: Route metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.route.annotations }} diff --git a/charts/argo-cd/templates/argocd-server/pdb.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml index 89c54c65..adc47aec 100644 --- a/charts/argo-cd/templates/argocd-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-server/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 16164a9a..f156bc18 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-server/rolebinding.yaml index 54d4eaeb..93b1fa94 100644 --- a/charts/argo-cd/templates/argocd-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/rolebinding.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 879bdb32..5a31f0b8 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- if .Values.server.service.labels }} diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index a2eb9b11..5d03aaf6 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.server.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.server.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.server.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index d00e5657..65d102e3 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.server.fullname" . }} - {{- if .Values.server.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.server.metrics.serviceMonitor.namespace }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.server.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index f8342233..8359a6a8 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/dex/networkpolicy.yaml b/charts/argo-cd/templates/dex/networkpolicy.yaml index e79a2e3e..cb0fcc55 100644 --- a/charts/argo-cd/templates/dex/networkpolicy.yaml +++ b/charts/argo-cd/templates/dex/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/dex/pdb.yaml b/charts/argo-cd/templates/dex/pdb.yaml index 45bd0050..c0adc73f 100644 --- a/charts/argo-cd/templates/dex/pdb.yaml +++ b/charts/argo-cd/templates/dex/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- with .Values.dex.pdb.labels }} diff --git a/charts/argo-cd/templates/dex/role.yaml b/charts/argo-cd/templates/dex/role.yaml index 6b9b3f69..49d40891 100644 --- a/charts/argo-cd/templates/dex/role.yaml +++ b/charts/argo-cd/templates/dex/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/dex/rolebinding.yaml b/charts/argo-cd/templates/dex/rolebinding.yaml index 4cc47005..08da1544 100644 --- a/charts/argo-cd/templates/dex/rolebinding.yaml +++ b/charts/argo-cd/templates/dex/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index 9661c7e0..73c98483 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.dex.metrics.service.annotations }} annotations: {{- range $key, $value := .Values.dex.metrics.service.annotations }} diff --git a/charts/argo-cd/templates/dex/serviceaccount.yaml b/charts/argo-cd/templates/dex/serviceaccount.yaml index 71707f09..65abd57c 100644 --- a/charts/argo-cd/templates/dex/serviceaccount.yaml +++ b/charts/argo-cd/templates/dex/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.dex.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.dexServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.dex.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.dex.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index d08d018f..21d12be2 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.dex.fullname" . }} - {{- with .Values.dex.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.dex.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- with .Values.dex.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/networkpolicy-default-deny.yaml b/charts/argo-cd/templates/networkpolicy-default-deny.yaml index 3d47a397..b499ab03 100644 --- a/charts/argo-cd/templates/networkpolicy-default-deny.yaml +++ b/charts/argo-cd/templates/networkpolicy-default-deny.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} name: {{ template "argo-cd.fullname" . }}-default-deny + namespace: {{ .Release.Namespace | quote }} spec: podSelector: {} policyTypes: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 3376d732..fc0bebbd 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -10,6 +10,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/redis/metrics.yaml b/charts/argo-cd/templates/redis/metrics.yaml index 6886a740..db526285 100644 --- a/charts/argo-cd/templates/redis/metrics.yaml +++ b/charts/argo-cd/templates/redis/metrics.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.redis.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.metrics.service.labels }} diff --git a/charts/argo-cd/templates/redis/networkpolicy.yaml b/charts/argo-cd/templates/redis/networkpolicy.yaml index 8b564add..cd8150e1 100644 --- a/charts/argo-cd/templates/redis/networkpolicy.yaml +++ b/charts/argo-cd/templates/redis/networkpolicy.yaml @@ -6,6 +6,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} name: {{ template "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 223c5758..59423b47 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -4,6 +4,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.pdb.labels }} diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index 6e949fd4..31f497d7 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.service.labels }} diff --git a/charts/argo-cd/templates/redis/serviceaccount.yaml b/charts/argo-cd/templates/redis/serviceaccount.yaml index ae67d3b2..503fb434 100644 --- a/charts/argo-cd/templates/redis/serviceaccount.yaml +++ b/charts/argo-cd/templates/redis/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.redisServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.redis.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.redis.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index ea913467..46a7e32c 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -4,9 +4,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.redis.fullname" . }} - {{- with .Values.redis.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.redis.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.metrics.serviceMonitor.selector }} From 406e07b46b62e1f6efef6d035110d02b7a8019f5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 14 Apr 2023 03:16:20 +0900 Subject: [PATCH 0598/1248] fix(argo-rollouts): add namespace field for namespace scoped resources (#1960) Signed-off-by: yu-croco --- charts/argo-rollouts/Chart.yaml | 6 +++--- .../templates/controller/clusterrolebinding.yaml | 2 +- charts/argo-rollouts/templates/controller/deployment.yaml | 1 + .../argo-rollouts/templates/controller/metrics-service.yaml | 1 + .../templates/controller/notifcations-configmap.yaml | 1 + .../templates/controller/notifications-secret.yaml | 1 + .../templates/controller/poddisruptionbudget.yaml | 1 + charts/argo-rollouts/templates/controller/role.yaml | 1 + charts/argo-rollouts/templates/controller/rolebinding.yaml | 2 ++ .../argo-rollouts/templates/controller/serviceaccount.yaml | 1 + .../argo-rollouts/templates/controller/servicemonitor.yaml | 1 + .../templates/dashboard/clusterrolebinding.yaml | 2 +- charts/argo-rollouts/templates/dashboard/deployment.yaml | 1 + charts/argo-rollouts/templates/dashboard/ingress.yaml | 1 + .../templates/dashboard/poddisruptionbudget.yaml | 1 + charts/argo-rollouts/templates/dashboard/service.yaml | 1 + .../argo-rollouts/templates/dashboard/serviceaccount.yaml | 1 + 17 files changed, 20 insertions(+), 5 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 64cc3539..a5f3e249 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.23.0 +version: 2.24.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Added the ability to set pod annotations separately on controller and dashboard deployment + - kind: fixed + description: add namespace field for namespace scoped resources diff --git a/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml index cbdb0e23..740f8f6b 100644 --- a/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-rollouts.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index ee118e5a..7f30da02 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index 5e380347..0effcc23 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-rollouts.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml index 3008b327..a370a600 100644 --- a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml +++ b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argo-rollouts-notification-configmap + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/notifications-secret.yaml b/charts/argo-rollouts/templates/controller/notifications-secret.yaml index 4e9cc64c..52b393df 100644 --- a/charts/argo-rollouts/templates/controller/notifications-secret.yaml +++ b/charts/argo-rollouts/templates/controller/notifications-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argo-rollouts-notification-secret + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml b/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml index 437efab9..7080b55c 100644 --- a/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml +++ b/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-rollouts.labels" . | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 72ebdbc9..e3b80672 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/rolebinding.yaml b/charts/argo-rollouts/templates/controller/rolebinding.yaml index 128df3ab..e76bb194 100644 --- a/charts/argo-rollouts/templates/controller/rolebinding.yaml +++ b/charts/argo-rollouts/templates/controller/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} @@ -13,4 +14,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-rollouts.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/serviceaccount.yaml b/charts/argo-rollouts/templates/controller/serviceaccount.yaml index 327eb6a5..b0f56633 100644 --- a/charts/argo-rollouts/templates/controller/serviceaccount.yaml +++ b/charts/argo-rollouts/templates/controller/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argo-rollouts.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index 72d9a691..f64dc328 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -3,6 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml index 3296060c..2dbf7379 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 0d210934..8a47608f 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -3,6 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/dashboard/ingress.yaml b/charts/argo-rollouts/templates/dashboard/ingress.yaml index 0555d1fc..e7f9e41e 100644 --- a/charts/argo-rollouts/templates/dashboard/ingress.yaml +++ b/charts/argo-rollouts/templates/dashboard/ingress.yaml @@ -14,6 +14,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-rollouts.labels" . | nindent 4 }} {{- if .Values.dashboard.ingress.labels }} diff --git a/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml b/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml index 742b149f..d12ba62a 100644 --- a/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml +++ b/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-rollouts.labels" . | nindent 4 }} {{- with .Values.dashboard.pdb.labels }} diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml index 58978150..6a304b82 100644 --- a/charts/argo-rollouts/templates/dashboard/service.yaml +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml b/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml index ff0c7300..4b531bd9 100644 --- a/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml +++ b/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} From 076cf82ddd77126cd7ecf24e2c8882b5cbff9342 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 14 Apr 2023 03:38:04 +0900 Subject: [PATCH 0599/1248] fix(argo-events): add namespace field for namespace scoped resources (#1959) * fix(argo-events): add namespace field for namespace scoped resources Signed-off-by: yu-croco * Apply suggestion from code review Signed-off-by: Marco Kilchhofer --------- Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 4 ++-- .../templates/argo-events-controller/config.yaml | 1 + .../templates/argo-events-controller/deployment.yaml | 1 + .../argo-events/templates/argo-events-controller/pdb.yaml | 1 + .../argo-events/templates/argo-events-controller/rbac.yaml | 5 ++++- .../templates/argo-events-controller/service.yaml | 1 + .../templates/argo-events-controller/serviceaccount.yaml | 1 + .../templates/argo-events-controller/servicemonitor.yaml | 6 ++---- .../templates/argo-events-webhook/clusterrolebinding.yaml | 2 +- .../templates/argo-events-webhook/deployment.yaml | 1 + charts/argo-events/templates/argo-events-webhook/pdb.yaml | 1 + .../argo-events/templates/argo-events-webhook/service.yaml | 1 + .../templates/argo-events-webhook/serviceaccount.yaml | 1 + 13 files changed, 18 insertions(+), 8 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f11e6a0a..a9f379e7 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.6 +version: 2.2.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: fix toYaml function in deployment template for envFrom block + description: add namespace field for namespace scoped resources diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml index 486fa364..b3293385 100644 --- a/charts/argo-events/templates/argo-events-controller/config.yaml +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "argo-events.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} data: diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 6f6a965b..9b7ace1b 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-events.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }} diff --git a/charts/argo-events/templates/argo-events-controller/pdb.yaml b/charts/argo-events/templates/argo-events-controller/pdb.yaml index f1a7b721..0451ecd7 100644 --- a/charts/argo-events/templates/argo-events-controller/pdb.yaml +++ b/charts/argo-events/templates/argo-events-controller/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-events/templates/argo-events-controller/rbac.yaml b/charts/argo-events/templates/argo-events-controller/rbac.yaml index 1d9a2e55..aa9c7c2b 100644 --- a/charts/argo-events/templates/argo-events-controller/rbac.yaml +++ b/charts/argo-events/templates/argo-events-controller/rbac.yaml @@ -3,6 +3,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: {{ .Values.controller.rbac.namespaced | ternary "Role" "ClusterRole" }} metadata: name: {{ include "argo-events.controller.fullname" . }} + {{- if .Values.controller.rbac.namespaced }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: @@ -119,5 +122,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-events.controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/service.yaml b/charts/argo-events/templates/argo-events-controller/service.yaml index d0d6ab33..fe36320b 100644 --- a/charts/argo-events/templates/argo-events-controller/service.yaml +++ b/charts/argo-events/templates/argo-events-controller/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-events.controller.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} {{- with .Values.controller.metrics.service.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml index 7a035b76..3b8a9c81 100644 --- a/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml +++ b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-events.controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- with .Values.controller.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml index 6c1f23ca..55cda1d4 100644 --- a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml +++ b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-events.controller.fullname" . }} - {{- with .Values.controller.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.metrics.serviceMonitor.selector }} @@ -31,7 +29,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ .Release.Namespace | quote }} selector: matchLabels: {{- include "argo-events.selectorLabels" (dict "context" . "component" .Values.controller.name "name" (printf "%s-metrics" .Values.controller.name)) | nindent 6 }} diff --git a/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml index 5562f139..89226483 100644 --- a/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml +++ b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml @@ -12,5 +12,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-events.webhook.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index e3839caf..0445484e 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -3,6 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: events-webhook + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }} diff --git a/charts/argo-events/templates/argo-events-webhook/pdb.yaml b/charts/argo-events/templates/argo-events-webhook/pdb.yaml index 15bf97bf..a3daa745 100644 --- a/charts/argo-events/templates/argo-events-webhook/pdb.yaml +++ b/charts/argo-events/templates/argo-events-webhook/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.webhook.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} {{- with .Values.webhook.pdb.labels }} diff --git a/charts/argo-events/templates/argo-events-webhook/service.yaml b/charts/argo-events/templates/argo-events-webhook/service.yaml index cb85a8cb..15563d0e 100644 --- a/charts/argo-events/templates/argo-events-webhook/service.yaml +++ b/charts/argo-events/templates/argo-events-webhook/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: events-webhook + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }} spec: diff --git a/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml index b723a77f..e3e2ac5b 100644 --- a/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml +++ b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.webhook.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-events.webhook.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- with .Values.webhook.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} From 388102400faf26b4f60f002c4e816256e21e63aa Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 14 Apr 2023 01:44:19 +0200 Subject: [PATCH 0600/1248] fix(argo-cd): Evaluate namespace field via helm root scope (#1963) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml | 2 +- .../argocd-configs/repository-credentials-secret.yaml | 2 +- .../argo-cd/templates/argocd-configs/repository-secret.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 81666537..01aab841 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.29.0 +version: 5.29.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Add namespace field for namespace scoped resources + description: Namespace field for some namespaced resources needs to be evaluated via helm root scope diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index 259ee348..83b1c15d 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ $.Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .labels }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index 748718ab..ed1d2fd7 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-creds-{{ $repo_cred_key }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ $.Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repo-creds {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index d64ae5cc..4c028958 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-{{ $repo_key }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ $.Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repository {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} From dfe36fbde955e525c706243f887e34e127ea2259 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 14 Apr 2023 01:58:48 +0200 Subject: [PATCH 0601/1248] feat(argo-rollouts): Add ability to provide additional volumes (#1965) --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 4 ++++ .../templates/controller/deployment.yaml | 8 ++++++++ .../templates/dashboard/deployment.yaml | 8 ++++++++ charts/argo-rollouts/values.yaml | 17 +++++++++++++++++ 5 files changed, 40 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a5f3e249..376cd8ce 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.24.0 +version: 2.25.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: add namespace field for namespace scoped resources + - kind: added + description: Ability to provide additional volumes and volumeMounts diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 1e8a29f0..56a79852 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -102,6 +102,8 @@ For full list of changes please check ArtifactHub [changelog]. | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | +| controller.volumeMounts | list | `[]` | Additional volumeMounts to add to the controller container | +| controller.volumes | list | `[]` | Additional volumes to add to the controller pod | | podAnnotations | object | `{}` | Annotations for the all deployed pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | @@ -161,6 +163,8 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints | | dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server | +| dashboard.volumeMounts | list | `[]` | Additional volumeMounts to add to the dashboard container | +| dashboard.volumes | list | `[]` | Additional volumes to add to the dashboard pod | ## Upgrading diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 7f30da02..95ec845f 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -65,6 +65,10 @@ spec: {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} + {{- with .Values.controller.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.controller.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} @@ -101,3 +105,7 @@ spec: {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- with .Values.controller.volumes }} + volumes: + {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 8a47608f..342e1996 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -54,6 +54,10 @@ spec: {{- toYaml .Values.dashboard.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.dashboard.resources | nindent 10 }} + {{- with .Values.dashboard.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 8 }} + {{- end }} {{- if .Values.dashboard.nodeSelector }} nodeSelector: {{- toYaml .Values.dashboard.nodeSelector | nindent 8 }} @@ -83,4 +87,8 @@ spec: {{- with .Values.dashboard.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- with .Values.dashboard.volumes }} + volumes: + {{- toYaml . | nindent 6 }} + {{- end }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index d92e9304..e451602f 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -154,6 +154,17 @@ controller: # -- Maximum number / percentage of pods that may be made unavailable maxUnavailable: # 0 + # -- Additional volumes to add to the controller pod + volumes: [] + # - configMap: + # name: my-certs-cm + # name: my-certs + + # -- Additional volumeMounts to add to the controller container + volumeMounts: [] + # - mountPath: /etc/ssl/certs + # name: my-certs + serviceAccount: # -- Specifies whether a service account should be created create: true @@ -355,6 +366,12 @@ dashboard: # hosts: # - argorollouts.example.com + # -- Additional volumes to add to the dashboard pod + volumes: [] + + # -- Additional volumeMounts to add to the dashboard container + volumeMounts: [] + notifications: secret: # -- Whether to create notifications secret From 22356c77af3e672bf6a5ee97ed7305bb367beccb Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 14 Apr 2023 14:53:40 +0100 Subject: [PATCH 0602/1248] feat(argo-workflows): Add option for controller to read all secrets (#1967) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-cluster-roles.yaml | 10 ++++++++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 69cbe88f..616f3cc4 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.24.0 +version: 0.24.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Add namespace field to all namespace scoped resources because `helm template` doesn't add the namespace filed automatically. + - kind: added + description: Add option for workflow controller to read all secrets. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 2c8ceb70..463fa485 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -174,6 +174,7 @@ Fields to note: | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | +| controller.rbac.accessAllSecrets | bool | `false` | Allows controller to get, list and watch all k8s secrets. Can only be used if secretWhitelist is empty. | | controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | | controller.rbac.secretWhitelist | list | `[]` | Allows controller to get, list, and watch certain k8s secrets | | controller.rbac.writeConfigMaps | bool | `false` | Allows controller to create and update ConfigMaps. Enables memoization feature | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index b5d78afa..c2d2a771 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -187,6 +187,16 @@ rules: - watch resourceNames: {{- toYaml . | nindent 4 }} {{- end }} +{{- if and (not .Values.controller.rbac.secretWhitelist) (.Values.controller.rbac.accessAllSecrets) }} +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +{{- end }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 155a0acd..4783e0a6 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -74,6 +74,8 @@ controller: create: true # -- Allows controller to get, list, and watch certain k8s secrets secretWhitelist: [] + # -- Allows controller to get, list and watch all k8s secrets. Can only be used if secretWhitelist is empty. + accessAllSecrets: false # -- Allows controller to create and update ConfigMaps. Enables memoization feature writeConfigMaps: false From 29b753057bf605e95d07017d6f7e000d3cc808f6 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 16 Apr 2023 17:13:00 +0900 Subject: [PATCH 0603/1248] fix(argocd-image-updater): add namespace field for namespace scoped resources (#1970) Signed-off-by: yu-croco --- charts/argocd-image-updater/Chart.yaml | 6 +++--- .../templates/configmap-authscripts.yaml | 1 + .../argocd-image-updater/templates/configmap-sshconfig.yaml | 1 + charts/argocd-image-updater/templates/configmap.yaml | 1 + charts/argocd-image-updater/templates/deployment.yaml | 3 ++- charts/argocd-image-updater/templates/metrics-service.yaml | 1 + charts/argocd-image-updater/templates/rbac.yaml | 4 +++- charts/argocd-image-updater/templates/secret.yaml | 3 ++- charts/argocd-image-updater/templates/serviceaccount.yaml | 1 + charts/argocd-image-updater/templates/servicemonitor.yaml | 4 +--- 10 files changed, 16 insertions(+), 9 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index f64d558b..d6ec30ef 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.5 +version: 0.9.0 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Added support for pod labels + - kind: fixed + description: add namespace field for namespace scoped resources diff --git a/charts/argocd-image-updater/templates/configmap-authscripts.yaml b/charts/argocd-image-updater/templates/configmap-authscripts.yaml index fe834149..3659fbaf 100644 --- a/charts/argocd-image-updater/templates/configmap-authscripts.yaml +++ b/charts/argocd-image-updater/templates/configmap-authscripts.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-authscripts + namespace: {{ .Release.Namespace | quote }} data: {{- toYaml .Values.authScripts.scripts | nindent 2}} {{- end }} diff --git a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml index 548f3100..45554c0e 100644 --- a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml +++ b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml @@ -4,6 +4,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-ssh-config + namespace: {{ .Release.Namespace | quote }} data: {{- with .Values.config.sshConfig }} {{- toYaml . | nindent 2 }} diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml index 0e0b6cfc..75f69b13 100644 --- a/charts/argocd-image-updater/templates/configmap.yaml +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-config + namespace: {{ .Release.Namespace | quote }} data: {{- with .Values.config.applicationsAPIKind }} applications_api: {{ . }} diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 936a4a70..9cc71fe3 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argocd-image-updater.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} spec: @@ -21,7 +22,7 @@ spec: labels: {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} {{- include "argocd-image-updater.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} diff --git a/charts/argocd-image-updater/templates/metrics-service.yaml b/charts/argocd-image-updater/templates/metrics-service.yaml index 5d1232ae..186abb41 100644 --- a/charts/argocd-image-updater/templates/metrics-service.yaml +++ b/charts/argocd-image-updater/templates/metrics-service.yaml @@ -14,6 +14,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "argocd-image-updater.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} spec: ports: - name: metrics diff --git a/charts/argocd-image-updater/templates/rbac.yaml b/charts/argocd-image-updater/templates/rbac.yaml index cb508a43..c6316f42 100644 --- a/charts/argocd-image-updater/templates/rbac.yaml +++ b/charts/argocd-image-updater/templates/rbac.yaml @@ -5,7 +5,8 @@ kind: Role metadata: labels: {{ include "argocd-image-updater.labels" . | nindent 4 }} - name: {{ include "argocd-image-updater.fullname" . }} + name: {{ include "argocd-image-updater.fullname" . }} + namespace: {{ .Release.Namespace | quote }} rules: - apiGroups: - '' @@ -45,4 +46,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argocd-image-updater.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argocd-image-updater/templates/secret.yaml b/charts/argocd-image-updater/templates/secret.yaml index d0e7bb24..c4cb7781 100644 --- a/charts/argocd-image-updater/templates/secret.yaml +++ b/charts/argocd-image-updater/templates/secret.yaml @@ -3,9 +3,10 @@ apiVersion: v1 kind: Secret metadata: name: argocd-image-updater-secret + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} type: Opaque -data: +data: argocd.token: {{ .Values.config.argocd.token | b64enc }} {{- end }} diff --git a/charts/argocd-image-updater/templates/serviceaccount.yaml b/charts/argocd-image-updater/templates/serviceaccount.yaml index c208ee69..c755731d 100644 --- a/charts/argocd-image-updater/templates/serviceaccount.yaml +++ b/charts/argocd-image-updater/templates/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argocd-image-updater.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} diff --git a/charts/argocd-image-updater/templates/servicemonitor.yaml b/charts/argocd-image-updater/templates/servicemonitor.yaml index fa0b26a6..969f1190 100644 --- a/charts/argocd-image-updater/templates/servicemonitor.yaml +++ b/charts/argocd-image-updater/templates/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argocd-image-updater.fullname" . }}-metrics - {{- with .Values.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} {{- with .Values.metrics.serviceMonitor.selector }} From 429b474a4f44e073f8ef2a4da03325083c0122e4 Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sat, 22 Apr 2023 01:53:02 -0400 Subject: [PATCH 0604/1248] docs(github): comment out notational pieces of PR template (#1969) github: comment out notational pieces of PR template - the DCO and publishing sentences are not filled out during PRs and are purely notational - comment them out with HTML comments, as is common practice - example from a repo I maintain: https://github.com/ezolenko/rollup-plugin-typescript2/blob/f6db59613a66f58c48310aa8fa785951970b5d6d/.github/issue_template.md?plain=1#L2 - I copied that from other repos too - these comments are still visible to the PR author, just not visible when rendered, keeping the PR more concise Signed-off-by: Anton Gilgur Co-authored-by: Marco Kilchhofer --- .github/pull_request_template.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 65c36c00..ed14509e 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,6 +1,8 @@ + Checklist: @@ -11,4 +13,4 @@ Checklist: * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/blob/master/community/CONTRIBUTING.md). * [ ] My build is green ([troubleshooting builds](https://argo-cd.readthedocs.io/en/stable/developer-guide/ci/)). -Changes are automatically published when merged to `main`. They are not published on branches. + From aef554340ff52643c9fbd67afd14fdfa3a0a8b3e Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Mon, 24 Apr 2023 01:47:18 -0400 Subject: [PATCH 0605/1248] feat(argo-workflows): add optional HPA to Server (#1974) --- charts/argo-workflows/Chart.yaml | 4 +- charts/argo-workflows/README.md | 6 +++ .../server/server-deployment-hpa.yaml | 45 +++++++++++++++++++ .../templates/server/server-deployment.yaml | 2 + charts/argo-workflows/values.yaml | 26 +++++++++++ 5 files changed, 81 insertions(+), 2 deletions(-) create mode 100644 charts/argo-workflows/templates/server/server-deployment-hpa.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 616f3cc4..fe52da19 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.24.1 +version: 0.25.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Add option for workflow controller to read all secrets. + description: Add optional HPA for Argo Server diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 463fa485..50bc7ce9 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -237,6 +237,12 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | server.affinity | object | `{}` | Assign custom [affinity] rules | +| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | +| server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] | +| server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo Server [HPA] | +| server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo Server [HPA] | +| server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo Server [HPA] | | server.baseHref | string | `"/"` | Value for base href in index.html. Used if the server is running behind reverse proxy under subpath different from /. | | server.clusterWorkflowTemplates.enableEditing | bool | `true` | Give the server permissions to edit ClusterWorkflowTemplates. | | server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. | diff --git a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml new file mode 100644 index 00000000..ebc45925 --- /dev/null +++ b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml @@ -0,0 +1,45 @@ +{{- if and .Values.server.enabled .Values.server.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ template "argo-workflows.server.fullname" . }} + minReplicas: {{ .Values.server.autoscaling.minReplicas }} + maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} + metrics: + {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + {{- if eq (include "argo-workflows.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} + {{- end }} + {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + {{- if eq (include "argo-workflows.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} + {{- end }} + {{- with .Values.server.autoscaling.behavior }} + behavior: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index e9da0a1d..d75933ac 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -12,7 +12,9 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + {{- if not .Values.server.autoscaling.enabled }} replicas: {{ .Values.server.replicas }} + {{- end }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 4783e0a6..2fd166b5 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -431,6 +431,32 @@ server: resources: {} # -- The number of server pods to run replicas: 1 + ## Argo Server Horizontal Pod Autoscaler + autoscaling: + # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server + enabled: false + # -- Minimum number of replicas for the Argo Server [HPA] + minReplicas: 1 + # -- Maximum number of replicas for the Argo Server [HPA] + maxReplicas: 5 + # -- Average CPU utilization percentage for the Argo Server [HPA] + targetCPUUtilizationPercentage: 50 + # -- Average memory utilization percentage for the Argo Server [HPA] + targetMemoryUtilizationPercentage: 50 + # -- Configures the scaling behavior of the target in both Up and Down directions. + # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer + behavior: {} + # scaleDown: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 1 + # periodSeconds: 180 + # scaleUp: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 2 pdb: # -- Configure [Pod Disruption Budget] for the server pods enabled: false From d2853afc24766cee089c918dc0bd0ba77ca57e84 Mon Sep 17 00:00:00 2001 From: aniekgul <13356402+aniekgul@users.noreply.github.com> Date: Mon, 24 Apr 2023 10:40:40 -0400 Subject: [PATCH 0606/1248] feat(argo-rollouts): add service monitor relabeling configs (#1972) Signed-off-by: Aniek Gul <13356402+aniekgul@users.noreply.github.com> Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 2 ++ .../templates/controller/servicemonitor.yaml | 8 ++++++++ charts/argo-rollouts/values.yaml | 4 ++++ 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 376cd8ce..895826e9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.25.0 +version: 2.26.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Ability to provide additional volumes and volumeMounts + description: Ability to provide service monitor relabeling configs diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 56a79852..58784cf0 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -89,6 +89,8 @@ For full list of changes please check ArtifactHub [changelog]. | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | MetricRelabelConfigs to apply to samples before ingestion | +| controller.metrics.serviceMonitor.relabelings | list | `[]` | RelabelConfigs to apply to samples before scraping | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to controller [Pod Disruption Budget] | | controller.pdb.enabled | bool | `false` | Deploy a [Pod Disruption Budget] for the controller | diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index f64dc328..cb489e3b 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -17,6 +17,14 @@ metadata: spec: endpoints: - port: metrics + {{- with .Values.controller.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 6 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e451602f..28a6f1f8 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -116,6 +116,10 @@ controller: additionalLabels: {} # -- Annotations to be added to the ServiceMonitor additionalAnnotations: {} + # -- RelabelConfigs to apply to samples before scraping + relabelings: [] + # -- MetricRelabelConfigs to apply to samples before ingestion + metricRelabelings: [] # -- Configure liveness [probe] for the controller # @default -- See [values.yaml] From 00e585342a099fdc4435b816ba6b33b47424afbe Mon Sep 17 00:00:00 2001 From: Stefan Tertan Date: Mon, 24 Apr 2023 17:57:36 +0100 Subject: [PATCH 0607/1248] feat(argo-workflows): add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels (#1977) * feat(argo-workflows): add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels Signed-off-by: Stefan Tertan * chore(argo-workflows): bump Helm chart patch version Signed-off-by: Stefan Tertan * docs(argo-workflows): update README.md via `helm-docs` Signed-off-by: Stefan Tertan * chore(argo-workflows): update changelog via chart annotation Signed-off-by: Stefan Tertan * chore(argo-workflows): remove URLs from README Signed-off-by: Stefan Tertan --------- Signed-off-by: Stefan Tertan Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 3 +++ .../workflow-controller-servicemonitor.yaml | 20 +++++++++++++++++++ charts/argo-workflows/values.yaml | 9 +++++++++ 4 files changed, 34 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index fe52da19..51e901cc 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.25.0 +version: 0.25.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Add optional HPA for Argo Server + description: Add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 50bc7ce9..d918b444 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -153,13 +153,16 @@ Fields to note: | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | | controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. | +| controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion | | controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory | | controller.metricsConfig.path | string | `"/metrics"` | Path is the path where metrics are emitted. Must start with a "/". | | controller.metricsConfig.port | int | `9090` | Port is the port where metrics are emitted | | controller.metricsConfig.portName | string | `"metrics"` | Container metrics port name | +| controller.metricsConfig.relabelings | list | `[]` | ServiceMonitor relabel configs to apply to samples before scraping | | controller.metricsConfig.secure | bool | `false` | Flag that use a self-signed cert for TLS | | controller.metricsConfig.servicePort | int | `8080` | Service metrics port | | controller.metricsConfig.servicePortName | string | `"metrics"` | Service metrics port name | +| controller.metricsConfig.targetLabels | list | `[]` | ServiceMonitor will add labels from the service to the Prometheus metric | | controller.name | string | `"workflow-controller"` | Workflow controller name string | | controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace | | controller.navColor | string | `""` | Set ui navigation bar background color | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index 29fe1b59..e5e8307f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -15,11 +15,31 @@ spec: - port: metrics path: {{ .Values.controller.metricsConfig.path }} interval: 30s + {{- with .Values.controller.metricsConfig.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.metricsConfig.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- if .Values.controller.telemetryConfig.enabled }} - port: telemetry path: {{ .Values.controller.telemetryConfig.path }} interval: 30s + {{- with .Values.controller.metricsConfig.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.metricsConfig.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.controller.metricsConfig.targetLabels }} + targetLabels: + {{- toYaml . | nindent 8 }} {{- end }} namespaceSelector: matchNames: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 2fd166b5..7dddf89e 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -111,6 +111,15 @@ controller: servicePort: 8080 # -- Service metrics port name servicePortName: metrics + # -- ServiceMonitor relabel configs to apply to samples before scraping + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + relabelings: [] + # -- ServiceMonitor metric relabel configs to apply to samples before ingestion + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint + metricRelabelings: [] + # -- ServiceMonitor will add labels from the service to the Prometheus metric + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitorspec + targetLabels: [] # -- the controller container's securityContext securityContext: readOnlyRootFilesystem: true From 086310f23701dff84067a077b987a779ec6cd5b1 Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Thu, 27 Apr 2023 21:49:02 +0900 Subject: [PATCH 0608/1248] fix(argocd-apps): Changed the project field of the applicationset from a tpl to str(#1978) (#1979) fix: Changed the project field of the applicationset from a tpl function to a string. Signed-off-by: tomoki-yamaguchi --- charts/argocd-apps/Chart.yaml | 6 ++-- .../ci/applicationsets-values.yaml | 29 +++++++++++++++++++ .../templates/applicationsets.yaml | 2 +- 3 files changed, 33 insertions(+), 4 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 2f7a6d5c..c8e37b3b 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.9 +version: 1.0.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,5 +14,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Multiple sources for Application and ApplicationSet + - kind: fixed + description: Changed the project field of the applicationset from a tpl function to a string. diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index 2258f422..6142b1bb 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -42,3 +42,32 @@ applicationsets: syncPolicy: # Set Application finalizer preserveResourcesOnDeletion: false +- name: applicationset-list-generator + generators: + - list: + elements: + - cluster: engineering-dev + url: https://kubernetes.default.svc + template: + metadata: {} + spec: + project: '{{cluster}}' + source: + targetRevision: HEAD + repoURL: https://github.com/argoproj/argo-cd.git + # New path value is generated here: + path: 'applicationset/examples/template-override/{{cluster}}-override' + destination: {} + template: + metadata: + name: '{{cluster}}-guestbook' + spec: + project: '{{cluster}}' + source: + repoURL: https://github.com/argoproj/argo-cd.git + targetRevision: HEAD + # This 'default' value is not used: it is is replaced by the generator's template path, above + path: applicationset/examples/template-override/default + destination: + server: '{{url}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index aa7a3b79..bb8b09d1 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -51,7 +51,7 @@ spec: {{- end }} {{- with .spec }} spec: - project: {{ tpl .project $ }} + project: {{ .project | squote }} {{- with .source }} source: {{- toYaml . | nindent 8 }} From bc4e00b836335731e4b78dd19e396992dfb068fe Mon Sep 17 00:00:00 2001 From: Tal Yitzhak Date: Fri, 28 Apr 2023 10:54:32 +0300 Subject: [PATCH 0609/1248] fix(argo-rollouts): Added missing permissions for argo rollouts dashboard cluster role (#1988) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/dashboard/clusterrole.yaml | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 895826e9..bb95a986 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.26.0 +version: 2.26.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Ability to provide service monitor relabeling configs + description: Missing permissions to leases under coordination api group diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 5f05d6e6..0d69d67e 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -71,4 +71,12 @@ rules: verbs: - list - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update {{- end }} From 5f807d903b89b3cc2daf02efb08a33b845f01e1f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 2 May 2023 16:28:34 +0900 Subject: [PATCH 0610/1248] feat(argo-cd): Upgrade Argo CD to v2.7.0 (#1989) * chore(argo-cd): Upgrade Argo CD to v2.7.0 Signed-off-by: yu-croco * fix(argo-cd): collect syntax Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 +- .../templates/crds/crd-application.yaml | 333 +++++++ .../templates/crds/crd-applicationset.yaml | 811 ++++++++++++++++++ 3 files changed, 1148 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 01aab841..169a5329 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.7 +appVersion: v2.7.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.29.1 +version: 5.30.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Namespace field for some namespaced resources needs to be evaluated via helm root scope + - kind: changed + description: Upgrade Argo CD to v2.7.0 diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index ae0f7295..5bb7bfb3 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -310,6 +310,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -341,6 +345,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -572,6 +599,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -604,6 +636,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -950,6 +1005,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to + apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -980,6 +1039,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize adds + to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1203,6 +1285,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -1234,6 +1320,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1604,6 +1713,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -1636,6 +1750,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1869,6 +2006,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -1901,6 +2043,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2279,6 +2444,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -2311,6 +2481,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2562,6 +2755,11 @@ spec: additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -2594,6 +2792,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize + Replicas override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2945,6 +3166,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -2977,6 +3203,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3221,6 +3470,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -3253,6 +3507,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3602,6 +3879,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -3634,6 +3916,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3878,6 +4183,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -3910,6 +4220,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 43452242..f9bfde6c 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -241,6 +241,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -257,6 +259,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -399,6 +418,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -415,6 +436,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -716,6 +754,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -732,6 +772,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -874,6 +931,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -890,6 +949,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1195,6 +1271,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1211,6 +1289,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1353,6 +1448,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1369,6 +1466,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1479,6 +1593,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -1648,6 +1764,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1664,6 +1782,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1806,6 +1941,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1822,6 +1959,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2131,6 +2285,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2147,6 +2303,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2289,6 +2462,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2305,6 +2480,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2606,6 +2798,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2622,6 +2816,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2764,6 +2975,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2780,6 +2993,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3085,6 +3315,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3101,6 +3333,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3243,6 +3492,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3259,6 +3510,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3369,6 +3637,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -3538,6 +3808,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3554,6 +3826,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3696,6 +3985,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3712,6 +4003,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4109,6 +4417,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4125,6 +4435,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4267,6 +4594,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4283,6 +4612,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4727,6 +5073,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4743,6 +5091,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4885,6 +5250,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4901,6 +5268,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5196,6 +5580,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5212,6 +5598,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5354,6 +5757,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5370,6 +5775,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5679,6 +6101,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5695,6 +6119,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5837,6 +6278,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5853,6 +6296,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6154,6 +6614,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6170,6 +6632,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6312,6 +6791,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6328,6 +6809,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6633,6 +7131,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6649,6 +7149,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6791,6 +7308,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6807,6 +7326,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6917,6 +7453,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -7086,6 +7624,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7102,6 +7642,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7244,6 +7801,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7260,6 +7819,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7657,6 +8233,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7673,6 +8251,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7815,6 +8410,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7831,6 +8428,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8275,6 +8889,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8291,6 +8907,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8433,6 +9066,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8449,6 +9084,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8748,6 +9400,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8764,6 +9418,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8906,6 +9577,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8922,6 +9595,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9316,6 +10006,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9332,6 +10024,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9474,6 +10183,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9490,6 +10201,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9934,6 +10662,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9950,6 +10680,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10092,6 +10839,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10108,6 +10857,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10236,6 +11002,13 @@ spec: type: array goTemplate: type: boolean + preservedFields: + properties: + annotations: + items: + type: string + type: array + type: object strategy: properties: rollingSync: @@ -10441,6 +11214,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10457,6 +11232,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10599,6 +11391,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10615,6 +11409,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object From b9fa30883b5dae8648b822f56ffb81a6f566653f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 2 May 2023 19:28:13 +0900 Subject: [PATCH 0611/1248] chore(argo-cd): Upgrade Dex and Redis (#1990) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 6 +++--- charts/argo-cd/values.yaml | 6 +++--- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 169a5329..675f66ed 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.30.0 +version: 5.30.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,6 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.0 + description: Upgrade Dex to v2.36.0 + - kind: changed + description: Upgrade Redis to v7.0.11 for avoiding CVE-2023-0464 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b90af7af..254f2557 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -835,7 +835,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.35.3"` | Dex image tag | +| dex.image.tag | string | `"v2.36.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | @@ -921,7 +921,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -979,7 +979,7 @@ The main options are listed here: | redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 32b9060c..6702078e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -915,7 +915,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.35.3 + tag: v2.36.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1141,7 +1141,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.7-alpine + tag: 7.0.11-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1384,7 +1384,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.7-alpine + tag: 7.0.11-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: From decfc73a3fb794c375bd5a3dbd798be8cdfe51cc Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 2 May 2023 21:29:30 +0900 Subject: [PATCH 0612/1248] feat(argo-cd): Use tini as the ENTRYPOINT (#1991) --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 8 ++++++-- charts/argo-cd/README.md.gotmpl | 6 ++++++ .../argocd-application-controller/statefulset.yaml | 4 ++-- .../templates/argocd-applicationset/deployment.yaml | 6 +----- .../templates/argocd-notifications/deployment.yaml | 4 ++-- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 8 ++------ charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 -------- 10 files changed, 25 insertions(+), 33 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 675f66ed..2467144f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.30.1 +version: 5.31.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,6 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Dex to v2.36.0 - - kind: changed - description: Upgrade Redis to v7.0.11 for avoiding CVE-2023-0464 + description: Use tini as the ENTRYPOINT diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 254f2557..f1f0845f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.31.0 +The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. +This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. +In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. + ### 5.24.0 This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). @@ -395,8 +400,6 @@ NAME: my-release | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | -| global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | -| global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | @@ -1184,3 +1187,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md +[tini]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 945bab72..92d7f354 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.31.0 +The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. +This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. +In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. + ### 5.24.0 This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). @@ -546,3 +551,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md +[tini]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 2a067a63..c56bf0b3 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -51,8 +51,8 @@ spec: {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller - --metrics-port={{ .Values.controller.containerPorts.metrics }} {{- if .Values.controller.metrics.applicationLabels.enabled }} {{- range .Values.controller.metrics.applicationLabels.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 90863cce..9033f5b4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -56,12 +56,8 @@ spec: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} - {{- if not .Values.global.entrypoint.useImplicit }} - command: - - {{ .Values.global.entrypoint.entrypoint | quote }} - {{- end }} args: - - argocd-applicationset-controller + - /usr/local/bin/argocd-applicationset-controller - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 729e57db..d49944fd 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -56,8 +56,8 @@ spec: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }} - command: - - argocd-notifications + args: + - /usr/local/bin/argocd-notifications - --metrics-port={{ .Values.notifications.containerPorts.metrics }} - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index f5272bc2..0226b48f 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -61,12 +61,8 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - {{- if not .Values.global.entrypoint.useImplicit }} - command: - - {{ .Values.global.entrypoint.entrypoint | quote }} - {{- end }} args: - - argocd-repo-server + - /usr/local/bin/argocd-repo-server - --port={{ .Values.repoServer.containerPorts.server }} - --metrics-port={{ .Values.repoServer.containerPorts.metrics }} {{- with .Values.repoServer.logFormat }} @@ -284,7 +280,7 @@ spec: {{- end }} initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index aa7320e7..7ce72e80 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -58,8 +58,8 @@ spec: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} - command: - - argocd-server + args: + - /usr/local/bin/argocd-server - --port={{ .Values.server.containerPorts.server }} - --metrics-port={{ .Values.server.containerPorts.metrics }} {{- with .Values.server.logFormat }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 8359a6a8..6ae17170 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -136,8 +136,8 @@ spec: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - command: - - cp + args: + - /bin/cp - -n - /usr/local/bin/argocd - /shared/argocd-dex diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6702078e..afdaa095 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -132,14 +132,6 @@ global: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule - # POD entrypoint configuration - entrypoint: - # -- Implicitly use the docker image's entrypoint. This requires the image to have - # ENTRYPOINT set properly - useImplicit: false - # -- The entrypoint to use for the containers. - entrypoint: "entrypoint.sh" - # -- Deployment strategy for the all deployed Deployments deploymentStrategy: {} # type: RollingUpdate From bb4d3154e63c89939c732ef89e404f2cba2f03e9 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 3 May 2023 18:48:03 +0900 Subject: [PATCH 0613/1248] chore(argo-cd): Update Argo CD to v2.7.1 (#1999) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2467144f..9d222608 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.0 +appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.31.0 +version: 5.31.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Use tini as the ENTRYPOINT + description: Update Argo CD v2.7.1 From 513df3df8f7cd781fec944ea3699568831265507 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 5 May 2023 09:13:41 -0500 Subject: [PATCH 0614/1248] fix(argo-workflows): Add missing argo-workflows.apiVersion.autoscaling helper function for HPA configuration (#2001) fix: Add missing argo-workflows.apiVersion.autoscaling helper function for HPA configuration Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/_helpers.tpl | 13 +++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 51e901cc..2d52acbd 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.25.1 +version: 0.25.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels + - kind: fix + description: Add missing argo-workflows.apiVersion.autoscaling helper function used for HPA configuration diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 7719052d..2fbcc708 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -153,3 +153,16 @@ Return full image name including or excluding registry based on existence {{ .image.repository }} {{- end -}} {{- end -}} + +{{/* +Return the appropriate apiVersion for autoscaling +*/}} +{{- define "argo-workflows.apiVersion.autoscaling" -}} +{{- if .Values.apiVersionOverrides.autoscaling -}} +{{- print .Values.apiVersionOverrides.autoscaling -}} +{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} +{{- print "autoscaling/v2beta1" -}} +{{- else -}} +{{- print "autoscaling/v2" -}} +{{- end -}} +{{- end -}} From 2197c8e0402ab1074761af8d5f45825f0d59d4e1 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 5 May 2023 09:30:53 -0500 Subject: [PATCH 0615/1248] fix(argo-workflows): Drop .Values.useDefaultArtifactRepo flag to simplify usage (#2002) Fixes #1140 - [x] remove `.Values.useDefaultArtifactRepo` to ensure if items populated they get into the configmap. - [x] change structure of `.Values.customArtifactRepository` to only include the custom information Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 3 +-- .../workflow-controller-config-map.yaml | 7 ++---- charts/argo-workflows/values.yaml | 22 ++++++++----------- 4 files changed, 14 insertions(+), 22 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 2d52acbd..443bffb7 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.25.2 +version: 0.26.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fix - description: Add missing argo-workflows.apiVersion.autoscaling helper function used for HPA configuration + description: Drop .Values.useDefaultArtifactRepo flag to simplify usage diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d918b444..dae6972b 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -308,8 +308,7 @@ Fields to note: | artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | -| customArtifactRepository | object | `{}` | The section of custom artifact repository. Will be added to the config in case useDefaultArtifactRepo is set to false | -| useDefaultArtifactRepo | bool | `false` | Influences the creation of the ConfigMap for the workflow-controller itself. | +| customArtifactRepository | object | `{}` | The section of custom artifact repository. Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) | | useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | ## Breaking changes from the deprecated `argo` chart diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 7327ecac..55720eb2 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -55,7 +55,6 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if .Values.useDefaultArtifactRepo }} artifactRepository: {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} @@ -96,10 +95,8 @@ data: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- else }} - {{- if .Values.customArtifactRepository }} - artifactRepository: {{- toYaml .Values.customArtifactRepository | nindent 6 }} - {{- end }} + {{- if .Values.customArtifactRepository }} + {{- toYaml .Values.customArtifactRepository | nindent 6 }} {{- end }} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 7dddf89e..c1c0229e 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -639,8 +639,6 @@ extraObjects: [] # secretName: argo-server-sso-secrets-store # type: Opaque -# -- Influences the creation of the ConfigMap for the workflow-controller itself. -useDefaultArtifactRepo: false # -- Use static credentials for S3 (eg. when not using AWS IRSA) useStaticCredentials: true artifactRepository: @@ -702,18 +700,16 @@ artifactRepository: # key: account-access-key # -- The section of custom artifact repository. -# Will be added to the config in case useDefaultArtifactRepo is set to false +# Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) customArtifactRepository: {} -# customArtifactRepository: -# archiveLogs: true -# artifactory: -# repoUrl: https://artifactory.example.com/raw -# usernameSecret: -# name: artifactory-creds -# key: username -# passwordSecret: -# name: artifactory-creds -# key: password +# artifactory: +# repoUrl: https://artifactory.example.com/raw +# usernameSecret: +# name: artifactory-creds +# key: username +# passwordSecret: +# name: artifactory-creds +# key: password emissary: # -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. From e980b71b83c037c6e8503413aeeff27aedc48ebd Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Fri, 5 May 2023 22:19:18 +0200 Subject: [PATCH 0616/1248] feat(argo-cd): allow extraObjects to contain string template (#1993) [argo-cd] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9d222608..75944916 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.31.1 +version: 5.32.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Update Argo CD v2.7.1 + - kind: added + description: Allow extraObjects to contain string templates diff --git a/charts/argo-cd/templates/extra-manifests.yaml b/charts/argo-cd/templates/extra-manifests.yaml index a9bb3b6b..f17b1a93 100644 --- a/charts/argo-cd/templates/extra-manifests.yaml +++ b/charts/argo-cd/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From 71462b7f6d29c68cb5b39ddc57e3e4daf416867a Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 5 May 2023 22:21:46 +0200 Subject: [PATCH 0617/1248] feat(github): Add OpenSSF Scorecard action (#2009) Signed-off-by: Marco Kilchhofer Co-authored-by: Marko Bevc --- .github/workflows/scorecard.yml | 72 +++++++++++++++++++++++++++++++++ README.md | 1 + 2 files changed, 73 insertions(+) create mode 100644 .github/workflows/scorecard.yml diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml new file mode 100644 index 00000000..c5ec1159 --- /dev/null +++ b/.github/workflows/scorecard.yml @@ -0,0 +1,72 @@ +# This workflow uses actions that are not certified by GitHub. They are provided +# by a third-party and are governed by separate terms of service, privacy +# policy, and support documentation. + +name: Scorecard supply-chain security +on: + # For Branch-Protection check. Only the default branch is supported. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection + branch_protection_rule: + # To guarantee Maintained check is occasionally updated. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained + schedule: + - cron: '21 6 * * 6' + push: + branches: [ "main" ] + +# Declare default permissions as read only. +permissions: read-all + +jobs: + analysis: + name: Scorecard analysis + runs-on: ubuntu-latest + permissions: + # Needed to upload the results to code-scanning dashboard. + security-events: write + # Needed to publish results and get a badge (see publish_results below). + id-token: write + # Uncomment the permissions below if installing in a private repository. + # contents: read + # actions: read + + steps: + - name: "Checkout code" + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + with: + persist-credentials: false + + - name: "Run analysis" + uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + with: + results_file: results.sarif + results_format: sarif + # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: + # - you want to enable the Branch-Protection check on a *public* repository, or + # - you are installing Scorecard on a *private* repository + # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. + repo_token: ${{ secrets.SCORECARD_TOKEN }} + + # Public repositories: + # - Publish results to OpenSSF REST API for easy access by consumers + # - Allows the repository to include the Scorecard badge. + # - See https://github.com/ossf/scorecard-action#publishing-results. + # For private repositories: + # - `publish_results` will always be set to `false`, regardless + # of the value entered here. + publish_results: true + + # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF + # format to the repository Actions tab. + - name: "Upload artifact" + uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + with: + name: SARIF file + path: results.sarif + retention-days: 5 + + # Upload the results to GitHub's code scanning dashboard. + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + with: + sarif_file: results.sarif diff --git a/README.md b/README.md index ac71eb3e..e8544439 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) [![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm) Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: From fe901f4dfb786c45a0d6a022e8a731b0564db70e Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 5 May 2023 15:23:04 -0500 Subject: [PATCH 0618/1248] chore(github): Update repo files (#2006) - [x] DELETE OWNERS file, not parsed, only used for bookkeeping, CODEOWNERS does this - [x] update CODEOWNERS to people who have committed in the last year - [x] create EMERITUS.md to list former CODEOWNERS and thank them for their contribution - [x] create SECURITY.md so people know how to report security issues - [x] turn on private vulnerability reporting in the repository - [x] create CODE_OF_CONDUCT.md linking to CNCF code of conduct By adding a code of conduct and security file we can set our Community Standards to 100% [here](https://github.com/argoproj/argo-helm/community) Signed-off-by: jmeridth Co-authored-by: Marko Bevc --- CODEOWNERS | 14 ++++++-------- CODE_OF_CONDUCT.md | 9 +++++++++ EMERITUS.md | 12 ++++++++++++ OWNERS | 9 --------- SECURITY.md | 21 +++++++++++++++++++++ 5 files changed, 48 insertions(+), 17 deletions(-) create mode 100644 CODE_OF_CONDUCT.md create mode 100644 EMERITUS.md delete mode 100644 OWNERS create mode 100644 SECURITY.md diff --git a/CODEOWNERS b/CODEOWNERS index aea8942f..bd5df3d0 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,16 +1,14 @@ -# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners - -# Other and new charts -/charts/ @oliverbaehler +# All +* @mkilchhofer @jmeridth # Argo Workflows -/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco +/charts/argo-workflows/ @vladlosev @yann-soubeyrand @jmeridth @yu-croco # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil +/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil # Argo Events -/charts/argo-events/ @jbehling @VaibhavPage @pdrastil +/charts/argo-events/ @pdrastil @jmeridth # Argo Rollouts -/charts/argo-rollouts/ +/charts/argo-rollouts/ @jmeridth diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 00000000..37789a9d --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,9 @@ +# Code of Conduct + +We adhere to the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md). Please reference the link for details. + +## TL;DR (too long didn't read) + +Be kind + +Your participation is at the discression of the maintainers of this project. diff --git a/EMERITUS.md b/EMERITUS.md new file mode 100644 index 00000000..2c299690 --- /dev/null +++ b/EMERITUS.md @@ -0,0 +1,12 @@ +# Emeritus Approvers + +These are the people who have been approvers in the past, and have since retired from the role. + +We thank them for their service to the project. + +* @oliverbaehler +* @stefansedich +* @paguos +* @yann-soubeyrand +* @davidkarlsen +* @jbehling diff --git a/OWNERS b/OWNERS deleted file mode 100644 index e393c5ba..00000000 --- a/OWNERS +++ /dev/null @@ -1,9 +0,0 @@ -owners: -- alexec -- alexmt -- jessesuen - -approvers: -- alexec -- alexmt -- jessesuen diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..7c30259c --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions and Upstream Reporting + +Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy docueent to find out how to report the security issue. + +* [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md) +* [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md) +* [Security Policy for Argo Rollouts](https://github.com/argoproj/argo-rollouts/blob/master/docs/security.md) +* [Security Policy for Argo CD](https://github.com/argoproj/argo-cd/blob/master/SECURITY.md) +* [Security Policy for Argo CD Image Updater](https://github.com/argoproj-labs/argocd-image-updater/blob/master/SECURITY.md) + +## Reporting a Vulnerability for Argo Helm Charts + +We have enabled the ability to privately report security issues through the Security tab above. + +[Here are the details on how to file](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) on how to do that + +A repository owner/maintainer will respond as fast as possible to coordinate confirmation of issue and remediation. + +Thank you for helping to ensure this code stays secure. From 15ade97f88757218ec3ec1f7add96f2526179edd Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sat, 6 May 2023 05:17:19 -0500 Subject: [PATCH 0619/1248] chore(github): Add deps pr title scope for dependabot PRs (#2013) Signed-off-by: jmeridth --- .github/workflows/pr-title.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index a636b08b..f7281443 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -31,6 +31,7 @@ jobs: argo-workflows argocd-image-updater argocd-apps + deps github # Configure that a scope must always be provided. requireScope: true From 2762902b1fc4d3217db257db146ca4d9e99acbe9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 May 2023 19:23:23 +0900 Subject: [PATCH 0620/1248] chore(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 (#2012) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.2. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/3cea5372237819ed00197afe530f5a7ea3e805c8...0b7f8abb1508181956e8e162db84b466c27e18ce) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index c5ec1159..2ab79857 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: SARIF file path: results.sarif From 0b965f93572534ae8cf1d8f6f540a62673dc34d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 May 2023 19:27:47 +0900 Subject: [PATCH 0621/1248] chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 (#2011) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...80e868c13c90f172d68d1f4501dee99e2479f7af) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 2ab79857..99fb2945 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -37,7 +37,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3 with: results_file: results.sarif results_format: sarif From 6cf01708d36fe7d7bf997a2f77425763bceaf31d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 May 2023 19:35:03 +0900 Subject: [PATCH 0622/1248] chore(deps): bump github/codeql-action from 2.2.4 to 2.3.3 (#2010) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.3.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...29b1f65c5e92e24fe6b6647da1eaabe529cec70f) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 99fb2945..66e1d5ee 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3 with: sarif_file: results.sarif From 430aaea83c06e08e88c7d479d02252822fcf5520 Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Sat, 6 May 2023 13:18:22 +0200 Subject: [PATCH 0623/1248] feat(argo-events): allow extraObjects to contain string template (#1994) [argo-event] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Co-authored-by: Jason Meridth --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a9f379e7..2adfec2b 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.2.0 +version: 2.3.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: add namespace field for namespace scoped resources + - kind: added + description: Allow extraObjects to contain string templates diff --git a/charts/argo-events/templates/extra-manifests.yaml b/charts/argo-events/templates/extra-manifests.yaml index a9bb3b6b..f17b1a93 100644 --- a/charts/argo-events/templates/extra-manifests.yaml +++ b/charts/argo-events/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From 80d5a6a65d309385a442a5d523f7a5d023390f32 Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Sat, 6 May 2023 13:31:50 +0200 Subject: [PATCH 0624/1248] feat(argo-rollouts): allow extraObjects to contain string template (#1996) [argo-event] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Co-authored-by: Jason Meridth Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index bb95a986..46ca6ba7 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.26.1 +version: 2.27.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Missing permissions to leases under coordination api group + description: Allow extraObjects to contain string templates diff --git a/charts/argo-rollouts/templates/extra-manifests.yaml b/charts/argo-rollouts/templates/extra-manifests.yaml index a9bb3b6b..f17b1a93 100644 --- a/charts/argo-rollouts/templates/extra-manifests.yaml +++ b/charts/argo-rollouts/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From f40c1d81ca379f93ca19726639444a94a07c8e7d Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sat, 6 May 2023 08:18:37 -0500 Subject: [PATCH 0625/1248] fix(github): fix error in codeowners file and update README about security (#2015) This is a follow-up of #2006. We cleared out users who have not contributed in the last year and moved them to EMERITUS.md We also created SECURITY.md Signed-off-by: jmeridth --- CODEOWNERS | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index bd5df3d0..9b0a95c5 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,7 +2,7 @@ * @mkilchhofer @jmeridth # Argo Workflows -/charts/argo-workflows/ @vladlosev @yann-soubeyrand @jmeridth @yu-croco +/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco # Argo CD /charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil diff --git a/README.md b/README.md index e8544439..b29bb3d1 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9" ### Security Policy -If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new). +Please refer to [SECURITY.md](SECURITY.md) for details on how to report security issues. ### Changelog From 5cff9158985f9daa8eb7f00719bba532d0e4aea6 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sat, 6 May 2023 11:20:18 -0500 Subject: [PATCH 0626/1248] fix(argo-workflows): change chart icon to match other charts (#2018) fix(argo-workflows): change chart image to match other charts This will make the charts all look nice when you go to https://artifacthub.io/packages/search?repo=argo&sort=relevance&page=1 Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 443bffb7..3eb787b8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,8 +3,8 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.0 -icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png +version: 0.26.1 +icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: - https://github.com/argoproj/argo-workflows @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fix - description: Drop .Values.useDefaultArtifactRepo flag to simplify usage + - kind: chore + description: Update Chart icon From 2a480226c43b3656a15b4a9691d76f791903c385 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 7 May 2023 09:18:39 -0500 Subject: [PATCH 0627/1248] chore(argo-events): Update chart icon to standard image (#2020) This will make the charts all look nice when you go to https://artifacthub.io/packages/search?repo=argo&sort=relevance&page=1 Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 2adfec2b..b763af57 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.0 +version: 2.3.1 home: https://github.com/argoproj/argo-helm -icon: https://argoproj.github.io/argo-events/assets/logo.png +icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: - argoproj - argo-events @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Allow extraObjects to contain string templates + - kind: chore + description: Update chart icon From ebae3d2462f754fac64bde0d88901c3451ae84dd Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sun, 7 May 2023 16:57:01 +0200 Subject: [PATCH 0628/1248] chore(deps): Pin all workflow deps (#2021) --- .github/workflows/lint-and-test.yml | 10 +++++----- .github/workflows/pr-sizing.yml | 4 ++-- .github/workflows/pr-title.yml | 2 +- .github/workflows/publish.yml | 6 +++--- .github/workflows/stale.yml | 2 +- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 97684b86..1f75294a 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -10,23 +10,23 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@v3 + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 with: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@v4 + uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0 with: python-version: 3.9 - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.4.0 + uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 with: # Note: Also update in scripts/lint.sh version: v3.7.1 @@ -58,7 +58,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@v1.5.0 + uses: helm/kind-action@d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00 # v1.5.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index bcdfc440..fa9c4c97 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -12,7 +12,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@v4 + - uses: actions/labeler@ba790c862c380240c6d5e7427be5ace9a05c754b # v4.0.3 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" @@ -22,6 +22,6 @@ jobs: runs-on: ubuntu-latest steps: - name: size-label - uses: "pascalgn/size-label-action@v0.4.3" + uses: "pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3" env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index f7281443..2d45de12 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@v5 + - uses: amannn/action-semantic-pull-request@c3cd5d1ea3580753008872425915e343e351ab54 # v5.2.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index cb56596b..e104fde2 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -15,12 +15,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 - name: Install Helm - uses: azure/setup-helm@v3 + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 with: version: v3.10.1 # Also update in lint-and-test.yaml @@ -39,7 +39,7 @@ jobs: git checkout origin/gh-pages index.yaml - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.5.0 + uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 with: config: "./.github/configs/cr.yaml" env: diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 9b4053bb..b0356dc7 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v8 + - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From a99b021f153c793a2f0b66eff483c756a41cfa39 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 8 May 2023 02:39:28 +0200 Subject: [PATCH 0629/1248] fix(github): Remove quotes in `uses` statement (#2022) Signed-off-by: Marco Kilchhofer --- .github/workflows/pr-sizing.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index fa9c4c97..f75d7f82 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -1,8 +1,12 @@ ## Reference: https://github.com/pascalgn/size-label-action name: 'PR Labeling' + on: pull_request_target: - types: [opened, synchronize, reopened] + types: + - opened + - synchronize + - reopened permissions: contents: read @@ -21,7 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - name: size-label - uses: "pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3" + - uses: pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 9d108349099d75bb4b8ef017a7cdae93b033c68d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 8 May 2023 20:22:52 +0900 Subject: [PATCH 0630/1248] feat(argo-cd): Enable to customize Service type of applicationset-controller (#2014) chore(argo-cd): Enable to customize Service type of applicationset-controller Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-applicationset/service.yaml | 1 + charts/argo-cd/values.yaml | 2 ++ 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 75944916..dd40f29b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.32.0 +version: 5.32.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: added - description: Allow extraObjects to contain string templates + description: Enable to customize Service type of applicationset-controller diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f1f0845f..054dc2f9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1079,6 +1079,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | | applicationSet.service.port | int | `7000` | ApplicationSet service port | | applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | +| applicationSet.service.type | string | `"ClusterIP"` | ApplicationSet service type | | applicationSet.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | applicationSet.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index 640b195a..e3a07b6f 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -16,6 +16,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + type: {{ .Values.applicationSet.service.type }} ports: - name: {{ .Values.applicationSet.service.portName }} port: {{ .Values.applicationSet.service.port }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index afdaa095..3f95a663 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2432,6 +2432,8 @@ applicationSet: annotations: {} # -- ApplicationSet service labels labels: {} + # -- ApplicationSet service type + type: ClusterIP # -- ApplicationSet service port port: 7000 # -- ApplicationSet service port name From 24089bdd384283e51c87046a589fda7522339b0b Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 8 May 2023 15:02:25 -0500 Subject: [PATCH 0631/1248] fix(argo-workflows): use correct artifacthub annotation kind (#2031) This is to get latest argo-workflows chart version out to artifacthub. Can't get the previous ones that had incorrect kinds. #2030 adds linting so this doesn't happen again. Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3eb787b8..11bdb8ed 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.1 +version: 0.26.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: chore - description: Update Chart icon + - kind: fixed + description: Use correct artifacthub kind and get latest chart version to artifacthub From 442fa22edcd5f980b2b4297d0d2d1bad1f820b2a Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 8 May 2023 19:38:23 -0500 Subject: [PATCH 0632/1248] fix(argo-events): use correct artifacthub annotation kind (#2032) This is to get latest argo-workflows chart version out to artifacthub. Can't get the previous ones that had incorrect kinds. argoproj#2030 adds linting so this doesn't happen again. Will merge after argo-workflows and argo-events charts are fixed. Signed-off-by: jmeridth Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index b763af57..d6ce3465 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.1 +version: 2.3.2 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: chore - description: Update chart icon + - kind: fixed + description: Use correct artifacthub kind and get latest chart version to artifacthub From 395abc5435724684db43e2c99f4ec8ed859c0b90 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 8 May 2023 21:22:34 -0500 Subject: [PATCH 0633/1248] feat(github): add artifacthub linting (#2030) This will help us ensure we use correct notation in our artifacthub annotations Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 1f75294a..90106fc9 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -6,6 +6,18 @@ permissions: contents: read jobs: + linter-artifacthub: + runs-on: ubuntu-latest + container: + image: public.ecr.aws/artifacthub/ah:v1.14.0 + options: --user 1001 + steps: + - name: Checkout + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - name: Run ah lint + working-directory: ./charts + run: ah lint + chart-test: runs-on: ubuntu-latest steps: From c8b47cf060b2ba6da64d4eb9e1f081472d70a371 Mon Sep 17 00:00:00 2001 From: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> Date: Tue, 9 May 2023 13:41:54 +1000 Subject: [PATCH 0634/1248] fix(argo-workflows): Fix Helm chart to correctly reference Kubernetes version in conditional check for HPA apiVersion (#2029) * add a fix for argo workflows hpa Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * add description for the fix Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * update readme Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * remove apiVersionOverrides from readme Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * fix linting Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> --------- Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> Co-authored-by: Aikawa Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/_helpers.tpl | 2 +- .../templates/server/server-deployment-hpa.yaml | 2 +- charts/argo-workflows/values.yaml | 5 +++++ 5 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 11bdb8ed..ae171a11 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.2 +version: 0.26.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: Use correct artifacthub kind and get latest chart version to artifacthub + description: Fix Helm chart to correctly reference Kubernetes version in conditional check for HPA apiVersion diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index dae6972b..1dbfc155 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -101,6 +101,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 2fbcc708..f302f0da 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -160,7 +160,7 @@ Return the appropriate apiVersion for autoscaling {{- define "argo-workflows.apiVersion.autoscaling" -}} {{- if .Values.apiVersionOverrides.autoscaling -}} {{- print .Values.apiVersionOverrides.autoscaling -}} -{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} +{{- else if semverCompare "<1.23-0" (include "argo-workflows.kubeVersion" .) -}} {{- print "autoscaling/v2beta1" -}} {{- else -}} {{- print "autoscaling/v2" -}} diff --git a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml index ebc45925..9194bbd9 100644 --- a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml @@ -1,5 +1,5 @@ {{- if and .Values.server.enabled .Values.server.autoscaling.enabled }} -apiVersion: autoscaling/v2beta1 +apiVersion: {{ include "argo-workflows.apiVersion.autoscaling" . }} kind: HorizontalPodAutoscaler metadata: name: {{ template "argo-workflows.server.fullname" . }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index c1c0229e..e7e268a0 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -29,6 +29,11 @@ fullnameOverride: # -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" +# Override APIVersions +apiVersionOverrides: + # -- String to override apiVersion of autoscaling rendered by this helm chart + autoscaling: "" # autoscaling/v2 + # -- Restrict Argo to operate only in a single namespace (the namespace of the # Helm release) by apply Roles and RoleBindings instead of the Cluster # equivalents, and start workflow-controller with the --namespaced flag. Use it From cc64b0c9f51b85ec64f23582ee53167ff4abc4d1 Mon Sep 17 00:00:00 2001 From: PidgeyBE Date: Wed, 10 May 2023 12:16:14 +0200 Subject: [PATCH 0635/1248] fix(argo-workflows): fix clusterworkflowtemplates disabled flag (#2033) * fix clusterworkflowtemplates disabled flag Signed-off-by: Peejai * Bump chart version and add artifacthub changes Signed-off-by: Peejai --------- Signed-off-by: Peejai Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/crds/argoproj.io_clusterworkflowtemplates.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ae171a11..0933c3d5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.3 +version: 0.26.4 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: Fix Helm chart to correctly reference Kubernetes version in conditional check for HPA apiVersion + description: Create clusterWorkflowTemplates CRD only when enabled in Helm values. diff --git a/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml b/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml index 7f767b24..9264eaba 100644 --- a/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml @@ -1,4 +1,5 @@ {{- if .Values.crds.install }} +{{- if or (.Values.server.clusterWorkflowTemplates.enabled) (.Values.controller.clusterWorkflowTemplates.enabled) }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -43,3 +44,4 @@ spec: served: true storage: true {{- end }} +{{- end }} From 07aa087a1942aac79dc04ec41a25a9c2b094ac4b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 15:06:56 +0200 Subject: [PATCH 0636/1248] feat(github): Introduce chart signing (#2040) Signed-off-by: Marco Kilchhofer --- .github/configs/cr.yaml | 8 +++++++- .github/workflows/publish.yml | 16 ++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/.github/configs/cr.yaml b/.github/configs/cr.yaml index 01fdbe0c..a0d425dc 100644 --- a/.github/configs/cr.yaml +++ b/.github/configs/cr.yaml @@ -1,2 +1,8 @@ ## Reference: https://github.com/helm/chart-releaser -index-path: "./index.yaml" \ No newline at end of file +index-path: "./index.yaml" + +# PGP signing +sign: true +key: Argo Helm maintainers +# keyring: # Set via env variable CR_KEYRING +# passphrase-file: # Set via env variable CR_PASSPHRASE_FILE diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index e104fde2..58d7d22d 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -38,6 +38,22 @@ jobs: run: | git checkout origin/gh-pages index.yaml + # The GitHub repository secret `PGP_PRIVATE_KEY` contains the private key + # in ASCII-armored format. To export a (new) key, run this command: + # `gpg --armor --export-secret-key ` + - name: Prepare PGP key + run: | + IFS="" + echo "$PGP_PRIVATE_KEY" | gpg --dearmor > $HOME/secring.gpg + echo "$PGP_PASSPHRASE" > $HOME/passphrase.txt + + # Tell chart-releaser-action where to find the key and its passphrase + echo "CR_KEYRING=$HOME/secring.gpg" >> "$GITHUB_ENV" + echo "CR_PASSPHRASE_FILE=$HOME/passphrase.txt" >> "$GITHUB_ENV" + env: + PGP_PRIVATE_KEY: "${{ secrets.PGP_PRIVATE_KEY }}" + PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}" + - name: Run chart-releaser uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 with: From 8c295d3344dd4c09ef9c8f7b7d8e32b94250ef0b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 15:49:32 +0200 Subject: [PATCH 0637/1248] feat(argo-cd): Introduce chart signing (#2042) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dd40f29b..12a1f5f0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.32.1 +version: 5.32.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,6 +22,9 @@ dependencies: repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Enable to customize Service type of applicationset-controller + description: Introduce chart signing From 887f68adb1d8ab3f2a767c99a3f46618faee112b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 16:20:51 +0200 Subject: [PATCH 0638/1248] feat(argo-workflows): Introduce chart signing (#2044) Signed-off-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0933c3d5..066adfa0 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.4 +version: 0.26.5 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -12,6 +12,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Create clusterWorkflowTemplates CRD only when enabled in Helm values. + - kind: added + description: Introduce chart signing From 2bd14d38b014ad1d45029c0990605d38eca960df Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Wed, 10 May 2023 15:30:17 +0100 Subject: [PATCH 0639/1248] chore(github): Add tico24 to codeowners (#2047) Signed-off-by: Tim Collins Co-authored-by: Aikawa --- CODEOWNERS | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 9b0a95c5..f7432a77 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,13 +2,13 @@ * @mkilchhofer @jmeridth # Argo Workflows -/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco +/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco @tico24 # Argo CD -/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil +/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24 # Argo Events -/charts/argo-events/ @pdrastil @jmeridth +/charts/argo-events/ @pdrastil @jmeridth @tico24 # Argo Rollouts /charts/argo-rollouts/ @jmeridth From 083f42cdd67ab03c4e45f98b8365ebd291b27318 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 11 May 2023 00:30:57 +0900 Subject: [PATCH 0640/1248] feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.0 (#2039) * feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.0 Signed-off-by: yu-croco * feat(argo-rollouts): Add missing configmap for 3rd party metrics providers Signed-off-by: yu-croco * feat: Add signing information Signed-off-by: Marco Kilchhofer --------- Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 11 ++- charts/argo-rollouts/README.md | 1 + .../templates/controller/configmap.yaml | 12 +++ .../templates/crds/analysis-run-crd.yaml | 70 +++++++++++++++++ .../templates/crds/analysis-template-crd.yaml | 70 +++++++++++++++++ .../crds/cluster-analysis-template-crd.yaml | 70 +++++++++++++++++ .../templates/crds/experiment-crd.yaml | 14 ++++ .../templates/crds/rollout-crd.yaml | 78 ++++++++++++++++++- charts/argo-rollouts/values.yaml | 7 ++ 9 files changed, 328 insertions(+), 5 deletions(-) create mode 100644 charts/argo-rollouts/templates/controller/configmap.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 46ca6ba7..ecdcbb39 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.4.1 +appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.27.0 +version: 2.28.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -14,6 +14,11 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: changed + description: Upgrade Argo Rollouts to v1.5.0 - kind: added - description: Allow extraObjects to contain string templates + description: Introduce chart signing diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 58784cf0..aaed870f 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -85,6 +85,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | controller.initContainers | list | `[]` | Init containers to add to the rollouts controller pod | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | +| controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | diff --git a/charts/argo-rollouts/templates/controller/configmap.yaml b/charts/argo-rollouts/templates/controller/configmap.yaml new file mode 100644 index 00000000..8eb2bbe2 --- /dev/null +++ b/charts/argo-rollouts/templates/controller/configmap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: argo-rollouts-config + namespace: {{ .Release.Namespace | quote }} + labels: + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +data: + {{- with .Values.controller.metricProviderPlugins }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 70187985..bc2e61db 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -188,6 +188,8 @@ spec: type: object datadog: properties: + apiVersion: + type: string interval: type: string query: @@ -240,6 +242,51 @@ spec: parallelism: format: int32 type: integer + podFailurePolicy: + properties: + rules: + items: + properties: + action: + type: string + onExitCodes: + properties: + containerName: + type: string + operator: + type: string + values: + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + items: + properties: + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + - onPodConditions + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object selector: properties: matchExpressions: @@ -1832,6 +1879,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2579,12 +2628,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -2710,6 +2768,9 @@ spec: required: - query type: object + plugin: + type: object + x-kubernetes-preserve-unknown-fields: true prometheus: properties: address: @@ -2717,6 +2778,15 @@ spec: query: type: string type: object + skywalking: + properties: + address: + type: string + interval: + type: string + query: + type: string + type: object wavefront: properties: address: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index c2846186..2c73c5c9 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -184,6 +184,8 @@ spec: type: object datadog: properties: + apiVersion: + type: string interval: type: string query: @@ -236,6 +238,51 @@ spec: parallelism: format: int32 type: integer + podFailurePolicy: + properties: + rules: + items: + properties: + action: + type: string + onExitCodes: + properties: + containerName: + type: string + operator: + type: string + values: + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + items: + properties: + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + - onPodConditions + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object selector: properties: matchExpressions: @@ -1828,6 +1875,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2575,12 +2624,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -2706,6 +2764,9 @@ spec: required: - query type: object + plugin: + type: object + x-kubernetes-preserve-unknown-fields: true prometheus: properties: address: @@ -2713,6 +2774,15 @@ spec: query: type: string type: object + skywalking: + properties: + address: + type: string + interval: + type: string + query: + type: string + type: object wavefront: properties: address: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index a00f68fe..612608de 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -184,6 +184,8 @@ spec: type: object datadog: properties: + apiVersion: + type: string interval: type: string query: @@ -236,6 +238,51 @@ spec: parallelism: format: int32 type: integer + podFailurePolicy: + properties: + rules: + items: + properties: + action: + type: string + onExitCodes: + properties: + containerName: + type: string + operator: + type: string + values: + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + items: + properties: + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + - onPodConditions + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object selector: properties: matchExpressions: @@ -1828,6 +1875,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2575,12 +2624,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -2706,6 +2764,9 @@ spec: required: - query type: object + plugin: + type: object + x-kubernetes-preserve-unknown-fields: true prometheus: properties: address: @@ -2713,6 +2774,15 @@ spec: query: type: string type: object + skywalking: + properties: + address: + type: string + interval: + type: string + query: + type: string + type: object wavefront: properties: address: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 86af1932..acf98935 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -159,6 +159,9 @@ spec: type: object type: object service: + properties: + name: + type: string type: object template: properties: @@ -1727,6 +1730,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2474,12 +2479,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 3f6ea749..0fafbab3 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -163,6 +163,17 @@ spec: x-kubernetes-int-or-string: true postPromotionAnalysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -220,6 +231,17 @@ spec: type: object prePromotionAnalysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -307,6 +329,17 @@ spec: type: integer analysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -440,6 +473,17 @@ spec: properties: analysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -580,6 +624,11 @@ spec: type: string type: object type: object + service: + properties: + name: + type: string + type: object specRef: type: string weight: @@ -869,9 +918,14 @@ spec: type: string stableIngress: type: string - required: - - stableIngress + stableIngresses: + items: + type: string + type: array type: object + plugins: + type: object + x-kubernetes-preserve-unknown-fields: true smi: properties: rootService: @@ -2456,6 +2510,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -3203,12 +3259,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -3257,30 +3322,39 @@ spec: properties: arn: type: string + fullName: + type: string name: type: string required: - arn + - fullName - name type: object loadBalancer: properties: arn: type: string + fullName: + type: string name: type: string required: - arn + - fullName - name type: object stableTargetGroup: properties: arn: type: string + fullName: + type: string name: type: string required: - arn + - fullName - name type: object type: object diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 28a6f1f8..d1c91e30 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -169,6 +169,13 @@ controller: # - mountPath: /etc/ssl/certs # name: my-certs + # -- Configures 3rd party metric providers for controller + ## Ref: https://argo-rollouts.readthedocs.io/en/stable/analysis/plugins/ + metricProviderPlugins: {} + # metricProviderPlugins: |- + # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration + # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + serviceAccount: # -- Specifies whether a service account should be created create: true From a487e177845c686f633b31b249e7dc7722aad8ad Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 17:45:46 +0200 Subject: [PATCH 0641/1248] feat(argo-events): Introduce chart signing (#2043) Signed-off-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index d6ce3465..c35d0f96 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.2 +version: 2.3.3 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -14,6 +14,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Use correct artifacthub kind and get latest chart version to artifacthub + - kind: added + description: Introduce chart signing From fc47f9baa6613ff747fda14cca0847f9b3e8b716 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 18:46:04 +0200 Subject: [PATCH 0642/1248] feat(argocd-image-updater): Introduce chart signing (#2046) Signed-off-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index d6ec30ef..665f4bad 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.0 +version: 0.9.1 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -14,6 +14,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: add namespace field for namespace scoped resources + - kind: added + description: Introduce chart signing From b37a9e72a68d8fafe3cddd14cf2b3ed6722eff4a Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 18:57:43 +0200 Subject: [PATCH 0643/1248] feat(argocd-apps): Introduce chart signing (#2045) Signed-off-by: Marco Kilchhofer Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index c8e37b3b..0c55671d 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.0.0 +version: 1.0.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -13,6 +13,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Changed the project field of the applicationset from a tpl function to a string. + - kind: added + description: Introduce chart signing From f6d44750b8ecf25e272b22dd78950e3ad43e0ffd Mon Sep 17 00:00:00 2001 From: PidgeyBE Date: Thu, 11 May 2023 02:09:33 +0200 Subject: [PATCH 0644/1248] fix(argo-workflows): Fix templating in several places (#2026) * Add artifacthub changes Signed-off-by: Peejai * fix templating list of yamls Signed-off-by: Peejai * Bump version and fix templating for gcs and azure as well Signed-off-by: Peejai --------- Signed-off-by: Peejai Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- .../workflow-controller-config-map.yaml | 20 +++++++++---------- .../workflow-controller-deployment.yaml | 2 +- .../templates/server/server-deployment.yaml | 2 +- charts/argo-workflows/values.yaml | 4 ++-- 5 files changed, 17 insertions(+), 17 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 066adfa0..3217d8e4 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.5 +version: 0.26.6 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Introduce chart signing + - kind: fixed + description: Fix Helm templating in S3 config and extra init containers diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 55720eb2..d30db859 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -60,29 +60,29 @@ data: archiveLogs: {{ .Values.artifactRepository.archiveLogs }} {{- end }} {{- with .Values.artifactRepository.gcs }} - gcs: {{- toYaml . | nindent 8 }} + gcs: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} {{- with .Values.artifactRepository.azure }} - azure: {{- toYaml . | nindent 8 }} + azure: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} {{- if and (not .Values.artifactRepository.gcs) (not .Values.artifactRepository.azure) }} s3: {{- if .Values.useStaticCredentials }} accessKeySecret: - key: {{ .Values.artifactRepository.s3.accessKeySecret.key }} - name: {{ .Values.artifactRepository.s3.accessKeySecret.name }} + key: {{ tpl .Values.artifactRepository.s3.accessKeySecret.key . }} + name: {{ tpl .Values.artifactRepository.s3.accessKeySecret.name . }} secretKeySecret: - key: {{ .Values.artifactRepository.s3.secretKeySecret.key }} - name: {{ .Values.artifactRepository.s3.secretKeySecret.name }} + key: {{ tpl .Values.artifactRepository.s3.secretKeySecret.key . }} + name: {{ tpl .Values.artifactRepository.s3.secretKeySecret.name . }} {{- end }} - bucket: {{ .Values.artifactRepository.s3.bucket }} - endpoint: {{ .Values.artifactRepository.s3.endpoint }} + bucket: {{ tpl (.Values.artifactRepository.s3.bucket | default "") . }} + endpoint: {{ tpl (.Values.artifactRepository.s3.endpoint | default "") . }} insecure: {{ .Values.artifactRepository.s3.insecure }} {{- if .Values.artifactRepository.s3.keyFormat }} keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }} {{- end }} {{- if .Values.artifactRepository.s3.region }} - region: {{ .Values.artifactRepository.s3.region }} + region: {{ tpl .Values.artifactRepository.s3.region $ }} {{- end }} {{- if .Values.artifactRepository.s3.roleARN }} roleARN: {{ .Values.artifactRepository.s3.roleARN }} @@ -184,4 +184,4 @@ data: {{- end }} {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} - {{- end }} + {{- end }} \ No newline at end of file diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 4ee117b8..c391bee8 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} {{- with .Values.controller.extraInitContainers }} initContainers: - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} containers: - name: controller diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index d75933ac..b2e50967 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -38,7 +38,7 @@ spec: {{- end }} {{- with .Values.server.extraInitContainers }} initContainers: - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} containers: - name: argo-server diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index e7e268a0..0e5af428 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -655,10 +655,10 @@ artifactRepository: # Note the `key` attribute is not the actual secret, it's the PATH to # the contents in the associated secret, as defined by the `name` attribute. accessKeySecret: - # name: -minio + name: "{{ .Release.Name }}-minio" key: accesskey secretKeySecret: - # name: -minio + name: "{{ .Release.Name }}-minio" key: secretkey # insecure will disable TLS. Primarily used for minio installs not configured with TLS insecure: false From 8402303bf8fcbf2433a9b99714f89f232c0777db Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 11 May 2023 02:39:56 +0200 Subject: [PATCH 0645/1248] feat(argo-cd): Add ability to add prometheus.io/scrape annotations (#2037) --- charts/argo-cd/Chart.yaml | 6 +++-- charts/argo-cd/README.md | 11 +++++++++ .../metrics.yaml | 12 ++++++++-- .../argocd-applicationset/metrics.yaml | 12 ++++++++-- .../argocd-notifications/metrics.yaml | 12 ++++++++-- .../templates/argocd-repo-server/metrics.yaml | 12 ++++++++-- .../templates/argocd-server/metrics.yaml | 12 ++++++++-- charts/argo-cd/templates/redis/metrics.yaml | 12 ++++++---- charts/argo-cd/values.yaml | 23 +++++++++++++++++++ 9 files changed, 96 insertions(+), 16 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 12a1f5f0..a8d8e721 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.32.2 +version: 5.33.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Introduce chart signing + description: Ability to add prometheus.io/scrape annotations to all metrics services + - kind: added + description: Ability to change metrics service type and clusterIP diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 054dc2f9..6f25e5ce 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| +| global.addPrometheusAnnotations | bool | `false` | Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. | | global.additionalLabels | object | `{}` | Common labels for the all resources | | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | @@ -513,9 +514,11 @@ NAME: my-release | controller.metrics.rules.selector | object | `{}` | PrometheusRule selector | | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | | controller.metrics.service.annotations | object | `{}` | Metrics service annotations | +| controller.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | controller.metrics.service.labels | object | `{}` | Metrics service labels | | controller.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | controller.metrics.service.servicePort | int | `8082` | Metrics service port | +| controller.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | controller.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -597,9 +600,11 @@ NAME: my-release | repoServer.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | repoServer.metrics.enabled | bool | `false` | Deploy metrics service | | repoServer.metrics.service.annotations | object | `{}` | Metrics service annotations | +| repoServer.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | repoServer.metrics.service.labels | object | `{}` | Metrics service labels | | repoServer.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | repoServer.metrics.service.servicePort | int | `8084` | Metrics service port | +| repoServer.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | repoServer.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | repoServer.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | repoServer.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -731,9 +736,11 @@ NAME: my-release | server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | server.metrics.enabled | bool | `false` | Deploy metrics service | | server.metrics.service.annotations | object | `{}` | Metrics service annotations | +| server.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | server.metrics.service.labels | object | `{}` | Metrics service labels | | server.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | server.metrics.service.servicePort | int | `8083` | Metrics service port | +| server.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | server.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | server.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | server.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -1044,9 +1051,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | +| applicationSet.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | | applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | +| applicationSet.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -1128,8 +1137,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | | notifications.metrics.port | int | `9001` | Metrics port | | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | +| notifications.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | notifications.metrics.service.labels | object | `{}` | Metrics service labels | | notifications.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | +| notifications.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml index 754b8490..01b7a779 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.controller.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.controller.metrics.service.annotations }} + {{- if or .Values.controller.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.controller.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.controller.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.controller.metrics.service.type }} + {{- if and .Values.controller.metrics.service.clusterIP (eq .Values.controller.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.controller.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.controller.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index fdac0bcf..ad26d22d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.applicationSet.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.applicationSet.metrics.service.annotations }} + {{- if or .Values.applicationSet.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.applicationSet.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.applicationSet.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.applicationSet.metrics.service.type }} + {{- if and .Values.applicationSet.metrics.service.clusterIP (eq .Values.applicationSet.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.applicationSet.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.applicationSet.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-notifications/metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml index 3c30a085..b5ce611d 100644 --- a/charts/argo-cd/templates/argocd-notifications/metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.notifications.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.notifications.metrics.service.annotations }} + {{- if or .Values.notifications.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.notifications.metrics.port | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.notifications.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.notifications.metrics.service.type }} + {{- if and .Values.notifications.metrics.service.clusterIP (eq .Values.notifications.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.notifications.metrics.service.clusterIP }} + {{- end }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} ports: diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml index b2be38ee..514595a2 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.repoServer.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.repoServer.metrics.service.annotations }} + {{- if or .Values.repoServer.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.repoServer.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.repoServer.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.repoServer.metrics.service.type }} + {{- if and .Values.repoServer.metrics.service.clusterIP (eq .Values.repoServer.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.repoServer.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.repoServer.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-server/metrics.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml index 3a9f46f7..3844820e 100644 --- a/charts/argo-cd/templates/argocd-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.server.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.server.metrics.service.annotations }} + {{- if or .Values.server.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.server.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.server.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.server.metrics.service.type }} + {{- if and .Values.server.metrics.service.clusterIP (eq .Values.server.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.server.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.server.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/redis/metrics.yaml b/charts/argo-cd/templates/redis/metrics.yaml index db526285..67b4c3ac 100644 --- a/charts/argo-cd/templates/redis/metrics.yaml +++ b/charts/argo-cd/templates/redis/metrics.yaml @@ -10,16 +10,20 @@ metadata: {{- with .Values.redis.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.redis.metrics.service.annotations }} + {{- if or .Values.redis.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.redis.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.redis.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: type: {{ .Values.redis.metrics.service.type }} - {{- with .Values.redis.metrics.service.clusterIP }} - clusterIP: {{ . }} + {{- if and .Values.redis.metrics.service.clusterIP (eq .Values.redis.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.redis.metrics.service.clusterIP }} {{- end }} ports: - name: {{ .Values.redis.metrics.service.portName }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3f95a663..9ee41698 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -79,6 +79,9 @@ global: # -- Labels for the all deployed pods podLabels: {} + # -- Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. + addPrometheusAnnotations: false + # -- Toggle and define pod-level security context. # @default -- `{}` (See [values.yaml]) securityContext: {} @@ -762,6 +765,10 @@ controller: # -- Additional labels labels: [] service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -1773,6 +1780,10 @@ server: # -- Deploy metrics service enabled: false service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -2241,6 +2252,10 @@ repoServer: # -- Deploy metrics service enabled: false service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -2394,6 +2409,10 @@ applicationSet: # -- Deploy metrics service enabled: false service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -2715,6 +2734,10 @@ notifications: # -- Metrics port port: 9001 service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels From 5873a1bc331e37c9500e4337d2ad2deca2fd8c80 Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Thu, 11 May 2023 08:39:17 +0200 Subject: [PATCH 0646/1248] feat(argo-workflows): allow extraObjects to contain string template (#1995) [argo-workflows] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3217d8e4..9b232421 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.6 +version: 0.27.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix Helm templating in S3 config and extra init containers + - kind: added + description: Allow extraObjects to contain string templates diff --git a/charts/argo-workflows/templates/extra-manifests.yaml b/charts/argo-workflows/templates/extra-manifests.yaml index a9bb3b6b..f17b1a93 100644 --- a/charts/argo-workflows/templates/extra-manifests.yaml +++ b/charts/argo-workflows/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From 1492e23522339e07e281aed0c7e659ce6a9d2189 Mon Sep 17 00:00:00 2001 From: Jonas Eilers <133217951+jdvgh@users.noreply.github.com> Date: Thu, 11 May 2023 16:06:46 +0200 Subject: [PATCH 0647/1248] feat(argo-cd): Add ability to add additional labels to all CRDs (#2051) feat(argo-cd): Add ability to add additional labels to all CRDs via .Values.crds.additionalLabels Signed-off-by: jdvgh <133217951+jdvgh@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/crds/crd-application.yaml | 3 +++ charts/argo-cd/templates/crds/crd-applicationset.yaml | 3 +++ charts/argo-cd/templates/crds/crd-extension.yaml | 3 +++ charts/argo-cd/templates/crds/crd-project.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 7 files changed, 17 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a8d8e721..b199884e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.0 +version: 5.33.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,6 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Ability to add prometheus.io/scrape annotations to all metrics services - - kind: added - description: Ability to change metrics service type and clusterIP + description: Ability to add additional labels to all CRDs via .Values.crds.additionalLabels diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6f25e5ce..34879a2a 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -379,6 +379,7 @@ NAME: my-release | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | +| crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 5bb7bfb3..cbb480e6 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -12,6 +12,9 @@ metadata: labels: app.kubernetes.io/name: applications.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: applications.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index f9bfde6c..ad35b062 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -12,6 +12,9 @@ metadata: labels: app.kubernetes.io/name: applicationsets.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: applicationsets.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-extension.yaml b/charts/argo-cd/templates/crds/crd-extension.yaml index 802f0e8c..30fbce70 100644 --- a/charts/argo-cd/templates/crds/crd-extension.yaml +++ b/charts/argo-cd/templates/crds/crd-extension.yaml @@ -13,6 +13,9 @@ metadata: labels: app.kubernetes.io/name: argocdextensions.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: argocdextensions.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-project.yaml b/charts/argo-cd/templates/crds/crd-project.yaml index 81e57d82..0a6da4f0 100644 --- a/charts/argo-cd/templates/crds/crd-project.yaml +++ b/charts/argo-cd/templates/crds/crd-project.yaml @@ -12,6 +12,9 @@ metadata: labels: app.kubernetes.io/name: appprojects.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: appprojects.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9ee41698..78e3c518 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -38,6 +38,8 @@ crds: keep: true # -- Annotations to be added to all CRDs annotations: {} + # -- Addtional labels to be added to all CRDs + additionalLabels: {} ## Globally shared configuration global: From 5dd7ae964d01eba826202107426fa3a6b3c62b57 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 13 May 2023 00:19:03 +0900 Subject: [PATCH 0648/1248] chore(argo-cd): Upgrade Argo CD to v2.7.2 (#2054) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b199884e..8e6211ca 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.1 +appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.1 +version: 5.33.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Ability to add additional labels to all CRDs via .Values.crds.additionalLabels + - kind: changed + description: Upgrade Argo CD to v2.7.2 From 6564b4453893d2a2498eed83ef5968cb65578368 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 13 May 2023 20:01:19 +0900 Subject: [PATCH 0649/1248] feat(argo-cd): Enable to add certificate to ApplicationSet Controller (#2052) * feat(argo-cd): Add ability to add certificate to Argo CD Controller Signed-off-by: yu-croco * fix(argo-cd): Add Certificate to right component Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 13 +++++++ .../argocd-applicationset/certificate.yaml | 33 ++++++++++++++++ charts/argo-cd/values.yaml | 39 +++++++++++++++++++ 4 files changed, 88 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-applicationset/certificate.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8e6211ca..5eb9ac9e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.2 +version: 5.33.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.2 + - kind: added + description: Enable to add certificate to ApplicationSet Controller diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 34879a2a..4519caec 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1024,6 +1024,19 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | +| applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | +| applicationSet.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | +| applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | +| applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | +| applicationSet.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | +| applicationSet.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | +| applicationSet.certificate.issuer.name | string | `""` | Certificate issuer name. Eg. `letsencrypt` | +| applicationSet.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` | +| applicationSet.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | +| applicationSet.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | +| applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | +| applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | +| applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml new file mode 100644 index 00000000..505a70fc --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -0,0 +1,33 @@ +{{- if .Values.applicationSet.certificate.enabled -}} +apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +kind: Certificate +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +spec: + secretName: {{ .Values.applicationSet.certificate.secretName }} + commonName: {{ .Values.applicationSet.certificate.domain | quote }} + dnsNames: + - {{ .Values.applicationSet.certificate.domain | quote }} + {{- range .Values.applicationSet.certificate.additionalHosts }} + - {{ . | quote }} + {{- end }} + {{- with .Values.applicationSet.certificate.duration }} + duration: {{ . | quote }} + {{- end }} + {{- with .Values.applicationSet.certificate.renewBefore }} + renewBefore: {{ . | quote }} + {{- end }} + issuerRef: + {{- with .Values.applicationSet.certificate.issuer.group }} + group: {{ . | quote }} + {{- end }} + kind: {{ .Values.applicationSet.certificate.issuer.kind | quote }} + name: {{ .Values.applicationSet.certificate.issuer.name | quote }} + {{- with .Values.applicationSet.certificate.privateKey }} + privateKey: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 78e3c518..2ad1b918 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2623,6 +2623,45 @@ applicationSet: # hosts: # - argocd-applicationset.example.com + # TLS certificate configuration via cert-manager + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-configuration + certificate: + # -- Deploy a Certificate resource (requires cert-manager) + enabled: false + # -- The name of the Secret that will be automatically created and managed by this Certificate resource + secretName: argocd-application-controller-tls + # -- Certificate primary domain (commonName) + domain: argocd.example.com + # -- Certificate Subject Alternate Names (SANs) + additionalHosts: [] + # -- The requested 'duration' (i.e. lifetime) of the certificate. + # @default -- `""` (defaults to 2160h = 90d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal + duration: "" + # -- How long before the expiry a certificate should be renewed. + # @default -- `""` (defaults to 360h = 15d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal + renewBefore: "" + # Certificate issuer + ## Ref: https://cert-manager.io/docs/concepts/issuer + issuer: + # -- Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` + group: "" + # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` + kind: "" + # -- Certificate issuer name. Eg. `letsencrypt` + name: "" + # Private key of the certificate + privateKey: + # -- Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` + rotationPolicy: Never + # -- The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` + encoding: PKCS1 + # -- Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` + algorithm: RSA + # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. + size: 2048 + ## Notifications controller notifications: # -- Enable notifications controller From 6b09ff82e05e808010f12ba277b268c3c21446c9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sat, 13 May 2023 13:25:33 +0200 Subject: [PATCH 0650/1248] fix(github): Don't run Scorecard analysis on forked repos (#2057) Signed-off-by: Marco Kilchhofer --- .github/workflows/scorecard.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 66e1d5ee..7059cc34 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -19,6 +19,7 @@ permissions: read-all jobs: analysis: + if: github.repository_owner == 'argoproj' name: Scorecard analysis runs-on: ubuntu-latest permissions: From 5dfed33a5668f1a18dde26417b69806d5c3e7ac6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 May 2023 20:32:52 +0900 Subject: [PATCH 0651/1248] chore(deps): bump actions/checkout from 3.1.0 to 3.5.2 (#2056) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.5.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.1.0...8e5e7e5ab8b370d6c329ec480221332ada57f0ab) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7059cc34..7f5cbfa5 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: persist-credentials: false From 1a5ee8eb352579bd81dfc3a14ef03f6604ad0b1b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 16 May 2023 18:23:59 +0900 Subject: [PATCH 0652/1248] chore(argo-cd): Update redis-ha to v4.23.0 (#2058) Signed-off-by: yu-croco --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index e21296c6..edd5df2b 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.5 -digest: sha256:d2e927511e515fb862f23dd413ee3a356c855d808f6f9ad1d345ee62b8c7ea16 -generated: "2023-03-30T08:25:32.738257836+02:00" + version: 4.23.0 +digest: sha256:589f9972fbdf36194d443c9d3be2a1747f43e03c435fc48004cc0cbe6b3c6e3c +generated: "2023-05-15T19:25:26.049618+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5eb9ac9e..6b8ec29d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.3 +version: 5.33.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,7 +18,7 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.5 + version: 4.23.0 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Enable to add certificate to ApplicationSet Controller + - kind: changed + description: Update redis-ha to v4.23.0 From 05bc6a236dfafa88bf2366d47709dd8b1748a13c Mon Sep 17 00:00:00 2001 From: GoshaDozoretz <106976988+gosharo@users.noreply.github.com> Date: Wed, 17 May 2023 16:40:18 +0300 Subject: [PATCH 0653/1248] feat(argo-cd): add lifecycle hooks to repo server (#1922) * add lifesycle webhook to repo server Signed-off-by: goshado * add lifesycle webhook to repo server Signed-off-by: goshado * add lifesycle webhook to repo server Signed-off-by: goshado --------- Signed-off-by: goshado Signed-off-by: GoshaDozoretz <106976988+gosharo@users.noreply.github.com> Co-authored-by: goshado --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 4 ++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6b8ec29d..32dcb776 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.4 +version: 5.34.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update redis-ha to v4.23.0 + - kind: added + description: Add lifecycle webhook to repo server. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4519caec..1fa388ed 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -594,6 +594,7 @@ NAME: my-release | repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | | repoServer.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | repoServer.initContainers | list | `[]` | Init containers to add to the repo server pods | +| repoServer.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for your argo-repo-server container | | repoServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | repoServer.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | repoServer.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 0226b48f..4f2c45bd 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -275,6 +275,10 @@ spec: {{- toYaml .Values.repoServer.resources | nindent 10 }} securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} + {{- with .Values.repoServer.lifecycle }} + lifecycle: + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.repoServer.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2ad1b918..c304de7e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2059,6 +2059,9 @@ repoServer: # - secretRef: # name: secret-name + # -- Specify postStart and preStop lifecycle hooks for your argo-repo-server container + lifecycle: {} + # -- Additional containers to be added to the repo server pod ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ ## Note: Supports use of custom Helm templates From 7347a5d78162a4d7abf5efbb27bd0327905c2c91 Mon Sep 17 00:00:00 2001 From: Jonas Eilers <133217951+jdvgh@users.noreply.github.com> Date: Wed, 17 May 2023 16:24:43 +0200 Subject: [PATCH 0654/1248] feat(argo-cd): Add new BitbucketCloud ssh keys in values.yaml (#2062) feat: Add new BitbucketCloud ssh keys Update configs.ssh.kownHosts in charts/argo-cd/values.yaml to match new SSHKeys from https://bitbucket.org/site/ssh (as of May 17th, 2023) Signed-off-by: jdvgh <133217951+jdvgh@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 32dcb776..0c7a2d5c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.0 +version: 5.34.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add lifecycle webhook to repo server. + description: Add new bitbucket cloud SSH key to configs.ssh.knownHosts diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c304de7e..2906eb82 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -315,6 +315,8 @@ configs: # -- Known hosts to be added to the known host list by default. # @default -- See [values.yaml] knownHosts: | + bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO + bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl From c3cfd49e9679df03e37f963fcb64c6d5375572d5 Mon Sep 17 00:00:00 2001 From: Joe Lee Date: Fri, 19 May 2023 17:35:00 +0800 Subject: [PATCH 0655/1248] feat(argocd-apps): Generate application, applicationset, project with template (#2025) * add template for application Signed-off-by: Joe Lee * update version Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * add example for applicationsetTemplates Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * merge each of items into one Signed-off-by: Joe Lee * update readme Signed-off-by: Joe Lee * update doc Signed-off-by: Joe Lee * update version Signed-off-by: Joe Lee * add template for application Signed-off-by: Joe Lee * update version Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * merge each of items into one Signed-off-by: Joe Lee * move itemTemplates to new file Signed-off-by: Joe Lee * discard change for applications.yaml Signed-off-by: Joe Lee --------- Signed-off-by: Joe Lee --- charts/argocd-apps/Chart.yaml | 4 +- charts/argocd-apps/README.md | 1 + charts/argocd-apps/ci/item-templates.yaml | 61 +++++++++++++++++ .../argocd-apps/templates/item-templates.yaml | 15 +++++ charts/argocd-apps/values.yaml | 65 +++++++++++++++++++ 5 files changed, 144 insertions(+), 2 deletions(-) create mode 100644 charts/argocd-apps/ci/item-templates.yaml create mode 100644 charts/argocd-apps/templates/item-templates.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 0c55671d..6d0a194f 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.0.1 +version: 1.1.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Introduce chart signing + description: Generate application, applicationset, project with template diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index bc0d0685..0e5bbbe2 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -31,6 +31,7 @@ $ helm install my-release argo/argocd-apps | applications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | | applicationsets | list | `[]` (See [values.yaml]) | Deploy Argo CD ApplicationSets within this helm release | | extensions | list | `[]` (See [values.yaml]) | Deploy Argo UI Extensions within this helm release | +| itemTemplates | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications/ApplicationSets/Projects within this helm release | | projects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | ---------------------------------------------- diff --git a/charts/argocd-apps/ci/item-templates.yaml b/charts/argocd-apps/ci/item-templates.yaml new file mode 100644 index 00000000..8a08c684 --- /dev/null +++ b/charts/argocd-apps/ci/item-templates.yaml @@ -0,0 +1,61 @@ +itemTemplates: + - items: + - name: my-appset + generators: &generators + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + - cluster: engineering-prod + url: https://2.4.6.8 + - cluster: finance-preprod + url: https://9.8.7.6 + template: + apiVersion: argoproj.io/v1alpha1 + kind: ApplicationSet + metadata: + name: "{{ .name }}" + spec: + generators: *generators + template: + metadata: + name: "{{`{{cluster}}`}}-guestbook" + spec: + project: my-project + source: + repoURL: https://github.com/infra-team/cluster-deployments.git + targetRevision: HEAD + path: guestbook/{{`{{cluster}}`}} + destination: + server: "{{`{{cluster}}`}}" + namespace: guestbook + - items: + - name: my-appset + generators: + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + - cluster: engineering-prod + url: https://2.4.6.8 + - cluster: finance-preprod + url: https://9.8.7.6 + template: |- + apiVersion: argoproj.io/v1alpha1 + kind: ApplicationSet + metadata: + name: {{ .name }} + spec: + generators: {{ toYaml .generators | nindent 4 }} + template: + metadata: + name: '{{`{{cluster}}`}}-guestbook' + spec: + project: my-project + source: + repoURL: https://github.com/infra-team/cluster-deployments.git + targetRevision: HEAD + path: guestbook/{{`{{cluster}}`}} + destination: + server: '{{`{{cluster}}`}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/item-templates.yaml b/charts/argocd-apps/templates/item-templates.yaml new file mode 100644 index 00000000..a209cc2a --- /dev/null +++ b/charts/argocd-apps/templates/item-templates.yaml @@ -0,0 +1,15 @@ +{{- range .Values.itemTemplates }} +{{- if kindIs "string" .template }} +{{- $template := .template -}} +{{- range .items }} +--- +{{ tpl $template (set . "Template" $.Template) }} +{{- end }} +{{- else }} +{{- $template := .template | toYaml -}} +{{- range .items }} +--- +{{ tpl $template (set . "Template" $.Template) }} +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index eb0767b9..72301ace 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -133,6 +133,71 @@ applicationsets: [] # # Set Application finalizer # preserveResourcesOnDeletion: false +# -- Deploy Argo CD Applications/ApplicationSets/Projects within this helm release +# @default -- `[]` (See [values.yaml]) +## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/ +itemTemplates: [] +# - items: +# - name: my-appset +# generators: &generators +# - list: +# elements: +# - cluster: engineering-dev +# url: https://1.2.3.4 +# - cluster: engineering-prod +# url: https://2.4.6.8 +# - cluster: finance-preprod +# url: https://9.8.7.6 +# template: +# apiVersion: argoproj.io/v1alpha1 +# kind: ApplicationSet +# metadata: +# name: "{{ .name }}" +# spec: +# generators: *generators +# template: +# metadata: +# name: "{{`{{cluster}}`}}-guestbook" +# spec: +# project: my-project +# source: +# repoURL: https://github.com/infra-team/cluster-deployments.git +# targetRevision: HEAD +# path: guestbook/{{`{{cluster}}`}} +# destination: +# server: "{{`{{cluster}}`}}" +# namespace: guestbook +# - items: +# - name: my-appset +# generators: +# - list: +# elements: +# - cluster: engineering-dev +# url: https://1.2.3.4 +# - cluster: engineering-prod +# url: https://2.4.6.8 +# - cluster: finance-preprod +# url: https://9.8.7.6 +# template: |- +# apiVersion: argoproj.io/v1alpha1 +# kind: ApplicationSet +# metadata: +# name: {{ .name }} +# spec: +# generators: {{ toYaml .generators | nindent 4 }} +# template: +# metadata: +# name: '{{`{{cluster}}`}}-guestbook' +# spec: +# project: my-project +# source: +# repoURL: https://github.com/infra-team/cluster-deployments.git +# targetRevision: HEAD +# path: guestbook/{{`{{cluster}}`}} +# destination: +# server: '{{`{{cluster}}`}}' +# namespace: guestbook + # -- Deploy Argo UI Extensions within this helm release # @default -- `[]` (See [values.yaml]) ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary. From 5766533626cadb5a29c46bd3a6c513da7ca30bea Mon Sep 17 00:00:00 2001 From: Julien Michaud <103417499+julien-michaud@users.noreply.github.com> Date: Fri, 19 May 2023 12:35:33 +0200 Subject: [PATCH 0656/1248] feat(argo-workflows): support google ManagedCertificate, FrontendConfig & BackendConfig for gce ingress (#2066) * feat: add gke stuff Signed-off-by: julien.michaud * update readme and chart.yaml file Signed-off-by: julien.michaud * fix readme Signed-off-by: julien.michaud * docs: Apply changes from code review Signed-off-by: Marco Kilchhofer --------- Signed-off-by: julien.michaud Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 8 +++-- charts/argo-workflows/README.md | 9 +++++ charts/argo-workflows/README.md.gotmpl | 2 ++ charts/argo-workflows/templates/_helpers.tpl | 13 +++++++ .../templates/server/gke/backendconfig.yaml | 11 ++++++ .../templates/server/gke/frontendconfig.yaml | 11 ++++++ .../server/gke/managedcertificate.yaml | 12 +++++++ charts/argo-workflows/values.yaml | 36 +++++++++++++++++++ 8 files changed, 100 insertions(+), 2 deletions(-) create mode 100644 charts/argo-workflows/templates/server/gke/backendconfig.yaml create mode 100644 charts/argo-workflows/templates/server/gke/frontendconfig.yaml create mode 100644 charts/argo-workflows/templates/server/gke/managedcertificate.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 9b232421..84e49d84 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.27.0 +version: 0.28.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,8 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Allow extraObjects to contain string templates + description: Add support for Google ManagedCertificate on GKE + - kind: added + description: Add support for Google FrontendConfig on GKE + - kind: added + description: Add support for Google BackendConfig on GKE diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 1dbfc155..b5612a16 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -102,6 +102,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | +| apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | @@ -240,6 +241,12 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| server.GKEbackendConfig.enabled | bool | `false` | Enable BackendConfig custom resource for Google Kubernetes Engine | +| server.GKEbackendConfig.spec | object | `{}` | [BackendConfigSpec] | +| server.GKEfrontendConfig.enabled | bool | `false` | Enable FrontConfig custom resource for Google Kubernetes Engine | +| server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] | +| server.GKEmanagedCertificate.domains | list | `["argoworkflows.example.com"]` | Domains for the Google Managed Certificate | +| server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | @@ -333,6 +340,8 @@ Fields to note: 1. moved the field previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 398a8788..ab8554f5 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -188,6 +188,8 @@ Fields to note: 1. moved the field previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index f302f0da..f81e6fc4 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -166,3 +166,16 @@ Return the appropriate apiVersion for autoscaling {{- print "autoscaling/v2" -}} {{- end -}} {{- end -}} + +{{/* +Return the appropriate apiVersion for GKE resources +*/}} +{{- define "argo-workflows.apiVersions.cloudgoogle" -}} +{{- if .Values.apiVersionOverrides.cloudgoogle -}} +{{- print .Values.apiVersionOverrides.cloudgoogle -}} +{{- else if .Capabilities.APIVersions.Has "cloud.google.com/v1" -}} +{{- print "cloud.google.com/v1" -}} +{{- else -}} +{{- print "cloud.google.com/v1beta1" -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/gke/backendconfig.yaml b/charts/argo-workflows/templates/server/gke/backendconfig.yaml new file mode 100644 index 00000000..4597db3d --- /dev/null +++ b/charts/argo-workflows/templates/server/gke/backendconfig.yaml @@ -0,0 +1,11 @@ +{{- if .Values.server.GKEbackendConfig.enabled }} +apiVersion: {{ include "argo-workflows.apiVersions.cloudgoogle" . }} +kind: BackendConfig +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + {{- toYaml .Values.server.GKEbackendConfig.spec | nindent 2 }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/gke/frontendconfig.yaml b/charts/argo-workflows/templates/server/gke/frontendconfig.yaml new file mode 100644 index 00000000..6b81c923 --- /dev/null +++ b/charts/argo-workflows/templates/server/gke/frontendconfig.yaml @@ -0,0 +1,11 @@ +{{- if .Values.server.GKEfrontendConfig.enabled }} +apiVersion: networking.gke.io/v1beta1 +kind: FrontendConfig +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + {{- toYaml .Values.server.GKEfrontendConfig.spec | nindent 2 }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/gke/managedcertificate.yaml b/charts/argo-workflows/templates/server/gke/managedcertificate.yaml new file mode 100644 index 00000000..b77c3131 --- /dev/null +++ b/charts/argo-workflows/templates/server/gke/managedcertificate.yaml @@ -0,0 +1,12 @@ +{{- if .Values.server.GKEmanagedCertificate.enabled }} +apiVersion: networking.gke.io/v1 +kind: ManagedCertificate +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} +spec: + domains: + {{- with .Values.server.GKEmanagedCertificate.domains }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 0e5af428..b65fd4f8 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -33,6 +33,8 @@ kubeVersionOverride: "" apiVersionOverrides: # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 + # -- String to override apiVersion of GKE resources rendered by this helm chart + cloudgoogle: "" # cloud.google.com/v1 # -- Restrict Argo to operate only in a single namespace (the namespace of the # Helm release) by apply Roles and RoleBindings instead of the Cluster @@ -576,6 +578,40 @@ server: # hosts: # - argoworkflows.example.com + ## Create a Google Backendconfig for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#configuring_ingress_features_through_backendconfig_parameters + GKEbackendConfig: + # -- Enable BackendConfig custom resource for Google Kubernetes Engine + enabled: false + # -- [BackendConfigSpec] + spec: {} + # spec: + # iap: + # enabled: true + # oauthclientCredentials: + # secretName: argoworkflows-secret + + ## Create a Google Managed Certificate for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs + GKEmanagedCertificate: + # -- Enable ManagedCertificate custom resource for Google Kubernetes Engine. + enabled: false + # -- Domains for the Google Managed Certificate + domains: + - argoworkflows.example.com + + ## Create a Google FrontendConfig Custom Resource, for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters + GKEfrontendConfig: + # -- Enable FrontConfig custom resource for Google Kubernetes Engine + enabled: false + # -- [FrontendConfigSpec] + spec: {} + # spec: + # redirectToHttps: + # enabled: true + # responseCodeName: RESPONSE_CODE + clusterWorkflowTemplates: # -- Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. enabled: true From b651465fb23e4c252ec0391f2edbaa41fe2742f2 Mon Sep 17 00:00:00 2001 From: Yevhen Tienkaiev Date: Sat, 20 May 2023 18:39:17 +0300 Subject: [PATCH 0657/1248] feat(argo-rollouts): Add possibility to configure healthz and metrics ports to be compatible with Istio (#1976) --- charts/argo-rollouts/Chart.yaml | 6 ++---- charts/argo-rollouts/README.md | 4 ++++ .../templates/controller/deployment.yaml | 6 ++++-- .../templates/controller/metrics-service.yaml | 6 +++--- .../templates/controller/servicemonitor.yaml | 2 +- charts/argo-rollouts/values.yaml | 12 ++++++++++++ 6 files changed, 26 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index ecdcbb39..756734d1 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.28.0 +version: 2.29.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,7 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Rollouts to v1.5.0 - kind: added - description: Introduce chart signing + description: Ability to configure healthz and metrics ports to be compatible with Istio diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index aaed870f..70a61745 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -75,6 +75,8 @@ For full list of changes please check ArtifactHub [changelog]. | containerSecurityContext | object | `{}` | Security Context to set on container level | | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | +| controller.containerPorts.healthz | int | `8080` | Healthz container port | +| controller.containerPorts.metrics | int | `8090` | Metrics container port | | controller.createClusterRole | bool | `true` | flag to enable creation of cluster controller role (requires cluster RBAC) | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | | controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | @@ -87,6 +89,8 @@ For full list of changes please check ArtifactHub [changelog]. | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.service.port | int | `8090` | Metrics service port | +| controller.metrics.service.portName | string | `"metrics"` | Metrics service port name | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 95ec845f..a40dd9ed 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -37,6 +37,8 @@ spec: containers: - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default .Chart.AppVersion .Values.controller.image.tag }}" args: + - --healthzPort={{ .Values.controller.containerPorts.healthz }} + - --metricsport={{ .Values.controller.containerPorts.metrics }} {{- if not .Values.clusterInstall }} - --namespaced {{- end }} @@ -53,9 +55,9 @@ spec: imagePullPolicy: {{ .Values.controller.image.pullPolicy }} name: argo-rollouts ports: - - containerPort: 8090 + - containerPort: {{ .Values.controller.containerPorts.metrics }} name: metrics - - containerPort: 8080 + - containerPort: {{ .Values.controller.containerPorts.healthz }} name: healthz livenessProbe: {{- toYaml .Values.controller.livenessProbe | nindent 10 }} diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index 0effcc23..e04d326a 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -13,10 +13,10 @@ metadata: {{- end }} spec: ports: - - name: metrics + - name: {{ .Values.controller.metrics.service.portName }} protocol: TCP - port: 8090 - targetPort: 8090 + port: {{ .Values.controller.metrics.service.port }} + targetPort: metrics selector: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index cb489e3b..62713764 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} spec: endpoints: - - port: metrics + - port: {{ .Values.controller.metrics.service.portName }} {{- with .Values.controller.metrics.serviceMonitor.relabelings }} relabelings: {{- toYaml . | nindent 6 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index d1c91e30..2ea4fbb4 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -106,9 +106,21 @@ controller: # -- flag to enable creation of cluster controller role (requires cluster RBAC) createClusterRole: true + # Controller container ports + containerPorts: + # -- Metrics container port + metrics: 8090 + # -- Healthz container port + healthz: 8080 + metrics: # -- Deploy metrics service enabled: false + service: + # -- Metrics service port name + portName: metrics + # -- Metrics service port + port: 8090 serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false From be8a4c97293de9a0e13040f7dadd57556157bd6d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 May 2023 11:07:08 +0900 Subject: [PATCH 0658/1248] chore(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (#2067) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.5.0 to 1.7.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00...fa81e57adff234b2908110485695db0f181f3c67) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 90106fc9..e7e35f8a 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00 # v1.5.0 + uses: helm/kind-action@fa81e57adff234b2908110485695db0f181f3c67 # v1.7.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 650a9ec7effbc920043a623c8deaba89a110c199 Mon Sep 17 00:00:00 2001 From: Khue Doan Date: Sun, 21 May 2023 14:19:31 +0700 Subject: [PATCH 0659/1248] feat(argocd-apps): Add rollout strategy for ApplicationSet (#2063) feat(argocd-apps): add rollout strategy for ApplicationSet Signed-off-by: Khue Doan --- charts/argocd-apps/Chart.yaml | 4 +- ...licationsets-progressive-syncs-values.yaml | 41 +++++++++++++++++++ .../templates/applicationsets.yaml | 4 ++ charts/argocd-apps/values.yaml | 20 ++++++++- 4 files changed, 66 insertions(+), 3 deletions(-) create mode 100644 charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 6d0a194f..fc733b22 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.1.0 +version: 1.2.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Generate application, applicationset, project with template + description: Rollout strategy for ApplicationSet diff --git a/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml b/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml new file mode 100644 index 00000000..2fa58978 --- /dev/null +++ b/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml @@ -0,0 +1,41 @@ +# Test applicationsets with Progressive Syncs + +applicationsets: +- name: applicationset-progressive-syncs + generators: + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + env: env-dev + - cluster: engineering-prod + url: https://9.8.7.6/ + env: env-prod + strategy: + type: RollingSync + rollingSync: + steps: + - matchExpressions: + - key: envLabel + operator: In + values: + - env-dev + - matchExpressions: + - key: envLabel + operator: In + values: + - env-prod + template: + metadata: + name: '{{.cluster}}-guestbook' + labels: + envLabel: '{{.env}}' + spec: + project: my-project + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: guestbook/{{.cluster}} + destination: + server: '{{.url}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index bb8b09d1..0d3a47e9 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -26,6 +26,10 @@ spec: generators: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .syncPolicy }} syncPolicy: {{- toYaml . | nindent 4 }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 72301ace..500849df 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -103,10 +103,28 @@ applicationsets: [] # directories: # - path: guestbook # - path: kustomize-* +# # Progressive Syncs is an experimental feature and it must be explicitly enabled +# # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Progressive-Syncs/#enabling-progressive-syncs +# strategy: +# type: RollingSync +# rollingSync: +# steps: +# - matchExpressions: +# - key: project +# operator: In +# values: +# - guestbook +# - matchExpressions: +# - key: project +# operator: In +# values: +# - kustomize-foo +# - kustomize-bar # template: # metadata: # name: '{{path.basename}}' -# labels: {} +# labels: +# project: '{{path.basename}}' # annotations: {} # spec: # project: default From 1d999e055266f05639cd81a3e1b4cb7859006794 Mon Sep 17 00:00:00 2001 From: Wim Fournier Date: Mon, 22 May 2023 19:07:09 +0200 Subject: [PATCH 0660/1248] fix(argo-cd): don't request applicationsets if its disabled (#2069) * don't request applicationsets if its disabled Signed-off-by: Wim Fournier * Update Chart.yaml Signed-off-by: Wim Fournier --------- Signed-off-by: Wim Fournier --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/role.yaml | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0c7a2d5c..d5bdb82f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.1 +version: 5.34.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add new bitbucket cloud SSH key to configs.ssh.knownHosts + - kind: fixed + description: don't request applicationSets in the role, if applicationSets are disabled diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index f156bc18..6bfe32a4 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -23,7 +23,9 @@ rules: - argoproj.io resources: - applications + {{- if .Values.applicationSet.enabled }} - applicationsets + {{- end }} - appprojects {{- if .Values.server.extensions.enabled }} - argocdextensions From 6593901daf722c10f9b089a078cd9a7f88c1c2a5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 23 May 2023 11:46:53 +0900 Subject: [PATCH 0661/1248] fix(argo-cd): Align with upstream dex initContainers (#2070) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d5bdb82f..72042538 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.2 +version: 5.34.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: don't request applicationSets in the role, if applicationSets are disabled + description: Align with upstream dex initContainers diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 6ae17170..2acf4242 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -136,7 +136,7 @@ spec: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - args: + command: - /bin/cp - -n - /usr/local/bin/argocd From feb7fc0bb8b2a33f0b7fc5772d597eb67775f977 Mon Sep 17 00:00:00 2001 From: Michael Weber Date: Tue, 23 May 2023 02:07:34 -0500 Subject: [PATCH 0662/1248] feat(argo-rollouts): add deployment annotations for controller (#2048) * feat(argo-rollouts): deployment annotations for controller, dashboard Signed-off-by: Michael Weber * chore: Apply changes from code review Signed-off-by: Marco Kilchhofer --------- Signed-off-by: Michael Weber Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/templates/controller/deployment.yaml | 6 ++++++ charts/argo-rollouts/templates/dashboard/deployment.yaml | 6 ++++++ charts/argo-rollouts/values.yaml | 8 ++++++++ 5 files changed, 25 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 756734d1..8d87d142 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.29.0 +version: 2.30.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Ability to configure healthz and metrics ports to be compatible with Istio + description: ability to annotate controller Deployment diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 70a61745..a7f8a060 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -49,6 +49,7 @@ For full list of changes please check ArtifactHub [changelog]. | createClusterAggregateRoles | bool | `true` | flag to enable creation of cluster aggregate roles (requires cluster RBAC) | | extraObjects | list | `[]` | Additional manifests to deploy within the chart. A list of objects. | | fullnameOverride | string | `nil` | String to fully override "argo-rollouts.fullname" template | +| global.deploymentAnnotations | object | `{}` | Annotations for all deployed Deployments | | imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Registry secret names as an array. | | installCRDs | bool | `true` | Install and upgrade CRDs | | keepCRDs | bool | `true` | Keep CRD's on helm uninstall | @@ -78,6 +79,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.containerPorts.healthz | int | `8080` | Healthz container port | | controller.containerPorts.metrics | int | `8090` | Metrics container port | | controller.createClusterRole | bool | `true` | flag to enable creation of cluster controller role (requires cluster RBAC) | +| controller.deploymentAnnotations | object | `{}` | Annotations to be added to the controller deployment | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | | controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | | controller.extraEnv | list | `[]` | Additional environment variables for rollouts-controller. A list of name/value maps. | @@ -127,6 +129,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` | | dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | | dashboard.createClusterRole | bool | `true` | flag to enable creation of dashbord cluster role (requires cluster RBAC) | +| dashboard.deploymentAnnotations | object | `{}` | Annotations to be added to the dashboard deployment | | dashboard.enabled | bool | `false` | Deploy dashboard server | | dashboard.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-dashboard. A list of flags. | | dashboard.extraEnv | list | `[]` | Additional environment variables for rollouts-dashboard. A list of name/value maps. | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index a40dd9ed..966491c8 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -1,6 +1,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.controller.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-rollouts.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 342e1996..cae24888 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -2,6 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.dashboard.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-rollouts.fullname" . }}-dashboard namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 2ea4fbb4..6a533eaf 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -38,9 +38,15 @@ extraObjects: [] # api-key: # app-key: +global: + # -- Annotations for all deployed Deployments + deploymentAnnotations: {} + controller: # -- Value of label `app.kubernetes.io/component` component: rollouts-controller + # -- Annotations to be added to the controller deployment + deploymentAnnotations: {} # -- Annotations to be added to application controller pods podAnnotations: {} # -- [Node selector] @@ -253,6 +259,8 @@ dashboard: readonly: false # -- Value of label `app.kubernetes.io/component` component: rollouts-dashboard + # -- Annotations to be added to the dashboard deployment + deploymentAnnotations: {} # -- Annotations to be added to application dashboard pods podAnnotations: {} # -- [Node selector] From cd4c291e47f0e9c1184fb05e79d9f3b742195c5c Mon Sep 17 00:00:00 2001 From: Wim Fournier Date: Tue, 23 May 2023 22:29:26 +0200 Subject: [PATCH 0663/1248] fix(argo-cd): Allow to disable containerSecurityContext (#2072) * Allow to disable containerSecurityContext Add a `enabled` property to allow the whole containerSecurityContext to be disabled. Fixes https://github.com/argoproj/argo-helm/issues/2071 Signed-off-by: wim.fournier Signed-off-by: Wim Fournier * fix missing space Signed-off-by: Wim Fournier * remove enabled key Signed-off-by: Wim Fournier * fix typo Signed-off-by: Wim Fournier * missed one Signed-off-by: Wim Fournier * simplify using `with`, thx @pborn-ionos! Signed-off-by: wim.fournier * missed one Signed-off-by: wim.fournier --------- Signed-off-by: wim.fournier Signed-off-by: Wim Fournier Signed-off-by: wim.fournier Co-authored-by: wim.fournier --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/statefulset.yaml | 4 +++- .../templates/argocd-applicationset/deployment.yaml | 4 +++- .../templates/argocd-notifications/deployment.yaml | 4 +++- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 4 +++- charts/argo-cd/templates/argocd-server/deployment.yaml | 8 ++++++-- charts/argo-cd/templates/dex/deployment.yaml | 8 ++++++-- charts/argo-cd/templates/redis/deployment.yaml | 8 ++++++-- 8 files changed, 32 insertions(+), 12 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72042538..17f73eb4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.3 +version: 5.34.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Align with upstream dex initContainers + description: Allow to disable containerSecurityContext diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index c56bf0b3..26b9d2f5 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -255,8 +255,10 @@ spec: failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} + {{- with .Values.controller.containerSecurityContext }} securityContext: - {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} workingDir: /home/argocd volumeMounts: {{- with .Values.controller.volumeMounts }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 9033f5b4..f3ce127a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -182,8 +182,10 @@ spec: {{- end }} resources: {{- toYaml .Values.applicationSet.resources | nindent 12 }} + {{- with .Values.applicationSet.containerSecurityContext }} securityContext: - {{- toYaml .Values.applicationSet.containerSecurityContext | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} volumeMounts: {{- with .Values.applicationSet.extraVolumeMounts }} {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index d49944fd..d3f21b02 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -80,8 +80,10 @@ spec: protocol: TCP resources: {{- toYaml .Values.notifications.resources | nindent 12 }} + {{- with .Values.notifications.containerSecurityContext }} securityContext: - {{- toYaml .Values.notifications.containerSecurityContext | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} workingDir: /app volumeMounts: - name: tls-certs diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 4f2c45bd..759dc587 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -273,8 +273,10 @@ spec: failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.repoServer.resources | nindent 10 }} + {{- with .Values.repoServer.containerSecurityContext }} securityContext: - {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.repoServer.lifecycle }} lifecycle: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 7ce72e80..62436af7 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -334,8 +334,10 @@ spec: failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.server.resources | nindent 10 }} + {{- with .Values.server.containerSecurityContext }} securityContext: - {{- toYaml .Values.server.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.server.lifecycle }} lifecycle: {{- toYaml . | nindent 10 }} @@ -346,8 +348,10 @@ spec: imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }} resources: {{- toYaml .Values.server.extensions.resources | nindent 10 }} + {{- with .Values.server.extensions.containerSecurityContext }} securityContext: - {{- toYaml .Values.server.extensions.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} volumeMounts: - name: extensions mountPath: /tmp/extensions/ diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 2acf4242..c623315f 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -117,8 +117,10 @@ spec: {{- end }} resources: {{- toYaml .Values.dex.resources | nindent 10 }} + {{- with .Values.dex.containerSecurityContext }} securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} volumeMounts: {{- with .Values.dex.volumeMounts }} {{- toYaml . | nindent 8 }} @@ -148,8 +150,10 @@ spec: name: dexconfig resources: {{- toYaml .Values.dex.resources | nindent 10 }} + {{- with .Values.dex.containerSecurityContext }} securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.dex.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index fc0bebbd..bfe7c480 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -75,8 +75,10 @@ spec: protocol: TCP resources: {{- toYaml .Values.redis.resources | nindent 10 }} + {{- with .Values.redis.containerSecurityContext }} securityContext: - {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.redis.volumeMounts }} volumeMounts: {{- toYaml . | nindent 10 }} @@ -99,8 +101,10 @@ spec: protocol: TCP resources: {{- toYaml .Values.redis.exporter.resources | nindent 10 }} + {{- with .Values.redis.exporter.containerSecurityContext }} securityContext: - {{- toYaml .Values.redis.exporter.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- end }} {{- with .Values.redis.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} From a0d45ae19ab29cd4acb61841629b40f12cf83a68 Mon Sep 17 00:00:00 2001 From: Alex Street Date: Wed, 24 May 2023 18:23:12 -0500 Subject: [PATCH 0664/1248] chore(argo-cd): Upgrade Argo CD to v2.7.3 (#2075) Signed-off-by: leif013 --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 17f73eb4..423dbb44 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.2 +appVersion: v2.7.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.4 +version: 5.34.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Allow to disable containerSecurityContext + - kind: changed + description: Upgrade Argo CD to v2.7.3 From 23b94151c6f3120834167e280016e6fff5949e74 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 25 May 2023 21:30:48 +0900 Subject: [PATCH 0665/1248] chore(argo-workflows): Enable to configure Service Monitor port (#2076) --- charts/argo-workflows/Chart.yaml | 10 +++------- .../controller/workflow-controller-servicemonitor.yaml | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 84e49d84..0a0018c2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.28.0 +version: 0.28.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,9 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for Google ManagedCertificate on GKE - - kind: added - description: Add support for Google FrontendConfig on GKE - - kind: added - description: Add support for Google BackendConfig on GKE + - kind: changed + description: Enable to configure Service Monitor port diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index e5e8307f..6643d634 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -12,7 +12,7 @@ metadata: spec: endpoints: {{- if .Values.controller.metricsConfig.enabled }} - - port: metrics + - port: {{ .Values.controller.metricsConfig.servicePortName }} path: {{ .Values.controller.metricsConfig.path }} interval: 30s {{- with .Values.controller.metricsConfig.relabelings }} From cf3a8eed84ac537f0377daf230a6e5e9a8682874 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 25 May 2023 23:19:03 -0500 Subject: [PATCH 0666/1248] chore(argo-workflows): upgrade argo workflows to v3.4.8 (#2077) --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0a0018c2..6ac0cf5c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.7 +appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.28.1 +version: 0.28.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Enable to configure Service Monitor port + description: Upgrade to Argo Workflows v3.4.8 From 2fbc8566375194009ed491d015f3c78b5b094aba Mon Sep 17 00:00:00 2001 From: Tal Yitzhak Date: Sat, 27 May 2023 17:51:41 +0300 Subject: [PATCH 0667/1248] feat(argo-rollouts): Fix cluster role missing access in argo rollouts dashboard (#2081) * docs(github): comment out notational pieces of PR template (#1969) github: comment out notational pieces of PR template - the DCO and publishing sentences are not filled out during PRs and are purely notational - comment them out with HTML comments, as is common practice - example from a repo I maintain: https://github.com/ezolenko/rollup-plugin-typescript2/blob/f6db59613a66f58c48310aa8fa785951970b5d6d/.github/issue_template.md?plain=1#L2 - I copied that from other repos too - these comments are still visible to the PR author, just not visible when rendered, keeping the PR more concise Signed-off-by: Anton Gilgur Co-authored-by: Marco Kilchhofer Signed-off-by: Tal Yitzhak * Added missing permissions for argo rollouts dashboard cluster role - for config map, should be able to get Signed-off-by: Tal Yitzhak * Added missing permissions for argo rollouts dashboard cluster role - for config map, should be able to get Signed-off-by: Tal Yitzhak --------- Signed-off-by: Anton Gilgur Signed-off-by: Tal Yitzhak Signed-off-by: Tal Yitzhak Co-authored-by: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Tal Yitzhak --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/dashboard/clusterrole.yaml | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 8d87d142..0acb2c64 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.30.0 +version: 2.30.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: ability to annotate controller Deployment + description: Missing get access for configmaps in argo rollouts dashboard service account role diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 0d69d67e..cb3e457a 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -71,6 +71,12 @@ rules: verbs: - list - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get - apiGroups: - coordination.k8s.io resources: From ec14ee0e7a9ea108b7b0e8830afc497b3025f7b5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 May 2023 21:42:42 +0200 Subject: [PATCH 0668/1248] chore(deps): bump github/codeql-action from 2.3.3 to 2.3.5 (#2084) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.3 to 2.3.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/29b1f65c5e92e24fe6b6647da1eaabe529cec70f...0225834cc549ee0ca93cb085b92954821a145866) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7f5cbfa5..02aea3a6 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3 + uses: github/codeql-action/upload-sarif@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5 with: sarif_file: results.sarif From 32b86a7c31d989851b384afe9f76187ea480ea10 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 May 2023 14:58:10 -0500 Subject: [PATCH 0669/1248] chore(deps): bump actions/labeler from 4.0.3 to 4.0.4 (#2082) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index f75d7f82..1078a9bb 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@ba790c862c380240c6d5e7427be5ace9a05c754b # v4.0.3 + - uses: actions/labeler@0776a679364a9a16110aac8d0f40f5e11009e327 # v4.0.4 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From fb4a8949ec6222f0033562382b413a8b4fc65e73 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 May 2023 22:32:07 +0200 Subject: [PATCH 0670/1248] chore(deps): bump actions/setup-python from 4.6.0 to 4.6.1 (#2083) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.0 to 4.6.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/57ded4d7d5e986d7296eab16560982c6dd7c923b...bd6b4b6205c4dbad673328db7b31b7fab9e241c0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Jason Meridth --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index e7e35f8a..b750cc2c 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0 + uses: actions/setup-python@bd6b4b6205c4dbad673328db7b31b7fab9e241c0 # v4.6.1 with: python-version: 3.9 From 438f7a26b7518ec1fc4133f12f58cb0b8d1a2765 Mon Sep 17 00:00:00 2001 From: Milos Hauser <16776599+hau21um@users.noreply.github.com> Date: Mon, 29 May 2023 06:29:30 +0200 Subject: [PATCH 0671/1248] feat(argo-cd): Adding "appProtocol: HTTPS" to HTTPS service port of argocd-server. (#1955) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/service.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 423dbb44..0f570ca3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.5 +version: 5.34.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.3 + - kind: added + description: Option to set appProtocol for Argocd server https service port diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 5a31f0b8..b9881f88 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -31,6 +31,9 @@ spec: {{- if eq .Values.server.service.type "NodePort" }} nodePort: {{ .Values.server.service.nodePortHttps }} {{- end }} + {{- with .Values.server.service.servicePortHttpsAppProtocol }} + appProtocol: {{ . }} + {{- end }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} {{- if eq .Values.server.service.type "LoadBalancer" }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2906eb82..cbe46d2e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1768,6 +1768,8 @@ server: servicePortHttpName: http # -- Server service https port name, can be used to route traffic via istio servicePortHttpsName: https + # -- Server service https port appProtocol. (should be upper case - i.e. HTTPS) + # servicePortHttpsAppProtocol: HTTPS # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from From 2f410bb794101e2afdb714c6540c8ef09d73d5e1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 3 Jun 2023 09:09:01 -0500 Subject: [PATCH 0672/1248] chore(deps): bump pascalgn/size-label-action from 0.4.3 to 0.5.0 (#2092) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 1078a9bb..1b6d3699 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -25,6 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - uses: pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3 + - uses: pascalgn/size-label-action@37a5ad4ae20ea8032abf169d953bcd661fd82cd3 # v0.5.0 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 17d1d046a8f855bb67e0903f7a0c280ea3150d9b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 3 Jun 2023 09:10:22 -0500 Subject: [PATCH 0673/1248] chore(deps): bump github/codeql-action from 2.3.5 to 2.3.6 (#2091) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 02aea3a6..4a207269 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5 + uses: github/codeql-action/upload-sarif@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6 with: sarif_file: results.sarif From 5fb6688bcbeef2b7b1e1ed8a96d4eb7d172e5c1d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 3 Jun 2023 23:40:50 +0900 Subject: [PATCH 0674/1248] chore(argo-workflows): Declare SSO configuration explicitly on values.yaml (#2089) Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 +- charts/argo-workflows/README.md | 16 ++++- .../workflow-controller-config-map.yaml | 44 ++++++------- .../server/server-cluster-roles.yaml | 10 ++- charts/argo-workflows/values.yaml | 65 ++++++++++++------- 5 files changed, 82 insertions(+), 57 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6ac0cf5c..8f899e6c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.28.2 +version: 0.29.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade to Argo Workflows v3.4.8 + description: Declare SSO configuration explicitly on values.yaml diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b5612a16..f46d10e0 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -302,7 +302,21 @@ Fields to note: | server.servicePort | int | `2746` | Service port for server | | server.servicePortName | string | `""` | Service port name | | server.serviceType | string | `"ClusterIP"` | Service type for server pods | -| server.sso | object | `{}` | SSO configuration when SSO is specified as a server auth mode. | +| server.sso.clientId.key | string | `"client-id"` | Key of secret to retrieve the app OIDC client ID | +| server.sso.clientId.name | string | `"argo-server-sso"` | Name of secret to retrieve the app OIDC client ID | +| server.sso.clientSecret.key | string | `"client-secret"` | Key of a secret to retrieve the app OIDC client secret | +| server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret | +| server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups | +| server.sso.enabled | bool | `false` | Create SSO configuration | +| server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client | +| server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider | +| server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | +| server.sso.rbac.enabled | bool | `true` | Adds ServiceAccount Policy to server (Cluster)Role. | +| server.sso.rbac.secretWhitelist | list | `[]` | Whitelist to allow server to fetch Secrets | +| server.sso.redirectUrl | string | `"https://argo/oauth2/callback"` | | +| server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | +| server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | +| server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | | server.tolerations | list | `[]` | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the argo server | | server.volumeMounts | list | `[]` | Additional volume mounts to the server main container. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d30db859..ef39ddc7 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -126,37 +126,35 @@ data: {{- if .Values.controller.workflowDefaults }} workflowDefaults: {{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} - {{- with .Values.server.sso }} + {{- if .Values.server.sso.enabled }} sso: - issuer: {{ .issuer }} + issuer: {{ .Values.server.sso.issuer }} clientId: - name: {{ .clientId.name }} - key: {{ .clientId.key }} + name: {{ .Values.server.sso.clientId.name }} + key: {{ .Values.server.sso.clientId.key }} clientSecret: - name: {{ .clientSecret.name }} - key: {{ .clientSecret.key }} - redirectUrl: {{ .redirectUrl }} - {{- with .rbac }} + name: {{ .Values.server.sso.clientSecret.name }} + key: {{ .Values.server.sso.clientSecret.key }} + redirectUrl: {{ .Values.server.sso.redirectUrl }} rbac: - enabled: {{ .enabled }} + enabled: {{ .Values.server.sso.rbac.enabled }} + {{- with .Values.server.sso.scopes }} + scopes: {{ toYaml . | nindent 8 }} {{- end }} - {{- if .scopes }} - scopes: {{ toYaml .scopes | nindent 8 }} + {{- with .Values.server.sso.issuerAlias }} + issuerAlias: {{ toYaml . }} {{- end }} - {{- if .issuerAlias }} - issuerAlias: {{ .issuerAlias }} + {{- with .Values.server.sso.sessionExpiry }} + sessionExpiry: {{ toYaml . }} {{- end }} - {{- if .sessionExpiry }} - sessionExpiry: {{ .sessionExpiry }} + {{- with .Values.server.sso.customGroupClaimName }} + customGroupClaimName: {{ toYaml . }} {{- end }} - {{- if .customGroupClaimName }} - customGroupClaimName: {{ .customGroupClaimName }} + {{- with .Values.server.sso.userInfoPath }} + userInfoPath: {{ toYaml . }} {{- end }} - {{- if .userInfoPath }} - userInfoPath: {{ .userInfoPath }} - {{- end }} - {{- if .insecureSkipVerify }} - insecureSkipVerify: {{ .insecureSkipVerify }} + {{- with .Values.server.sso.insecureSkipVerify }} + insecureSkipVerify: {{ toYaml . }} {{- end }} {{- end }} {{- with .Values.controller.workflowRestrictions }} @@ -184,4 +182,4 @@ data: {{- end }} {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 96f12bfa..2a52d956 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -38,7 +38,7 @@ rules: verbs: - get - list -{{- if .Values.server.sso }} +{{- if .Values.server.sso.enabled }} - apiGroups: - "" resources: @@ -54,7 +54,7 @@ rules: - secrets verbs: - create - {{- if .Values.server.sso.rbac }} + {{- if .Values.server.sso.rbac.enabled }} - apiGroups: - "" resources: @@ -73,11 +73,9 @@ rules: - get - list - watch -{{- if .Values.server.sso }} - {{- if .Values.server.sso.rbac }} - {{- with .Values.server.sso.rbac.secretWhitelist }} +{{- if and .Values.server.sso.enabled .Values.server.sso.rbac.enabled }} + {{- with .Values.server.sso.rbac.secretWhitelist }} resourceNames: {{- toYaml . | nindent 4 }} - {{- end }} {{- end }} {{- end }} - apiGroups: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index b65fd4f8..64a81d92 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -618,35 +618,50 @@ server: # -- Give the server permissions to edit ClusterWorkflowTemplates. enableEditing: true - # -- SSO configuration when SSO is specified as a server auth mode. - sso: {} - ## All the values are required. SSO is activated by adding --auth-mode=sso - ## to the server command line. - # - ## The root URL of the OIDC identity provider. - # issuer: https://accounts.google.com - ## Name of a secret and a key in it to retrieve the app OIDC client ID from. - # clientId: - # name: argo-server-sso - # key: client-id - ## Name of a secret and a key in it to retrieve the app OIDC client secret from. - # clientSecret: - # name: argo-server-sso - # key: client-secret - ## The OIDC redirect URL. Should be in the form /oauth2/callback. - # redirectUrl: https://argo/oauth2/callback - # rbac: - # enabled: true + # SSO configuration when SSO is specified as a server auth mode. + sso: + # -- Create SSO configuration + ## SSO is activated by adding --auth-mode=sso to the server command line. + enabled: false + # -- The root URL of the OIDC identity provider + issuer: https://accounts.google.com + clientId: + # -- Name of secret to retrieve the app OIDC client ID + name: argo-server-sso + # -- Key of secret to retrieve the app OIDC client ID + key: client-id + clientSecret: + # -- Name of a secret to retrieve the app OIDC client secret + name: argo-server-sso + # -- Key of a secret to retrieve the app OIDC client secret + key: client-secret + # - The OIDC redirect URL. Should be in the form /oauth2/callback. + redirectUrl: https://argo/oauth2/callback + rbac: + # -- Adds ServiceAccount Policy to server (Cluster)Role. + enabled: true + # -- Whitelist to allow server to fetch Secrets ## When present, restricts secrets the server can read to a given list. ## You can use it to restrict the server to only be able to access the ## service account token secrets that are associated with service accounts ## used for authorization. - # secretWhitelist: [] - ## Scopes requested from the SSO ID provider. The 'groups' scope requests - ## group membership information, which is usually used for authorization - ## decisions. - # scopes: - # - groups + secretWhitelist: [] + # -- Scopes requested from the SSO ID provider + ## The 'groups' scope requests group membership information, which is usually used for authorization decisions. + scopes: [] + # - groups + # -- Define how long your login is valid for (in hours) + ## If omitted, defaults to 10h. + sessionExpiry: "" + # -- Alternate root URLs that can be included for some OIDC providers + issuerAlias: "" + # -- Override claim name for OIDC groups + customGroupClaimName: "" + # -- Specify the user info endpoint that contains the groups claim + ## Configure this if your OIDC provider provides groups information only using the user-info endpoint (e.g. Okta) + userInfoPath: "" + # -- Skip TLS verification for the HTTP client + insecureSkipVerify: false # -- Extra containers to be added to the server deployment extraContainers: [] From 3a7e4b1de7908a39cb979358d1562daa582cde2c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 4 Jun 2023 20:07:40 +0900 Subject: [PATCH 0675/1248] feat(argo-rollouts): Support Traffic Router Plugins (#2090) Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/controller/configmap.yaml | 3 +++ charts/argo-rollouts/values.yaml | 7 +++++++ 4 files changed, 13 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 0acb2c64..67175469 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.30.1 +version: 2.31.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Missing get access for configmaps in argo rollouts dashboard service account role + description: Support Traffic Router Plugins diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index a7f8a060..5add40c3 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -111,6 +111,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | +| controller.trafficRouterPlugins | object | `{}` | Configures 3rd party traffic router plugins for controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to add to the controller container | | controller.volumes | list | `[]` | Additional volumes to add to the controller pod | | podAnnotations | object | `{}` | Annotations for the all deployed pods | diff --git a/charts/argo-rollouts/templates/controller/configmap.yaml b/charts/argo-rollouts/templates/controller/configmap.yaml index 8eb2bbe2..1978b2b6 100644 --- a/charts/argo-rollouts/templates/controller/configmap.yaml +++ b/charts/argo-rollouts/templates/controller/configmap.yaml @@ -10,3 +10,6 @@ data: {{- with .Values.controller.metricProviderPlugins }} {{- toYaml . | nindent 2 }} {{- end }} + {{- with .Values.controller.trafficRouterPlugins }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 6a533eaf..b81ee53a 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -194,6 +194,13 @@ controller: # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + # -- Configures 3rd party traffic router plugins for controller + ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/traffic-management/plugins/ + trafficRouterPlugins: {} + # trafficRouterPlugins: |- + # - name: "argoproj-labs/sample-nginx" # name of the plugin, it must match the name required by the plugin so it can find it's configuration + # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + serviceAccount: # -- Specifies whether a service account should be created create: true From 5771a0697794f592a10eae3215981205a3077e98 Mon Sep 17 00:00:00 2001 From: Alexandre Joris Date: Mon, 5 Jun 2023 16:15:07 +0200 Subject: [PATCH 0676/1248] fix(argo-workflows): Fixed gcs keyFormat template example in values.yaml (#2085) * fix(argo-workflows): #2073: Fixed gcs keyFormat template example in values.yaml Signed-off-by: Alexandre Joris * bumped chart version to v0.28.3 ; added artifacthub.io/changes changelog Signed-off-by: Alexandre Joris * fixed Chart.yaml trailing spaces Signed-off-by: Alexandre Joris * chore(deps): bump pascalgn/size-label-action from 0.4.3 to 0.5.0 (#2092) Signed-off-by: Alexandre Joris * chore(deps): bump github/codeql-action from 2.3.5 to 2.3.6 (#2091) Signed-off-by: Alexandre Joris * chore(argo-workflows): Declare SSO configuration explicitly on values.yaml (#2089) Signed-off-by: yu-croco Co-authored-by: Jason Meridth Signed-off-by: Alexandre Joris * feat(argo-rollouts): Support Traffic Router Plugins (#2090) Signed-off-by: yu-croco Co-authored-by: Jason Meridth Signed-off-by: Alexandre Joris --------- Signed-off-by: Alexandre Joris Signed-off-by: yu-croco Signed-off-by: Alexandre Joris Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jason Meridth Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8f899e6c..44ba1899 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.0 +version: 0.29.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Declare SSO configuration explicitly on values.yaml + - kind: fixed + description: Fixed GCS keyFormat template example in values.yaml diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 64a81d92..8c442d97 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -724,7 +724,7 @@ artifactRepository: # @default -- `{}` (See [values.yaml]) gcs: {} # bucket: -argo - # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}" + # keyFormat: "{{ \"{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}\" }}" # serviceAccountKeySecret is a secret selector. # It references the k8s secret named 'my-gcs-credentials'. # This secret is expected to have have the key 'serviceAccountKey', From a6a7468973946d00533ecbb07db7e475382333e3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 5 Jun 2023 23:28:10 +0900 Subject: [PATCH 0677/1248] chore(argo-cd): Upgrade supported Kubernetes version to v1.23.0 (#2087) * chore(argo-cd): Upgrade supported Kubernetes version to 1.23.0 due to Amazon EKS EoL Signed-off-by: yu-croco * chore(argo-cd): modify changelog Signed-off-by: yu-croco * fix(argo-cd): simpler description Signed-off-by: yu-croco * fix(argo-cd): reflect review point Signed-off-by: yu-croco --------- Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-cd/Chart.yaml | 8 ++++---- charts/argo-cd/README.md | 8 +++++++- charts/argo-cd/README.md.gotmpl | 7 +++++++ 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0f570ca3..5be3308f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 appVersion: v2.7.3 -kubeVersion: ">=1.22.0-0" +kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.6 +version: 5.35.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Option to set appProtocol for Argocd server https service port + - kind: changed + description: Upgrade supported Kubernetes version to 1.23.0 due to Amazon EKS EoL diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1fa388ed..bd3796fc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.35.0 +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. + +Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. + ### 5.31.0 The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. @@ -356,7 +361,7 @@ server: ## Prerequisites -- Kubernetes: `>=1.22.0-0` +- Kubernetes: `>=1.23.0-0` - Helm v3.0.0+ ## Installing the Chart @@ -1215,3 +1220,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 +[EKS EoL]: https://endoflife.date/amazon-eks diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 92d7f354..6b5efffc 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,12 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.35.0 +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. + +Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. + + ### 5.31.0 The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. @@ -552,3 +558,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 +[EKS EoL]: https://endoflife.date/amazon-eks From 2538371fecba8e3bc7a161f6484e3d752f71d1e1 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 6 Jun 2023 13:34:59 +0900 Subject: [PATCH 0678/1248] chore(argo-cd): Upgrade Argo CD to v2.7.4 (#2095) --- charts/argo-cd/Chart.yaml | 8 +++++--- charts/argo-cd/values.yaml | 5 ++++- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5be3308f..b6dfe773 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.3 +appVersion: v2.7.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.35.0 +version: 5.35.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade supported Kubernetes version to 1.23.0 due to Amazon EKS EoL + description: Upgrade Argo CD to v2.7.4 + - kind: added + description: Update knownHosts diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cbe46d2e..531b2360 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -315,8 +315,11 @@ configs: # -- Known hosts to be added to the known host list by default. # @default -- See [values.yaml] knownHosts: | - bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO + [ssh.github.com]:443 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + [ssh.github.com]:443 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= + bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl From 49c2ca254826742217167ba2d0147a6eea562144 Mon Sep 17 00:00:00 2001 From: Joe Lee Date: Wed, 7 Jun 2023 16:52:02 +0800 Subject: [PATCH 0679/1248] feat(argo-cd): Add "global.env" for all deployed containers (#2096) * add global env for argo-cd Signed-off-by: Joe Lee * update readme Signed-off-by: Joe Lee * fix typo Signed-off-by: Joe Lee * feat(argo-cd): Add "global.env" for all deployed containers Signed-off-by: Joe Lee * update doc Signed-off-by: Joe Lee * remove note Signed-off-by: Joe Lee * update changes Signed-off-by: Joe Lee --------- Signed-off-by: Joe Lee --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 1 + .../argocd-application-controller/statefulset.yaml | 2 +- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- .../argo-cd/templates/argocd-notifications/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 +- charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/templates/redis/deployment.yaml | 4 ++-- charts/argo-cd/values.yaml | 3 +++ 10 files changed, 14 insertions(+), 12 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b6dfe773..1c26de8d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.35.1 +version: 5.36.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.4 - kind: added - description: Update knownHosts + description: Add .Values.global.env for all deployed containers diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bd3796fc..f5a6a886 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -407,6 +407,7 @@ NAME: my-release | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | +| global.env | list | `[]` | Environment variables to pass to all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 26b9d2f5..b671e245 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -99,7 +99,7 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} name: {{ .Values.controller.name }} env: - {{- with .Values.controller.env }} + {{- with (concat .Values.global.env .Values.controller.env) }} {{- toYaml . | nindent 10 }} {{- end }} - name: ARGOCD_CONTROLLER_REPLICAS diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index f3ce127a..3ae8410c 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -79,7 +79,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} env: - {{- with .Values.applicationSet.extraEnv }} + {{- with (concat .Values.global.env .Values.applicationSet.extraEnv) }} {{- toYaml . | nindent 12 }} {{- end }} - name: NAMESPACE diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index d3f21b02..8df6c8bb 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -66,7 +66,7 @@ spec: {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} - {{- with .Values.notifications.extraEnv }} + {{- with (concat .Values.global.env .Values.notifications.extraEnv) }} env: {{- toYaml . | nindent 12 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 759dc587..f438c8b5 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -77,7 +77,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} env: - {{- with .Values.repoServer.env }} + {{- with (concat .Values.global.env .Values.repoServer.env) }} {{- toYaml . | nindent 10 }} {{- end }} {{- if .Values.openshift.enabled }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 62436af7..cc928981 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -74,7 +74,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} env: - {{- with .Values.server.env }} + {{- with (concat .Values.global.env .Values.server.env) }} {{- toYaml . | nindent 10 }} {{- end }} - name: ARGOCD_SERVER_INSECURE diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index c623315f..ce9741d2 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -70,7 +70,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} env: - {{- with .Values.dex.env }} + {{- with (concat .Values.global.env .Values.dex.env) }} {{- toYaml . | nindent 10 }} {{- end }} - name: ARGOCD_DEX_SERVER_DISABLE_TLS diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index bfe7c480..ffdaed88 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -61,7 +61,7 @@ spec: {{- with .Values.redis.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.env }} + {{- with (concat .Values.global.env .Values.redis.env) }} env: {{- toYaml . | nindent 8 }} {{- end }} @@ -92,7 +92,7 @@ spec: value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} - {{- with .Values.redis.exporter.env }} + {{- with (concat .Values.global.env .Values.redis.exporter.env) }} {{- toYaml . | nindent 8 }} {{- end }} ports: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 531b2360..c2dd9b52 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -144,6 +144,9 @@ global: # maxSurge: 25% # maxUnavailable: 25% + # -- Environment variables to pass to all deployed Deployments + env: [] + ## Argo Configs configs: # General Argo CD configuration From e7c3090cbfee94128f42568b749a36a38296a6ab Mon Sep 17 00:00:00 2001 From: Simon Hewitt Date: Wed, 7 Jun 2023 20:48:05 -0700 Subject: [PATCH 0680/1248] feat(argo-workflows): Add support for UI columns configuration (#2098) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ charts/argo-workflows/README.md.gotmpl | 1 + .../controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 3 +++ 5 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 44ba1899..5cfc70f7 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.1 +version: 0.29.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixed GCS keyFormat template example in values.yaml + - kind: added + description: Add support for UI columns configuration diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index f46d10e0..6a19bba0 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -134,6 +134,7 @@ Fields to note: |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | +| controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | @@ -357,6 +358,7 @@ Fields to note: [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ +[columns]: https://github.com/argoproj/argo-workflows/pull/10693 [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index ab8554f5..8316e9a0 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -191,6 +191,7 @@ Fields to note: [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ +[columns]: https://github.com/argoproj/argo-workflows/pull/10693 [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index ef39ddc7..22033e4c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -163,6 +163,9 @@ data: {{- with .Values.controller.links }} links: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.columns }} + columns: {{- toYaml . | nindent 6 }} + {{- end }} {{- with .Values.controller.navColor }} navColor: {{ . }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8c442d97..410ce958 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -305,6 +305,9 @@ controller: # -- Configure Argo Server to show custom [links] ## Ref: https://argoproj.github.io/argo-workflows/links/ links: [] + # -- Configure Argo Server to show custom [columns] + ## Ref: https://github.com/argoproj/argo-workflows/pull/10693 + columns: [] # -- Set ui navigation bar background color navColor: "" clusterWorkflowTemplates: From 9a79f32cd488a97ee0f95d55da05eba397d4a2ad Mon Sep 17 00:00:00 2001 From: ausias-armesto Date: Fri, 9 Jun 2023 00:52:13 +0200 Subject: [PATCH 0681/1248] fix(argo-cd): Allow specify redis config file (#2100) * fix(argo-cd): Allow specify redis config file Signed-off-by: ausias-armesto * fix(argo-cd): Bump version Signed-off-by: ausias-armesto --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/redis/deployment.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1c26de8d..aaf5fab2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.0 +version: 5.36.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add .Values.global.env for all deployed containers + - kind: fixed + description: Allow to specify redis.conf file diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ffdaed88..419e5f31 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -54,13 +54,13 @@ spec: image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.image.imagePullPolicy }} args: + {{- with .Values.redis.extraArgs }} + {{- toYaml . | nindent 8 }} + {{- end }} - --save - "" - --appendonly - "no" - {{- with .Values.redis.extraArgs }} - {{- toYaml . | nindent 8 }} - {{- end }} {{- with (concat .Values.global.env .Values.redis.env) }} env: {{- toYaml . | nindent 8 }} From f8f282266cf91b6e38c8ad42b837925234ff41cb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 22:41:04 +0900 Subject: [PATCH 0682/1248] chore(deps): bump actions/checkout from 3.5.2 to 3.5.3 (#2104) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e5e7e5ab8b370d6c329ec480221332ada57f0ab...c85c95e3d7251135ab7dc9ce3241c5835cc595a9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index b750cc2c..c96b4b85 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 58d7d22d..c1d94025 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 4a207269..f78b9466 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: persist-credentials: false From 04d88b65b633724646303b5a3562b74e85700c9c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 23:24:11 +0900 Subject: [PATCH 0683/1248] chore(deps): bump actions/labeler from 4.0.4 to 4.1.0 (#2103) Bumps [actions/labeler](https://github.com/actions/labeler) from 4.0.4 to 4.1.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/0776a679364a9a16110aac8d0f40f5e11009e327...9fcb2c2f5584144ca754f8bfe8c6f81e77753375) --- updated-dependencies: - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 1b6d3699..93cc6b01 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@0776a679364a9a16110aac8d0f40f5e11009e327 # v4.0.4 + - uses: actions/labeler@9fcb2c2f5584144ca754f8bfe8c6f81e77753375 # v4.1.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 783439b71482bdf68ecefa92a349f337e6f2491f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 23:27:52 +0900 Subject: [PATCH 0684/1248] chore(deps): bump github/codeql-action from 2.3.6 to 2.13.4 (#2102) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.6 to 2.13.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/83f0fe6c4988d98a455712a27f0255212bba9bd4...cdcdbb579706841c47f7063dda365e292e5cad7a) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index f78b9466..6cdcfd55 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6 + uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4 with: sarif_file: results.sarif From aec5d9d7230a53d1b1cb7651dfe6ff13feb2e2ee Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 16 Jun 2023 23:55:17 -0500 Subject: [PATCH 0685/1248] chore(argo-cd): upgrade argo-cd to v2.7.5 (#2108) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index aaf5fab2..4746db47 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.4 +appVersion: v2.7.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.1 +version: 5.36.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Allow to specify redis.conf file + - kind: changed + description: Upgrade Argo CD to v2.7.5 From 68f24d146c3c08e64117d98e3d58a6f073ec27a5 Mon Sep 17 00:00:00 2001 From: Lukas Jost Date: Mon, 19 Jun 2023 05:31:38 +0200 Subject: [PATCH 0686/1248] chore(github): Generate release notes (#2115) chore: Generate release notes Signed-off-by: Lukas Jost --- .github/configs/cr.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/configs/cr.yaml b/.github/configs/cr.yaml index a0d425dc..154dbfbf 100644 --- a/.github/configs/cr.yaml +++ b/.github/configs/cr.yaml @@ -6,3 +6,7 @@ sign: true key: Argo Helm maintainers # keyring: # Set via env variable CR_KEYRING # passphrase-file: # Set via env variable CR_PASSPHRASE_FILE + +# Enable automatic generation of release notes using GitHubs release notes generator. +# see: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes +generate-release-notes: true From eb968668f84c7fbffeeaf67e84f59e283338b0d8 Mon Sep 17 00:00:00 2001 From: patrickli-foxtel <123523506+patrickli-foxtel@users.noreply.github.com> Date: Tue, 20 Jun 2023 10:05:25 +1000 Subject: [PATCH 0687/1248] fix(argo-cd): helm lint error when `extraObjects` is defined (#2116) Fix helm lint error when `extraObjects` is defined Signed-off-by: Patrick Li --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/extra-manifests.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4746db47..36e500d4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.2 +version: 5.36.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.5 + - kind: fixed + description: Fix helm lint error when `extraObjects` is defined diff --git a/charts/argo-cd/templates/extra-manifests.yaml b/charts/argo-cd/templates/extra-manifests.yaml index f17b1a93..fc9a76b8 100644 --- a/charts/argo-cd/templates/extra-manifests.yaml +++ b/charts/argo-cd/templates/extra-manifests.yaml @@ -1,6 +1,6 @@ {{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} From 7959fee689ec3a72df5c1d966044c3d93e8f414a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 20 Jun 2023 22:07:27 +0900 Subject: [PATCH 0688/1248] chore(argo-cd): Add `app.kubernetes.io/version` label (#2122) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_common.tpl | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 36e500d4..3afd1948 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.3 +version: 5.36.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix helm lint error when `extraObjects` is defined + - kind: added + description: Add `app.kubernetes.io/version` label diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index bf0c1e84..54423f99 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -46,6 +46,7 @@ helm.sh/chart: {{ include "argo-cd.chart" .context }} {{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argocd +app.kubernetes.io/version: {{ include "argo-cd.defaultTag" .context }} {{- with .context.Values.global.additionalLabels }} {{ toYaml . }} {{- end }} @@ -123,7 +124,7 @@ nodeAffinity: {{/* Common deployment strategy definition -- Recreate don't have additional fields, we need to remove them if added by the mergeOverwrite +- Recreate don't have additional fields, we need to remove them if added by the mergeOverwrite */}} {{- define "argo-cd.strategy" -}} {{- $preset := . -}} From db0484fe5182d81a91624eb5d3306d137f93433b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 21 Jun 2023 13:27:33 +0900 Subject: [PATCH 0689/1248] chore(argo-cd): Upgrade Argo CD to v2.7.6 (#2123) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3afd1948..35494d4d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.5 +appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.4 +version: 5.36.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add `app.kubernetes.io/version` label + - kind: changed + description: Upgrade Argo CD to v2.7.6 From c44f10eb379a620dcbdec8bf62d88bb1d62e4919 Mon Sep 17 00:00:00 2001 From: ceguimaraes <36728438+ceguimaraes@users.noreply.github.com> Date: Wed, 21 Jun 2023 22:41:34 +1000 Subject: [PATCH 0690/1248] fix(argo-events): add managed namespace configuration (#2121) --- charts/argo-events/Chart.yaml | 8 +++++--- charts/argo-events/README.md | 1 + .../templates/argo-events-controller/deployment.yaml | 4 ++++ charts/argo-events/values.yaml | 2 ++ 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index c35d0f96..bfb82ea1 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.6 +appVersion: v1.8.0 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.3 +version: 2.4.0 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: changed + description: Upgrade Argo Events to v1.8.0 - kind: added - description: Introduce chart signing + description: Add managed namespace configuration diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index f06f9d3a..0abf2c31 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -127,6 +127,7 @@ done | controller.podLabels | object | `{}` | Labels to be added to events controller pods | | controller.priorityClassName | string | `""` | Priority class for the events controller pods | | controller.rbac.enabled | bool | `true` | Create events controller RBAC | +| controller.rbac.managedNamespace | string | `""` | Additional namespace to be monitored by the controller | | controller.rbac.namespaced | bool | `false` | Restrict events controller to operate only in a single namespace instead of cluster-wide scope. | | controller.rbac.rules | list | `[]` | Additional user rules for event controller's rbac | | controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 9b7ace1b..a3614c73 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -48,6 +48,10 @@ spec: {{- if .Values.controller.rbac.namespaced }} - --namespaced {{- end }} + {{- if .Values.controller.rbac.managedNamespace }} + - --managed-namespace + - {{ .Values.controller.rbac.managedNamespace }} + {{- end }} {{- with .Values.controller.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 89a7323d..faba6939 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -138,6 +138,8 @@ controller: enabled: true # -- Restrict events controller to operate only in a single namespace instead of cluster-wide scope. namespaced: false + # -- Additional namespace to be monitored by the controller + managedNamespace: "" # -- Additional user rules for event controller's rbac rules: [] From b8c29f7db6ba38126551c1789a78763e702cde62 Mon Sep 17 00:00:00 2001 From: Tero Ahonen <85343093+teroahonen-vungle@users.noreply.github.com> Date: Wed, 21 Jun 2023 17:54:04 +0300 Subject: [PATCH 0691/1248] fix(argo-cd): Default applicationSet metrics port to 8085 (#2125) Change applicationSet controller metrics port to 8085 Signed-off-by: Tero Ahonen Co-authored-by: Tero Ahonen --- charts/argo-cd/Chart.yaml | 4 +++- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 35494d4d..7c5c20e7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.5 +version: 5.36.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -28,3 +28,5 @@ annotations: artifacthub.io/changes: | - kind: changed description: Upgrade Argo CD to v2.7.6 + - kind: changed + description: applicationSet.containerPorts.metrics to 8085 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f5a6a886..6d2e0b89 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1044,7 +1044,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | -| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | +| applicationSet.containerPorts.metrics | int | `8085` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c2dd9b52..2c3fe694 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2506,7 +2506,7 @@ applicationSet: # ApplicationSet controller container ports containerPorts: # -- Metrics container port - metrics: 8080 + metrics: 8085 # -- Probe container port probe: 8081 # -- Webhook container port From 172ce600a1d686d3de1ba4967a07a8bbe7c121f1 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 23 Jun 2023 15:59:14 +0200 Subject: [PATCH 0692/1248] fix(argo-cd): Revert "Default applicationSet metrics port to 8085" (#2130) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7c5c20e7..edb176c7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.6 +version: 5.36.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,6 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.6 + description: Adapt `applicationSet.containerPorts.metrics` to 8080 (revert previous release) - kind: changed - description: applicationSet.containerPorts.metrics to 8085 + description: Adapt `applicationSet.metrics.service.servicePort` to 8080 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6d2e0b89..cde67925 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1044,7 +1044,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | -| applicationSet.containerPorts.metrics | int | `8085` | Metrics container port | +| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | @@ -1075,7 +1075,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | | applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | -| applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | +| applicationSet.metrics.service.servicePort | int | `8080` | Metrics service port | | applicationSet.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2c3fe694..d1687b53 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2433,7 +2433,7 @@ applicationSet: # -- Metrics service labels labels: {} # -- Metrics service port - servicePort: 8085 + servicePort: 8080 # -- Metrics service port name portName: http-metrics serviceMonitor: @@ -2506,7 +2506,7 @@ applicationSet: # ApplicationSet controller container ports containerPorts: # -- Metrics container port - metrics: 8085 + metrics: 8080 # -- Probe container port probe: 8081 # -- Webhook container port From 490ffa574c0917def580efafa94e810e28ce02cb Mon Sep 17 00:00:00 2001 From: frauniki Date: Sat, 24 Jun 2023 01:35:01 +0900 Subject: [PATCH 0693/1248] fix(argo-workflows): Change argo-workflows-server crb creation conditions (#2124) Change server's crb creation conditions Signed-off-by: frauniki Co-authored-by: Jason Meridth Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/server/server-crb.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 5cfc70f7..331998be 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.2 +version: 0.29.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for UI columns configuration + - kind: fixed + description: Modify to allow ClusterRoleBinding to be created even if the server's ServiceAccount is not created diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index ec4f6435..e8d6511d 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.server.enabled .Values.server.serviceAccount.create .Values.server.rbac.create -}} +{{- if and .Values.server.enabled .Values.server.rbac.create -}} apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding From 4ff88759c9acc9b0b77ffae239c9b6c88a552432 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 24 Jun 2023 08:18:56 -0500 Subject: [PATCH 0694/1248] chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#2131) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6cdcfd55..066d3c57 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3 + uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 with: results_file: results.sarif results_format: sarif From f1526ec558709387080e5967d1475f8e7d64eef7 Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Sun, 25 Jun 2023 07:28:46 +0900 Subject: [PATCH 0695/1248] fix(argo-workflows): artifactRepository will not be configured by default (#2132) (#2134) --- charts/argo-workflows/Chart.yaml | 4 +- .../ci/enable-artifact-repo-values.yaml | 46 +++++++++++++++++++ .../workflow-controller-config-map.yaml | 8 ++-- charts/argo-workflows/values.yaml | 22 ++++----- 4 files changed, 64 insertions(+), 16 deletions(-) create mode 100644 charts/argo-workflows/ci/enable-artifact-repo-values.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 331998be..b12335a5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.3 +version: 0.30.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Modify to allow ClusterRoleBinding to be created even if the server's ServiceAccount is not created + description: artifactRepository will not be configured by default diff --git a/charts/argo-workflows/ci/enable-artifact-repo-values.yaml b/charts/argo-workflows/ci/enable-artifact-repo-values.yaml new file mode 100644 index 00000000..c20a5775 --- /dev/null +++ b/charts/argo-workflows/ci/enable-artifact-repo-values.yaml @@ -0,0 +1,46 @@ +# Test with artifact repository +crds: + keep: false + +useStaticCredentials: true +artifactRepository: + archiveLogs: false + s3: + accessKeySecret: + name: "{{ .Release.Name }}-minio" + key: accesskey + secretKeySecret: + name: "{{ .Release.Name }}-minio" + key: secretkey + insecure: false + bucket: + endpoint: + region: + roleARN: + useSDKCreds: true + encryptionOptions: + enableEncryption: true + gcs: + bucket: project-argo + keyFormat: "{{ `{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}` }}" + serviceAccountKeySecret: + name: my-gcs-credentials + key: serviceAccountKey + azure: + endpoint: https://mystorageaccountname.blob.core.windows.net + container: my-container-name + blobNameFormat: path/in/container + useSDKCreds: true + accountKeySecret: + name: my-azure-storage-credentials + key: account-access-key + +customArtifactRepository: + artifactory: + repoUrl: https://artifactory.example.com/raw + usernameSecret: + name: artifactory-creds + key: username + passwordSecret: + name: artifactory-creds + key: password diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 22033e4c..680b436f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -55,6 +55,7 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} + {{- if or .Values.artifactRepository.s3 .Values.artifactRepository.gcs .Values.artifactRepository.azure .Values.customArtifactRepository }} artifactRepository: {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} @@ -65,7 +66,7 @@ data: {{- with .Values.artifactRepository.azure }} azure: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} - {{- if and (not .Values.artifactRepository.gcs) (not .Values.artifactRepository.azure) }} + {{- if .Values.artifactRepository.s3 }} s3: {{- if .Values.useStaticCredentials }} accessKeySecret: @@ -95,8 +96,9 @@ data: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- if .Values.customArtifactRepository }} - {{- toYaml .Values.customArtifactRepository | nindent 6 }} + {{- if .Values.customArtifactRepository }} + {{- toYaml .Values.customArtifactRepository | nindent 6 }} + {{- end }} {{- end }} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 410ce958..21970f43 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -705,17 +705,17 @@ artifactRepository: archiveLogs: false # -- Store artifact in a S3-compliant object store # @default -- See [values.yaml] - s3: - # Note the `key` attribute is not the actual secret, it's the PATH to - # the contents in the associated secret, as defined by the `name` attribute. - accessKeySecret: - name: "{{ .Release.Name }}-minio" - key: accesskey - secretKeySecret: - name: "{{ .Release.Name }}-minio" - key: secretkey - # insecure will disable TLS. Primarily used for minio installs not configured with TLS - insecure: false + s3: {} + # # Note the `key` attribute is not the actual secret, it's the PATH to + # # the contents in the associated secret, as defined by the `name` attribute. + # accessKeySecret: + # name: "{{ .Release.Name }}-minio" + # key: accesskey + # secretKeySecret: + # name: "{{ .Release.Name }}-minio" + # key: secretkey + # # insecure will disable TLS. Primarily used for minio installs not configured with TLS + # insecure: false # bucket: # endpoint: # region: From 4d0ae17c2f8e40c60e7775c5d21ddaabdc03380e Mon Sep 17 00:00:00 2001 From: Josh Baird Date: Mon, 26 Jun 2023 10:31:20 -0400 Subject: [PATCH 0696/1248] feat(argo-cd): Conditionally create the argocd-cmd-params-cm ConfigMap (#2129) * Add conditional for params cm. Signed-off-by: Josh Baird * Add value for create. Signed-off-by: Josh Baird * Update CHANGELOG. Signed-off-by: Josh Baird * Extra space. Signed-off-by: Josh Baird * Update docs. Signed-off-by: Josh Baird * Extra space. Signed-off-by: Josh Baird * Bump to 5.36.9 Signed-off-by: Josh Baird --------- Signed-off-by: Josh Baird --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/README.md | 1 + .../templates/argocd-configs/argocd-cmd-params-cm.yaml | 2 ++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index edb176c7..ee6d023c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.7 +version: 5.36.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Adapt `applicationSet.containerPorts.metrics` to 8080 (revert previous release) - - kind: changed - description: Adapt `applicationSet.metrics.service.servicePort` to 8080 + - kind: added + description: Added `configs.params.create` value to the argo-cd chart diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index cde67925..dbf3f012 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -464,6 +464,7 @@ NAME: my-release | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | | configs.params."server.x.frame.options" | string | `"sameorigin"` | Set X-Frame-Options header in HTTP responses to value. To disable, set to "". | | configs.params.annotations | object | `{}` | Annotations to be added to the argocd-cmd-params-cm ConfigMap | +| configs.params.create | bool | `true` | Create the argocd-cmd-params-cm configmap If false, it is expected the configmap will be created by something else. | | configs.rbac."policy.csv" | string | `''` (See [values.yaml]) | File containing user-defined policies and role definitions. | | configs.rbac."policy.default" | string | `""` | The name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... | | configs.rbac.annotations | object | `{}` | Annotations to be added to argocd-rbac-cm configmap | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml index 18fead9b..9d60d932 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml @@ -1,3 +1,4 @@ +{{- if .Values.configs.params.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -13,3 +14,4 @@ metadata: {{- end }} data: {{- include "argo-cd.config.params" . | trim | nindent 2 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d1687b53..c7129bab 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -217,6 +217,10 @@ configs: # Argo CD configuration parameters ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cmd-params-cm.yaml params: + # -- Create the argocd-cmd-params-cm configmap + # If false, it is expected the configmap will be created by something else. + create: true + # -- Annotations to be added to the argocd-cmd-params-cm ConfigMap annotations: {} From 78e99e991119b5e982a0de6eea8c3609409033a5 Mon Sep 17 00:00:00 2001 From: Josh Baird Date: Mon, 26 Jun 2023 10:53:40 -0400 Subject: [PATCH 0697/1248] feat(argo-cd): Add support for configuring argo-notifications log level and format (#2127) * Add env vars for notification logging. Signed-off-by: Josh Baird * Indent. Signed-off-by: Josh Baird * Update CHANGELOG. Signed-off-by: Josh Baird * Bump chart version. Signed-off-by: Josh Baird * Remove extra line. Signed-off-by: Josh Baird * Bump to 5.6.38. Signed-off-by: Josh Baird --------- Signed-off-by: Josh Baird --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-notifications/deployment.yaml | 18 +++++++++++++++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ee6d023c..48461100 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.9 +version: 5.36.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added `configs.params.create` value to the argo-cd chart + description: Add `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL` and `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT` env vars to argo-notifications Deployment diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 8df6c8bb..d2eca77f 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -66,10 +66,22 @@ spec: {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} - {{- with (concat .Values.global.env .Values.notifications.extraEnv) }} env: - {{- toYaml . | nindent 12 }} - {{- end }} + {{- with (concat .Values.global.env .Values.notifications.extraEnv) }} + {{- toYaml . | nindent 12 }} + {{- end }} + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.format + name: argocd-cmd-params-cm + optional: true {{- with .Values.notifications.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} From 675803c02dc5390440b9b13a089b4ad45e7645bb Mon Sep 17 00:00:00 2001 From: dchien234 Date: Fri, 30 Jun 2023 00:02:15 +0800 Subject: [PATCH 0698/1248] fix(argo-cd): fix gRPC service target port (#2138) * fix(argo-cd): update grpc service to use proper targetPort Signed-off-by: d.chien * fix(argo-cd): update Chart changelog Signed-off-by: d.chien --------- Signed-off-by: d.chien --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/aws/service.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 48461100..d000da10 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.10 +version: 5.36.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL` and `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT` env vars to argo-notifications Deployment + - kind: changed + description: Change `targetPort` to use proper `.Values.server.containerPorts.server` value in argo-cd/argo-server for grpc Service so that AWS ALB will not fail the health check for this extra Service. diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index 02c543d5..e9032f92 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -13,11 +13,11 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: server + targetPort: {{ .Values.server.containerPorts.server }} - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: server + targetPort: {{ .Values.server.containerPorts.server }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None From 8213fc37c0a98a0479637d52d9730c4c4a62f7e5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Jul 2023 08:39:17 -0500 Subject: [PATCH 0699/1248] chore(deps): bump actions/labeler from 4.1.0 to 4.2.0 (#2140) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 93cc6b01..18a87c50 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@9fcb2c2f5584144ca754f8bfe8c6f81e77753375 # v4.1.0 + - uses: actions/labeler@0967ca812e7fdc8f5f71402a1b486d5bd061fe20 # v4.2.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 7c3553de9d973594369389c5256235af455e79f2 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 2 Jul 2023 12:16:30 +0900 Subject: [PATCH 0700/1248] chore(argo-cd): Added note about Kubernetes Compatibility Matrix (#2141) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 3 +++ charts/argo-cd/README.md.gotmpl | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d000da10..eacaef39 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.11 +version: 5.36.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Change `targetPort` to use proper `.Values.server.containerPorts.server` value in argo-cd/argo-server for grpc Service so that AWS ALB will not fail the health check for this extra Service. + - kind: added + description: Added note about Kubernetes Compatibility Matrix diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index dbf3f012..9c2d3c4a 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -362,6 +362,8 @@ server: ## Prerequisites - Kubernetes: `>=1.23.0-0` + - We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach. + - Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info. - Helm v3.0.0+ ## Installing the Chart @@ -1223,3 +1225,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks +[Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 6b5efffc..f1dea7f2 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -363,6 +363,8 @@ server: ## Prerequisites - {{ template "chart.kubeVersionLine" . }} + - We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach. + - Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info. - Helm v3.0.0+ ## Installing the Chart @@ -559,3 +561,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks +[Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions From 167c112bcbbebfd4b0c18d38c9bbb063fab7f78b Mon Sep 17 00:00:00 2001 From: Elad Shmitanka Date: Sun, 2 Jul 2023 11:07:17 +0300 Subject: [PATCH 0701/1248] fix(argo-cd): Add usages to ArgoCD server certificate (#2143) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-server/certificate.yaml | 4 ++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index eacaef39..bec859df 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.12 +version: 5.36.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added note about Kubernetes Compatibility Matrix + description: Support for setting server certificate usages diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 9c2d3c4a..907cd0fe 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -688,6 +688,7 @@ NAME: my-release | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | +| server.certificate.usages | list | `[]` | Usages for the certificate | | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret | | server.certificateSecret.crt | string | `""` | Certificate data | | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index eec82ae6..1ec9bb02 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -30,4 +30,8 @@ spec: privateKey: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.server.certificate.usages }} + usages: + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c7129bab..63588ea9 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1743,6 +1743,9 @@ server: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 + # -- Usages for the certificate + ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage + usages: [] # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server From b9f610e319ee725ac602303714b774c4cc7c1be8 Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Mon, 3 Jul 2023 19:55:01 +0200 Subject: [PATCH 0702/1248] fix(argo-cd): Update `argo-cd.strategy` template (#2144) - Convert `$preset.type` to string to prevent an "incompatible types for comparison" when no strategy are defined Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_common.tpl | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bec859df..91e3285e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.13 +version: 5.36.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support for setting server certificate usages + - kind: fixed + description: Update argo-cd.strategy template diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index 54423f99..f8c84c9c 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -128,9 +128,9 @@ Common deployment strategy definition */}} {{- define "argo-cd.strategy" -}} {{- $preset := . -}} -{{- if (eq $preset.type "Recreate") }} +{{- if (eq (toString $preset.type) "Recreate") }} type: Recreate -{{- else if (eq $preset.type "RollingUpdate") }} +{{- else if (eq (toString $preset.type) "RollingUpdate") }} type: RollingUpdate {{- with $preset.rollingUpdate }} rollingUpdate: From 5c4506b4810eda6583cd89443903956d9c4df6ab Mon Sep 17 00:00:00 2001 From: Atkins Date: Tue, 4 Jul 2023 17:22:19 +0800 Subject: [PATCH 0703/1248] feat(argo-cd): remove necessary create entry in `argocd-cmd-params-cm` ConfigMap (#2146) fix(argo-cd): remove necessary `create` entry in `argocd-cmd-params-cm` ConfigMap Signed-off-by: Atkins Chang --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 91e3285e..c84c0f90 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.14 +version: 5.36.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Update argo-cd.strategy template + description: Remove necessary `create` entry in `argocd-cmd-params-cm` ConfigMap diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 2338d1c0..2786d6ed 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -207,7 +207,7 @@ applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.r Merge Argo Params Configuration with Preset Configuration */}} {{- define "argo-cd.config.params" -}} -{{- $config := omit .Values.configs.params "annotations" }} +{{- $config := omit .Values.configs.params "create" "annotations" }} {{- $preset := include "argo-cd.config.params.presets" . | fromYaml | default dict -}} {{- range $key, $value := mergeOverwrite $preset $config }} {{ $key }}: {{ toString $value | toYaml }} From 5f55ef2c4cc16d4c91faaf1bdb7e0c1d7385435a Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Tue, 4 Jul 2023 16:07:03 +0200 Subject: [PATCH 0704/1248] feat(argo-cd): Update appset deployment template (#2145) - add cmd-params checksum annotation to the applicationSet deployment to trigger an automated rollout when changed. Signed-off-by: Laurent Lavaud Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 5 +++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c84c0f90..513438a5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.15 +version: 5.37.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Remove necessary `create` entry in `argocd-cmd-params-cm` ConfigMap + - kind: added + description: add applicationSet deployment cmd-params checksum diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 3ae8410c..0e00e28d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -24,12 +24,13 @@ spec: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} template: metadata: - {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.applicationSet.podAnnotations) }} annotations: + checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.applicationSet.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} - {{- end }} + {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }} From 5e5bad5262ecad870b70d73df2465182b1e86f3d Mon Sep 17 00:00:00 2001 From: Andre Krueger <32708635+1337andre@users.noreply.github.com> Date: Thu, 6 Jul 2023 10:25:47 +0200 Subject: [PATCH 0705/1248] chore(argo-cd): Upgrade Argo CD to v2.7.7 (#2147) Signed-off-by: Andre Krueger <32708635+1337andre@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 513438a5..cbc97da1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.6 +appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.37.0 +version: 5.37.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add applicationSet deployment cmd-params checksum + - kind: changed + description: Upgrade Argo CD to v2.7.7 From 4f6f25198e9ebb8085c3c2a561d6750205dcb0bd Mon Sep 17 00:00:00 2001 From: Venkata Mutyala Date: Mon, 10 Jul 2023 01:14:16 -0700 Subject: [PATCH 0706/1248] feat(argo-cd): upgrade dexIDP from 2.36.0 -> 2.37.0 (#2155) feat: upgrade dexIDP from 2.36.0 -> 2.37.0 Signed-off-by: Venkata Mutyala --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cbc97da1..32e6dfa6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.37.1 +version: 5.38.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.7 + description: Upgrade dexidp from v2.36.0 to v2.37.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 907cd0fe..51db4870 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -857,7 +857,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.36.0"` | Dex image tag | +| dex.image.tag | string | `"v2.37.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 63588ea9..08f3404a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -928,7 +928,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.36.0 + tag: v2.37.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 5ec59e90fa8f03229b8c49fe6cf50fb79572b1bf Mon Sep 17 00:00:00 2001 From: gussan <83329336+toyamagu-2021@users.noreply.github.com> Date: Tue, 11 Jul 2023 21:07:08 +0900 Subject: [PATCH 0707/1248] feat(argo-workflows): Add support for artifactRepositoryRef (#2135) Signed-off-by: tomoki-yamaguchi Co-authored-by: Aikawa Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +- charts/argo-workflows/README.md | 1 + .../ci/enable-artifact-repo-ref.yaml | 41 ++++++++++++ .../artifact-repository-ref-cm.yaml | 19 ++++++ charts/argo-workflows/values.yaml | 63 ++++++++++++++++++- 5 files changed, 124 insertions(+), 6 deletions(-) create mode 100644 charts/argo-workflows/ci/enable-artifact-repo-ref.yaml create mode 100644 charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b12335a5..ade0d8b5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.30.0 +version: 0.31.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: artifactRepository will not be configured by default + - kind: added + description: Add support for artifactRepositoryRef diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 6a19bba0..b445df25 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -331,6 +331,7 @@ Fields to note: | artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | +| artifactRepositoryRef | object | `{}` (See [values.yaml]) | The section of [artifact repository ref](https://argoproj.github.io/argo-workflows/artifact-repository-ref/). Each map key is the name of configmap | | customArtifactRepository | object | `{}` | The section of custom artifact repository. Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) | | useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | diff --git a/charts/argo-workflows/ci/enable-artifact-repo-ref.yaml b/charts/argo-workflows/ci/enable-artifact-repo-ref.yaml new file mode 100644 index 00000000..54c6c523 --- /dev/null +++ b/charts/argo-workflows/ci/enable-artifact-repo-ref.yaml @@ -0,0 +1,41 @@ +artifactRepositoryRef: + # 1st ConfigMap + artifact-repositories: + annotations: + workflows.argoproj.io/default-artifact-repository: default-v1-s3-artifact-repository + # 1st data + default-v1-s3-artifact-repository: + archiveLogs: true + s3: + bucket: my-bucket + endpoint: minio:9000 + insecure: true + accessKeySecret: + name: my-minio-cred + key: accesskey + secretKeySecret: + name: my-minio-cred + key: secretkey + # 2nd data + oss-artifact-repository: + archiveLogs: false + oss: + endpoint: http://oss-cn-zhangjiakou-internal.aliyuncs.com + bucket: $mybucket + accessKeySecret: + name: $mybucket-credentials + key: accessKey + secretKeySecret: + name: $mybucket-credentials + key: secretKey + # 2nd ConfigMap + another-artifact-repositories: + annotations: + workflows.argoproj.io/default-artifact-repository: gcs + gcs: + archiveLogs: false + bucket: my-bucket + keyFormat: prefix/in/bucket/{{workflow.name}}/{{pod.name}} + serviceAccountKeySecret: + name: my-gcs-credentials + key: serviceAccountKey diff --git a/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml new file mode 100644 index 00000000..ce7cd55b --- /dev/null +++ b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml @@ -0,0 +1,19 @@ +{{- range $cm_name, $cm_val := .Values.artifactRepositoryRef }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $cm_name }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $cm_name) | nindent 4 }} + {{- with $cm_val.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +data: + {{- range $data_key, $data_val := (omit $cm_val "annotations") }} + {{- $data_key | nindent 2 }}: | + {{- toYaml $data_val | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 21970f43..cd992c10 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -161,9 +161,13 @@ controller: # Only valid for 2.7+ ## See more: https://argoproj.github.io/argo-workflows/default-workflow-specs/ workflowDefaults: {} - # spec: - # ttlStrategy: - # secondsAfterCompletion: 84600 + # spec: + # ttlStrategy: + # secondsAfterCompletion: 84600 + # # Ref: https://argoproj.github.io/argo-workflows/artifact-repository-ref/ + # artifactRepositoryRef: + # configMap: my-artifact-repository # default is "artifact-repositories" + # key: v2-s3-artifact-repository # default can be set by the `workflows.argoproj.io/default-artifact-repository` annotation in config map. # -- Number of workflow workers workflowWorkers: # 32 @@ -770,6 +774,59 @@ customArtifactRepository: {} # name: artifactory-creds # key: password +# -- The section of [artifact repository ref](https://argoproj.github.io/argo-workflows/artifact-repository-ref/). +# Each map key is the name of configmap +# @default -- `{}` (See [values.yaml]) +artifactRepositoryRef: {} + # # -- 1st ConfigMap + # # If you want to use this config map by default, name it "artifact-repositories". + # # Otherwise, you can provide a reference to a + # # different config map in `artifactRepositoryRef.configMap`. + # artifact-repositories: + # # -- v3.0 and after - if you want to use a specific key, put that key into this annotation. + # annotations: + # workflows.argoproj.io/default-artifact-repository: default-v1-s3-artifact-repository + # # 1st data of configmap. See above artifactRepository or customArtifactRepository. + # default-v1-s3-artifact-repository: + # archiveLogs: false + # s3: + # bucket: my-bucket + # endpoint: minio:9000 + # insecure: true + # accessKeySecret: + # name: my-minio-cred + # key: accesskey + # secretKeySecret: + # name: my-minio-cred + # key: secretkey + # # 2nd data + # oss-artifact-repository: + # archiveLogs: false + # oss: + # endpoint: http://oss-cn-zhangjiakou-internal.aliyuncs.com + # bucket: $mybucket + # # accessKeySecret and secretKeySecret are secret selectors. + # # It references the k8s secret named 'bucket-workflow-artifect-credentials'. + # # This secret is expected to have have the keys 'accessKey' + # # and 'secretKey', containing the base64 encoded credentials + # # to the bucket. + # accessKeySecret: + # name: $mybucket-credentials + # key: accessKey + # secretKeySecret: + # name: $mybucket-credentials + # key: secretKey + # # 2nd ConfigMap + # another-artifact-repositories: + # annotations: + # workflows.argoproj.io/default-artifact-repository: gcs + # gcs: + # bucket: my-bucket + # keyFormat: prefix/in/bucket/{{workflow.name}}/{{pod.name}} + # serviceAccountKeySecret: + # name: my-gcs-credentials + # key: serviceAccountKey + emissary: # -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. ## See more: https://argoproj.github.io/argo-workflows/workflow-executors/#emissary-emissary From 2fb60497519698eda8f217bf9fd3534b85c1704e Mon Sep 17 00:00:00 2001 From: Amit Ben Ami Date: Tue, 11 Jul 2023 16:01:02 +0300 Subject: [PATCH 0708/1248] feat(argo-cd): adding annotations option for `Certificate` (#2156) * feat(certificate): adding annotations options for the `Certificate` resources Signed-off-by: Amit Ben Ami * feat: bumping the chart version Signed-off-by: Amit Ben Ami --------- Signed-off-by: Amit Ben Ami Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 3 +++ .../templates/argocd-applicationset/certificate.yaml | 6 ++++++ charts/argo-cd/templates/argocd-server/certificate.yaml | 6 ++++++ charts/argo-cd/values.yaml | 7 +++++++ 5 files changed, 25 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 32e6dfa6..d0fcc045 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.38.0 +version: 5.38.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade dexidp from v2.36.0 to v2.37.0 + - kind: added + description: Adding the option to set `annotations` for `Certificate` resources diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 51db4870..048a62e9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -407,6 +407,7 @@ NAME: my-release | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | +| global.certificateAnnotations | object | `{}` | Annotations for the all deployed Certificates | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | | global.env | list | `[]` | Environment variables to pass to all deployed Deployments | @@ -676,6 +677,7 @@ NAME: my-release | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | | server.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | +| server.certificate.annotations | object | `{}` | Annotations to be applied to the Server Certificate | | server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | | server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | @@ -1036,6 +1038,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | +| applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | | applicationSet.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | | applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index 505a70fc..f3b7d5d1 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -2,6 +2,12 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.applicationSet.certificate.annotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ template "argo-cd.applicationSet.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 1ec9bb02..716c38ea 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -2,6 +2,12 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.server.certificate.annotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 08f3404a..b6216977 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -147,6 +147,9 @@ global: # -- Environment variables to pass to all deployed Deployments env: [] + # -- Annotations for the all deployed Certificates + certificateAnnotations: {} + ## Argo Configs configs: # General Argo CD configuration @@ -1743,6 +1746,8 @@ server: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 + # -- Annotations to be applied to the Server Certificate + annotations: {} # -- Usages for the certificate ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage usages: [] @@ -2681,6 +2686,8 @@ applicationSet: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 + # -- Annotations to be applied to the ApplicationSet Certificate + annotations: {} ## Notifications controller notifications: From 047ba6b24df9977ec773ca5cf0f00a70565e5c06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Sell=C3=A9s=20Rosa?= <1088313+Fsero@users.noreply.github.com> Date: Tue, 11 Jul 2023 17:39:35 +0200 Subject: [PATCH 0709/1248] feat(argocd-apps): add permitOnlyProjectScopedClusters flag (#2149) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Fabián Sellés Rosa <1088313+Fsero@users.noreply.github.com> --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/templates/projects.yaml | 3 +++ charts/argocd-apps/values.yaml | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index fc733b22..8eeb0888 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.2.0 +version: 1.3.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Rollout strategy for ApplicationSet + description: add permitOnlyProjectScopedClusters flag to Projects defaulting to false diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml index f747d1b6..f4c273e8 100644 --- a/charts/argocd-apps/templates/projects.yaml +++ b/charts/argocd-apps/templates/projects.yaml @@ -22,6 +22,9 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + {{- with .permitOnlyProjectScopedClusters }} + permitOnlyProjectScopedClusters: {{ . }} + {{- end }} description: {{ .description }} {{- with .sourceRepos }} sourceRepos: diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 500849df..0c329dfe 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -48,6 +48,7 @@ projects: [] # namespace: argocd # additionalLabels: {} # additionalAnnotations: {} +# permitOnlyProjectScopedClusters: false # finalizers: # - resources-finalizer.argocd.argoproj.io # description: Example Project From e15b7b70185f56ae98b372eca367b437d6feb271 Mon Sep 17 00:00:00 2001 From: Angelo Ross Date: Thu, 13 Jul 2023 11:05:13 -0300 Subject: [PATCH 0710/1248] feat(argo-cd): Allow configuring Dex's init image resources separately (#2161) Allow configuring Dex's init image resources separately Signed-off-by: Angelo Ross --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 9 +++++++++ 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d0fcc045..bd9a8de4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.38.1 +version: 5.39.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Adding the option to set `annotations` for `Certificate` resources + description: Allow configuring Dex's init image resources separately diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 048a62e9..deaad2ba 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -864,6 +864,7 @@ server: | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | +| dex.initImage.resources | object | `{}` (defaults to dex.resources) | Argo CD init image resources | | dex.initImage.tag | string | `""` (defaults to global.image.tag) | Argo CD init image tag | | dex.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Dex >= 2.28.0 | | dex.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index ce9741d2..abca6e14 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -149,7 +149,7 @@ spec: - mountPath: /tmp name: dexconfig resources: - {{- toYaml .Values.dex.resources | nindent 10 }} + {{- toYaml (default .Values.dex.resources .Values.dex.initImage.resources) | nindent 10 }} {{- with .Values.dex.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b6216977..83ecff3e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -951,6 +951,15 @@ dex: # -- Argo CD init image imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- Argo CD init image resources + # @default -- `{}` (defaults to dex.resources) + resources: {} + # requests: + # cpu: 5m + # memory: 96Mi + # limits: + # cpu: 10m + # memory: 144Mi # -- Environment variables to pass to the Dex server env: [] From a7b65a37f999dc4c647611f1311c55eee16318e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 15:37:43 +0900 Subject: [PATCH 0711/1248] chore(deps): bump helm/kind-action from 1.7.0 to 1.8.0 (#2163) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/fa81e57adff234b2908110485695db0f181f3c67...dda0770415bac9fc20092cacbc54aa298604d140) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c96b4b85..c7c22af1 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@fa81e57adff234b2908110485695db0f181f3c67 # v1.7.0 + uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 3821d6309fb480143b833f2a68034a51630ead9e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 15:39:22 +0900 Subject: [PATCH 0712/1248] chore(deps): bump actions/labeler from 4.2.0 to 4.3.0 (#2164) Bumps [actions/labeler](https://github.com/actions/labeler) from 4.2.0 to 4.3.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/0967ca812e7fdc8f5f71402a1b486d5bd061fe20...ac9175f8a1f3625fd0d4fb234536d26811351594) --- updated-dependencies: - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 18a87c50..d22ac750 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@0967ca812e7fdc8f5f71402a1b486d5bd061fe20 # v4.2.0 + - uses: actions/labeler@ac9175f8a1f3625fd0d4fb234536d26811351594 # v4.3.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 6dab4fa326a1beb1a468ac5d4eb69aabd0942587 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 15:53:14 +0900 Subject: [PATCH 0713/1248] chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 (#2165) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.1 to 4.7.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/bd6b4b6205c4dbad673328db7b31b7fab9e241c0...61a6322f88396a6271a6ee3565807d608ecaddd1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c7c22af1..bd8d2255 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@bd6b4b6205c4dbad673328db7b31b7fab9e241c0 # v4.6.1 + uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: python-version: 3.9 From e053486fab0d0363e631d0742779d0af79a97b15 Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Mon, 17 Jul 2023 11:56:13 +0200 Subject: [PATCH 0714/1248] fix(argo-cd): Ensure `app.kubernetes.io/version` label is valid (#2148) Signed-off-by: Mathieu Parent --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_common.tpl | 9 ++++++++- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bd9a8de4..b87afdd3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.39.0 +version: 5.39.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Allow configuring Dex's init image resources separately + - kind: fixed + description: Ensure `app.kubernetes.io/version` label is valid diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index f8c84c9c..4173876c 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -38,6 +38,13 @@ Create Argo CD app version {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} +{{/* +Return valid version label +*/}} +{{- define "argo-cd.versionLabelValue" -}} +{{ regexReplaceAll "[^-A-Za-z0-9_.]" (include "argo-cd.defaultTag" .) "-" | trunc 63 | trimAll "-" | trimAll "_" | trimAll "." | quote }} +{{- end -}} + {{/* Common labels */}} @@ -46,7 +53,7 @@ helm.sh/chart: {{ include "argo-cd.chart" .context }} {{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argocd -app.kubernetes.io/version: {{ include "argo-cd.defaultTag" .context }} +app.kubernetes.io/version: {{ include "argo-cd.versionLabelValue" .context }} {{- with .context.Values.global.additionalLabels }} {{ toYaml . }} {{- end }} From afccb2e5d469c61b327d6f47001297b5ba079422 Mon Sep 17 00:00:00 2001 From: Zach Swanson <1272954+zswanson@users.noreply.github.com> Date: Mon, 17 Jul 2023 08:20:47 -0400 Subject: [PATCH 0715/1248] feat(argo-cd): allow configurable hpa metrics (#2166) * allow configurable HPA metrics Signed-off-by: Zach Swanson * update docs Signed-off-by: Zach Swanson * Update chart version and changelog Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson * Fix values/readme reference to repo server Signed-off-by: Zach Swanson --------- Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson <1272954+zswanson@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/argocd-repo-server/hpa.yaml | 4 ++++ charts/argo-cd/templates/argocd-server/hpa.yaml | 4 ++++ charts/argo-cd/values.yaml | 6 ++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b87afdd3..3736bba1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.39.1 +version: 5.40.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Ensure `app.kubernetes.io/version` label is valid + - kind: changed + description: Allow configurable metrics in server and repoServer HPAs diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index deaad2ba..863ae8bb 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -576,6 +576,7 @@ NAME: my-release | repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | +| repoServer.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD repo server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | | repoServer.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the repo server [HPA] | | repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] | | repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] | @@ -673,6 +674,7 @@ NAME: my-release | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | +| server.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | | server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo CD server [HPA] | | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index 2cba8324..ef3d5e80 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -14,6 +14,9 @@ spec: minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }} maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }} metrics: + {{- if .Values.repoServer.autoscaling.metrics }} + {{- toYaml .Values.repoServer.autoscaling.metrics | nindent 4 }} + {{- else }} {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: @@ -38,6 +41,7 @@ spec: type: Utilization {{- end }} {{- end }} + {{- end }} {{- with .Values.repoServer.autoscaling.behavior }} behavior: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index cbc17c31..c19b8943 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -14,6 +14,9 @@ spec: minReplicas: {{ .Values.server.autoscaling.minReplicas }} maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} metrics: + {{- if .Values.server.autoscaling.metrics }} + {{ toYaml .Values.server.autoscaling.metrics | nindent 4 }} + {{- else }} {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: @@ -38,6 +41,7 @@ spec: type: Utilization {{- end }} {{- end }} + {{- end}} {{- with .Values.server.autoscaling.behavior }} behavior: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 83ecff3e..38f9b2d7 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1476,6 +1476,9 @@ server: # - type: Pods # value: 2 # periodSeconds: 60 + # -- Configures custom HPA metrics for the Argo CD server + # Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ + metrics: [] ## Argo CD server Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ @@ -2043,6 +2046,9 @@ repoServer: # - type: Pods # value: 2 # periodSeconds: 60 + # -- Configures custom HPA metrics for the Argo CD repo server + # Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ + metrics: [] ## Repo server Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ From c2f813ec6241b016a6907238c87eadf8a9feb505 Mon Sep 17 00:00:00 2001 From: Alex Souslik Date: Tue, 18 Jul 2023 09:51:14 +0300 Subject: [PATCH 0716/1248] feat(argo-cd): make ServiceMonitor deployment conditional on CRD existence (#2154) * made ServiceMonitor deployment conditional on CRD existence Signed-off-by: alex-souslik-hs * remove non ArgoCD changes Signed-off-by: alex-souslik-hs * add newline Signed-off-by: Alex Souslik * Change chage description Signed-off-by: Alex Souslik * Update charts/argo-cd/Chart.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Alex Souslik --------- Signed-off-by: alex-souslik-hs Signed-off-by: Alex Souslik Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/servicemonitor.yaml | 2 +- .../templates/argocd-applicationset/servicemonitor.yaml | 2 +- .../templates/argocd-notifications/servicemonitor.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/dex/servicemonitor.yaml | 2 +- charts/argo-cd/templates/redis/servicemonitor.yaml | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3736bba1..1b8a0ae1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.40.0 +version: 5.41.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Allow configurable metrics in server and repoServer HPAs + description: Make ServiceMonitor deployment conditional on CRD existence diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 10ba7767..3ce0c10d 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index bb814a25..b3554675 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -1,5 +1,5 @@ {{- if .Values.applicationSet.enabled }} -{{- if and .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index de3cc5a3..18849886 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.notifications.enabled .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.notifications.enabled .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index aec96461..c41520b7 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 65d102e3..f876a1a1 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 21d12be2..00f2a238 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index 46a7e32c..6f036a80 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -1,5 +1,5 @@ {{- $redisHa := (index .Values "redis-ha") -}} -{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled .Values.redis.metrics.serviceMonitor.enabled -}} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled .Values.redis.metrics.serviceMonitor.enabled -}} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: From 5f46ee820fd19e0b24c50f71aa9169be59192eac Mon Sep 17 00:00:00 2001 From: smcavallo Date: Wed, 19 Jul 2023 18:26:08 -0400 Subject: [PATCH 0717/1248] feat(argo-cd): Upgrade argocd to v2.7.8 (#2173) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1b8a0ae1..72c178b1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.7 +appVersion: v2.7.8 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.41.0 +version: 5.41.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Make ServiceMonitor deployment conditional on CRD existence + description: Update to app version 2.7.8 From 000d8c71285f60c7fccc8e40bfab805da7dddebb Mon Sep 17 00:00:00 2001 From: Takuma Kume Date: Fri, 21 Jul 2023 02:26:23 +0900 Subject: [PATCH 0718/1248] feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.1 (#2174) --- charts/argo-rollouts/Chart.yaml | 8 ++++---- charts/argo-rollouts/templates/crds/rollout-crd.yaml | 3 --- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 67175469..62ab9f05 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.5.0 +appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.0 +version: 2.31.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support Traffic Router Plugins + - kind: changed + description: Update to app version 1.5.1 diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 0fafbab3..45f59ee0 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3328,7 +3328,6 @@ spec: type: string required: - arn - - fullName - name type: object loadBalancer: @@ -3341,7 +3340,6 @@ spec: type: string required: - arn - - fullName - name type: object stableTargetGroup: @@ -3354,7 +3352,6 @@ spec: type: string required: - arn - - fullName - name type: object type: object From 137bb9e177f85f63a8c1214c17ec82830f069760 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 20 Jul 2023 18:19:59 -0500 Subject: [PATCH 0719/1248] chore(argo-workflows): Upgrade to 3.4.9 (#2175) chore(argo-workflow): Upgrade to 3.4.9 - [ ] update CRD changes Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ade0d8b5..96912cf2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.8 +appVersion: v3.4.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.31.0 +version: 0.32.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for artifactRepositoryRef + - kind: changed + description: Upgrade to Argo Workflows v3.4.9 From 83e5d83492f18c301fe62eebb56e6db98757cabb Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Sat, 22 Jul 2023 15:46:38 +0200 Subject: [PATCH 0720/1248] feat(argocd-apps): syncOptions for applications (#2176) Signed-off-by: Mathieu Parent Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/templates/applications.yaml | 4 ++++ charts/argocd-apps/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 8eeb0888..cc690f7f 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.3.0 +version: 1.4.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: add permitOnlyProjectScopedClusters flag to Projects defaulting to false + description: syncOptions for applications diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index df0ea5eb..0cf3420b 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -37,6 +37,10 @@ spec: syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .syncOptions }} + syncOptions: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .revisionHistoryLimit }} revisionHistoryLimit: {{ . }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 0c329dfe..9311a44c 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,6 +30,8 @@ applications: [] # automated: # prune: false # selfHeal: false +# syncOptions: +# - CreateNamespace=true # revisionHistoryLimit: null # ignoreDifferences: # - group: apps From 0453552b320712d20be65d9ba3f56644842dd84c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 23 Jul 2023 13:25:51 +0900 Subject: [PATCH 0721/1248] fix(argocd-apps): fix indent of syncOptions (#2181) --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/ci/applications-values.yaml | 2 ++ charts/argocd-apps/templates/applications.yaml | 4 ---- charts/argocd-apps/values.yaml | 4 ++-- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index cc690f7f..5494db99 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.4.0 +version: 1.4.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added + - kind: fixed description: syncOptions for applications diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml index 9d8b21bf..28a627ff 100644 --- a/charts/argocd-apps/ci/applications-values.yaml +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -20,6 +20,8 @@ applications: automated: prune: false selfHeal: false + syncOptions: + - ApplyOutOfSyncOnly=true revisionHistoryLimit: null ignoreDifferences: - group: apps diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index 0cf3420b..df0ea5eb 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -37,10 +37,6 @@ spec: syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .syncOptions }} - syncOptions: - {{- toYaml . | nindent 4 }} - {{- end }} {{- with .revisionHistoryLimit }} revisionHistoryLimit: {{ . }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 9311a44c..a7996369 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,8 +30,8 @@ applications: [] # automated: # prune: false # selfHeal: false -# syncOptions: -# - CreateNamespace=true +# syncOptions: +# - CreateNamespace=true # revisionHistoryLimit: null # ignoreDifferences: # - group: apps From f2da20bb753a7d9f28157f0ba39d6db62922431e Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sun, 23 Jul 2023 19:48:47 -0400 Subject: [PATCH 0722/1248] chore(github): use table for Emeritus (#2182) - to matches how `argoproj` lists Alumni (https://github.com/argoproj/argoproj/blob/6011d3e17300d4b642a1ab5bdb3551c5f6da9021/MAINTAINERS.md?plain=1#L11) - though it has more details including role and affiliation. could do that here too, but I don't know what all those are, so left those columns out - fortunately everyone's name was listed on their profile, so just copy+paste those! - confirmed that all links work Signed-off-by: Anton Gilgur --- EMERITUS.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/EMERITUS.md b/EMERITUS.md index 2c299690..c0ff9674 100644 --- a/EMERITUS.md +++ b/EMERITUS.md @@ -4,9 +4,11 @@ These are the people who have been approvers in the past, and have since retired We thank them for their service to the project. -* @oliverbaehler -* @stefansedich -* @paguos -* @yann-soubeyrand -* @davidkarlsen -* @jbehling +| Emeritus | GitHub ID | +| -------- | --------- | +| Oliver Bähler | [oliverbaehler](https://github.com/oliverbaehler) | +| Stefan Sedich | [stefansedich](https://github.com/stefansedich) | +| Pablo Osinaga | [paguos](https://github.com/paguos) | +| Yann Soubeyrand | [yann-soubeyrand](https://github.com/yann-soubeyrand) | +| David J. M. Karlsen | [davidkarlsen](https://github.com/davidkarlsen) | +| John Behling | [jbehling](https://github.com/jbehling) | From 5f1d08de0b0f10a650d09609abf17b22816430d5 Mon Sep 17 00:00:00 2001 From: Artur Date: Tue, 25 Jul 2023 03:22:46 +0300 Subject: [PATCH 0723/1248] fix(argo-rollouts): Use annotation cont metrics (#2184) * fix(argo-rollouts): Use annotation cont metrics Signed-off-by: Artur Mudrykh * fix(argo-rollouts): add changes and bump version Signed-off-by: Artur Mudrykh * fix chart.yaml Signed-off-by: Artur Mudrykh --------- Signed-off-by: Artur Mudrykh Co-authored-by: Artur Mudrykh --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 1 + .../argo-rollouts/templates/controller/metrics-service.yaml | 5 ++++- charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 62ab9f05..c073adcb 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.1 +version: 2.31.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update to app version 1.5.1 + - kind: fixed + description: Fix use prometheus metrics service diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 5add40c3..4e028779 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -91,6 +91,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.service.annotations | object | `{}` | Service annotations | | controller.metrics.service.port | int | `8090` | Metrics service port | | controller.metrics.service.portName | string | `"metrics"` | Metrics service port name | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index e04d326a..671a0837 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -7,8 +7,11 @@ metadata: labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} - {{- with .Values.serviceAnnotations }} annotations: + {{- with .Values.serviceAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.metrics.service.annotations }} {{- toYaml . | nindent 4 }} {{- end }} spec: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index b81ee53a..f9d8e1cf 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -127,6 +127,8 @@ controller: portName: metrics # -- Metrics service port port: 8090 + # -- Service annotations + annotations: {} serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false From 278a32671bebe8ea503b7d73619b3cdf389105a2 Mon Sep 17 00:00:00 2001 From: Venkata Mutyala Date: Mon, 24 Jul 2023 19:09:41 -0700 Subject: [PATCH 0724/1248] chore(argo-cd): Upgrade Argo CD to v2.7.9 (#2186) feat(argo-cd): Upgrade argocd to v2.7.9 Signed-off-by: Venkata Mutyala --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72c178b1..79b9fb03 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.8 +appVersion: v2.7.9 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.41.1 +version: 5.41.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update to app version 2.7.8 + description: Update to app version v2.7.9 From 98da71eb87def0ea9cb57dfe86e17c6256407cd0 Mon Sep 17 00:00:00 2001 From: Andy Cobaugh Date: Thu, 27 Jul 2023 09:57:46 -0400 Subject: [PATCH 0725/1248] feat(argo-workflows): allow setting executor args (#2177) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 5 ++++- charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 96912cf2..681b73b9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.0 +version: 0.32.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade to Argo Workflows v3.4.9 + - kind: added + description: Add support for executor args diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b445df25..eb57fe44 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -230,6 +230,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| executor.args | list | `[]` | Passes arguments to the executor processes | | executor.env | list | `[]` | Adds environment variables for the executor. | | executor.image.pullPolicy | string | `""` | Image PullPolicy to use for the Workflow Executors. Defaults to `.Values.images.pullPolicy`. | | executor.image.registry | string | `"quay.io"` | Registry to use for the Workflow Executors | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 680b436f..d4728a30 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -42,12 +42,15 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} + {{- if or .Values.executor.resources .Values.executor.env .Values.executor.args .Values.executor.securityContext}} executor: imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.executor.image.pullPolicy }} {{- with .Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.executor.args }} + args: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.executor.env }} env: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cd992c10..bfc3ce3f 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -382,6 +382,8 @@ executor: pullPolicy: "" # -- Resource limits and requests for the Workflow Executors resources: {} + # -- Passes arguments to the executor processes + args: [] # -- Adds environment variables for the executor. env: [] # -- sets security context for the executor container From c358b5e71f8a9259d937c9bb1a6a34c9f1f478d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?carlos=20gonz=C3=A1lez?= Date: Thu, 27 Jul 2023 23:44:15 +0200 Subject: [PATCH 0726/1248] feat(argo-cd): add labels to notifications secret (#2191) (#2192) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: carlos gonzález --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + .../argocd-configs/argocd-notifications-secret.yaml | 3 +++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 79b9fb03..bb918178 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.9 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.41.2 +version: 5.42.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update to app version v2.7.9 + - kind: added + description: Extra secret labels with .Values.notifications.secret.labels diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 863ae8bb..79d134b6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1195,6 +1195,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | +| notifications.secret.labels | object | `{}` | key:value pairs of labels to be added to the secret | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index cde4d555..75027ed5 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -6,6 +6,9 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- with .Values.notifications.secret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.notifications.secret.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 38f9b2d7..aa071644 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2795,6 +2795,9 @@ notifications: # -- key:value pairs of annotations to be added to the secret annotations: {} + # -- key:value pairs of labels to be added to the secret + labels: {} + # -- Generic key:value pairs to be inserted into the secret ## Can be used for templates, notification services etc. Some examples given below. ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ From 4ebeac0d8c89582f81cd9ab2daee1b158ad01cbf Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 1 Aug 2023 14:57:18 +0900 Subject: [PATCH 0727/1248] chore(argo-cd): Upgrade Argo CD to v2.7.10 (#2197) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bb918178..a78601a5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.9 +appVersion: v2.7.10 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.0 +version: 5.42.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Extra secret labels with .Values.notifications.secret.labels + - kind: changed + description: Upgrade Argo CD to v2.7.10 From 962342fe2acef6022ac5c1a3eb352b336308b3eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9gory=20SANCHEZ?= Date: Tue, 1 Aug 2023 11:07:17 +0200 Subject: [PATCH 0728/1248] fix(argo-rollouts): fix helm lint error when extraObjects is defined (#2196) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fix(extra-manifests): fix helm lint error when extraObjecrts is defined Signed-off-by: Grégory SANCHEZ Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/extra-manifests.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c073adcb..1846575d 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.2 +version: 2.31.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fix use prometheus metrics service + description: Fix helm lint error when `extraObjects` is defined diff --git a/charts/argo-rollouts/templates/extra-manifests.yaml b/charts/argo-rollouts/templates/extra-manifests.yaml index f17b1a93..fc9a76b8 100644 --- a/charts/argo-rollouts/templates/extra-manifests.yaml +++ b/charts/argo-rollouts/templates/extra-manifests.yaml @@ -1,6 +1,6 @@ {{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} From f0ac0b7cf400f9f00005e9436de41881a584547d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 5 Aug 2023 12:16:40 +0200 Subject: [PATCH 0729/1248] fix(argo-cd): Template configuration keys as a string instead of map (#2205) --- charts/argo-cd/Chart.yaml | 6 ++--- charts/argo-cd/templates/_helpers.tpl | 37 +++++++++++++++------------ 2 files changed, 23 insertions(+), 20 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a78601a5..8a4769ac 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.10 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.1 +version: 5.42.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.10 + - kind: fixed + description: Templates for global presets properly renders keys as a string instead of map diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 2786d6ed..c4c814da 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -162,9 +162,11 @@ Create the name of the notifications service account to use Argo Configuration Preset Values (Incluenced by Values configuration) */}} {{- define "argo-cd.config.cm.presets" -}} +{{- $presets := dict -}} {{- if .Values.configs.styles -}} -ui.cssurl: "./custom/custom.styles.css" +{{- $_ := set $presets "ui.cssurl" "./custom/custom.styles.css" -}} {{- end -}} +{{- toYaml $presets }} {{- end -}} {{/* @@ -183,24 +185,25 @@ Merge Argo Configuration with Preset Configuration {{/* Argo Params Default Configuration Presets +NOTE: Configuration keys must be stored as dict because YAML treats dot as separator */}} {{- define "argo-cd.config.params.presets" -}} -repo.server: "{{ include "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}" -server.repo.server.strict.tls: {{ .Values.repoServer.certificateSecret.enabled | toString }} -{{- with include "argo-cd.redis.server" . }} -redis.server: {{ . | quote }} -{{- end }} -{{- if .Values.dex.enabled }} -server.dex.server: {{ include "argo-cd.dex.server" . | quote }} -server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }} -{{- end }} -{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" }} -{{ $component }}.log.format: {{ $.Values.global.logging.format | quote }} -{{ $component }}.log.level: {{ $.Values.global.logging.level | quote }} -{{- end }} -{{- if .Values.applicationSet.enabled }} -applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.replicaCount | int64) 1 }} -{{- end }} +{{- $presets := dict -}} +{{- $_ := set $presets "repo.server" (printf "%s:%s" (include "argo-cd.repoServer.fullname" .) (.Values.repoServer.service.port | toString)) -}} +{{- $_ := set $presets "server.repo.server.strict.tls" (.Values.repoServer.certificateSecret.enabled | toString ) -}} +{{- $_ := set $presets "redis.server" (include "argo-cd.redis.server" .) -}} +{{- if .Values.dex.enabled -}} +{{- $_ := set $presets "server.dex.server" (include "argo-cd.dex.server" .) -}} +{{- $_ := set $presets "server.dex.server.strict.tls" .Values.dex.certificateSecret.enabled -}} +{{- end -}} +{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" -}} +{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- end -}} +{{- if .Values.applicationSet.enabled -}} +{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt (.Values.applicationSet.replicaCount | int64) 1) -}} +{{- end -}} +{{- toYaml $presets }} {{- end -}} {{/* From eae0bdd87117c2eb5e4f666196b6886f13b3f999 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 5 Aug 2023 19:26:24 +0900 Subject: [PATCH 0730/1248] fix(argo-rollouts): Add required ingress permission (#2207) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/controller/clusterrole.yaml | 1 + charts/argo-rollouts/templates/controller/role.yaml | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 1846575d..8cc669fb 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.3 +version: 2.31.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fix helm lint error when `extraObjects` is defined + description: Add required ingress permission diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 964daed3..ab0f7ee1 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -135,6 +135,7 @@ rules: - get - list - watch + - update - patch # job access needed for analysis template job metrics - apiGroups: diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index e3b80672..eb69db62 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -136,6 +136,7 @@ rules: - get - list - watch + - update - patch # job access needed for analysis template job metrics - apiGroups: From ebd1ad5103d3f352a4317fab935b305c91a1b9f3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 8 Aug 2023 15:11:34 +0900 Subject: [PATCH 0731/1248] chore(argo-cd): Upgrade Argo CD to v2.7.11 (#2210) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8a4769ac..1e77b9db 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.10 +appVersion: v2.7.11 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.2 +version: 5.42.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Templates for global presets properly renders keys as a string instead of map + - kind: changed + description: Upgrade Argo CD to v2.7.11 From 4eae23b5806a97a5e081b0f3f877b9e3b5bf9cf1 Mon Sep 17 00:00:00 2001 From: Engin Diri Date: Tue, 8 Aug 2023 16:08:58 +0200 Subject: [PATCH 0732/1248] feat(github): add Helm OCI support (#2209) Signed-off-by: Engin Diri --- .github/workflows/publish.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c1d94025..c2d1dc24 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -4,6 +4,8 @@ on: push: branches: - main + paths: + - "charts/**" permissions: contents: read @@ -12,6 +14,7 @@ jobs: publish: permissions: contents: write # for helm/chart-releaser-action to push chart release and create a release + packages: write # to push OCI chart package to GitHub Registry runs-on: ubuntu-latest steps: - name: Checkout @@ -60,3 +63,20 @@ jobs: config: "./.github/configs/cr.yaml" env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + + - name: Login to GHCR + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Push chart to GHCR + run: | + shopt -s nullglob + for pkg in .cr-release-packages/*.tgz; do + if [ -z "${pkg:-}" ]; then + break + fi + helm push "${pkg}" oci://ghcr.io/${{ github.repository }} + done From 3e35b0c7f7d758d553b17f369cc5940484ef5d89 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 8 Aug 2023 16:35:41 +0200 Subject: [PATCH 0733/1248] feat(argo-cd): Upgrade Argo CD to 2.8.0 (#2170) Signed-off-by: Petr Drastil Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 2 +- .../statefulset.yaml | 12 + .../argocd-applicationset/deployment.yaml | 73 +- .../argocd-repo-server/deployment.yaml | 12 + .../templates/argocd-server/deployment.yaml | 12 + .../templates/crds/crd-application.yaml | 168 +- .../templates/crds/crd-applicationset.yaml | 2002 +++++++++++++++++ charts/argo-cd/values.yaml | 2 +- 9 files changed, 2264 insertions(+), 25 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1e77b9db..f85b8bb3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.11 +appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.3 +version: 5.43.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.11 + description: Upgrade Argo CD to 2.8.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 79d134b6..305f0923 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -461,7 +461,7 @@ NAME: my-release | configs.params."reposerver.parallelism.limit" | int | `0` | Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. | | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.disable.auth" | bool | `false` | Disable Argo CD RBAC for user authentication | -| configs.params."server.enable.gzip" | bool | `false` | Enable GZIP compression | +| configs.params."server.enable.gzip" | bool | `true` | Enable GZIP compression | | configs.params."server.insecure" | bool | `false` | Run server without TLS | | configs.params."server.rootpath" | string | `""` | Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index b671e245..8faac38d 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -236,6 +236,18 @@ spec: name: argocd-cmd-params-cm key: application.namespaces optional: true + - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sharding.algorithm + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.kubectl.parallelism.limit + optional: true {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 0e00e28d..4da1597c 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -93,12 +93,6 @@ spec: key: applicationsetcontroller.enable.leader.election name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespace - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: @@ -111,6 +105,12 @@ spec: key: applicationsetcontroller.policy name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.policy.override + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG valueFrom: configMapKeyRef: @@ -147,6 +147,54 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.new.git.file.globbing + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.concurrent.reconciliations.max + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespaces + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.scm.root.ca.path + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.allowed.scm.providers + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} @@ -199,6 +247,8 @@ spec: name: gpg-keys - mountPath: /app/config/gpg/keys name: gpg-keyring + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls - mountPath: /tmp name: tmp {{- with .Values.applicationSet.extraContainers }} @@ -248,6 +298,17 @@ spec: emptyDir: {} - name: tmp emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt {{- with .Values.applicationSet.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index f438c8b5..b9959018 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -108,6 +108,18 @@ spec: name: argocd-cmd-params-cm key: reposerver.parallelism.limit optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.listen.address + optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.metrics.listen.address + optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index cc928981..e3f322cb 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -263,6 +263,18 @@ spec: name: argocd-cmd-params-cm key: server.http.cookie.maxnumber optional: true + - name: ARGOCD_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.listen.address + optional: true + - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.metrics.listen.address + optional: true - name: ARGOCD_SERVER_OTLP_ADDRESS valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index cbb480e6..b4d13a15 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -297,8 +297,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -586,8 +593,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -992,8 +1006,15 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1272,8 +1293,15 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1438,7 +1466,7 @@ spec: as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether to revert resources + description: 'SelfHeal specifies whether to revert resources back to their desired state upon modification in the cluster (default: false)' type: boolean @@ -1502,7 +1530,7 @@ spec: conditions items: description: ApplicationCondition contains details about an application - condition, which is usally an error or warning + condition, which is usually an error or warning properties: lastTransitionTime: description: LastTransitionTime is the time the condition was @@ -1521,6 +1549,10 @@ spec: - type type: object type: array + controllerNamespace: + description: ControllerNamespace indicates the namespace in which + the application controller is located + type: string health: description: Health contains information about the application's current health status @@ -1700,8 +1732,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1993,8 +2032,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2431,8 +2478,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over + Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a + map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2740,8 +2794,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined - as a block + as a block. ValuesObject takes precedence + over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as + a map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2951,6 +3012,19 @@ spec: syncResult: description: SyncResult is the result of a Sync operation properties: + managedNamespaceMetadata: + description: ManagedNamespaceMetadata contains the current + sync state of managed namespace metadata + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object resources: description: Resources contains a list of sync result items for each individual resource in a sync operation @@ -3153,8 +3227,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3457,8 +3539,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over Values, + so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3728,6 +3817,42 @@ spec: and must be set to the Kubernetes control plane API type: string type: object + ignoreDifferences: + description: IgnoreDifferences is a reference to the application's + ignored differences used for comparison + items: + description: ResourceIgnoreDifferences contains resource + filter and list of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: ManagedFieldsManagers is a list of trusted + managers. Fields mutated by those managers will take + precedence over the desired state defined in the SCM + and won't be displayed in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array source: description: Source is a reference to the application's source used for comparison @@ -3866,8 +3991,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4170,8 +4303,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over Values, + so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index ad35b062..fa0d926a 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -40,6 +40,8 @@ spec: type: object spec: properties: + applyNestedSelectors: + type: boolean generators: items: properties: @@ -235,6 +237,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -412,6 +417,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -748,6 +756,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -925,6 +936,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1265,6 +1279,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1442,6 +1459,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1586,6 +1606,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - repoURL - revision @@ -1758,6 +1782,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1935,6 +1962,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2279,6 +2309,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2456,6 +2489,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2792,6 +2828,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2969,6 +3008,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3309,6 +3351,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3486,6 +3531,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3630,6 +3678,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - repoURL - revision @@ -3802,6 +3854,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3979,6 +4034,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4130,8 +4188,595 @@ spec: x-kubernetes-preserve-unknown-fields: true merge: x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object pullRequest: properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object bitbucketServer: properties: api: @@ -4168,6 +4813,8 @@ spec: properties: branchMatch: type: string + targetBranchMatch: + type: string type: object type: array gitea: @@ -4227,6 +4874,8 @@ spec: properties: api: type: string + insecure: + type: boolean labels: items: type: string @@ -4411,6 +5060,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4588,6 +5240,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4735,6 +5390,26 @@ spec: type: object scmProvider: properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object azureDevOps: properties: accessTokenRef: @@ -4891,6 +5566,8 @@ spec: type: string includeSubgroups: type: boolean + insecure: + type: boolean tokenRef: properties: key: @@ -5067,6 +5744,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5244,6 +5924,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5388,6 +6071,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object type: object selector: properties: @@ -5574,6 +6261,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5751,6 +6441,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6095,6 +6788,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6272,6 +6968,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6608,6 +7307,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6785,6 +7487,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7125,6 +7830,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7302,6 +8010,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7446,6 +8157,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - repoURL - revision @@ -7618,6 +8333,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7795,6 +8513,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7946,8 +8667,595 @@ spec: x-kubernetes-preserve-unknown-fields: true merge: x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object pullRequest: properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object bitbucketServer: properties: api: @@ -7984,6 +9292,8 @@ spec: properties: branchMatch: type: string + targetBranchMatch: + type: string type: object type: array gitea: @@ -8043,6 +9353,8 @@ spec: properties: api: type: string + insecure: + type: boolean labels: items: type: string @@ -8227,6 +9539,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8404,6 +9719,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8551,6 +9869,26 @@ spec: type: object scmProvider: properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object azureDevOps: properties: accessTokenRef: @@ -8707,6 +10045,8 @@ spec: type: string includeSubgroups: type: boolean + insecure: + type: boolean tokenRef: properties: key: @@ -8883,6 +10223,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9060,6 +10403,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9204,6 +10550,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object type: object selector: properties: @@ -9394,6 +10744,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9571,6 +10924,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9719,8 +11075,595 @@ spec: - generators - mergeKeys type: object + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object pullRequest: properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object bitbucketServer: properties: api: @@ -9757,6 +11700,8 @@ spec: properties: branchMatch: type: string + targetBranchMatch: + type: string type: object type: array gitea: @@ -9816,6 +11761,8 @@ spec: properties: api: type: string + insecure: + type: boolean labels: items: type: string @@ -10000,6 +11947,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10177,6 +12127,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10324,6 +12277,26 @@ spec: type: object scmProvider: properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object azureDevOps: properties: accessTokenRef: @@ -10480,6 +12453,8 @@ spec: type: string includeSubgroups: type: boolean + insecure: + type: boolean tokenRef: properties: key: @@ -10656,6 +12631,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10833,6 +12811,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10977,6 +12958,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object type: object selector: properties: @@ -11005,6 +12990,10 @@ spec: type: array goTemplate: type: boolean + goTemplateOptions: + items: + type: string + type: array preservedFields: properties: annotations: @@ -11045,6 +13034,13 @@ spec: type: object syncPolicy: properties: + applicationsSync: + enum: + - create-only + - create-update + - create-delete + - sync + type: string preserveResourcesOnDeletion: type: boolean type: object @@ -11208,6 +13204,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11385,6 +13384,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index aa071644..fb1db35c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -253,7 +253,7 @@ configs: # -- Disable Argo CD RBAC for user authentication server.disable.auth: false # -- Enable GZIP compression - server.enable.gzip: false + server.enable.gzip: true # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "". server.x.frame.options: sameorigin From b9c7b3104a8957a221362dab7e3d4daab989a9dd Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 8 Aug 2023 19:03:57 -0500 Subject: [PATCH 0734/1248] fix(argo-rollouts): add CI for enabling extra objects for argo-rollouts (#2198) * fix(argo-rollouts): add CI for enabling extra objects for argo-rollouts Add CI for extra objects Signed-off-by: jmeridth * fix: rename extra objects ci file to have -values suffix Signed-off-by: jmeridth --------- Signed-off-by: jmeridth Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 6 +++--- .../ci/enable-extra-objects-values.yaml | 14 ++++++++++++++ 2 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 charts/argo-rollouts/ci/enable-extra-objects-values.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 8cc669fb..0bf8dfcb 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.4 +version: 2.31.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add required ingress permission + - kind: added + description: Add CI example for extra objects diff --git a/charts/argo-rollouts/ci/enable-extra-objects-values.yaml b/charts/argo-rollouts/ci/enable-extra-objects-values.yaml new file mode 100644 index 00000000..8d18ecd3 --- /dev/null +++ b/charts/argo-rollouts/ci/enable-extra-objects-values.yaml @@ -0,0 +1,14 @@ +# Test with extraObjects enabled +# Do not deploy the CRDs as they are already present from the previous test +installCRDs: false + +extraObjects: + - apiVersion: v1 + kind: Secret + metadata: + name: datadog + type: Opaque + data: + address: aHR0cHM6Ly9hcGkuZGF0YWRvZ2hxLmNvbQo= # https://api.datadoghq.com + api-key: dGVzdC1hcGkta2V5Cg== # test-api-key + app-key: dGVzdC1hcHAta2V5Cg== # test-app-key From 51e22106314012c2b4e620ad90b59340b5afb39e Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 9 Aug 2023 10:19:54 +0200 Subject: [PATCH 0735/1248] fix(argo-cd): Fix global log level configuration (#2213) fix(argo-cd) - Fix global log level configuration Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f85b8bb3..6140b2cb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.0 +version: 5.43.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to 2.8.0 + - kind: fixed + description: Fixed global log level configuration diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index c4c814da..05852686 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -198,7 +198,7 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ {{- end -}} {{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" -}} {{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} -{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}} {{- end -}} {{- if .Values.applicationSet.enabled -}} {{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt (.Values.applicationSet.replicaCount | int64) 1) -}} From 4b7dcd0d31531f44a275729e86880d52c75323ed Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 9 Aug 2023 10:35:48 +0200 Subject: [PATCH 0736/1248] chore(argo-cd): Change applicationSet replicaCount to replicas (#2214) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +++++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/templates/NOTES.txt | 3 +++ .../templates/argocd-applicationset/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 2 +- 5 files changed, 11 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6140b2cb..821de850 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.1 +version: 5.43.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixed global log level configuration + - kind: changed + description: Renamed applicationSet.replicaCount to replicas + - kind: deprecated + description: Option applicationSet.replicaCount diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 305f0923..45a97eb5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1113,7 +1113,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | +| applicationSet.replicas | int | `1` | The number of ApplicationSet controller pods to run | | applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. | | applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations | | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index d79d95f0..afd18a1b 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -73,6 +73,9 @@ DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations {{- if hasKey .Values.configs "tlsCerts" }} DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates {{- end }} +{{- if .Values.applicationSet.replicaCount }} +DEPRECATED option applicationSet.replicaCount - Use applicationSet.replicas +{{- end }} {{- if .Values.applicationSet.logFormat }} DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 4da1597c..d8fb8cbc 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -17,7 +17,7 @@ spec: strategy: {{- trim . | nindent 4 }} {{- end }} - replicas: {{ .Values.applicationSet.replicaCount }} + replicas: {{ .Values.applicationSet.replicas | default .Values.applicationSet.replicaCount }} revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fb1db35c..341cf8da 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2373,7 +2373,7 @@ applicationSet: name: applicationset-controller # -- The number of ApplicationSet controller pods to run - replicaCount: 1 + replicas: 1 ## ApplicationSet controller Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ From 23708c6a30e059aa2896dbedc4a4ec52d7674ff7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micka=C3=ABl=20Can=C3=A9vet?= Date: Thu, 10 Aug 2023 00:18:37 +0200 Subject: [PATCH 0737/1248] fix(argo-cd): add missing permissions to run actions (#2212) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mickaël Canévet --- charts/argo-cd/Chart.yaml | 8 +++----- .../argo-cd/templates/argocd-server/clusterrole.yaml | 12 ++++++++++++ 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 821de850..fc7614e1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.2 +version: 5.43.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Renamed applicationSet.replicaCount to replicas - - kind: deprecated - description: Option applicationSet.replicaCount + - kind: fixed + description: add missing permissions to run actions diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 0f26d470..3d2c44b5 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -45,4 +45,16 @@ rules: - list - update - watch + - apiGroups: + - batch + resources: + - jobs + verbs: + - create + - apiGroups: + - argoproj.io + resources: + - workflows + verbs: + - create {{- end }} From a64615414d61500835a3de0723a8a9e099540ade Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Thu, 10 Aug 2023 21:14:54 -0400 Subject: [PATCH 0738/1248] fix(argo-workflows): Server only needs `get` Secrets (#2211) - as of https://github.com/argoproj/argo-workflows/commit/aa366db345d794f0d330336d51eb2a88f14ebbe6, the Server no longer needs `list` or `watch` and only uses `get` - this was released as part of [v3.4.0](https://github.com/argoproj/argo-workflows/blob/master/CHANGELOG.md#v340-rc1-2022-08-09), and the current version of the chart uses v3.4.9 (per `Chart.yaml#appVersion`) - `update` is not needed either for SSO secret - manifests RBAC: https://github.com/argoproj/argo-workflows/blob/a68ea0feabc87c09d5e13d12e6f0d1a61adc5b16/manifests/cluster-install/argo-server-rbac/argo-server-clusterole.yaml#L18 - SSO source code only uses [`create`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L140) and [`get`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L151) - (also some `get`s above that for [`clientID`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L127) and [`clientSecret`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L106) as well) Signed-off-by: Anton Gilgur Co-authored-by: Aikawa Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 6 +++--- .../templates/server/server-cluster-roles.yaml | 3 --- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 681b73b9..c9ae07a5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.1 +version: 0.32.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for executor args + - kind: fixed + description: Removed Secrets list and watch from Server RBAC diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 2a52d956..56d4dcaa 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -47,7 +47,6 @@ rules: - sso verbs: - get - - update - apiGroups: - "" resources: @@ -71,8 +70,6 @@ rules: - secrets verbs: - get - - list - - watch {{- if and .Values.server.sso.enabled .Values.server.sso.rbac.enabled }} {{- with .Values.server.sso.rbac.secretWhitelist }} resourceNames: {{- toYaml . | nindent 4 }} From 4e0698ec43f63267e63d741f9bcb8c8489c53859 Mon Sep 17 00:00:00 2001 From: Ali Reza Date: Tue, 15 Aug 2023 10:57:28 +0200 Subject: [PATCH 0739/1248] docs(argo-cd): Rename comment of repositoryCredentials to credentialTemplates (#2219) Rename comment of repositoryCredentials to credentialTemplates Signed-off-by: Ali Reza --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fc7614e1..6865acb0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.3 +version: 5.43.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: add missing permissions to run actions + description: Rename comment of repositoryCredentials to credentialTemplates diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 341cf8da..d748234e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -476,7 +476,7 @@ configs: # -- Repositories list to be used by applications ## Creates a secret for each key/value specified below to create repositories - ## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". + ## Note: the last example in the list would use a repository credential template, configured under "configs.credentialTemplates". repositories: {} # istio-helm-repo: # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts From 3737457b0fd8e3f05da8aec80da86911be24fcf6 Mon Sep 17 00:00:00 2001 From: Nick Kampe Date: Wed, 16 Aug 2023 02:01:43 -0500 Subject: [PATCH 0740/1248] feat(argo-rollouts): update servicemonitor.yaml to allow for namespace to be set (#2222) * Update servicemonitor.yaml to allow for namespace to be set Signed-off-by: Nick Kampe * Update README.md Signed-off-by: Nick Kampe * Update values.yaml Signed-off-by: Nick Kampe * Update Chart.yaml Signed-off-by: Nick Kampe * Update Chart.yaml Signed-off-by: Nick Kampe * Alphabetized namespace addition in README Signed-off-by: Nick Kampe --------- Signed-off-by: Nick Kampe --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/controller/servicemonitor.yaml | 2 +- charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 0bf8dfcb..2aba36f1 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.5 +version: 2.31.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add CI example for extra objects + description: Add ability to set namespace on ServiceMonitor resource diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 4e028779..b9198998 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -98,6 +98,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | MetricRelabelConfigs to apply to samples before ingestion | +| controller.metrics.serviceMonitor.namespace | string | `""` | Namespace to be used for the ServiceMonitor | | controller.metrics.serviceMonitor.relabelings | list | `[]` | RelabelConfigs to apply to samples before scraping | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to controller [Pod Disruption Budget] | diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index 62713764..d7ab901e 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argo-rollouts.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f9d8e1cf..b711ee37 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -132,6 +132,8 @@ controller: serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false + # -- Namespace to be used for the ServiceMonitor + namespace: "" # -- Labels to be added to the ServiceMonitor additionalLabels: {} # -- Annotations to be added to the ServiceMonitor From 92b2724b0fa82186bb13c452947c216cc04bd5f0 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Wed, 16 Aug 2023 06:00:35 -0500 Subject: [PATCH 0741/1248] chore(argo-workflows): Upgrade to Argo Workflows v3.4.10 (#2220) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c9ae07a5..6413a658 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.9 +appVersion: v3.4.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.2 +version: 0.32.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Removed Secrets list and watch from Server RBAC + - kind: changed + description: Upgrade to Argo Workflows v3.4.10 From dc56fa63f3baceaf2684fe0874e6851d9f3451cb Mon Sep 17 00:00:00 2001 From: Fuochi Date: Thu, 17 Aug 2023 14:08:03 +0200 Subject: [PATCH 0742/1248] feat(argo-workflows): add imagePullSecret for workflow sa (#2226) Signed-off-by: Fuochi --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/controller/workflow-sa.yaml | 4 ++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6413a658..6741d7e0 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.3 +version: 0.33.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade to Argo Workflows v3.4.10 + - kind: added + description: add imagePullSecret for workflow sa diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index eb57fe44..ef78bc5b 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -127,6 +127,7 @@ Fields to note: | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | | workflow.serviceAccount.labels | object | `{}` | Labels applied to created service account | | workflow.serviceAccount.name | string | `"argo-workflow"` | Service account which is used to run workflows | +| workflow.serviceAccount.pullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Same format as `.Values.images.pullSecrets` | ### Workflow Controller diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 8928b32e..273487c4 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -17,5 +17,9 @@ metadata: annotations: {{- toYaml . | nindent 4 }} {{- end }} + {{- with $.Values.workflow.serviceAccount.pullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index bfc3ce3f..a9c827e7 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -54,6 +54,8 @@ workflow: annotations: {} # -- Service account which is used to run workflows name: "argo-workflow" + # -- Secrets with credentials to pull images from a private registry. Same format as `.Values.images.pullSecrets` + pullSecrets: [] rbac: # -- Adds Role and RoleBinding for the above specified service account to be able to run workflows. # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) From a9acf935ab3abc442f41ccadd0a62e94ec1cd205 Mon Sep 17 00:00:00 2001 From: Jeongwon Song <46633758+jsong336@users.noreply.github.com> Date: Sat, 19 Aug 2023 01:59:46 -0400 Subject: [PATCH 0743/1248] chore(argo-workflows): update comment for azure artifact repository blobNameFormat (#2229) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6741d7e0..1c60fbb4 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.0 +version: 0.33.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add imagePullSecret for workflow sa + - kind: fixed + description: fixed comment in values.yaml for blobNameFormat field diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index a9c827e7..d6d22464 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -752,7 +752,7 @@ artifactRepository: azure: {} # endpoint: https://mystorageaccountname.blob.core.windows.net # container: my-container-name - # blob: path/in/container + # blobNameFormat: path/in/container ## accountKeySecret is a secret selector. ## It references the k8s secret named 'my-azure-storage-credentials'. ## This secret is expected to have have the key 'account-access-key', From 7dcc174402d4a81dcdd6324bd7be095a3c52a921 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 23 Aug 2023 12:52:03 +0900 Subject: [PATCH 0744/1248] chore(argo-cd): Upgrade Argo CD to v2.8.1 (#2230) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6865acb0..a9ecf561 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.0 +appVersion: v2.8.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.4 +version: 5.43.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Rename comment of repositoryCredentials to credentialTemplates + - kind: changed + description: Upgrade Argo CD to v2.8.1 From 58999c1aae652baeef4df169a5a758cabebdadf7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 25 Aug 2023 17:45:53 +0900 Subject: [PATCH 0745/1248] chore(argo-cd): Upgrade Argo CD to v2.8.2 (#2231) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a9ecf561..01d4e8e1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.1 +appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.5 +version: 5.43.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.8.1 + description: Upgrade Argo CD to v2.8.2 From 86d92b95964e31c2f7ef071e6cd3dcc72be52f16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joonas=20Ven=C3=A4l=C3=A4inen?= <38143731+joonvena@users.noreply.github.com> Date: Fri, 25 Aug 2023 13:52:04 +0300 Subject: [PATCH 0746/1248] fix(argo-cd): Fix applicationSet HA examples in README.md (#2232) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Joonas Venäläinen --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/README.md.gotmpl | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 01d4e8e1..4fa32c98 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.6 +version: 5.43.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.2 + - kind: fixed + description: Fix applicationSet HA examples in README.md diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 45a97eb5..04a78ca4 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -42,7 +42,7 @@ repoServer: minReplicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### HA mode without autoscaling @@ -61,7 +61,7 @@ repoServer: replicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### Synchronizing Changes from Original Repository diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index f1dea7f2..dce6d922 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -41,7 +41,7 @@ repoServer: minReplicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### HA mode without autoscaling @@ -60,7 +60,7 @@ repoServer: replicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### Synchronizing Changes from Original Repository From 75221849eb5888768515c4ead5702bd4f683f118 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 26 Aug 2023 20:23:07 +0200 Subject: [PATCH 0747/1248] chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 (#2234) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/c85c95e3d7251135ab7dc9ce3241c5835cc595a9...f43a0e5ff2bd294095638e18286ca9a3d1956744) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index bd8d2255..a78bf610 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c2d1dc24..9ad42ed7 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 066d3c57..3f00b6dd 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: persist-credentials: false From 2fc1fd04a01d98c6fb40b8fbad9fa01d1be2a477 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 27 Aug 2023 04:20:39 +0200 Subject: [PATCH 0748/1248] chore(argo-cd): Upgrade redis-exporter to 1.53.0 (#2236) Signed-off-by: Petr Drastil Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4fa32c98..dc245d83 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.7 +version: 5.43.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix applicationSet HA examples in README.md + - kind: changed + description: Upgrade redis-exporter to 1.53.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 04a78ca4..ee37a2b7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -942,7 +942,7 @@ server: | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | @@ -1003,7 +1003,7 @@ The main options are listed here: | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d748234e..fb2ca38d 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1182,7 +1182,7 @@ redis: # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.45.0 + tag: 1.53.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1388,7 +1388,7 @@ redis-ha: # -- Repository to use for the redis-exporter image: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.45.0 + tag: 1.53.0 persistentVolume: # -- Configures persistence on Redis nodes enabled: false From 6797f01c1b564132670cf687ba010c72d5800de0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 27 Aug 2023 21:07:17 +0200 Subject: [PATCH 0749/1248] chore(argo-cd): Remove support for legacy cert-manager APIs (#2238) * chore(argo-cd): Remove support for legacy cert-manager APIs Signed-off-by: Petr Drastil * Bump minor version Signed-off-by: Petr Drastil --------- Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/NOTES.txt | 3 +++ charts/argo-cd/templates/_versions.tpl | 18 ------------------ .../argocd-applicationset/certificate.yaml | 2 +- .../templates/argocd-server/certificate.yaml | 2 +- charts/argo-cd/values.yaml | 2 -- 7 files changed, 8 insertions(+), 26 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dc245d83..37d6e1ae 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.8 +version: 5.44.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade redis-exporter to 1.53.0 + - kind: removed + description: Support for cert-manager APIs prior K8s 1.22 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ee37a2b7..bf76f1d6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -384,7 +384,6 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | -| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index afd18a1b..18b9a1a1 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -121,6 +121,9 @@ REMOVED option redis.containerPort - Use redis.containerPorts {{- if .Values.redis.metrics.containerPort }} REMOVED option redis.metrics.containerPort - Use redis.containerPorts {{- end }} +{{- if .Values.apiVersionOverrides.certmanager }} +REMOVED option apiVersionOverrides.certmanager - API v1 is only possible option after K8s 1.22 +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 8240c4b0..b8fcc32e 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -19,24 +19,6 @@ Return the appropriate apiVersion for autoscaling {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for cert-manager -*/}} -{{- define "argo-cd.apiVersion.cert-manager" -}} -{{- if .Values.apiVersionOverrides.certmanager -}} -{{- print .Values.apiVersionOverrides.certmanager -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}} -{{- print "cert-manager.io/v1" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}} -{{- print "cert-manager.io/v1beta1" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}} -{{- print "cert-manager.io/v1alpha3" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}} -{{- print "cert-manager.io/v1alpha2" -}} -{{- else -}} -{{- print "certmanager.k8s.io/v1alpha1" -}} -{{- end -}} -{{- end -}} {{/* Return the appropriate apiVersion for GKE resources diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index f3b7d5d1..76e63eb3 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -1,5 +1,5 @@ {{- if .Values.applicationSet.certificate.enabled -}} -apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.applicationSet.certificate.annotations) }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 716c38ea..74066ef8 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.certificate.enabled -}} -apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.server.certificate.annotations) }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fb2ca38d..81b96ad8 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -12,8 +12,6 @@ kubeVersionOverride: "" # If you want to template helm charts but cannot access k8s API server # you can set api versions here apiVersionOverrides: - # -- String to override apiVersion of cert-manager resources rendered by this helm chart - certmanager: "" # cert-manager.io/v1 # -- String to override apiVersion of GKE resources rendered by this helm chart cloudgoogle: "" # cloud.google.com/v1 # -- String to override apiVersion of autoscaling rendered by this helm chart From 224a227fa49b00fabfb535825c9bd5648f16a30a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 28 Aug 2023 10:12:29 +0200 Subject: [PATCH 0750/1248] chore(argo-cd): Remove support for autoscaling/v1 (#2237) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 ++-- charts/argo-cd/README.md | 5 ++- charts/argo-cd/templates/NOTES.txt | 3 ++ charts/argo-cd/templates/_versions.tpl | 14 -------- .../templates/argocd-repo-server/hpa.yaml | 34 +++++++------------ .../argo-cd/templates/argocd-server/hpa.yaml | 34 +++++++------------ charts/argo-cd/values.yaml | 4 --- 7 files changed, 35 insertions(+), 65 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 37d6e1ae..4c262f65 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.44.0 +version: 5.45.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: removed - description: Support for cert-manager APIs prior K8s 1.22 + description: Option apiVersionOverrides.autoscaling as v2 is now GA + - kind: removed + description: Codebase for autoscaling/v1 API diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bf76f1d6..125fcf69 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -383,7 +383,6 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | @@ -572,7 +571,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | -| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | | repoServer.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD repo server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | @@ -670,7 +669,7 @@ NAME: my-release | server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | -| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | | server.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 18b9a1a1..1b626796 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -121,6 +121,9 @@ REMOVED option redis.containerPort - Use redis.containerPorts {{- if .Values.redis.metrics.containerPort }} REMOVED option redis.metrics.containerPort - Use redis.containerPorts {{- end }} +{{- if .Values.apiVersionOverrides.autoscaling }} +REMOVED option apiVersionOverrides.autoscaling - API autoscaling/v2 is GA from 1.23 +{{- end }} {{- if .Values.apiVersionOverrides.certmanager }} REMOVED option apiVersionOverrides.certmanager - API v1 is only possible option after K8s 1.22 {{- end }} diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index b8fcc32e..5d65fcd6 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -6,20 +6,6 @@ Return the target Kubernetes version {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} {{- end }} -{{/* -Return the appropriate apiVersion for autoscaling -*/}} -{{- define "argo-cd.apiVersion.autoscaling" -}} -{{- if .Values.apiVersionOverrides.autoscaling -}} -{{- print .Values.apiVersionOverrides.autoscaling -}} -{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "autoscaling/v2beta1" -}} -{{- else -}} -{{- print "autoscaling/v2" -}} -{{- end -}} -{{- end -}} - - {{/* Return the appropriate apiVersion for GKE resources */}} diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index ef3d5e80..ce6ed371 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -1,46 +1,38 @@ {{- if .Values.repoServer.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} +apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-hpa" .Values.repoServer.name)) | nindent 4 }} - name: {{ template "argo-cd.repoServer.fullname" . }}-hpa + name: {{ include "argo-cd.repoServer.fullname" . }} namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }} maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }} metrics: - {{- if .Values.repoServer.autoscaling.metrics }} - {{- toYaml .Values.repoServer.autoscaling.metrics | nindent 4 }} + {{- with .Values.repoServer.autoscaling.metrics }} + {{- toYaml . | nindent 4 }} {{- else }} - {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} - {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} + averageUtilization: {{ . }} + {{- end }} {{- end }} {{- with .Values.repoServer.autoscaling.behavior }} behavior: diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index c19b8943..a509e569 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -1,47 +1,39 @@ {{- if .Values.server.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} +apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-hpa" .Values.server.name)) | nindent 4 }} - name: {{ template "argo-cd.server.fullname" . }}-hpa + name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} minReplicas: {{ .Values.server.autoscaling.minReplicas }} maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} metrics: - {{- if .Values.server.autoscaling.metrics }} - {{ toYaml .Values.server.autoscaling.metrics | nindent 4 }} + {{- with .Values.server.autoscaling.metrics }} + {{- toYaml . | nindent 4 }} {{- else }} - {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} - {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} + averageUtilization: {{ . }} + {{- end }} {{- end }} - {{- end}} {{- with .Values.server.autoscaling.behavior }} behavior: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 81b96ad8..77501eb8 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -14,8 +14,6 @@ kubeVersionOverride: "" apiVersionOverrides: # -- String to override apiVersion of GKE resources rendered by this helm chart cloudgoogle: "" # cloud.google.com/v1 - # -- String to override apiVersion of autoscaling rendered by this helm chart - autoscaling: "" # autoscaling/v2 # -- Create aggregated roles that extend existing cluster roles to interact with argo-cd resources ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles @@ -1460,7 +1458,6 @@ server: # -- Average memory utilization percentage for the Argo CD server [HPA] targetMemoryUtilizationPercentage: 50 # -- Configures the scaling behavior of the target in both Up and Down directions. - # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer behavior: {} # scaleDown: # stabilizationWindowSeconds: 300 @@ -2030,7 +2027,6 @@ repoServer: # -- Average memory utilization percentage for the repo server [HPA] targetMemoryUtilizationPercentage: 50 # -- Configures the scaling behavior of the target in both Up and Down directions. - # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer behavior: {} # scaleDown: # stabilizationWindowSeconds: 300 From 57da3549afc43c12d261768e69a6316db7b59e0d Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 3 Sep 2023 20:15:15 -0500 Subject: [PATCH 0751/1248] chore(argo-events): Upgrade argo-events to 1.8.1 (#2247) https://github.com/argoproj/argo-events/releases/tag/v1.8.1 Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index bfb82ea1..b9f441fe 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.8.0 +appVersion: v1.8.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.0 +version: 2.4.1 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,6 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Events to v1.8.0 - - kind: added - description: Add managed namespace configuration + description: Upgrade Argo Events to v1.8.1 From cd5b9a06e33b9a7b4b717d2d5e38dee7e16ca20d Mon Sep 17 00:00:00 2001 From: JesseBot Date: Mon, 4 Sep 2023 13:01:36 +0200 Subject: [PATCH 0752/1248] fix(argo-cd): Update values.yaml - update custom css styles side bar example (#2245) * Update values.yaml - update custom css styles side barexample .nav-bar is no longer the css class name Signed-off-by: JesseBot * Update Chart.yaml - update patch version for values.yaml comment update Signed-off-by: JesseBot * Update Chart.yaml - update change log Signed-off-by: JesseBot --------- Signed-off-by: JesseBot --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/values.yaml | 2 +- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4c262f65..18d2d2b4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.0 +version: 5.45.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: removed - description: Option apiVersionOverrides.autoscaling as v2 is now GA - - kind: removed - description: Codebase for autoscaling/v1 API + - kind: fixed + description: fixed example for configs.styles to be sidebar instead of nav-bar diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 77501eb8..e0a60543 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -539,7 +539,7 @@ configs: ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ styles: "" # styles: | - # .nav-bar { + # .sidebar { # background: linear-gradient(to bottom, #999, #777, #333, #222, #111); # } From 2557347583f98a34cbe2da83ec30fda68023b982 Mon Sep 17 00:00:00 2001 From: Gustav Kofoed Clausen Date: Thu, 7 Sep 2023 14:23:20 +0200 Subject: [PATCH 0753/1248] chore(argo-rollouts): Upgrade Argo Rollouts to v1.6.0 (#2252) * chore(argo-rollouts): Upgrade Argo Rollouts to v1.6.0 Signed-off-by: Gustav Kofoed Clausen * chore(argo-rollouts): Update CRDs to matching version Signed-off-by: Gustav Kofoed Clausen --------- Signed-off-by: Gustav Kofoed Clausen Co-authored-by: Gustav Kofoed Clausen --- charts/argo-rollouts/Chart.yaml | 8 +- .../templates/crds/analysis-run-crd.yaml | 63 +++++++++++++- .../templates/crds/analysis-template-crd.yaml | 63 +++++++++++++- .../crds/cluster-analysis-template-crd.yaml | 63 +++++++++++++- .../templates/crds/experiment-crd.yaml | 34 +++++++- .../templates/crds/rollout-crd.yaml | 85 ++++++++++++++++++- 6 files changed, 306 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 2aba36f1..457f76a0 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.5.1 +appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.6 +version: 2.32.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add ability to set namespace on ServiceMonitor resource + - kind: changed + description: Upgrade Argo Rollouts to v1.6.0 diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index bc2e61db..7324e908 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -310,6 +310,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -372,6 +373,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -418,10 +420,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -453,6 +457,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -476,6 +481,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -519,6 +525,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -542,6 +549,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -583,6 +591,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -606,6 +615,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -649,6 +659,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -672,6 +683,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -717,6 +729,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -726,6 +739,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -741,6 +755,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -752,6 +767,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -767,6 +783,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -776,6 +793,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1316,6 +1334,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1325,6 +1344,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1340,6 +1360,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1351,6 +1372,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1366,6 +1388,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1375,6 +1398,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1889,6 +1913,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1921,6 +1946,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1930,6 +1956,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1945,6 +1972,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1956,6 +1984,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1971,6 +2000,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1980,6 +2010,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2628,6 +2659,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2775,8 +2807,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 2c73c5c9..93479097 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -306,6 +306,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -368,6 +369,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -414,10 +416,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -449,6 +453,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -472,6 +477,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -515,6 +521,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -538,6 +545,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -579,6 +587,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -602,6 +611,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -645,6 +655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -668,6 +679,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -713,6 +725,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -722,6 +735,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -737,6 +751,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -748,6 +763,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -763,6 +779,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -772,6 +789,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1312,6 +1330,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1321,6 +1340,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1336,6 +1356,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1347,6 +1368,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1362,6 +1384,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1371,6 +1394,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1885,6 +1909,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1917,6 +1942,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1926,6 +1952,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1941,6 +1968,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1952,6 +1980,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1967,6 +1996,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1976,6 +2006,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2624,6 +2655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2771,8 +2803,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 612608de..66977374 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -306,6 +306,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -368,6 +369,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -414,10 +416,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -449,6 +453,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -472,6 +477,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -515,6 +521,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -538,6 +545,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -579,6 +587,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -602,6 +611,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -645,6 +655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -668,6 +679,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -713,6 +725,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -722,6 +735,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -737,6 +751,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -748,6 +763,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -763,6 +779,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -772,6 +789,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1312,6 +1330,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1321,6 +1340,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1336,6 +1356,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1347,6 +1368,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1362,6 +1384,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1371,6 +1394,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1885,6 +1909,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1917,6 +1942,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1926,6 +1952,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1941,6 +1968,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1952,6 +1980,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1967,6 +1996,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1976,6 +2006,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2624,6 +2655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2771,8 +2803,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index acf98935..2f60d415 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -158,6 +158,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic service: properties: name: @@ -223,6 +224,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -269,10 +271,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -304,6 +308,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -327,6 +332,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -370,6 +376,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -393,6 +400,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -434,6 +442,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -457,6 +466,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -500,6 +510,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -523,6 +534,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -568,6 +580,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -577,6 +590,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -592,6 +606,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -603,6 +618,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -618,6 +634,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -627,6 +644,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1167,6 +1185,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1176,6 +1195,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1191,6 +1211,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1202,6 +1223,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1217,6 +1239,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1226,6 +1249,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1740,6 +1764,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1772,6 +1797,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1781,6 +1807,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1796,6 +1823,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1807,6 +1835,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1822,6 +1851,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1831,6 +1861,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2479,6 +2510,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 45f59ee0..7faf3790 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -118,6 +118,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic strategy: properties: blueGreen: @@ -624,6 +625,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic service: properties: name: @@ -742,6 +744,10 @@ spec: type: string ingress: type: string + ingresses: + items: + type: string + type: array rootService: type: string servicePort: @@ -759,7 +765,6 @@ spec: - enabled type: object required: - - ingress - servicePort type: object ambassador: @@ -1003,6 +1008,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -1049,10 +1055,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -1084,6 +1092,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1107,6 +1116,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1150,6 +1160,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1173,6 +1184,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1214,6 +1226,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1237,6 +1250,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1280,6 +1294,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1303,6 +1318,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1348,6 +1364,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1357,6 +1374,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1372,6 +1390,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1383,6 +1402,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1398,6 +1418,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1407,6 +1428,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1947,6 +1969,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1956,6 +1979,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1971,6 +1995,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1982,6 +2007,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1997,6 +2023,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -2006,6 +2033,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2520,6 +2548,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -2552,6 +2581,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -2561,6 +2591,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -2576,6 +2607,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -2587,6 +2619,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -2602,6 +2635,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -2611,6 +2645,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -3259,6 +3294,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -3330,6 +3366,8 @@ spec: - arn - name type: object + ingress: + type: string loadBalancer: properties: arn: @@ -3355,6 +3393,49 @@ spec: - name type: object type: object + albs: + items: + properties: + canaryTargetGroup: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + ingress: + type: string + loadBalancer: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + stableTargetGroup: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + type: object + type: array availableReplicas: format: int32 type: integer From 258efc9a0c4c5d6bdd13339489f2689018652218 Mon Sep 17 00:00:00 2001 From: Tamas Szasz Date: Thu, 7 Sep 2023 16:52:17 +0300 Subject: [PATCH 0754/1248] fix(argo-cd): Make the PathType configurable when using single ingress resource in AWS (#2251) * Make the PathType configurable when using single ingress resource in AWS Signed-off-by: Tamas * update chart version and doc Signed-off-by: Tamas * Fix reference to value in range Signed-off-by: Tamas --------- Signed-off-by: Tamas Co-authored-by: Tamas --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 18d2d2b4..18c029e2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.1 +version: 5.45.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: fixed example for configs.styles to be sidebar instead of nav-bar + description: do not hardcode the pathtype of the grpc ingress rule when using a single ingress resource in aws alb diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 98ec1cb1..a142bb66 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -39,7 +39,7 @@ spec: {{- range $p := $paths }} {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} - path: {{ $p }} - pathType: Prefix + pathType: {{ $.Values.server.ingressGrpc.pathType }} backend: service: name: {{ template "argo-cd.server.fullname" $ }}-grpc From 3bb85b7d3eb0dfec12f195b5afc06b3bda70b5c3 Mon Sep 17 00:00:00 2001 From: Alexej Disterhoft Date: Fri, 8 Sep 2023 02:08:37 +0200 Subject: [PATCH 0755/1248] chore(argo-cd): Upgrade Argo CD to v2.8.3 (#2254) Signed-off-by: Alexej Disterhoft --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 18c029e2..76534308 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.2 +appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.2 +version: 5.45.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: do not hardcode the pathtype of the grpc ingress rule when using a single ingress resource in aws alb + - kind: changed + description: Upgrade Argo CD to v2.8.3 From 925cd8454ca2c648273e303c06f9f7560ffdc2f1 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 8 Sep 2023 13:10:55 +0900 Subject: [PATCH 0756/1248] chore(argo-workflows): Upgrade Argo Workflows to v3.4.11 (#2255) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 1c60fbb4..60dd66c8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.10 +appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.1 +version: 0.33.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: fixed comment in values.yaml for blobNameFormat field + - kind: changed + description: Upgrade Argo Workflows to v3.4.11 From 95310f995b24226b2532d28d57f2b6de8687738b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 8 Sep 2023 23:02:25 +0900 Subject: [PATCH 0757/1248] fix(argo-cd): Restart Repo Server and Application Controller as following the change of Argo CD CM (#2235) * fix(argo-cd): Restart Repo Server and Application Controller as following the change of Argo CD CM Signed-off-by: yu-croco * fix(argo-cd): Aligne condition to argocd-cm Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 3 +++ charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 76534308..345a2ae1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.3 +version: 5.45.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.3 + - kind: fixed + description: Restart Repo Server and Application Controller as following the change of Argo CD CM diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 8faac38d..3583a2b7 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -23,6 +23,9 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.controller.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index b9959018..61fb545a 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -30,6 +30,9 @@ spec: {{- if .Values.repoServer.certificateSecret.enabled }} checksum/repo-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-repo-server-tls-secret.yaml") . | sha256sum }} {{- end }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 34663ae9e6528098cc54a4465634154d48b14fce Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 8 Sep 2023 16:58:05 +0200 Subject: [PATCH 0758/1248] docs(argo-cd): Document scheduling parameters for redis-ha (#2253) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 10 ++++++++++ charts/argo-cd/values.yaml | 37 +++++++++++++++++++++++++++++++------ 3 files changed, 44 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 345a2ae1..39ecaeb6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.4 +version: 5.45.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Restart Repo Server and Application Controller as following the change of Argo CD CM + - kind: added + description: Documented scheduling parameters for redis-ha diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 125fcf69..49abfcea 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -998,17 +998,27 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| +| redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | +| redis-ha.affinity | object | `{}` | Assign custom [affinity] rules to the Redis pods. | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | +| redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | +| redis-ha.haproxy.affinity | object | `{}` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | +| redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | +| redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | +| redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | +| redis-ha.image.repository | string | `"redis"` | Redis repository | | redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | +| redis-ha.tolerations | list | `[]` | [Tolerations] for use with node taints for Redis pods. | +| redis-ha.topologySpreadConstraints | object | `{"enabled":false,"maxSkew":"","topologyKey":"","whenUnsatisfiable":""}` | Assign custom [TopologySpreadConstraints] rules to the Redis pods. | | redis-ha.topologySpreadConstraints.enabled | bool | `false` | Enable Redis HA topology spread constraints | | redis-ha.topologySpreadConstraints.maxSkew | string | `""` (defaults to `1`) | Max skew of pods tolerated | | redis-ha.topologySpreadConstraints.topologyKey | string | `""` (defaults to `topology.kubernetes.io/zone`) | Topology key for spread | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e0a60543..a9ab7ad6 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1371,12 +1371,17 @@ redis: # -- Prometheus ServiceMonitor annotations annotations: {} -# This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) -# the custom redis deployment is omitted -# Check the redis-ha chart for more properties +## Redis-HA subchart replaces custom redis deployment when `redis-ha.enabled=true` +# Ref: https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/values.yaml redis-ha: # -- Enables the Redis HA subchart and disables the custom Redis single node deployment enabled: false + ## Redis image + image: + # -- Redis repository + repository: redis + # -- Redis tag + tag: 7.0.11-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar @@ -1388,6 +1393,7 @@ redis-ha: persistentVolume: # -- Configures persistence on Redis nodes enabled: false + ## Redis specific configuration options redis: # -- Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated masterGroupName: argocd @@ -1397,16 +1403,35 @@ redis-ha: # -- Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled # @default -- `'""'` save: '""' + ## Enables a HA Proxy for better LoadBalancing / Sentinel Master support. Automatically proxies to Redis master. haproxy: # -- Enabled HAProxy LoadBalancing/Proxy enabled: true metrics: # -- HAProxy enable prometheus metric scraping enabled: true - image: - # -- Redis tag - tag: 7.0.11-alpine + # -- Whether the haproxy pods should be forced to run on separate nodes. + hardAntiAffinity: true + # -- Additional affinities to add to the haproxy pods. + additionalAffinities: {} + # -- Assign custom [affinity] rules to the haproxy pods. + affinity: {} + # -- [Tolerations] for use with node taints for haproxy pods. + tolerations: [] + # -- Whether the Redis server pods should be forced to run on separate nodes. + hardAntiAffinity: true + + # -- Additional affinities to add to the Redis server pods. + additionalAffinities: {} + + # -- Assign custom [affinity] rules to the Redis pods. + affinity: {} + + # -- [Tolerations] for use with node taints for Redis pods. + tolerations: [] + + # -- Assign custom [TopologySpreadConstraints] rules to the Redis pods. ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: # -- Enable Redis HA topology spread constraints From eebb8c8d489ea41ce5ba388a14208c8e05cff67a Mon Sep 17 00:00:00 2001 From: Andrew Hamilton Date: Sat, 9 Sep 2023 01:55:47 -0700 Subject: [PATCH 0759/1248] feat(argo-cd): adds toggle for helm-working-dir (#2249) - Adds a toggle to be able to turn off the helm-working-dir for the repo server deployment. Using a shared helm repo storage directory can cause issues when multiple helm commands are being run in parallel. The repo server also has the ability to rebuild the repos and do updates in the normal flow for checking the status of an application so it won't cause issues if it's disabled. Signed-off-by: Andrew Hamilton --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 6 ++++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 39ecaeb6..fcbd0642 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.5 +version: 5.46.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Documented scheduling parameters for redis-ha + description: added a toggle for the shared Helm working directory diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 49abfcea..5b780b0b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -655,6 +655,7 @@ NAME: my-release | repoServer.serviceAccount.name | string | `""` | Repo server service account name | | repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | +| repoServer.useEphemeralHelmWorkingDir | bool | `true` | Toggle the usage of a ephemeral Helm working directory | | repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container | | repoServer.volumes | list | `[]` | Additional volumes to the repo server pod | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 61fb545a..3080c79f 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -231,12 +231,14 @@ spec: key: reposerver.enable.git.submodule name: argocd-cmd-params-cm optional: true + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: HELM_CACHE_HOME value: /helm-working-dir - name: HELM_CONFIG_HOME value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir + {{- end }} {{- with .Values.repoServer.envFrom }} envFrom: {{- toYaml . | nindent 10 }} @@ -255,8 +257,10 @@ spec: name: gpg-keyring - mountPath: /app/config/reposerver/tls name: argocd-repo-server-tls + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - mountPath: /helm-working-dir name: helm-working-dir + {{- end }} - mountPath: /home/argocd/cmp-server/plugins name: plugins - mountPath: /tmp @@ -349,8 +353,10 @@ spec: {{- with .Values.repoServer.volumes }} {{- toYaml . | nindent 6 }} {{- end }} + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: helm-working-dir emptyDir: {} + {{- end }} - name: plugins emptyDir: {} - name: var-files diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a9ab7ad6..22dcfcc6 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2177,6 +2177,9 @@ repoServer: # - name: cmp-tmp # emptyDir: {} + # -- Toggle the usage of a ephemeral Helm working directory + useEphemeralHelmWorkingDir: true + # -- Annotations to be added to repo server Deployment deploymentAnnotations: {} From 738fe78d2096b6543114b1d94d5dba6157b78adf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Sep 2023 18:39:19 +0900 Subject: [PATCH 0760/1248] chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 (#2258) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...3df4ab11eba7bda6032a0b82a6bb43b11571feac) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index a78bf610..52e4746b 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 9ad42ed7..0c8f7cbf 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3f00b6dd..86ff1a7b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: persist-credentials: false From 366114b3db06170065a80eeb773c010ad7f251d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Sep 2023 18:40:59 +0900 Subject: [PATCH 0761/1248] chore(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#2259) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/0b7f8abb1508181956e8e162db84b466c27e18ce...a8a3f3ad30e3422c9c7b888a15615d19a852ae32) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 86ff1a7b..8a924219 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: SARIF file path: results.sarif From db76bbed97c6be2248446debdc00e1c75cb6f3f5 Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sat, 9 Sep 2023 21:57:17 -0400 Subject: [PATCH 0762/1248] docs(argo-workflows): add an HA section (#2183) * feat(argo-workflows): add a sample HA config - a `values-ha.yaml` as an example for how one would set-up HA according to the Argo Workflows docs Signed-off-by: Anton Gilgur * docs(argo-workflows): add an HA section - plus add a test for HA, which the docs link to as an example - link back to [upstream docs](https://argoproj.github.io/argo-workflows/high-availability/) as well - follow the same basic structure as the [Argo CD chart for HA](https://github.com/argoproj/argo-helm/blob/3e35b0c7f7d758d553b17f369cc5940484ef5d89/charts/argo-cd/README.md?plain=1#L17) - as asked in review Signed-off-by: Anton Gilgur --------- Signed-off-by: Anton Gilgur Signed-off-by: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 5 +++++ charts/argo-workflows/README.md.gotmpl | 5 +++++ charts/argo-workflows/ci/ha-values.yaml | 23 +++++++++++++++++++++++ 4 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 charts/argo-workflows/ci/ha-values.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 60dd66c8..85de8f7e 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.2 +version: 0.33.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.4.11 + - kind: fixed + description: Add HA docs and example diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index ef78bc5b..732baecd 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -75,6 +75,11 @@ For full list of changes, please check ArtifactHub [changelog]. ## Usage Notes +### High Availability + +This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. +Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. + ### Workflow controller This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 8316e9a0..60aa62af 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -75,6 +75,11 @@ For full list of changes, please check ArtifactHub [changelog]. ## Usage Notes +### High Availability + +This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. +Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. + ### Workflow controller This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. diff --git a/charts/argo-workflows/ci/ha-values.yaml b/charts/argo-workflows/ci/ha-values.yaml new file mode 100644 index 00000000..3dfbb572 --- /dev/null +++ b/charts/argo-workflows/ci/ha-values.yaml @@ -0,0 +1,23 @@ +# Sample values for High Availability configuration, following https://argoproj.github.io/argo-workflows/high-availability/ + +controller: + # in v3.0+, a second controller can be ran as a hot-standby: https://argoproj.github.io/argo-workflows/high-availability/#workflow-controller + replicas: 2 # should be strictly greater than PDB minAvailable + # enable PDB with at least one Pod + pdb: + # -- Configure [Pod Disruption Budget] for the controller pods + enabled: true + minAvailable: 1 + +server: + # enable HPA with at least two Pods + autoscaling: + # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server + enabled: true + # -- Minimum number of replicas for the Argo Server [HPA] + minReplicas: 2 # should be strictly greater than PDB minAvailable + # enable PDB with at least one Pod + pdb: + # -- Configure [Pod Disruption Budget] for the controller pods + enabled: true + minAvailable: 1 From 95f56b534c69b33190f0db106a93e6781a7b6ed4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 11 Sep 2023 22:24:21 +0900 Subject: [PATCH 0763/1248] fix(argo-cd): Migrate leftover of applicationSet.replicaCount to applicationSet.replicas (#2261) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fcbd0642..291f33dc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.0 +version: 5.46.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: added a toggle for the shared Helm working directory + - kind: fixed + description: Migrate leftover of applicationSet.replicaCount to applicationSet.replicas diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 05852686..b5d62a6a 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -201,7 +201,7 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ {{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}} {{- end -}} {{- if .Values.applicationSet.enabled -}} -{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt (.Values.applicationSet.replicaCount | int64) 1) -}} +{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt ((.Values.applicationSet.replicas | default .Values.applicationSet.replicaCount) | int64) 1) -}} {{- end -}} {{- toYaml $presets }} {{- end -}} From d51d3c6b692e9729869bb1180bcaa7b18ef1f771 Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Mon, 11 Sep 2023 19:32:56 -0400 Subject: [PATCH 0764/1248] docs(argo-cd): improve changelog (#2262) * clarify 5.19.0 changes * revise wording Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/README.md.gotmpl | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 291f33dc..82e892e2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.1 +version: 5.46.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Migrate leftover of applicationSet.replicaCount to applicationSet.replicas + - kind: changed + description: Improve readme migration notes diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5b780b0b..abb6be29 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -106,7 +106,7 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. ### 5.35.0 -This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. @@ -126,7 +126,7 @@ This versions adds `global.affinity` options that are used as a presets. Overrid ### 5.19.0 -This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provided these values (`configs.knownHosts.*`, `configs.knownHostsAnnotations`, `configs.tlsCerts`, `configs.tlsCertsAnnotations`) please move them into new `configs.ssh` and `configs.tls` sections. You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. ### 5.13.0 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index dce6d922..5dc048b4 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -105,7 +105,7 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. ### 5.35.0 -This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. @@ -126,7 +126,7 @@ This versions adds `global.affinity` options that are used as a presets. Overrid ### 5.19.0 -This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provided these values (`configs.knownHosts.*`, `configs.knownHostsAnnotations`, `configs.tlsCerts`, `configs.tlsCertsAnnotations`) please move them into new `configs.ssh` and `configs.tls` sections. You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. ### 5.13.0 From bf1e4f2dde154a91e97c325748ca7e3681988cc9 Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Wed, 13 Sep 2023 09:48:41 -0400 Subject: [PATCH 0765/1248] fix(github): Fix changelog spelling of versions (#2263) Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> Co-authored-by: Aikawa --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 1f7745b5..d67ddefc 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -64,7 +64,7 @@ Each release for each chart must be immutable. Any change to a chart (even just ### Chart Versioning -Currently we require a chart version bump for every change to a chart, including updating information for older verions. This may change in the future. +Currently we require a chart version bump for every change to a chart, including updating information for older versions. This may change in the future. ### Artifact Hub Annotations From 44ddf5986426379f120f111a91a69db95c2c4498 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 14 Sep 2023 13:33:34 +0900 Subject: [PATCH 0766/1248] chore(argo-cd): Upgrade Argo CD to v2.8.4 (#2268) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/clusterrole.yaml | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 82e892e2..b56bf88f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.3 +appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.2 +version: 5.46.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Improve readme migration notes + description: Upgrade Argo CD to v2.8.4 diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 3d2c44b5..838016fa 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -48,6 +48,7 @@ rules: - apiGroups: - batch resources: + {{/* supports triggering jobs from UI */}} - jobs verbs: - create @@ -56,5 +57,6 @@ rules: resources: - workflows verbs: + {{/* supports triggering workflows from UI */}} - create {{- end }} From 736b82433918304b086aaa4401f84f366eecd8b9 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 15 Sep 2023 19:47:59 +0900 Subject: [PATCH 0767/1248] fix(argo-cd): Align redis-ha's affinity type to upstream due to warnings (#2270) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b56bf88f..49d2233c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.3 +version: 5.46.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.4 + - kind: fixed + description: Align redis-ha's affinity type to upstream due to warnings diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index abb6be29..bb51d130 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1000,13 +1000,13 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | -| redis-ha.affinity | object | `{}` | Assign custom [affinity] rules to the Redis pods. | +| redis-ha.affinity | string | `""` | Assign custom [affinity] rules to the Redis pods. | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | -| redis-ha.haproxy.affinity | object | `{}` | Assign custom [affinity] rules to the haproxy pods. | +| redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 22dcfcc6..fb078ac6 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1415,7 +1415,7 @@ redis-ha: # -- Additional affinities to add to the haproxy pods. additionalAffinities: {} # -- Assign custom [affinity] rules to the haproxy pods. - affinity: {} + affinity: | # -- [Tolerations] for use with node taints for haproxy pods. tolerations: [] @@ -1426,7 +1426,7 @@ redis-ha: additionalAffinities: {} # -- Assign custom [affinity] rules to the Redis pods. - affinity: {} + affinity: | # -- [Tolerations] for use with node taints for Redis pods. tolerations: [] From 8d00bec86ebb64f2bbd428e3aaaf535e708ed5e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 Sep 2023 07:15:00 -0500 Subject: [PATCH 0768/1248] chore(deps): bump docker/login-action from 2.2.0 to 3.0.0 (#2271) --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0c8f7cbf..07319d36 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -65,7 +65,7 @@ jobs: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: Login to GHCR - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: ghcr.io username: ${{ github.actor }} From 5626d0536f6f3e43273d2efa3b98641e29dcb4aa Mon Sep 17 00:00:00 2001 From: Mats Willemsen <60099717+ma-ts@users.noreply.github.com> Date: Mon, 18 Sep 2023 15:21:36 +0200 Subject: [PATCH 0769/1248] fix(argo-cd): make ServiceMonitor annotations in ArgoCD server conditional (#2273) * fix: add argocd servicemonitor annotations conditionally Signed-off-by: Mats Willemsen * chore(argo-cd): add changelog Signed-off-by: Mats Willemsen --------- Signed-off-by: Mats Willemsen --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 49d2233c..9b423e8f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.4 +version: 5.46.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Align redis-ha's affinity type to upstream due to warnings + description: fixed issue with argocd-server servicemonitor annotation attribute being added even when no annotations where defined diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index f876a1a1..d036a8e1 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -12,10 +12,10 @@ metadata: {{- with .Values.server.metrics.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.server.metrics.serviceMonitor.annotations }} annotations: - {{- range $key, $value := .Values.server.metrics.serviceMonitor.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - port: {{ .Values.server.metrics.service.portName }} From 7a17fc2dc9688ce4db918079c13c83d8bd84c3d4 Mon Sep 17 00:00:00 2001 From: sibucan Date: Tue, 19 Sep 2023 05:01:42 -0400 Subject: [PATCH 0770/1248] fix(argo-cd): Add checksum for CMP ConfigMap in repo-server Pod annotations (#2275) Add checksum for CMP ConfigMap in repo-server This helm chart defines the plugins as ConfigMaps -- according to the docs, when the CM is modified, the repo-server Pod must be restarted to have the sidecars pick up the latest changes: https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#debugging-a-cmp The changes in this helm chart allow for a checksum to be calculated from the ConfigMap and added as a Pod annotation so whenever the CM values are modified, the Pod is restarted automatically. Signed-off-by: sibucan --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9b423e8f..20d4f52a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.5 +version: 5.46.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: fixed issue with argocd-server servicemonitor annotation attribute being added even when no annotations where defined + description: fixed repo-server deployment not restarting when a cmp configmap is modified diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 3080c79f..ea54e79d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -33,6 +33,9 @@ spec: {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} {{- end }} + {{- if .Values.configs.cmp.create }} + checksum/cmp-cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmp-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 2a5bbf5cefdf8546bbf612ecf59c898996492142 Mon Sep 17 00:00:00 2001 From: Pieter <110168856+Pionerd@users.noreply.github.com> Date: Fri, 22 Sep 2023 17:39:58 +0200 Subject: [PATCH 0771/1248] fix(argo-cd): Redis to 7.0.13 to fix CVE-2022-48174 (#2279) * Redis to 7.0.13 Signed-off-by: Pieter van der Giessen * changelog Signed-off-by: Pieter van der Giessen --------- Signed-off-by: Pieter van der Giessen --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 20d4f52a..1bfed795 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.6 +version: 5.46.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: fixed repo-server deployment not restarting when a cmp configmap is modified + - kind: security + description: updated redis dependency to 7.0.13-alpine to fix CVE-2022-48174 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bb51d130..16661971 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -947,7 +947,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.11-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.13-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -1013,7 +1013,7 @@ The main options are listed here: | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | | redis-ha.image.repository | string | `"redis"` | Redis repository | -| redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.13-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fb078ac6..fed4e97c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1162,7 +1162,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.11-alpine + tag: 7.0.13-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1381,7 +1381,7 @@ redis-ha: # -- Redis repository repository: redis # -- Redis tag - tag: 7.0.11-alpine + tag: 7.0.13-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar From 03c1be1c6d92eae55a77b4d691dcdb470f8c68c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 Sep 2023 20:45:16 +0900 Subject: [PATCH 0772/1248] chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 (#2280) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/3df4ab11eba7bda6032a0b82a6bb43b11571feac...8ade135a41bc03ea155e62e844d188df1ea18608) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 52e4746b..719651ed 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 07319d36..99f0698d 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8a924219..a02eda74 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: persist-credentials: false From 82081bce8ca4491a2a03e08dc04eec4f72c635cc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 30 Sep 2023 22:53:47 -0500 Subject: [PATCH 0773/1248] chore(deps): bump amannn/action-semantic-pull-request from 5.2.0 to 5.3.0 (#2284) --- .github/workflows/pr-title.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 2d45de12..be77f1ae 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@c3cd5d1ea3580753008872425915e343e351ab54 # v5.2.0 + - uses: amannn/action-semantic-pull-request@47b15d52c5c30e94a17ec87eb8dd51ff5221fed9 # v5.3.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From e9f6b1a8b48c499b8124df1b7d1db33dad979974 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 7 Oct 2023 07:19:01 -0500 Subject: [PATCH 0774/1248] chore(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 (#2290) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index a02eda74..b1dc3b04 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 + uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0 with: results_file: results.sarif results_format: sarif From 37069f92c953a7e1da2e281d4fdab9b368b737da Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 7 Oct 2023 07:37:13 -0500 Subject: [PATCH 0775/1248] chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 (#2289) --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 719651ed..9ac90a30 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: 3.9 From 052454f23392d957e8374aaffc5005baba211bd5 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Thu, 12 Oct 2023 11:50:51 +0200 Subject: [PATCH 0776/1248] fix(argo-cd): Sync redis / redis-ha readOnlyRootFilesystem from upstream (#2294) Signed-off-by: Marco Maurer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/values.yaml | 10 ++++++++++ 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1bfed795..5f437944 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.7 +version: 5.46.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: security - description: updated redis dependency to 7.0.13-alpine to fix CVE-2022-48174 + - kind: fixed + description: Sync redis / redis-ha readOnlyRootFilesystem=true option from upstream. This was part of Argo CD 2.8.0. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 16661971..b2101038 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1001,12 +1001,14 @@ The main options are listed here: |-----|------|---------|-------------| | redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | | redis-ha.affinity | string | `""` | Assign custom [affinity] rules to the Redis pods. | +| redis-ha.containerSecurityContext | object | See [values.yaml] | Redis HA statefulset container-level security context | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | | redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | +| redis-ha.haproxy.containerSecurityContext | object | See [values.yaml] | HAProxy container-level security context | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fed4e97c..b029dfaa 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1279,6 +1279,7 @@ redis: # -- Redis container-level security context # @default -- See [values.yaml] containerSecurityContext: + readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: @@ -1416,8 +1417,13 @@ redis-ha: additionalAffinities: {} # -- Assign custom [affinity] rules to the haproxy pods. affinity: | + # -- [Tolerations] for use with node taints for haproxy pods. tolerations: [] + # -- HAProxy container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + readOnlyRootFilesystem: true # -- Whether the Redis server pods should be forced to run on separate nodes. hardAntiAffinity: true @@ -1445,6 +1451,10 @@ redis-ha: # -- Enforcement policy, hard or soft # @default -- `""` (defaults to `ScheduleAnyway`) whenUnsatisfiable: "" + # -- Redis HA statefulset container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + readOnlyRootFilesystem: true # External Redis parameters externalRedis: From 2730dc24c7ad69b98d3206705a5ebf5cb34dd96b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 12 Oct 2023 23:14:41 +0900 Subject: [PATCH 0777/1248] feat(argo-workflows): Configure declarative server auth mode (#2291) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 5 +++-- .../templates/server/server-deployment.yaml | 3 +++ charts/argo-workflows/values.yaml | 16 +++++++--------- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 85de8f7e..3b1a60bd 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.3 +version: 0.34.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add HA docs and example + - kind: changed + description: Configure declarative server auth mode. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 732baecd..d5485a58 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -256,6 +256,7 @@ Fields to note: | server.GKEmanagedCertificate.domains | list | `["argoworkflows.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules | +| server.authMode | string | `""` | Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] | @@ -267,7 +268,7 @@ Fields to note: | server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. | | server.deploymentAnnotations | object | `{}` | optional map of annotations to be applied to the ui Deployment | | server.enabled | bool | `true` | Deploy the Argo Server | -| server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary, such as for disabling authentication. | +| server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary. | | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | | server.extraInitContainers | list | `[]` | Enables init containers to be added to the server deployment | @@ -315,7 +316,7 @@ Fields to note: | server.sso.clientSecret.key | string | `"client-secret"` | Key of a secret to retrieve the app OIDC client secret | | server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret | | server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups | -| server.sso.enabled | bool | `false` | Create SSO configuration | +| server.sso.enabled | bool | `false` | Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. | | server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client | | server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider | | server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index b2e50967..cea885da 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.server.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} + {{- if .Values.server.authMode }} + - "--auth-mode={{ .Values.server.authMode }}" + {{- end }} - "--secure={{ .Values.server.secure }}" {{- if .Values.singleNamespace }} - "--namespaced" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index d6d22464..1d1e60b8 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -522,14 +522,13 @@ server: # - name: FOO # value: "bar" - # -- Extra arguments to provide to the Argo server binary, such as for disabling authentication. + # -- Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. + ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + authMode: "" + + # -- Extra arguments to provide to the Argo server binary. + ## Ref: https://argoproj.github.io/argo-workflows/argo-server/#options extraArgs: [] - # If you want to disable authentication for purposes such as: - # - local dev-mode without authentication - # - gateway authentication through some other service such as KeyCloak - # uncomment the lines below and comment out the default empty list `extraArgs: []` above: - # extraArgs: - # - --auth-mode=server logging: # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) @@ -631,8 +630,7 @@ server: # SSO configuration when SSO is specified as a server auth mode. sso: - # -- Create SSO configuration - ## SSO is activated by adding --auth-mode=sso to the server command line. + # -- Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. enabled: false # -- The root URL of the OIDC identity provider issuer: https://accounts.google.com From df9ee892b50b930e9ddd541b15298d7a59c80a4e Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 13 Oct 2023 16:59:02 -0500 Subject: [PATCH 0778/1248] chore(argo-workflows): Upgrade argo-workflows to 3.5.0 (#2228) Diff based on the rc1 branch currently here [3.4.10...3.5.0](https://github.com/argoproj/argo-workflows/compare/v3.4.10...v3.5.0) Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- .../crds/argoproj.io_workflowtaskresults.yaml | 13 +++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3b1a60bd..79c898f5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.11 +appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.34.0 +version: 0.35.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Configure declarative server auth mode. + description: Upgrade to Argo Workflows v3.4.10 diff --git a/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml index e9bb93f6..861f1df8 100644 --- a/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml @@ -441,6 +441,8 @@ spec: type: object securityToken: type: string + useSDKCreds: + type: boolean required: - key type: object @@ -470,6 +472,17 @@ spec: type: object bucket: type: string + caSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object createBucketIfNotPresent: properties: objectLocking: From 8c72bed7796333c6f50277b58987721f5f6d818b Mon Sep 17 00:00:00 2001 From: Koen van Zuijlen <8818390+kvanzuijlen@users.noreply.github.com> Date: Tue, 17 Oct 2023 17:40:33 +0200 Subject: [PATCH 0779/1248] feat(argo-workflows): Added commonLabels (#2300) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/_helpers.tpl | 3 +++ charts/argo-workflows/values.yaml | 3 +++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 79c898f5..babc96c5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.35.0 +version: 0.36.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade to Argo Workflows v3.4.10 + - kind: added + description: added support for commonLabels diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d5485a58..31582fc4 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -108,6 +108,7 @@ Fields to note: |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | +| commonLabels | object | `{}` | Labels to set on all resources | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index f81e6fc4..0713264f 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -79,6 +79,9 @@ helm.sh/chart: {{ include "argo-workflows.chart" .context }} {{ include "argo-workflows.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argo-workflows +{{- with .context.Values.commonLabels }} +{{ toYaml .}} +{{- end }} {{- end }} {{/* diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 1d1e60b8..8d98b37e 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -26,6 +26,9 @@ nameOverride: # -- String to fully override "argo-workflows.fullname" template fullnameOverride: +# -- Labels to set on all resources +commonLabels: {} + # -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" From 575ee244b23fa96b9dc3f118fb97f5a6c5f76863 Mon Sep 17 00:00:00 2001 From: Jonathan Raymond Date: Tue, 17 Oct 2023 17:53:16 -0600 Subject: [PATCH 0780/1248] fix(argo-workflows): add all crds to aggregate-roles template (#2301) fix: add all crds to aggregate-roles Signed-off-by: Jonathan Raymond --- charts/argo-workflows/Chart.yaml | 6 +++--- .../controller/workflow-aggregate-roles.yaml | 18 ++++++++++++++++++ 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index babc96c5..c90d5446 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.36.0 +version: 0.36.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: added support for commonLabels + - kind: fixed + description: added all crds to aggregate-roles diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml index 977bb86b..ca2ae93e 100644 --- a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -20,6 +20,12 @@ rules: - cronworkflows/finalizers - clusterworkflowtemplates - clusterworkflowtemplates/finalizers + - workflowtasksets + - workflowtasksets/finalizers + - workflowtaskresults + - workflowtaskresults/finalizers + - workflowartifactgctasks + - workflowartifactgctasks/finalizers verbs: - get - list @@ -46,6 +52,12 @@ rules: - cronworkflows/finalizers - clusterworkflowtemplates - clusterworkflowtemplates/finalizers + - workflowtasksets + - workflowtasksets/finalizers + - workflowtaskresults + - workflowtaskresults/finalizers + - workflowartifactgctasks + - workflowartifactgctasks/finalizers verbs: - create - delete @@ -79,6 +91,12 @@ rules: - cronworkflows/finalizers - clusterworkflowtemplates - clusterworkflowtemplates/finalizers + - workflowtasksets + - workflowtasksets/finalizers + - workflowtaskresults + - workflowtaskresults/finalizers + - workflowartifactgctasks + - workflowartifactgctasks/finalizers verbs: - create - delete From 579b91fde33ef8e469817a3507853d8fb8058632 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 21 Oct 2023 07:48:41 -0500 Subject: [PATCH 0781/1248] chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (#2304) --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 9ac90a30..bd97afe9 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 99f0698d..9d3a170f 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b1dc3b04..64dd515a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false From 14e2e32bedf186c088da0804c262298ca771bc2f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 24 Oct 2023 19:06:28 +0900 Subject: [PATCH 0782/1248] chore(argo-workflows): Add sample of PostgreSQL ssl entries in values.yaml (#2307) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c90d5446..4b42b7a5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.36.1 +version: 0.36.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: added all crds to aggregate-roles + - kind: added + description: Add sample of PostgreSQL ssl entries in values.yaml diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8d98b37e..84cd8aef 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -161,6 +161,10 @@ controller: # passwordSecret: # name: argo-postgres-config # key: password + # ssl: true + # # sslMode must be one of: disable, require, verify-ca, verify-full + # # you can find more information about those ssl options here: https://godoc.org/github.com/lib/pq + # sslMode: require # -- Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. # Only valid for 2.7+ From a67424d0c43cf0231d77fb1e086fba0a686094f7 Mon Sep 17 00:00:00 2001 From: Ujin <592652+evgeniy-khatko@users.noreply.github.com> Date: Tue, 24 Oct 2023 08:34:49 -0400 Subject: [PATCH 0783/1248] feat(argo-workflows): Updated supported workers parameters (#2297) * feat(argo-workflows): Updated supported workers parameters Change ------ Based on argo-workflows [scaling documents](https://argoproj.github.io/argo-workflows/scaling/) it's possible to set following workers values: `--workflow-workers`, `--workflow-ttl-workers`, `--pod-cleanup-workers` and statring 3.5 `--cron-workflow-workers`. This change allows chart consumers to take advatage of _all_ these parameters. Testing ------- ``` helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep workers helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" - "--workflow-ttl-workers" - "20" helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" - "--workflow-ttl-workers" - "20" - "--pod-cleanup-workers" - "30" helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" - "--workflow-ttl-workers" - "20" - "--pod-cleanup-workers" - "30" - "--cron-workflow-workers" - "40" ``` Signed-off-by: Evgeny Khatko Signed-off-by: Evgeny Khatko * Addressing PR feedback. Signed-off-by: Evgeny Khatko * newline Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> * Update Chart.yaml Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> * Update Chart.yaml Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> --------- Signed-off-by: Evgeny Khatko Signed-off-by: Evgeny Khatko Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> Co-authored-by: Evgeny Khatko Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 3 +++ .../controller/workflow-controller-deployment.yaml | 12 ++++++++++++ charts/argo-workflows/values.yaml | 7 +++++++ 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 4b42b7a5..44d16bab 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.36.2 +version: 0.37.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add sample of PostgreSQL ssl entries in values.yaml + - kind: changed + description: Updated supported scaling parameters based on https://argoproj.github.io/argo-workflows/scaling/ diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 31582fc4..03811169 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -142,6 +142,7 @@ Fields to note: | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | | controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | +| controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | @@ -182,6 +183,7 @@ Fields to note: | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | | controller.persistence | object | `{}` | enable persistence using postgres | | controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | +| controller.podCleanupWorkers | string | `nil` | Number of pod cleanup workers | | controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. | | controller.podGCGracePeriodSeconds | string | `30` seconds (Kubernetes default) | Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. | | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | @@ -221,6 +223,7 @@ Fields to note: | controller.workflowDefaults | object | `{}` | Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. Only valid for 2.7+ | | controller.workflowNamespaces | list | `["default"]` | Specify all namespaces where this workflow controller instance will manage workflows. This controls where the service account and RBAC resources will be created. Only valid when singleNamespace is false. | | controller.workflowRestrictions | object | `{}` | Restricts the Workflows that the controller will process. Only valid for 2.9+ | +| controller.workflowTTLWorkers | string | `nil` | Number of workflow TTL workers | | controller.workflowWorkers | string | `nil` | Number of workflow workers | ### Workflow Main Container diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index c391bee8..132d7f8c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -60,6 +60,18 @@ spec: - "--workflow-workers" - {{ . | quote }} {{- end }} + {{- with .Values.controller.workflowTTLWorkers }} + - "--workflow-ttl-workers" + - {{ . | quote }} + {{- end }} + {{- with .Values.controller.podCleanupWorkers }} + - "--pod-cleanup-workers" + - {{ . | quote }} + {{- end }} + {{- with .Values.controller.cronWorkflowWorkers }} + - "--cron-workflow-workers" + - {{ . | quote }} + {{- end }} {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 84cd8aef..cae5f749 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -180,6 +180,13 @@ controller: # -- Number of workflow workers workflowWorkers: # 32 + # -- Number of workflow TTL workers + workflowTTLWorkers: # 4 + # -- Number of pod cleanup workers + podCleanupWorkers: # 4 + # -- Number of cron workflow workers + # Only valid for 3.5+ + cronWorkflowWorkers: # 8 # -- Restricts the Workflows that the controller will process. # Only valid for 2.9+ workflowRestrictions: {} From 804af65b38dd1c4a27a3df5fb478d18c126a6e24 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 24 Oct 2023 07:39:37 -0500 Subject: [PATCH 0784/1248] fix(argo-rollouts): controller replicas count comparison (#2309) --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/templates/controller/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 457f76a0..ddc6582b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.0 +version: 2.32.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Rollouts to v1.6.0 + - kind: fixed + description: Use integer instead of float for controller replicas diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 966491c8..23dc14cb 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -48,7 +48,7 @@ spec: {{- if not .Values.clusterInstall }} - --namespaced {{- end }} - {{- if gt .Values.controller.replicas 1.0 }} + {{- if gt (int .Values.controller.replicas) 1 }} - --leader-elect {{- end }} {{- with .Values.controller.extraArgs }} From a41b70b59cf2ff7e9495969e041d853c8e06ba0d Mon Sep 17 00:00:00 2001 From: gussan <83329336+toyamagu-2021@users.noreply.github.com> Date: Fri, 27 Oct 2023 18:43:52 +0900 Subject: [PATCH 0785/1248] feat(argo-cd): add terminationGracePeriodSeconds (#2310) Signed-off-by: toyamagu-2021 --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 7 +++++++ .../statefulset.yaml | 3 +++ .../argocd-applicationset/deployment.yaml | 3 +++ .../argocd-notifications/deployment.yaml | 3 +++ .../argocd-repo-server/deployment.yaml | 3 +++ .../templates/argocd-server/deployment.yaml | 3 +++ charts/argo-cd/templates/dex/deployment.yaml | 3 +++ .../argo-cd/templates/redis/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 21 +++++++++++++++++++ 10 files changed, 52 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5f437944..7302ce5e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.8 +version: 5.47.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Sync redis / redis-ha readOnlyRootFilesystem=true option from upstream. This was part of Argo CD 2.8.0. + - kind: added + description: add terminationGracePeriodSeconds diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b2101038..d870dbdc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -561,6 +561,7 @@ NAME: my-release | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | | controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | +| controller.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | @@ -653,6 +654,7 @@ NAME: my-release | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | | repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account | | repoServer.serviceAccount.name | string | `""` | Repo server service account name | +| repoServer.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | | repoServer.useEphemeralHelmWorkingDir | bool | `true` | Toggle the usage of a ephemeral Helm working directory | @@ -807,6 +809,7 @@ NAME: my-release | server.serviceAccount.create | bool | `true` | Create server service account | | server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `"argocd-server"` | Server service account name | +| server.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | @@ -915,6 +918,7 @@ server: | dex.servicePortHttp | int | `5556` | Service port for HTTP access | | dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access | | dex.servicePortMetrics | int | `5558` | Service port for metrics access | +| dex.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex | | dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container | @@ -986,6 +990,7 @@ server: | redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod | | redis.serviceAccount.name | string | `""` | Service account name for redis pod | | redis.servicePort | int | `6379` | Redis service port | +| redis.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis | | redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | @@ -1136,6 +1141,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | | applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | +| applicationSet.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | @@ -1214,6 +1220,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | +| notifications.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 3583a2b7..31bce299 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.controller.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - args: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index d8fb8cbc..ed161d53 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.applicationSet.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.applicationSet.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index d2eca77f..633e1943 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -51,6 +51,9 @@ spec: {{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.notifications.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.notifications.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} containers: - name: {{ .Values.notifications.name }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index ea54e79d..515984d7 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -62,6 +62,9 @@ spec: {{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.repoServer.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.repoServer.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index e3f322cb..983121a9 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -53,6 +53,9 @@ spec: {{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.server.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index abca6e14..9f782c8d 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -55,6 +55,9 @@ spec: {{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.dex.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.dex.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 419e5f31..3f272d02 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -48,6 +48,9 @@ spec: {{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.redis.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.redis.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} containers: - name: {{ .Values.redis.name }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b029dfaa..0352ef2e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -731,6 +731,9 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Priority class for the application controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -1074,6 +1077,9 @@ dex: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + serviceAccount: # -- Create dex service account create: true @@ -1313,6 +1319,9 @@ redis: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + serviceAccount: # -- Create a service account for the redis pod create: false @@ -1718,6 +1727,9 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Priority class for the Argo CD server pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2261,6 +2273,9 @@ repoServer: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} @@ -2618,6 +2633,9 @@ applicationSet: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} @@ -2931,6 +2949,9 @@ notifications: drop: - ALL + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} From 9193d8592949969e7d05e24e066b77ada6a50b9e Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 28 Oct 2023 16:28:44 +0900 Subject: [PATCH 0786/1248] chore(argo-cd): Upgrade Argo CD to v2.8.5 (#2313) --- charts/argo-cd/Chart.yaml | 8 ++++---- .../templates/argocd-notifications/deployment.yaml | 8 +++++++- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7302ce5e..06de55fb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.4 +appVersion: v2.8.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.47.0 +version: 5.48.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add terminationGracePeriodSeconds + - kind: changed + description: Upgrade Argo CD to v2.8.5 diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 633e1943..edee786a 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -78,13 +78,19 @@ spec: configMapKeyRef: key: notificationscontroller.log.level name: argocd-cmd-params-cm - optional: true + optional: true - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT valueFrom: configMapKeyRef: key: notificationscontroller.log.format name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + key: application.namespaces + name: argocd-cmd-params-cm + optional: true {{- with .Values.notifications.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} From 25d7b519bc7fc37d2820721cd648f3a3403d0e38 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Oct 2023 14:21:37 +0200 Subject: [PATCH 0787/1248] chore(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 (#2314) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 64dd515a..3273e72d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif From 0cc17965301b838977c8b1cca2cbf86969c889a0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 30 Oct 2023 09:51:56 +0100 Subject: [PATCH 0788/1248] fix(argo-cd): Update Bitbucket SSH key (#2317) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 06de55fb..ac473f03 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.48.0 +version: 5.48.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.8.5 + description: Update Bitbucket.org SSH key diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 0352ef2e..802e512c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -326,7 +326,7 @@ configs: [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M= github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= From 94c0a0a246771e0d1996de4759d3dba036407b27 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Mon, 30 Oct 2023 16:42:32 +0200 Subject: [PATCH 0789/1248] feat(argo-cd): add notification cluster role (#2315) * Add notification cluster role Signed-off-by: drfaust92 * Add notification cluster role Signed-off-by: drfaust92 * Add notification cluster role Signed-off-by: drfaust92 * Add notification cluster role Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 --- charts/argo-cd/Chart.yaml | 6 ++--- charts/argo-cd/README.md | 1 + .../argocd-notifications/clusterrole.yaml | 22 +++++++++++++++++++ .../clusterrolebinding.yaml | 16 ++++++++++++++ charts/argo-cd/values.yaml | 6 +++++ 5 files changed, 48 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-notifications/clusterrole.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac473f03..eaa7c2c6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.48.1 +version: 5.49.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update Bitbucket.org SSH key + - kind: added + description: Add notification cluster role support diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d870dbdc..e0e25025 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1160,6 +1160,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | +| notifications.clusterRoleRules.rules | list | `[]` | List of custom rules for the notifications controller's ClusterRole resource | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml new file mode 100644 index 00000000..1d2e0fd7 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml @@ -0,0 +1,22 @@ +{{- if .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +rules: + {{- with .Values.notifications.clusterRoleRules.rules }} + {{- toYaml . | nindent 2 }} + {{- end }} + - apiGroups: + - "argoproj.io" + resources: + - "applications" + verbs: + - get + - list + - watch + - update + - patch +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml new file mode 100644 index 00000000..1b47bf12 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "argo-cd.notifications.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "argo-cd.notificationsServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 802e512c..4ec93222 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2997,6 +2997,12 @@ notifications: # -- Whether helm chart creates notifications controller config map create: true + ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. + ## Defaults to off + clusterRoleRules: + # -- List of custom rules for the notifications controller's ClusterRole resource + rules: [] + # -- Contains centrally managed global application subscriptions ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ subscriptions: [] From 4f5c75fbc7513d0359e11208e24df51474493686 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 30 Oct 2023 12:42:39 -0500 Subject: [PATCH 0790/1248] fix(argo-rollouts): Update AnalysisRun CRD to match upstream (#2320) --- charts/argo-rollouts/Chart.yaml | 4 +- .../templates/crds/analysis-run-crd.yaml | 51 ++++++++++++++++++- 2 files changed, 51 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index ddc6582b..6d343fdc 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.1 +version: 2.32.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Use integer instead of float for controller replicas + description: Update AnalysisRun CRD to match upstream diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 7324e908..1dddfa7d 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -189,13 +189,22 @@ spec: datadog: properties: apiVersion: + default: v1 + enum: + - v1 + - v2 + type: string + formula: type: string interval: + default: 5m type: string + queries: + additionalProperties: + type: string + type: object query: type: string - required: - - query type: object graphite: properties: @@ -2809,6 +2818,19 @@ spec: type: string authentication: properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object sigv4: properties: profile: @@ -2857,6 +2879,31 @@ spec: type: object web: properties: + authentication: + properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object body: type: string headers: From 2eb537dde00f9bc6d250ea349ad85a709565cce0 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 31 Oct 2023 12:21:05 -0500 Subject: [PATCH 0791/1248] fix(github): update chart testing action due to failure (#2324) Getting failure when running chart testing action pulling v2.0.0 from sigstore Updating action to see if this helps Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 4 ++-- scripts/lint.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index bd97afe9..b6da136f 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,10 +38,10 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 + uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0 with: # Note: Also update in scripts/lint.sh - version: v3.7.1 + version: v3.10.0 - name: List changed charts id: list-changed diff --git a/scripts/lint.sh b/scripts/lint.sh index b44a6cee..6061adb5 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -9,7 +9,7 @@ echo -e "\n-- Linting all Helm Charts --\n" docker run \ -v "$SRCROOT:/workdir" \ --entrypoint /bin/sh \ - quay.io/helmpack/chart-testing:v3.7.1 \ + quay.io/helmpack/chart-testing:v3.10.0 \ -c cd /workdir \ ct lint \ --config .github/configs/ct-lint.yaml \ From 733d84a42398cc1a1a6dea8bf75b2a7a2bf3101f Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Tue, 31 Oct 2023 17:48:55 +0000 Subject: [PATCH 0792/1248] chore(argo-cd): Upgrade Argo CD to v2.8.6 (#2323) * chore(argo-cd): Upgrade Argo CD to v2.8.6 Signed-off-by: Tim Collins * fix: drop unrecognized helm timeout Signed-off-by: jmeridth --------- Signed-off-by: Tim Collins Signed-off-by: Jason Meridth Signed-off-by: jmeridth Co-authored-by: Jason Meridth --- .github/configs/ct-lint.yaml | 1 - charts/argo-cd/Chart.yaml | 8 ++++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/configs/ct-lint.yaml b/.github/configs/ct-lint.yaml index 1e66067a..99cb8b3c 100644 --- a/.github/configs/ct-lint.yaml +++ b/.github/configs/ct-lint.yaml @@ -7,7 +7,6 @@ chart-dirs: - charts chart-repos: - dandydeveloper=https://dandydeveloper.github.io/charts/ -helm-extra-args: "--timeout 600s" validate-chart-schema: false validate-maintainers: true validate-yaml: true diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index eaa7c2c6..8114ee70 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.5 +appVersion: v2.8.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.49.0 +version: 5.50.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add notification cluster role support + - kind: changed + description: Upgrade Argo CD to v2.8.6 From 4afebb25f60aeeadb7c4365ab2fc1824185d0aa8 Mon Sep 17 00:00:00 2001 From: Denis Kadyshev Date: Thu, 2 Nov 2023 16:43:50 +0700 Subject: [PATCH 0793/1248] fix(argo-cd): Create notifications clusterrole and clusterrolebinding when enabled (#2326) * Create clusterrole for nitifications only when notifications enabled Signed-off-by: Denis Kadyshev * Create clusterrolebinding for nitifications only when notifications enbaled Signed-off-by: Denis Kadyshev * Bump version in Chart.yaml Signed-off-by: Denis Kadyshev * Update Chart.yaml Signed-off-by: Denis Kadyshev * Update Chart.yaml Signed-off-by: Denis Kadyshev --------- Signed-off-by: Denis Kadyshev --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-notifications/clusterrole.yaml | 2 +- .../templates/argocd-notifications/clusterrolebinding.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8114ee70..d986c987 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.50.0 +version: 5.50.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.6 + - kind: fixed + description: Create notifications clusterrole and clusterrolebinding when enabled diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml index 1d2e0fd7..927d30a0 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml @@ -1,4 +1,4 @@ -{{- if .Values.createClusterRoles }} +{{- if and .Values.notifications.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml index 1b47bf12..3dba71a2 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -{{- if .Values.createClusterRoles }} +{{- if and .Values.notifications.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: From d170cdb2df6c9a78fff7f7ec3240be7cf046afea Mon Sep 17 00:00:00 2001 From: Max! Date: Fri, 3 Nov 2023 21:39:05 +0100 Subject: [PATCH 0794/1248] fix(argo-workflows): Fix outdated URL in values.yaml comments (#2328) * fix outdated link branch link Branch was renamed prior, redirects to main now Signed-off-by: Max! * Update Chart.yaml Signed-off-by: Max! * add to changelog Signed-off-by: Max! --------- Signed-off-by: Max! --- charts/argo-workflows/Chart.yaml | 4 +++- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 44d16bab..53d392c2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.37.0 +version: 0.37.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -18,3 +18,5 @@ annotations: artifacthub.io/changes: | - kind: changed description: Updated supported scaling parameters based on https://argoproj.github.io/argo-workflows/scaling/ + - kind: changed + description: Updated a url in values.yaml comments. diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cae5f749..8d3c830d 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -124,7 +124,7 @@ controller: # -- Service metrics port name servicePortName: metrics # -- ServiceMonitor relabel configs to apply to samples before scraping - ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig relabelings: [] # -- ServiceMonitor metric relabel configs to apply to samples before ingestion ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint From a98dd96059a3c49c587ec56deba028642ac7f9ca Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 4 Nov 2023 14:57:43 +0900 Subject: [PATCH 0795/1248] chore(argo-workflows): Upgrade Argo Workflows to v3.5.1 (#2329) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 53d392c2..aa941d42 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.0 +appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.37.1 +version: 0.38.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,6 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Updated supported scaling parameters based on https://argoproj.github.io/argo-workflows/scaling/ - - kind: changed - description: Updated a url in values.yaml comments. + description: Upgrade Argo Workflows to v3.5.1 From 16f4c26e9cca37f3354056ae6d581bc74adf8c0c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 4 Nov 2023 06:42:32 -0500 Subject: [PATCH 0796/1248] chore(deps): bump amannn/action-semantic-pull-request from 5.3.0 to 5.4.0 (#2330) chore(deps): bump amannn/action-semantic-pull-request Bumps [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/amannn/action-semantic-pull-request/releases) - [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md) - [Commits](https://github.com/amannn/action-semantic-pull-request/compare/47b15d52c5c30e94a17ec87eb8dd51ff5221fed9...e9fabac35e210fea40ca5b14c0da95a099eff26f) --- updated-dependencies: - dependency-name: amannn/action-semantic-pull-request dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pr-title.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index be77f1ae..256b1c38 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@47b15d52c5c30e94a17ec87eb8dd51ff5221fed9 # v5.3.0 + - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From 9f8f48386923bd7d7086798be709b3267f99f247 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 4 Nov 2023 06:43:58 -0500 Subject: [PATCH 0797/1248] chore(deps): bump helm/chart-releaser-action from 1.5.0 to 1.6.0 (#2331) Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/helm/chart-releaser-action/releases) - [Commits](https://github.com/helm/chart-releaser-action/compare/be16258da8010256c6e82849661221415f031968...a917fd15b20e8b64b94d9158ad54cd6345335584) --- updated-dependencies: - dependency-name: helm/chart-releaser-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 9d3a170f..7c0e768b 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -58,7 +58,7 @@ jobs: PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}" - name: Run chart-releaser - uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 + uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0 with: config: "./.github/configs/cr.yaml" env: From 8b17cdf924a047fb8b7c6aa819f87dbae7477492 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 4 Nov 2023 06:46:02 -0500 Subject: [PATCH 0798/1248] chore(deps): bump helm/chart-testing-action from 2.6.0 to 2.6.1 (#2332) Bumps [helm/chart-testing-action](https://github.com/helm/chart-testing-action) from 2.6.0 to 2.6.1. - [Release notes](https://github.com/helm/chart-testing-action/releases) - [Commits](https://github.com/helm/chart-testing-action/compare/b43128a8b25298e1e7b043b78ea6613844e079b1...e6669bcd63d7cb57cb4380c33043eebe5d111992) --- updated-dependencies: - dependency-name: helm/chart-testing-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index b6da136f..c2102b61 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,7 +38,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0 + uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 with: # Note: Also update in scripts/lint.sh version: v3.10.0 From f634cf6e9c35458756a7a3b74e83a8c7c14398a8 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 6 Nov 2023 13:54:34 +0100 Subject: [PATCH 0799/1248] feat(argo-cd): Upgrade Argo CD to 2.9.0 (#2318) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +- .../argocd-applicationset/deployment.yaml | 12 + .../argocd-repo-server/deployment.yaml | 12 + .../templates/argocd-server/clusterrole.yaml | 1 + .../templates/crds/crd-application.yaml | 389 ++++- .../templates/crds/crd-applicationset.yaml | 1471 +++++++++++++++++ 6 files changed, 1883 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d986c987..fa544eff 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.6 +appVersion: v2.9.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.50.1 +version: 5.51.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Create notifications clusterrole and clusterrolebinding when enabled + - kind: changed + description: Upgrade Argo CD to v2.9.0 diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ed161d53..b704650a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -90,6 +90,18 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.annotations + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.labels + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 515984d7..90941428 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -231,6 +231,18 @@ spec: key: reposerver.streamed.manifest.max.extracted.size name: argocd-cmd-params-cm optional: true + - name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.helm.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.disable.helm.manifest.max.extracted.size + optional: true - name: ARGOCD_GIT_MODULES_ENABLED valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 838016fa..44d50515 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -40,6 +40,7 @@ rules: - argoproj.io resources: - applications + - applicationsets verbs: - get - list diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index b4d13a15..03401574 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -359,6 +359,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -657,6 +688,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -797,7 +859,8 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name + cluster by its symbolic name. This must be set if Server is + not set. type: string namespace: description: Namespace specifies the target namespace for the @@ -805,8 +868,9 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster and - must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name is not + set. type: string type: object ignoreDifferences: @@ -1067,6 +1131,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -1355,6 +1450,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -1796,6 +1922,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -2097,6 +2254,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -2542,6 +2730,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -2860,6 +3079,38 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize + patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -3292,6 +3543,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -3603,6 +3885,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -3804,7 +4117,8 @@ spec: properties: name: description: Name is an alternate way of specifying the - target cluster by its symbolic name + target cluster by its symbolic name. This must be set + if Server is not set. type: string namespace: description: Namespace specifies the target namespace @@ -3813,8 +4127,9 @@ spec: not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster - and must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name + is not set. type: string type: object ignoreDifferences: @@ -4056,6 +4371,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -4367,6 +4713,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index fa0d926a..8d7409e5 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -269,6 +269,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -449,6 +479,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -788,6 +848,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -968,6 +1058,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1311,6 +1431,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1491,6 +1641,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1814,6 +1994,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1994,6 +2204,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2341,6 +2581,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2521,6 +2791,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2860,6 +3160,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3040,6 +3370,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3383,6 +3743,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3563,6 +3953,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3886,6 +4306,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -4066,6 +4516,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -4399,6 +4879,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -4579,6 +5089,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5092,6 +5632,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5272,6 +5842,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5564,6 +6164,8 @@ spec: type: string group: type: string + includeSharedProjects: + type: boolean includeSubgroups: type: boolean insecure: @@ -5578,6 +6180,8 @@ spec: - key - secretName type: object + topic: + type: string required: - group type: object @@ -5776,6 +6380,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5956,6 +6590,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6293,6 +6957,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6473,6 +7167,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6820,6 +7544,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7000,6 +7754,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7339,6 +8123,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7519,6 +8333,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7862,6 +8706,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8042,6 +8916,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8365,6 +9269,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8545,6 +9479,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8878,6 +9842,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9058,6 +10052,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9571,6 +10595,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9751,6 +10805,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10043,6 +11127,8 @@ spec: type: string group: type: string + includeSharedProjects: + type: boolean includeSubgroups: type: boolean insecure: @@ -10057,6 +11143,8 @@ spec: - key - secretName type: object + topic: + type: string required: - group type: object @@ -10255,6 +11343,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10435,6 +11553,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10776,6 +11924,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10956,6 +12134,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11286,6 +12494,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11466,6 +12704,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11979,6 +13247,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12159,6 +13457,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12451,6 +13779,8 @@ spec: type: string group: type: string + includeSharedProjects: + type: boolean includeSubgroups: type: boolean insecure: @@ -12465,6 +13795,8 @@ spec: - key - secretName type: object + topic: + type: string required: - group type: object @@ -12663,6 +13995,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12843,6 +14205,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12994,12 +14386,31 @@ spec: items: type: string type: array + ignoreApplicationDifferences: + items: + properties: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + name: + type: string + type: object + type: array preservedFields: properties: annotations: items: type: string type: array + labels: + items: + type: string + type: array type: object strategy: properties: @@ -13236,6 +14647,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -13416,6 +14857,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: From 622aee3850af8a0a3b4c7298fcc23e42f49cd799 Mon Sep 17 00:00:00 2001 From: Eddie Knight Date: Mon, 6 Nov 2023 09:10:35 -0600 Subject: [PATCH 0800/1248] chore(github): Updated security documentation and CLOMonitor exemptions (#2333) * Updated security documentation and CLOMonitor exemptions Signed-off-by: Eddie Knight * Added license scanning exepmtion Signed-off-by: Eddie Knight * Added best practices badge to README Signed-off-by: Eddie Knight --------- Signed-off-by: Eddie Knight Co-authored-by: Jason Meridth --- .clomonitor.yml | 6 ++++++ CONTRIBUTING.md | 2 ++ README.md | 1 + SECURITY-INSIGHTS.yml | 23 +++++++++++++++++++++++ 4 files changed, 32 insertions(+) create mode 100644 SECURITY-INSIGHTS.yml diff --git a/.clomonitor.yml b/.clomonitor.yml index 9f1fff8c..c75e8a7b 100644 --- a/.clomonitor.yml +++ b/.clomonitor.yml @@ -7,6 +7,12 @@ exemptions: reason: "Helm deps are not currently scanned. Maintainers are watching developments to dependabot-core #2237" # Justification of this exemption (mandatory, it will be displayed on the UI) - check: sbom reason: "Tracking Helm dependencies is not yet a stable practice." + - check: self_assessment + reason: "Refer to self assessments supplied by the codebases Argo Helm supports." + - check: signed_releases + reason: "Argo Helm releases are made via Artifact Hub, where they are signed. The unsigned GitHub releases are for reference only." + - check: license_scanning + reason: "Temporary exemption: pending response from CNCF Service Desk" # TODO: # License scanning information diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d67ddefc..f9861dcb 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -47,6 +47,8 @@ Any breaking changes to a chart (backwards incompatible) require: ### New Application Versions +Helm charts are intended to be created for all non-patched releases of Argo CD, Workflows, Rollouts, and Events. Associated dependencies, such as Redis, will use the version recommended by the associated release. + When selecting new application versions ensure you make the following changes: * `values.yaml`: Bump all instances of the container image version diff --git a/README.md b/README.md index b29bb3d1..0c5c6798 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) [![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo) [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm) +[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7942/badge)](https://www.bestpractices.dev/projects/7942) Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml new file mode 100644 index 00000000..a983c4f1 --- /dev/null +++ b/SECURITY-INSIGHTS.yml @@ -0,0 +1,23 @@ +header: + schema-version: '1.0.0' + expiration-date: '2024-11-04T10:00:00.000Z' + project-url: https://github.com/argoproj/argo-helm +project-lifecycle: + status: active + bug-fixes-only: false + core-maintainers: + - https://github.com/mkilchhofer + - https://github.com/jmeridth +contribution-policy: + accepts-pull-requests: true + accepts-automated-pull-requests: true +distribution-points: + - https://github.com/argoproj/argo-helm/blob/main/SECURITY.md +vulnerability-reporting: + accepts-vulnerability-reports: true + email-contact: cncf-argo-maintainers@lists.cncf.io + security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md + comment: Please refer to the security policy for reporting information prior to using the email contact. +dependencies: + env-dependencies-policy: + policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions From 9840ebedc640e8f30e0f9223ff10dd9284af543e Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 9 Nov 2023 01:04:58 +0900 Subject: [PATCH 0801/1248] fix(argo-workflows): Accept multi auth mode for server (#2336) * fix(argo-workflows): Accept multi auth mode for server Signed-off-by: yu-croco * chore(argo-workflows): improve description of authMode Signed-off-by: yu-croco * chore(argo-workflows): keep the older value valid for now as compatibility. Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 3 ++- charts/argo-workflows/templates/NOTES.txt | 4 ++++ .../argo-workflows/templates/server/server-deployment.yaml | 3 +++ charts/argo-workflows/values.yaml | 7 +++++-- 5 files changed, 17 insertions(+), 6 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index aa941d42..79929c7d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.38.0 +version: 0.39.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.5.1 + - kind: fixed + description: Accept multi auth mode for server. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 03811169..e3498867 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -260,7 +260,8 @@ Fields to note: | server.GKEmanagedCertificate.domains | list | `["argoworkflows.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules | -| server.authMode | string | `""` | Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. | +| server.authMode | string | `""` | Deprecated; use server.authModes instead. | +| server.authModes | list | `[]` | A list of supported authentication modes. Available values are `server`, `client`, or `sso`. If you provide sso, please configure `.Values.server.sso` as well. | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] | diff --git a/charts/argo-workflows/templates/NOTES.txt b/charts/argo-workflows/templates/NOTES.txt index b4933a7d..43c1c8f8 100644 --- a/charts/argo-workflows/templates/NOTES.txt +++ b/charts/argo-workflows/templates/NOTES.txt @@ -1,3 +1,7 @@ +{{- if .Values.server.authMode }} +DEPRECATED option server.authMode - Use server.authModes +{{- end }} + 1. Get Argo Server external IP/domain by running: kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ template "argo-workflows.server.fullname" . }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index cea885da..38c6072b 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -55,6 +55,9 @@ spec: {{- if .Values.server.authMode }} - "--auth-mode={{ .Values.server.authMode }}" {{- end }} + {{- range .Values.server.authModes }} + - "--auth-mode={{ . }}" + {{- end }} - "--secure={{ .Values.server.secure }}" {{- if .Values.singleNamespace }} - "--namespaced" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8d3c830d..10a0e5a4 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -536,10 +536,13 @@ server: # - name: FOO # value: "bar" - # -- Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. - ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + # -- Deprecated; use server.authModes instead. authMode: "" + # -- A list of supported authentication modes. Available values are `server`, `client`, or `sso`. If you provide sso, please configure `.Values.server.sso` as well. + ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + authModes: [] + # -- Extra arguments to provide to the Argo server binary. ## Ref: https://argoproj.github.io/argo-workflows/argo-server/#options extraArgs: [] From d3d9e7de238e0dab0b45d01535658173c51af3f7 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Wed, 8 Nov 2023 14:09:44 -0600 Subject: [PATCH 0802/1248] chore(github): Add yu-cruco to * in CODEOWNERS (#2338) chore: Add yu-cruco to * in CODEOWNERS yu-cruco is now a maintainer and will be notified on all PRs - [x] moved CODEOWNERS into .github folder where it belongs Signed-off-by: jmeridth --- CODEOWNERS => .github/CODEOWNERS | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) rename CODEOWNERS => .github/CODEOWNERS (68%) diff --git a/CODEOWNERS b/.github/CODEOWNERS similarity index 68% rename from CODEOWNERS rename to .github/CODEOWNERS index f7432a77..05c993b9 100644 --- a/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,14 +1,6 @@ -# All -* @mkilchhofer @jmeridth +* @mkilchhofer @jmeridth @yu-croco -# Argo Workflows /charts/argo-workflows/ @vladlosev @jmeridth @yu-croco @tico24 - -# Argo CD /charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24 - -# Argo Events /charts/argo-events/ @pdrastil @jmeridth @tico24 - -# Argo Rollouts /charts/argo-rollouts/ @jmeridth From 3f2654d24aacc35af23a664392438c0e5954c60d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 10 Nov 2023 21:41:09 +0900 Subject: [PATCH 0803/1248] fix(argo-cd): Add permission for Applications in any namespace (#2341) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/README.md.gotmpl | 1 + charts/argo-cd/templates/argocd-server/clusterrole.yaml | 3 +++ charts/argo-cd/values.yaml | 6 ++++++ 5 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fa544eff..ac684be9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.0 +version: 5.51.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.9.0 + - kind: fixed + description: Add configurations for Applications in any namespace diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e0e25025..7b79080e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -449,6 +449,7 @@ NAME: my-release | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | +| configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] | | configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | | configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | @@ -1253,3 +1254,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions +[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 5dc048b4..b8ffa4fb 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -562,3 +562,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions +[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 44d50515..bd10316b 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -21,6 +21,9 @@ rules: - events verbs: - list + {{- if (index .Values.configs.params "application.namespaces") }} + - create + {{- end }} - apiGroups: - "" resources: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4ec93222..49dd4e70 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -263,6 +263,12 @@ configs: # -- Enables use of the Progressive Syncs capability applicationsetcontroller.enable.progressive.syncs: false + # -- Enables [Applications in any namespace] + ## List of additional namespaces where applications may be created in and reconciled from. + ## The namespace where Argo CD is installed to will always be allowed. + ## Set comma-separated list. (e.g. app-team-one, app-team-two) + application.namespaces: "" + # Argo CD RBAC policy configuration ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbac: From 84c433962338329141010a9f5b8de1d8c919fff4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 15 Nov 2023 14:59:16 +0900 Subject: [PATCH 0804/1248] chore(argo-cd): Upgrade Argo CD to v2.9.1 (#2344) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac684be9..9a721124 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.0 +appVersion: v2.9.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.1 +version: 5.51.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add configurations for Applications in any namespace + - kind: changed + description: Upgrade Argo CD to v2.9.1 From a29d2165ac9ecc0f168b61cd54b945016a182d5a Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Wed, 15 Nov 2023 12:00:23 +0200 Subject: [PATCH 0805/1248] chore(argo-rollouts): Bump rollouts to 1.6.1 (#2345) * Bump rollouts to 1.6.2 Signed-off-by: drfaust92 * Bump to 1.6.1 Signed-off-by: drfaust92 * Bump to 1.6.1 Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6d343fdc..6b49176d 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.0 +appVersion: v1.6.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.2 +version: 2.32.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Update AnalysisRun CRD to match upstream + - kind: changed + description: Upgrade Argo Rollouts to v1.6.1 From d98747224e9200760e7a1684f14c197d5b3c0cec Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Wed, 15 Nov 2023 15:09:30 +0200 Subject: [PATCH 0806/1248] chore(argo-rollouts): Bump rollouts to 1.6.2 (#2347) --- charts/argo-rollouts/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6b49176d..6999850f 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.1 +appVersion: v1.6.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.3 +version: 2.32.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Rollouts to v1.6.1 + description: Upgrade Argo Rollouts to v1.6.2 From 737b9724de6e829207ab48caa4b4b0a672840e78 Mon Sep 17 00:00:00 2001 From: Matt Dainty Date: Wed, 15 Nov 2023 13:17:09 +0000 Subject: [PATCH 0807/1248] fix(argo-workflows): Add parameters for tuning revisionHistoryLimit and emptyDir volumes (#2346) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 3 +++ .../controller/workflow-controller-deployment.yaml | 1 + .../argo-workflows/templates/server/server-deployment.yaml | 3 ++- charts/argo-workflows/values.yaml | 7 +++++++ 5 files changed, 16 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 79929c7d..327adb89 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.0 +version: 0.39.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Accept multi auth mode for server. + - kind: added + description: Add parameters for tuning revisionHistoryLimit and emptyDir volumes. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index e3498867..a5f70341 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -197,6 +197,7 @@ Fields to note: | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | | controller.retentionPolicy | object | `{}` | Workflow retention by number of workflows | +| controller.revisionHistoryLimit | int | `10` | The number of revisions to keep. | | controller.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | the controller container's securityContext | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.create | bool | `true` | Create a service account for the controller | @@ -304,6 +305,7 @@ Fields to note: | server.rbac.create | bool | `true` | Adds Role and RoleBinding for the server. | | server.replicas | int | `1` | The number of server pods to run | | server.resources | object | `{}` | Resource limits and requests for the server | +| server.revisionHistoryLimit | int | `10` | The number of revisions to keep. | | server.secure | bool | `false` | Run the argo server in "secure" mode. Configure this value instead of `--secure` in extraArgs. | | server.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsNonRoot":true}` | Servers container-level security context | | server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | @@ -331,6 +333,7 @@ Fields to note: | server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | | server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | | server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | +| server.tmpVolume | object | `{"emptyDir":{}}` | Volume to be mounted in Pods for temporary files. | | server.tolerations | list | `[]` | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the argo server | | server.volumeMounts | list | `[]` | Additional volume mounts to the server main container. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 132d7f8c..3db5f971 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -12,6 +12,7 @@ metadata: {{- end }} spec: replicas: {{ .Values.controller.replicas }} + revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 38c6072b..182d3169 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -15,6 +15,7 @@ spec: {{- if not .Values.server.autoscaling.enabled }} replicas: {{ .Values.server.replicas }} {{- end }} + revisionHistoryLimit: {{ .Values.server.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} @@ -112,7 +113,7 @@ spec: {{- end }} volumes: - name: tmp - emptyDir: {} + {{- toYaml .Values.server.tmpVolume | nindent 8 }} {{- with .Values.server.volumes }} {{- toYaml . | nindent 6}} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 10a0e5a4..7a5f04e0 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -295,6 +295,8 @@ controller: volumes: [] # -- The number of controller pods to run replicas: 1 + # -- The number of revisions to keep. + revisionHistoryLimit: 10 pdb: # -- Configure [Pod Disruption Budget] for the controller pods @@ -472,6 +474,8 @@ server: resources: {} # -- The number of server pods to run replicas: 1 + # -- The number of revisions to keep. + revisionHistoryLimit: 10 ## Argo Server Horizontal Pod Autoscaler autoscaling: # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server @@ -555,6 +559,9 @@ server: # -- Set the logging format (one of: `text`, `json`) format: "text" + # -- Volume to be mounted in Pods for temporary files. + tmpVolume: + emptyDir: {} # -- Additional volume mounts to the server main container. volumeMounts: [] # -- Additional volumes to the server pod. From 9496f2f1e6f5b2bf7d4149b09a787ee404868924 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 15 Nov 2023 22:32:49 +0900 Subject: [PATCH 0808/1248] fix(argo-workflows): Align version label (#2342) * fix(argo-workflows): Aligne version label Signed-off-by: yu-croco * fix(argo-workflows): fix typo Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- .../templates/controller/workflow-controller-service.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 327adb89..f5275105 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.1 +version: 0.39.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add parameters for tuning revisionHistoryLimit and emptyDir volumes. + - kind: fixed + description: Align version label diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 5ade3d40..1959eb2e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -6,7 +6,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} {{- with .Values.controller.serviceLabels }} {{ toYaml . | nindent 4 }} {{- end }} From 4c256348e85d0d2419504b0ab4eed3852b8e42ae Mon Sep 17 00:00:00 2001 From: Kripu Khadka <84505567+Kripu77@users.noreply.github.com> Date: Wed, 15 Nov 2023 19:23:26 +0545 Subject: [PATCH 0809/1248] docs(github): typo fix in security.md (#2343) * typo fix Signed-off-by: Kripu Khadka * Revert "typo fix" This reverts commit b02b2fb766508226eda658eb870a9216a76fed3e. Signed-off-by: Kripu Khadka * typo fix in SECURITY.md Signed-off-by: Kripu Khadka <84505567+Kripu77@users.noreply.github.com> Signed-off-by: Kripu Khadka --------- Signed-off-by: Kripu Khadka Signed-off-by: Kripu Khadka <84505567+Kripu77@users.noreply.github.com> Co-authored-by: Aikawa --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 7c30259c..f4fb6002 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,7 +2,7 @@ ## Supported Versions and Upstream Reporting -Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy docueent to find out how to report the security issue. +Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy document to find out how to report the security issue. * [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md) * [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md) From a78556018dc70fa78fb6c4b65fc66489a8e555a7 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Thu, 16 Nov 2023 12:31:53 +0000 Subject: [PATCH 0810/1248] chore(argo-workflows): Remove xip url from test to avoid confusion (#2350) * chore(argo-workflows): Remove xip url from test to avoid confusion Signed-off-by: Tim Collins * Bump version Signed-off-by: Tim Collins * More bumpings Signed-off-by: Tim Collins * Tim can't type Signed-off-by: Tim Collins * Swap to example.com - rfc2606 Signed-off-by: Tim Collins --------- Signed-off-by: Tim Collins --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/ci/enable-ingress-values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f5275105..0e3a49a5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.2 +version: 0.39.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Align version label + - kind: changed + description: Modify test host url to avoid user confusion diff --git a/charts/argo-workflows/ci/enable-ingress-values.yaml b/charts/argo-workflows/ci/enable-ingress-values.yaml index 05dae886..bfcc37c3 100644 --- a/charts/argo-workflows/ci/enable-ingress-values.yaml +++ b/charts/argo-workflows/ci/enable-ingress-values.yaml @@ -5,4 +5,4 @@ server: ingress: enabled: true hosts: - - argo-workflows.127.0.0.1.xip.io + - argo-workflows.example.com From 14887dd57d15255b567108bd1d890ed0cf025aeb Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Sun, 19 Nov 2023 23:18:57 +0100 Subject: [PATCH 0811/1248] chore(argo-cd): Replace non-existing examples with official example domain (#2352) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9a721124..038ae63c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.2 +version: 5.51.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.9.1 + description: Replace non-existing examples with official example domain (RFC 2606) diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 49dd4e70..c4480e6c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -410,7 +410,7 @@ configs: ## - https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-scoped-repositories-and-clusters clusterCredentials: [] # - name: mycluster - # server: https://mycluster.com + # server: https://mycluster.example.com # labels: {} # annotations: {} # config: @@ -419,7 +419,7 @@ configs: # insecure: false # caData: "" # - name: mycluster2 - # server: https://mycluster2.com + # server: https://mycluster2.example.com # labels: {} # annotations: {} # namespaces: namespace1,namespace2 @@ -430,7 +430,7 @@ configs: # insecure: false # caData: "" # - name: mycluster3-project-scoped - # server: https://mycluster3.com + # server: https://mycluster3.example.com # labels: {} # annotations: {} # project: my-project1 From c18365288937157459c2fda20d5a0cdeb6478abb Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 21 Nov 2023 03:49:41 +0900 Subject: [PATCH 0812/1248] chore(argo-cd): Upgrade Argo CD to v2.9.2 (#2353) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 038ae63c..f0100f7f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.1 +appVersion: v2.9.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.3 +version: 5.51.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Replace non-existing examples with official example domain (RFC 2606) + description: Upgrade Argo CD to v2.9.2 From 7f95a5f9f0cf777ad564c5d90c973e17bde1b7bc Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Mon, 27 Nov 2023 07:30:08 +0100 Subject: [PATCH 0813/1248] chore(github): Update SECURITY-INSIGHTS.yml to include security-contacts (#2356) --- SECURITY-INSIGHTS.yml | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml index a983c4f1..e3a6aeed 100644 --- a/SECURITY-INSIGHTS.yml +++ b/SECURITY-INSIGHTS.yml @@ -11,13 +11,28 @@ project-lifecycle: contribution-policy: accepts-pull-requests: true accepts-automated-pull-requests: true + automated-tools-list: + - automated-tool: dependabot + action: allowed + path: + - / + contributing-policy: https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md + code-of-conduct: https://github.com/cncf/foundation/blob/master/code-of-conduct.md distribution-points: - - https://github.com/argoproj/argo-helm/blob/main/SECURITY.md + - https://argoproj.github.io/argo-helm + - https://artifacthub.io/packages/search?org=argoproj&repo=argo +security-contacts: + - type: website + value: https://github.com/argoproj/argo-helm/security/advisories/new + primary: true vulnerability-reporting: accepts-vulnerability-reports: true email-contact: cncf-argo-maintainers@lists.cncf.io security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md - comment: Please refer to the security policy for reporting information prior to using the email contact. + comment: | + Our preferred contact method related to vulnerabilities is the Security tab on GitHub. + Click the button "Report a vulnerability" to open the advisory form. + Please refer to the security policy for reporting information prior to using the email contact. dependencies: env-dependencies-policy: policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions From 7261decaf8c15cc644ff8b0d8e5b3b9633a6a17d Mon Sep 17 00:00:00 2001 From: qa-florian-wende <113123884+qa-florian-wende@users.noreply.github.com> Date: Mon, 27 Nov 2023 18:44:58 +0100 Subject: [PATCH 0814/1248] feat(argo-workflows): Make workflow controller ConfigMap optional (#2354) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ charts/argo-workflows/templates/_helpers.tpl | 7 +++++++ .../controller/workflow-controller-config-map.yaml | 4 +++- .../controller/workflow-controller-deployment.yaml | 2 +- .../argo-workflows/templates/server/server-deployment.yaml | 2 +- charts/argo-workflows/values.yaml | 6 ++++++ 7 files changed, 23 insertions(+), 6 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0e3a49a5..3e93c1f6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.3 +version: 0.39.4 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Modify test host url to avoid user confusion + - kind: added + description: Make configMap optional and allow its name to be overridden diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index a5f70341..64bd8191 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -142,6 +142,8 @@ Fields to note: | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | | controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | +| controller.configMap.create | bool | `true` | Create a ConfigMap for the controller | +| controller.configMap.name | string | `""` | ConfigMap name | | controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 0713264f..0d170ec9 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -97,6 +97,13 @@ app.kubernetes.io/component: {{ .component }} {{- end }} {{- end }} +{{/* +Create the name of the controller configMap +*/}} +{{- define "argo-workflows.controller.config-map.name" -}} +{{- .Values.controller.configMap.name | default (printf "%s-%s" (include "argo-workflows.controller.fullname" .) "configmap") | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the server service account to use */}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d4728a30..bff3e121 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -1,7 +1,8 @@ +{{- if .Values.controller.configMap.create }} apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "argo-workflows.controller.fullname" . }}-configmap + name: {{ template "argo-workflows.controller.config-map.name" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} @@ -191,3 +192,4 @@ data: {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 3db5f971..2cc8a903 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -45,7 +45,7 @@ spec: command: [ "workflow-controller" ] args: - "--configmap" - - "{{ template "argo-workflows.controller.fullname" . }}-configmap" + - "{{ template "argo-workflows.controller.config-map.name" . }}" - "--executor-image" - "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" - "--loglevel" diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 182d3169..f44fa57d 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -49,7 +49,7 @@ spec: {{- toYaml .Values.server.securityContext | nindent 12 }} args: - server - - --configmap={{ template "argo-workflows.controller.fullname" . }}-configmap + - --configmap={{ template "argo-workflows.controller.config-map.name" . }} {{- with .Values.server.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 7a5f04e0..a1a101d5 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -91,6 +91,12 @@ controller: # -- Allows controller to create and update ConfigMaps. Enables memoization feature writeConfigMaps: false + configMap: + # -- Create a ConfigMap for the controller + create: true + # -- ConfigMap name + name: "" + # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: # -- Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 From cabe63d2b65ef6708567c249e676fce069815b6d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 28 Nov 2023 06:12:50 +0900 Subject: [PATCH 0815/1248] chore(argo-workflows): Upgrade Argo Workflows to v3.5.2 (#2357) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3e93c1f6..d71407c9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.1 +appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.4 +version: 0.39.5 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Make configMap optional and allow its name to be overridden + - kind: changed + description: Upgrade Argo Workflows to v3.5.2 From f5201e76ad3bd83bc9f093baf8a398ae15ad3f7e Mon Sep 17 00:00:00 2001 From: Abdulla Abdurakhmanov Date: Wed, 29 Nov 2023 14:34:39 +0100 Subject: [PATCH 0816/1248] fix(argo-rollouts): Update all rollout CRDs to match upstream (#2361) Signed-off-by: Abdulla Abdurakhmanov --- charts/argo-rollouts/Chart.yaml | 4 +- .../templates/crds/analysis-template-crd.yaml | 51 ++++++++++++++++++- .../crds/cluster-analysis-template-crd.yaml | 51 ++++++++++++++++++- 3 files changed, 100 insertions(+), 6 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6999850f..933cc9d3 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.4 +version: 2.32.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Rollouts to v1.6.2 + description: Upgrade Argo Rollouts CRDs to match them mainstream from v1.6.2 diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 93479097..d97a6ce9 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -185,13 +185,22 @@ spec: datadog: properties: apiVersion: + default: v1 + enum: + - v1 + - v2 + type: string + formula: type: string interval: + default: 5m type: string + queries: + additionalProperties: + type: string + type: object query: type: string - required: - - query type: object graphite: properties: @@ -2805,6 +2814,19 @@ spec: type: string authentication: properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object sigv4: properties: profile: @@ -2853,6 +2875,31 @@ spec: type: object web: properties: + authentication: + properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object body: type: string headers: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 66977374..335f06a2 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -185,13 +185,22 @@ spec: datadog: properties: apiVersion: + default: v1 + enum: + - v1 + - v2 + type: string + formula: type: string interval: + default: 5m type: string + queries: + additionalProperties: + type: string + type: object query: type: string - required: - - query type: object graphite: properties: @@ -2805,6 +2814,19 @@ spec: type: string authentication: properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object sigv4: properties: profile: @@ -2853,6 +2875,31 @@ spec: type: object web: properties: + authentication: + properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object body: type: string headers: From f4eb968c22dadd9ff40f0836dcaf14008e34d831 Mon Sep 17 00:00:00 2001 From: Andre Marcelo-Tanner Date: Wed, 29 Nov 2023 13:39:59 -0500 Subject: [PATCH 0817/1248] docs(argo-cd): Add migration guide to README for Config Management Plugins (#2360) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 12 ++++++++++-- charts/argo-cd/README.md.gotmpl | 12 ++++++++++-- 3 files changed, 23 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f0100f7f..8853d5a3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.4 +version: 5.51.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.9.2 + - kind: added + description: "[docs] Added migration steps to README for Config Management Plugins settings available since 5.26.0" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 7b79080e..fa869975 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -115,14 +115,22 @@ The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. +### 5.26.0 + +This version adds support for Config Management Plugins using the sidecar model and configured in a ConfigMap named `argocd-cmp-cm`. +Users will need to migrate from the previous `argocd-cm` ConfigMap method to using the sidecar method before Argo CD v2.8. See the [Argo CD CMP migration guide](https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#migrating-from-argocd-cm-plugins) for more specifics. + +To migrate your plugins, you can now set the `configs.cmp.create` to `true` and move your plugins from `configs.cm` to `configs.cmp.plugins`. +You will also need to configure the sidecar containers under `repoServer.extraContainers` and ensure you are mounting any custom volumes you need from `repoServer.volumes` into here also. + ### 5.24.0 -This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +This version adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). Default `global.affinity` rules can be disabled when `none` value is used for the preset. ### 5.22.0 -This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. +This version adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. ### 5.19.0 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index b8ffa4fb..7df79078 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -115,14 +115,22 @@ The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. +### 5.26.0 + +This version adds support for Config Management Plugins using the sidecar model and configured in a ConfigMap named `argocd-cmp-cm`. +Users will need to migrate from the previous `argocd-cm` ConfigMap method to using the sidecar method before Argo CD v2.8. See the [Argo CD CMP migration guide](https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#migrating-from-argocd-cm-plugins) for more specifics. + +To migrate your plugins, you can now set the `configs.cmp.create` to `true` and move your plugins from `configs.cm` to `configs.cmp.plugins`. +You will also need to configure the sidecar containers under `repoServer.extraContainers` and ensure you are mounting any custom volumes you need from `repoServer.volumes` into here also. + ### 5.24.0 -This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +This version adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). Default `global.affinity` rules can be disabled when `none` value is used for the preset. ### 5.22.0 -This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. +This version adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. ### 5.19.0 From d62aafdf629e66e23af98405698c9d0fc0f83e6c Mon Sep 17 00:00:00 2001 From: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Date: Thu, 30 Nov 2023 15:14:55 -0500 Subject: [PATCH 0818/1248] docs(github): remove unnecessary qualifier in README (#2364) docs: remove unnecessary qualifier in README I think the sentence applies to all Argo projects. Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0c5c6798..3d57db36 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ Some users would prefer to install the CRDs _outside_ of the chart. You can disa Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `/templates` to address this design decision. -If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: +If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: Example: From 152c04f827d08b9e53fdf2f52ef773551c2e3707 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 2 Dec 2023 20:03:24 +0900 Subject: [PATCH 0819/1248] chore(argo-cd): Upgrade Argo CD to v2.9.3 (#2365) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8853d5a3..594dd161 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.2 +appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.5 +version: 5.51.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: "[docs] Added migration steps to README for Config Management Plugins settings available since 5.26.0" + - kind: changed + description: Upgrade Argo CD to v2.9.3 From 2c046f9a9a647ff1b53a81c0defcc311af95974d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 5 Dec 2023 14:55:10 +0900 Subject: [PATCH 0820/1248] fix(argo-workflows): Add missing permission to workflow role (#2367) --- charts/argo-workflows/Chart.yaml | 6 +++--- .../argo-workflows/templates/controller/workflow-role.yaml | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index d71407c9..9ef6fce8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.5 +version: 0.39.6 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.5.2 + - kind: fixed + description: Add missing permission to workflow role diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 51050d0f..80309119 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -38,6 +38,7 @@ rules: - workflowtaskresults verbs: - create + - patch - apiGroups: - argoproj.io resources: From 690e83be66297fd776f69bf0b44633e91f1e7388 Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Wed, 6 Dec 2023 23:23:14 -0800 Subject: [PATCH 0821/1248] fix(argo-workflows): Fix OAuth redirect URL autoconfig. (#2369) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 9ef6fce8..f5e725d3 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.6 +version: 0.39.7 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Add missing permission to workflow role + description: Fixes OAuth redirect URL autoconfig. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 64bd8191..c8e5f5f8 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -331,7 +331,7 @@ Fields to note: | server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | | server.sso.rbac.enabled | bool | `true` | Adds ServiceAccount Policy to server (Cluster)Role. | | server.sso.rbac.secretWhitelist | list | `[]` | Whitelist to allow server to fetch Secrets | -| server.sso.redirectUrl | string | `"https://argo/oauth2/callback"` | | +| server.sso.redirectUrl | string | `""` | | | server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | | server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | | server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index a1a101d5..9a5fa859 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -675,7 +675,7 @@ server: # -- Key of a secret to retrieve the app OIDC client secret key: client-secret # - The OIDC redirect URL. Should be in the form /oauth2/callback. - redirectUrl: https://argo/oauth2/callback + redirectUrl: "" rbac: # -- Adds ServiceAccount Policy to server (Cluster)Role. enabled: true From d0e0ce792837ade3c49ce3540d843a3b639350ca Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Thu, 7 Dec 2023 09:06:01 +0000 Subject: [PATCH 0822/1248] feat(github): Use renovate to create PRs when upstream releases (#2358) * feat(github): Use renovate to create PRs when upstream releases Signed-off-by: Tim Collins * add write permissions Signed-off-by: Tim Collins * remove the 'v' in the chart version Signed-off-by: Tim Collins * switch to digests for actions Signed-off-by: Tim Collins --------- Signed-off-by: Tim Collins --- .github/workflows/chart-version-bump.yml | 53 ++++++++++++++ renovate.json | 91 ++++++++++++++++++++++++ 2 files changed, 144 insertions(+) create mode 100644 .github/workflows/chart-version-bump.yml create mode 100644 renovate.json diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml new file mode 100644 index 00000000..d09ff045 --- /dev/null +++ b/.github/workflows/chart-version-bump.yml @@ -0,0 +1,53 @@ +## Used on Renovate PRs to bump the chart version and add a changelog entry +## Reference: https://github.com/stefanzweifel/git-auto-commit-action +## Reference: https://github.com/marketplace/actions/changed-files +name: 'Chart Version Bump and Changelog' + +on: + pull_request: + types: + - labeled + +permissions: + contents: write + +jobs: + helm-bumper: + if: ${{ (contains(github.event.pull_request.labels.*.name, 'renovate')) }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@https://github.com/tj-actions/changed-files/commit/1c938490c880156b746568a518594309cfb3f66b # v40.2.1 + with: + files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml + - name: "Bump Version and Changelog" + run: | + chartName="$(echo \"${{ steps.changed-files.outputs.all_changed_files }}\" | cut -d '/' -f2)" + echo "Changed chart name is: $chartName" + echo "----------------------------------------" + + parentDir="charts/${chartName}" + + # Bump the chart version by one patch version + version=$(grep '^version:' ${parentDir}/Chart.yaml | awk '{print $2}') + major=$(echo $version | cut -d. -f1) + minor=$(echo $version | cut -d. -f2) + patch=$(echo $version | cut -d. -f3) + patch=$(expr $patch + 1) + sed -i "s/^version:.*/version: ${major}.${minor}.${patch}/g" ${parentDir}/Chart.yaml + + # Add a changelog entry + appVersion=$(grep '^appVersion:' ${parentDir}/Chart.yaml | awk '{print $2}') + sed -i -e '/^ artifacthub.io\/changes: |/,$d' ${parentDir}/Chart.yaml + echo " artifacthub.io/changes: |" >> ${parentDir}/Chart.yaml + echo " - kind: changed" >> ${parentDir}/Chart.yaml + echo " description: Bump ${chartName} to ${appVersion}" >> ${parentDir}/Chart.yaml + cat ${parentDir}/Chart.yaml + - name: "Commit and push changes" + uses: stefanzweifel/git-auto-commit-action@8756aa072ef5b4a080af5dc8fef36c5d586e521d # v5.0.0 + with: + commit_options: '--signoff' diff --git a/renovate.json b/renovate.json new file mode 100644 index 00000000..12c7f3ea --- /dev/null +++ b/renovate.json @@ -0,0 +1,91 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "kubernetes": { + "fileMatch": ["\\.yaml$", "\\.yml$"] + }, + "extends": [ + "config:base", + "docker:enableMajor" + ], + "labels": ["renovate"], + "includePaths": [ + "**/charts/argo-workflows/Chart.yaml", + "**/charts/argo-cd/Chart.yaml", + "**/charts/argo-events/Chart.yaml", + "**/charts/argo-rollouts/Chart.yaml", + "**/charts/argocd-image-updater/Chart.yaml" + ], + "regexManagers": [ + { + "fileMatch": ["charts/argo-workflows/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj/argo-workflows", + "datasourceTemplate": "github-releases" + }, + { + "fileMatch": ["charts/argo-cd/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj/argo-cd", + "datasourceTemplate": "github-releases" + }, + { + "fileMatch": ["charts/argo-events/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj/argo-events", + "datasourceTemplate": "github-releases" + }, + { + "fileMatch": ["charts/argo-rollouts/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj/argo-rollouts", + "datasourceTemplate": "github-releases" + }, + { + "fileMatch": ["charts/argocd-image-updater/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj-labs/argocd-image-updater", + "datasourceTemplate": "github-releases" + } + ], + "packageRules": [ + { + "matchPackagePatterns": ["argoproj/argo-workflows"], + "commitMessagePrefix": "chore(argo-workflows):" + }, + { + "matchPackagePatterns": ["argoproj/argo-cd"], + "commitMessagePrefix": "chore(argo-cd):" + }, + { + "matchPackagePatterns": ["argoproj/argo-events"], + "commitMessagePrefix": "chore(argo-events):" + }, + { + "matchPackagePatterns": ["argoproj/argo-rollouts"], + "commitMessagePrefix": "chore(argo-rollouts):" + }, + { + "matchPackagePatterns": ["argoproj-labs/argocd-image-updater"], + "commitMessagePrefix": "chore(argocd-image-updater):" + }, + { + "matchPackagePatterns": ["redis-ha"], + "enabled": false + } + ] +} From 6cf99a08c81f4672a696eff85b58692e20fa367f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 7 Dec 2023 21:23:52 +0900 Subject: [PATCH 0823/1248] chore(github): Add yu-croco to CODEOWNERS of argo-events and argo-rollouts (#2372) Signed-off-by: yu-croco --- .github/CODEOWNERS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 05c993b9..c0d0ab9d 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2,5 +2,5 @@ /charts/argo-workflows/ @vladlosev @jmeridth @yu-croco @tico24 /charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24 -/charts/argo-events/ @pdrastil @jmeridth @tico24 -/charts/argo-rollouts/ @jmeridth +/charts/argo-events/ @pdrastil @jmeridth @tico24 @yu-croco +/charts/argo-rollouts/ @jmeridth @yu-croco From 83c3bc811565e68bada5d095dd58d4e822640552 Mon Sep 17 00:00:00 2001 From: yyzxw <34639446+yyzxw@users.noreply.github.com> Date: Fri, 8 Dec 2023 01:49:59 +0800 Subject: [PATCH 0824/1248] feat(argo-rollouts): add rollout plugin contour rbac (#2371) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + .../templates/controller/clusterrole.yaml | 12 ++++++++++++ charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 17 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 933cc9d3..09b46332 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.5 +version: 2.32.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Rollouts CRDs to match them mainstream from v1.6.2 + description: Add Contour plugin RBAC. diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index b9198998..e74afaca 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -65,6 +65,7 @@ For full list of changes please check ArtifactHub [changelog]. | providerRBAC.providers.apisix | bool | `true` | Adds RBAC rules for the Apisix provider | | providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider | | providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider | +| providerRBAC.providers.contour | bool | `true` | Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` | | providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider | | providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider | | providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider | diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index ab0f7ee1..56afb5cb 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -255,5 +255,17 @@ rules: - get - update {{- end }} +{{- if .Values.providerRBAC.providers.contour }} + # Access needed when using the Contour provider +- apiGroups: + - projectcontour.io + resources: + - httpproxies + verbs: + - get + - list + - watch + - update +{{- end }} {{- end }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index b711ee37..34c5a286 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -262,6 +262,8 @@ providerRBAC: traefik: true # -- Adds RBAC rules for the Apisix provider apisix: true + # -- Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` + contour: true dashboard: # -- Deploy dashboard server From c3c588038daa7c550bbd977c1298a1fd3f42d7c8 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Thu, 7 Dec 2023 20:11:53 +0100 Subject: [PATCH 0825/1248] fix(github): Copy-pasta error on Action digest (#2373) Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Aikawa --- .github/workflows/chart-version-bump.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index d09ff045..44c77bb8 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -19,11 +19,13 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 + - name: Get changed files id: changed-files - uses: tj-actions/changed-files@https://github.com/tj-actions/changed-files/commit/1c938490c880156b746568a518594309cfb3f66b # v40.2.1 + uses: tj-actions/changed-files@1c938490c880156b746568a518594309cfb3f66b # v40.2.1 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml + - name: "Bump Version and Changelog" run: | chartName="$(echo \"${{ steps.changed-files.outputs.all_changed_files }}\" | cut -d '/' -f2)" @@ -47,6 +49,7 @@ jobs: echo " - kind: changed" >> ${parentDir}/Chart.yaml echo " description: Bump ${chartName} to ${appVersion}" >> ${parentDir}/Chart.yaml cat ${parentDir}/Chart.yaml + - name: "Commit and push changes" uses: stefanzweifel/git-auto-commit-action@8756aa072ef5b4a080af5dc8fef36c5d586e521d # v5.0.0 with: From c7df8c14e6c6c807794ab2240ed67dc91b3de161 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 8 Dec 2023 14:56:40 +0000 Subject: [PATCH 0826/1248] fix(github): Include PAT to trigger CI jobs on auto-push (#2376) Signed-off-by: Tim Collins --- .github/workflows/chart-version-bump.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index 44c77bb8..f8aa07b2 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -18,6 +18,7 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: + token: ${{ secrets.PAT }} fetch-depth: 0 - name: Get changed files From 4a0f512f70d68ecd4dbb63c74b97e3c28f0c2828 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 8 Dec 2023 15:06:40 +0000 Subject: [PATCH 0827/1248] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.3 (#2374) * chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.3 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: tico24 --- charts/argo-rollouts/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 09b46332..c0f40f88 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.2 +appVersion: v1.6.3 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.6 +version: 2.32.7 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Add Contour plugin RBAC. + description: Bump argo-rollouts to v1.6.3 From a9e31c82fd63f42c8e56fe9bb8f19d583be83e69 Mon Sep 17 00:00:00 2001 From: Neile Havens Date: Fri, 8 Dec 2023 16:44:59 -0600 Subject: [PATCH 0828/1248] feat(argo-workflows): Add support for sso filterGroupsRegex (#2379) According to https://argoproj.github.io/argo-workflows/argo-server-sso/#filtering-groups Resolves #2378 Signed-off-by: Neile Havens --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 5 +++++ 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f5e725d3..49cebfbc 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.7 +version: 0.39.8 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixes OAuth redirect URL autoconfig. + - kind: changed + description: Add support for sso filterGroupsRegex according to https://argoproj.github.io/argo-workflows/argo-server-sso/#filtering-groups diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index c8e5f5f8..2b24e2be 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -326,6 +326,7 @@ Fields to note: | server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret | | server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups | | server.sso.enabled | bool | `false` | Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. | +| server.sso.filterGroupsRegex | list | `[]` | Filter the groups returned by the OIDC provider | | server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client | | server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider | | server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index bff3e121..d311441c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -162,6 +162,9 @@ data: {{- with .Values.server.sso.insecureSkipVerify }} insecureSkipVerify: {{ toYaml . }} {{- end }} + {{- with .Values.server.sso.filterGroupsRegex }} + filterGroupsRegex: {{ toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- with .Values.controller.workflowRestrictions }} workflowRestrictions: {{- toYaml . | nindent 6 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 9a5fa859..1624cc4e 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -701,6 +701,11 @@ server: userInfoPath: "" # -- Skip TLS verification for the HTTP client insecureSkipVerify: false + # -- Filter the groups returned by the OIDC provider + ## A logical "OR" is used between each regex in the list + filterGroupsRegex: [] + # - ".*argo-wf.*" + # - ".*argo-workflow.*" # -- Extra containers to be added to the server deployment extraContainers: [] From 97c3589eec2374b3b88800918f1e9a650b46dae0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Dec 2023 15:40:06 +0100 Subject: [PATCH 0829/1248] chore(deps): bump actions/setup-python from 4.7.1 to 5.0.0 (#2382) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.1 to 5.0.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236...0a5c61591373683505ea898e09a3ea4f39ef2b9c) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c2102b61..79782374 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 + uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: 3.9 From eeffeb407d10e6e66d2c86115a139f1f1037fa8c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Dec 2023 11:35:53 -0600 Subject: [PATCH 0830/1248] chore(deps): bump actions/stale from 8.0.0 to 9.0.0 (#2380) --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index b0356dc7..d0813423 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0 + - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From da261d0a38c020a4fe37dd61b59a069678a14875 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Dec 2023 20:45:04 +0100 Subject: [PATCH 0831/1248] chore(deps): bump actions/labeler from 4.3.0 to 5.0.0 (#2381) * chore(deps): bump actions/labeler from 4.3.0 to 5.0.0 Bumps [actions/labeler](https://github.com/actions/labeler) from 4.3.0 to 5.0.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/ac9175f8a1f3625fd0d4fb234536d26811351594...8558fd74291d67161a8a78ce36a881fa63b766a9) --- updated-dependencies: - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * chore: Update labeler.yaml to work with v5 Signed-off-by: Marco Maurer * fix: Adapt glob for argo-cd chart Signed-off-by: Marco Maurer (-Kilchhofer) --------- Signed-off-by: dependabot[bot] Signed-off-by: Marco Maurer Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Maurer Co-authored-by: Jason Meridth --- .github/configs/labeler.yaml | 18 ++++++++++++------ .github/workflows/pr-sizing.yml | 2 +- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/.github/configs/labeler.yaml b/.github/configs/labeler.yaml index acd6f219..80b72ba8 100644 --- a/.github/configs/labeler.yaml +++ b/.github/configs/labeler.yaml @@ -1,17 +1,23 @@ argo-cd: - - charts/argo-cd/**/* + - changed-files: + - any-glob-to-any-file: charts/argo-cd/** argo-events: - - charts/argo-events/**/* + - changed-files: + - any-glob-to-any-file: charts/argo-events/** argo-rollouts: - - charts/argo-rollouts/**/* + - changed-files: + - any-glob-to-any-file: charts/argo-rollouts/** argo-workflows: - - charts/argo-workflows/**/* + - changed-files: + - any-glob-to-any-file: charts/argo-workflows/** argocd-image-updater: - - charts/argocd-image-updater/**/* + - changed-files: + - any-glob-to-any-file: charts/argocd-image-updater/** argocd-apps: - - charts/argocd-apps/**/* + - changed-files: + - any-glob-to-any-file: charts/argocd-apps/** diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index d22ac750..01af9781 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@ac9175f8a1f3625fd0d4fb234536d26811351594 # v4.3.0 + - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From e07f69fee66b214719acc032401e26d36f839c77 Mon Sep 17 00:00:00 2001 From: workwithprashant <60788667+workwithprashant@users.noreply.github.com> Date: Tue, 12 Dec 2023 00:27:39 -0600 Subject: [PATCH 0832/1248] fix(argo-workflows): fix helm lint error when extraObjects is defined (#2384) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/extra-manifests.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 49cebfbc..e0e1c1b9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.8 +version: 0.39.9 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Add support for sso filterGroupsRegex according to https://argoproj.github.io/argo-workflows/argo-server-sso/#filtering-groups + description: "fix(argo-workflows): fix helm lint error when extraObjects is defined and same fix as one done for argo-cd #2116" diff --git a/charts/argo-workflows/templates/extra-manifests.yaml b/charts/argo-workflows/templates/extra-manifests.yaml index f17b1a93..fc9a76b8 100644 --- a/charts/argo-workflows/templates/extra-manifests.yaml +++ b/charts/argo-workflows/templates/extra-manifests.yaml @@ -1,6 +1,6 @@ {{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} From d9e5b727e3d11160c868213004ed0c0890c8166d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 13 Dec 2023 07:59:21 +0100 Subject: [PATCH 0833/1248] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.4 (#2385) --- charts/argo-rollouts/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c0f40f88..aaa143fa 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.3 +appVersion: v1.6.4 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.7 +version: 2.32.8 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-rollouts to v1.6.3 + description: Bump argo-rollouts to v1.6.4 From 9ca3f06dcf84a7bed3ee09032e33e1705b9edf48 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 14 Dec 2023 07:56:27 +0000 Subject: [PATCH 0834/1248] feat(argo-workflows): add hostAliases to server (#2387) * workflow server hostalises Signed-off-by: drfaust92 * Update Chart.yaml Signed-off-by: Ilia Lazebnik * workflow server hostalises Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 Signed-off-by: Ilia Lazebnik --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../argo-workflows/templates/server/server-deployment.yaml | 4 ++++ charts/argo-workflows/values.yaml | 6 ++++++ 4 files changed, 13 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index e0e1c1b9..acd175a7 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.9 +version: 0.40.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: "fix(argo-workflows): fix helm lint error when extraObjects is defined and same fix as one done for argo-cd #2116" + description: "feat(argo-workflows): add hostAliases to server" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 2b24e2be..070bdbf2 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -280,6 +280,7 @@ Fields to note: | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | | server.extraInitContainers | list | `[]` | Enables init containers to be added to the server deployment | +| server.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | server.image.registry | string | `"quay.io"` | Registry to use for the server | | server.image.repository | string | `"argoproj/argocli"` | Repository to use for the server | | server.image.tag | string | `""` | Image tag for the Argo Workflows server. Defaults to `.Values.images.tag`. | diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index f44fa57d..b3aa3728 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -37,6 +37,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.server.extraInitContainers }} initContainers: {{- tpl (toYaml .) $ | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 1624cc4e..e6440439 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -458,6 +458,12 @@ server: # -- Service port name servicePortName: "" # http + # -- Mapping between IP and hostnames that will be injected as entries in the pod's hosts files + hostAliases: [] + # - ip: 10.20.30.40 + # hostnames: + # - git.myhostname + serviceAccount: # -- Create a service account for the server create: true From bce77fa998d60cd30fc9b2c9c5c75f1c1208c45b Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 14 Dec 2023 08:39:20 +0000 Subject: [PATCH 0835/1248] feat(argo-rollouts): allow setting log config for rollouts (#2386) * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/templates/controller/deployment.yaml | 3 +++ charts/argo-rollouts/values.yaml | 7 +++++++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index aaa143fa..d2a4a898 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.4 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.8 +version: 2.33.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-rollouts to v1.6.4 + description: Allow setting log config for rollouts diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index e74afaca..9b368a5a 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -90,6 +90,9 @@ For full list of changes please check ArtifactHub [changelog]. | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | controller.initContainers | list | `[]` | Init containers to add to the rollouts controller pod | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | +| controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | +| controller.logging.kloglevel | string | `"0"` | Set the klog logging level | +| controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.service.annotations | object | `{}` | Service annotations | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 23dc14cb..9b8f456e 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -45,6 +45,9 @@ spec: args: - --healthzPort={{ .Values.controller.containerPorts.healthz }} - --metricsport={{ .Values.controller.containerPorts.metrics }} + - "--loglevel={{ .Values.controller.logging.level }}" + - "--logformat={{ .Values.controller.logging.format }}" + - "--kloglevel={{ .Values.controller.logging.kloglevel }}" {{- if not .Values.clusterInstall }} - --namespaced {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 34c5a286..6eb48b9c 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -55,6 +55,13 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + logging: + # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) + level: info + # -- Set the klog logging level + kloglevel: "0" + # -- Set the logging format (one of: `text`, `json`) + format: "text" # -- Assign custom [TopologySpreadConstraints] rules to the controller ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ From 77a4196fc31294b7abeb1d4d30df136f2b77a675 Mon Sep 17 00:00:00 2001 From: Neile Havens Date: Fri, 15 Dec 2023 01:45:22 -0600 Subject: [PATCH 0836/1248] fix(argo-workflows): Remove duplication in aggregated admin ClusterRole (#2389) Signed-off-by: Neile Havens --- charts/argo-workflows/Chart.yaml | 6 +++--- .../templates/controller/workflow-aggregate-roles.yaml | 2 -- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index acd175a7..ddd48e24 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.0 +version: 0.40.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: "feat(argo-workflows): add hostAliases to server" + - kind: fixed + description: "Remove duplication in aggregated admin ClusterRole" diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml index ca2ae93e..2a407b1b 100644 --- a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -83,8 +83,6 @@ rules: - workflows/finalizers - workfloweventbindings - workfloweventbindings/finalizers - - workflowtasksets - - workflowtasksets/finalizers - workflowtemplates - workflowtemplates/finalizers - cronworkflows From b13acd0814653ca4574c5053cc2e3b7e3b095599 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 Dec 2023 14:02:29 -0600 Subject: [PATCH 0837/1248] chore(deps): bump tj-actions/changed-files from 40.2.1 to 40.2.2 (#2391) --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index f8aa07b2..eeb38df9 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@1c938490c880156b746568a518594309cfb3f66b # v40.2.1 + uses: tj-actions/changed-files@94549999469dbfa032becf298d95c87a14c34394 # v40.2.2 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From 7f1b25402bb23681c479dc20c6c69caf49a10159 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 17 Dec 2023 00:22:40 +0100 Subject: [PATCH 0838/1248] chore(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0 (#2392) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3273e72d..e86279fa 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: SARIF file path: results.sarif From f9e2a94bb6d1f20f42374c42c62f86e8e37b2ba9 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Fri, 22 Dec 2023 14:07:05 +0200 Subject: [PATCH 0839/1248] feat(argo-rollouts): add args for dashboard logs (#2388) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 2 ++ charts/argo-rollouts/templates/dashboard/deployment.yaml | 3 +++ charts/argo-rollouts/values.yaml | 5 +++++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index d2a4a898..a879e08c 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.4 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.33.0 +version: 2.34.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Allow setting log config for rollouts + description: Allow setting log config for rollouts dashboard diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 9b368a5a..23f25df7 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -153,6 +153,8 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.ingress.pathType | string | `"Prefix"` | Dashboard ingress path type | | dashboard.ingress.paths | list | `["/"]` | Dashboard ingress paths | | dashboard.ingress.tls | list | `[]` | Dashboard ingress tls | +| dashboard.logging.kloglevel | string | `"0"` | Set the klog logging level | +| dashboard.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | dashboard.nodeSelector | object | `{}` | [Node selector] | | dashboard.pdb.annotations | object | `{}` | Annotations to be added to dashboard [Pod Disruption Budget] | | dashboard.pdb.enabled | bool | `false` | Deploy a [Pod Disruption Budget] for the dashboard | diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index cae24888..de7f525b 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -45,6 +45,9 @@ spec: - image: "{{ .Values.dashboard.image.registry }}/{{ .Values.dashboard.image.repository }}:{{ default .Chart.AppVersion .Values.dashboard.image.tag }}" imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }} args: + - dashboard + - "--loglevel={{ .Values.dashboard.logging.level }}" + - "--kloglevel={{ .Values.dashboard.logging.kloglevel }}" {{- with .Values.dashboard.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 6eb48b9c..e7a5f133 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -289,6 +289,11 @@ dashboard: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + logging: + # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) + level: info + # -- Set the klog logging level + kloglevel: "0" # -- Assign custom [TopologySpreadConstraints] rules to the dashboard server ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ From 91f48f37cdb84884dc100753fb1012d293a37800 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 Dec 2023 14:44:48 +0100 Subject: [PATCH 0840/1248] chore(deps): bump tj-actions/changed-files from 40.2.2 to 40.2.3 (#2398) --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index eeb38df9..22cf61a1 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@94549999469dbfa032becf298d95c87a14c34394 # v40.2.2 + uses: tj-actions/changed-files@56284d80811fb5963a972b438f2870f175e5b7c8 # v40.2.3 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From c962ee500c06af4213d911a8947f3055949cd45b Mon Sep 17 00:00:00 2001 From: Josia Date: Sat, 23 Dec 2023 19:28:35 -0500 Subject: [PATCH 0841/1248] fix(argo-workflows): Prevent extra whitespace in controller ConfigMap (#2399) Signed-off-by: Josia --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ddd48e24..69b84a11 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.1 +version: 0.40.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: "Remove duplication in aggregated admin ClusterRole" + description: "Prevent extra whitespace in controller ConfigMap" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d311441c..d3ad349b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -145,7 +145,7 @@ data: rbac: enabled: {{ .Values.server.sso.rbac.enabled }} {{- with .Values.server.sso.scopes }} - scopes: {{ toYaml . | nindent 8 }} + scopes: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.server.sso.issuerAlias }} issuerAlias: {{ toYaml . }} @@ -163,7 +163,7 @@ data: insecureSkipVerify: {{ toYaml . }} {{- end }} {{- with .Values.server.sso.filterGroupsRegex }} - filterGroupsRegex: {{ toYaml . | nindent 8 }} + filterGroupsRegex: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} {{- with .Values.controller.workflowRestrictions }} From 410e73af93a4aab3aad47614f8cac58d54ae798a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 24 Dec 2023 15:13:52 +0900 Subject: [PATCH 0842/1248] chore(argo-workflows): Add instruction for SSO (#2401) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 6 ++++++ charts/argo-workflows/README.md.gotmpl | 6 ++++++ 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 69b84a11..15950d66 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.2 +version: 0.40.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: "Prevent extra whitespace in controller ConfigMap" + - kind: added + description: Add instruction for SSO diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 070bdbf2..81e65359 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -56,6 +56,11 @@ spec: args: [ "hello world" ] ``` +### Argo Workflows Server SSO +In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`. + +In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details. + ## Installing the Chart To install the chart with the release name `my-release`: @@ -387,3 +392,4 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog +[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 60aa62af..aa296179 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -56,6 +56,11 @@ spec: args: [ "hello world" ] ``` +### Argo Workflows Server SSO +In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`. + +In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details. + ## Installing the Chart To install the chart with the release name `my-release`: @@ -204,3 +209,4 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog +[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac From 29c7f27b3f8b529c6756f510553aaedf58f992e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 30 Dec 2023 09:29:42 -0600 Subject: [PATCH 0843/1248] chore(deps): bump tj-actions/changed-files from 40.2.3 to 41.0.1 (#2405) --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index 22cf61a1..30bd26ee 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@56284d80811fb5963a972b438f2870f175e5b7c8 # v40.2.3 + uses: tj-actions/changed-files@716b1e13042866565e00e85fd4ec490e186c4a2f # v41.0.1 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From 9b0c33fb496dccdfd98d27c9dfa700fd6c8ded46 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 31 Dec 2023 02:02:10 +0900 Subject: [PATCH 0844/1248] feat(argo-cd): Use new Argo CD extension mechanism (#2406) --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 13 ++- charts/argo-cd/README.md.gotmpl | 6 + charts/argo-cd/ci/extension-values.yaml | 14 +++ charts/argo-cd/templates/aggregate-roles.yaml | 9 -- .../templates/argocd-server/deployment.yaml | 26 +++-- .../argo-cd/templates/argocd-server/role.yaml | 3 - .../argo-cd/templates/crds/crd-extension.yaml | 107 ------------------ charts/argo-cd/values.yaml | 28 +++-- 9 files changed, 68 insertions(+), 142 deletions(-) create mode 100644 charts/argo-cd/ci/extension-values.yaml delete mode 100644 charts/argo-cd/templates/crds/crd-extension.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 594dd161..e955494c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.6 +version: 5.52.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.9.3 + description: Use new Argo CD extension mechanism diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index fa869975..919149b5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.52.0 +Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. +If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. + ### 5.35.0 This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. @@ -718,10 +722,11 @@ NAME: my-release | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | -| server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | +| server.extensions.enabled | bool | `false` | Enable support for Argo CD extensions | +| server.extensions.extensionList | list | `[]` (See [values.yaml]) | Extensions for Argo CD | | server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | -| server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | -| server.extensions.image.tag | string | `"v0.2.1"` | Tag to use for extensions image | +| server.extensions.image.repository | string | `"quay.io/argoprojlabs/argocd-extension-installer"` | Repository to use for extension installer image | +| server.extensions.image.tag | string | `"v0.0.1"` | Tag to use for extension installer image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | @@ -1263,3 +1268,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions [Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace +[Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice +[Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 7df79078..ba94725f 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.52.0 +Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. +If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. + ### 5.35.0 This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. @@ -571,3 +575,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions [Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace +[Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice +[Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer diff --git a/charts/argo-cd/ci/extension-values.yaml b/charts/argo-cd/ci/extension-values.yaml new file mode 100644 index 00000000..0896ca4c --- /dev/null +++ b/charts/argo-cd/ci/extension-values.yaml @@ -0,0 +1,14 @@ +# Test Argo CD extension +crds: + keep: false +# Ref: https://github.com/argoproj-labs/argocd-extension-metrics?tab=readme-ov-file#install-ui-extension +server: + extensions: + enabled: true + extensionList: + - name: extension-metrics + env: + - name: EXTENSION_URL + value: https://github.com/argoproj-labs/argocd-extension-metrics/releases/download/v1.0.0/extension.tar.gz + - name: EXTENSION_CHECKSUM_URL + value: https://github.com/argoproj-labs/argocd-extension-metrics/releases/download/v1.0.0/extension_checksums.txt diff --git a/charts/argo-cd/templates/aggregate-roles.yaml b/charts/argo-cd/templates/aggregate-roles.yaml index b3893922..ba93d548 100644 --- a/charts/argo-cd/templates/aggregate-roles.yaml +++ b/charts/argo-cd/templates/aggregate-roles.yaml @@ -14,9 +14,6 @@ rules: {{- if .Values.applicationSet.enabled }} - applicationsets {{- end }} - {{- if .Values.server.extensions.enabled }} - - argocdextensions - {{- end }} - appprojects verbs: - get @@ -39,9 +36,6 @@ rules: {{- if .Values.applicationSet.enabled }} - applicationsets {{- end }} - {{- if .Values.server.extensions.enabled }} - - argocdextensions - {{- end }} - appprojects verbs: - create @@ -69,9 +63,6 @@ rules: {{- if .Values.applicationSet.enabled }} - applicationsets {{- end }} - {{- if .Values.server.extensions.enabled }} - - argocdextensions - {{- end }} - appprojects verbs: - create diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 983121a9..c56ea680 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -357,13 +357,22 @@ spec: lifecycle: {{- toYaml . | nindent 10 }} {{- end }} + {{- with .Values.server.extraContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- if or .Values.server.initContainers (and .Values.server.extensions.enabled .Values.server.extensions.extensionList) }} + initContainers: + {{- with .Values.server.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- if .Values.server.extensions.enabled }} - - name: argocd-extensions - image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }} - imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }} + {{- range .Values.server.extensions.extensionList }} + - name: {{ .name }} + image: {{ $.Values.server.extensions.image.repository }}:{{ $.Values.server.extensions.image.tag }} + imagePullPolicy: {{ default $.Values.global.image.imagePullPolicy $.Values.server.extensions.image.imagePullPolicy }} resources: - {{- toYaml .Values.server.extensions.resources | nindent 10 }} - {{- with .Values.server.extensions.containerSecurityContext }} + {{- toYaml $.Values.server.extensions.resources | nindent 10 }} + {{- with $.Values.server.extensions.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} {{- end }} @@ -372,13 +381,10 @@ spec: mountPath: /tmp/extensions/ - name: tmp mountPath: /tmp + env: + {{- toYaml .env | nindent 10 }} {{- end }} - {{- with .Values.server.extraContainers }} - {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} - {{- with .Values.server.initContainers }} - initContainers: - {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.server) }} affinity: diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 6bfe32a4..adc6f014 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -27,9 +27,6 @@ rules: - applicationsets {{- end }} - appprojects - {{- if .Values.server.extensions.enabled }} - - argocdextensions - {{- end }} verbs: - create - get diff --git a/charts/argo-cd/templates/crds/crd-extension.yaml b/charts/argo-cd/templates/crds/crd-extension.yaml deleted file mode 100644 index 30fbce70..00000000 --- a/charts/argo-cd/templates/crds/crd-extension.yaml +++ /dev/null @@ -1,107 +0,0 @@ -{{- if and .Values.crds.install .Values.server.extensions.enabled }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- if .Values.crds.keep }} - "helm.sh/resource-policy": keep - {{- end }} - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - controller-gen.kubebuilder.io/version: v0.4.1 - labels: - app.kubernetes.io/name: argocdextensions.argoproj.io - app.kubernetes.io/part-of: argocd - {{- with .Values.crds.additionalLabels }} - {{- toYaml . | nindent 4}} - {{- end }} - name: argocdextensions.argoproj.io -spec: - group: argoproj.io - names: - kind: ArgoCDExtension - listKind: ArgoCDExtensionList - plural: argocdextensions - singular: argocdextension - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ArgoCDExtension is the Schema for the argocdextensions API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ArgoCDExtensionSpec defines the desired state of ArgoCDExtension - properties: - sources: - description: Sources specifies where the extension should come from - items: - description: ExtensionSource specifies where the extension should - be sourced from - properties: - git: - description: Git is specified if the extension should be sourced - from a git repository - properties: - revision: - description: Revision specifies the revision of the Repository - to fetch - type: string - url: - description: URL specifies the Git repository URL to fetch - type: string - type: object - web: - description: Web is specified if the extension should be sourced - from a web file - properties: - url: - description: URK specifies the remote file URL - type: string - type: object - type: object - type: array - required: - - sources - type: object - status: - description: ArgoCDExtensionStatus defines the observed state of ArgoCDExtension - properties: - conditions: - items: - properties: - message: - description: Message contains human-readable message indicating - details about condition - type: string - status: - description: Boolean status describing if the condition is currently - true - type: string - type: - description: Type is an ArgoCDExtension condition type - type: string - required: - - message - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true -{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c4480e6c..bc93065e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1574,29 +1574,41 @@ server: # -- Specify postStart and preStop lifecycle hooks for your argo-cd-server container lifecycle: {} - ## Argo UI extensions + ## Argo CD extensions ## This function in tech preview stage, do expect instability or breaking changes in newer versions. - ## Ref: https://github.com/argoproj-labs/argocd-extensions + ## Ref: https://github.com/argoproj-labs/argocd-extension-installer extensions: - # -- Enable support for Argo UI extensions + # -- Enable support for Argo CD extensions enabled: false - ## Argo UI extensions image + ## Argo CD extension installer image image: - # -- Repository to use for extensions image - repository: "ghcr.io/argoproj-labs/argocd-extensions" - # -- Tag to use for extensions image - tag: "v0.2.1" + # -- Repository to use for extension installer image + repository: "quay.io/argoprojlabs/argocd-extension-installer" + # -- Tag to use for extension installer image + tag: "v0.0.1" # -- Image pull policy for extensions # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- Extensions for Argo CD + # @default -- `[]` (See [values.yaml]) + ## Ref: https://github.com/argoproj-labs/argocd-extension-metrics#install-ui-extension + extensionList: [] + # - name: extension-metrics + # env: + # - name: EXTENSION_URL + # value: https://github.com/argoproj-labs/argocd-extension-metrics/releases/download/v1.0.0/extension.tar.gz + # - name: EXTENSION_CHECKSUM_URL + # value: https://github.com/argoproj-labs/argocd-extension-metrics/releases/download/v1.0.0/extension_checksums.txt + # -- Server UI extensions container-level security context # @default -- See [values.yaml] containerSecurityContext: runAsNonRoot: true readOnlyRootFilesystem: true allowPrivilegeEscalation: false + runAsUser: 1000 seccompProfile: type: RuntimeDefault capabilities: From 107bd3bc537eb4d611907c09809ebadea73936ed Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 5 Jan 2024 13:56:59 +0100 Subject: [PATCH 0845/1248] chore(argo-cd): DRY cleanup of ServiceAccounts (#2409) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 14 +++++++------- .../clusterrolebinding.yaml | 2 +- .../argocd-application-controller/rolebinding.yaml | 8 ++++---- .../serviceaccount.yaml | 14 +++++++------- .../argocd-application-controller/statefulset.yaml | 2 +- .../argocd-applicationset/deployment.yaml | 2 +- .../argocd-applicationset/rolebinding.yaml | 6 +++--- .../argocd-applicationset/serviceaccount.yaml | 14 +++++++------- .../argocd-notifications/clusterrolebinding.yaml | 2 +- .../templates/argocd-notifications/deployment.yaml | 2 +- .../argocd-notifications/rolebinding.yaml | 6 +++--- .../argocd-notifications/serviceaccount.yaml | 14 +++++++------- .../argocd-repo-server/clusterrolebinding.yaml | 2 +- .../templates/argocd-repo-server/deployment.yaml | 2 +- .../templates/argocd-repo-server/rolebinding.yaml | 8 ++++---- .../argocd-repo-server/serviceaccount.yaml | 14 +++++++------- .../argocd-server/clusterrolebinding.yaml | 2 +- .../templates/argocd-server/deployment.yaml | 2 +- .../templates/argocd-server/rolebinding.yaml | 6 +++--- .../templates/argocd-server/serviceaccount.yaml | 14 +++++++------- charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/templates/dex/rolebinding.yaml | 8 ++++---- charts/argo-cd/templates/dex/serviceaccount.yaml | 8 ++++---- charts/argo-cd/templates/redis/deployment.yaml | 2 +- charts/argo-cd/templates/redis/serviceaccount.yaml | 8 ++++---- 26 files changed, 84 insertions(+), 84 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e955494c..91dcac84 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.52.0 +version: 5.52.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Use new Argo CD extension mechanism + description: DRY cleanup of ServiceAccounts diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index b5d62a6a..97ba5c25 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -11,7 +11,7 @@ to 63 chars and it includes 10 chars of hash and a separating '-'. {{/* Create the name of the controller service account to use */}} -{{- define "argo-cd.controllerServiceAccountName" -}} +{{- define "argo-cd.controller.serviceAccountName" -}} {{- if .Values.controller.serviceAccount.create -}} {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} {{- else -}} @@ -40,7 +40,7 @@ Create Dex server endpoint {{/* Create the name of the dex service account to use */}} -{{- define "argo-cd.dexServiceAccountName" -}} +{{- define "argo-cd.dex.serviceAccountName" -}} {{- if .Values.dex.serviceAccount.create -}} {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} {{- else -}} @@ -78,7 +78,7 @@ Return Redis server endpoint {{/* Create the name of the redis service account to use */}} -{{- define "argo-cd.redisServiceAccountName" -}} +{{- define "argo-cd.redis.serviceAccountName" -}} {{- if .Values.redis.serviceAccount.create -}} {{ default (include "argo-cd.redis.fullname" .) .Values.redis.serviceAccount.name }} {{- else -}} @@ -96,7 +96,7 @@ Create argocd server name and version as used by the chart label. {{/* Create the name of the Argo CD server service account to use */}} -{{- define "argo-cd.serverServiceAccountName" -}} +{{- define "argo-cd.server.serviceAccountName" -}} {{- if .Values.server.serviceAccount.create -}} {{ default (include "argo-cd.server.fullname" .) .Values.server.serviceAccount.name }} {{- else -}} @@ -114,7 +114,7 @@ Create argocd repo-server name and version as used by the chart label. {{/* Create the name of the repo-server service account to use */}} -{{- define "argo-cd.repoServerServiceAccountName" -}} +{{- define "argo-cd.repoServer.serviceAccountName" -}} {{- if .Values.repoServer.serviceAccount.create -}} {{ default (include "argo-cd.repoServer.fullname" .) .Values.repoServer.serviceAccount.name }} {{- else -}} @@ -132,7 +132,7 @@ Create argocd application set name and version as used by the chart label. {{/* Create the name of the application set service account to use */}} -{{- define "argo-cd.applicationSetServiceAccountName" -}} +{{- define "argo-cd.applicationSet.serviceAccountName" -}} {{- if .Values.applicationSet.serviceAccount.create -}} {{ default (include "argo-cd.applicationSet.fullname" .) .Values.applicationSet.serviceAccount.name }} {{- else -}} @@ -150,7 +150,7 @@ Create argocd notifications name and version as used by the chart label. {{/* Create the name of the notifications service account to use */}} -{{- define "argo-cd.notificationsServiceAccountName" -}} +{{- define "argo-cd.notifications.serviceAccountName" -}} {{- if .Values.notifications.serviceAccount.create -}} {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.serviceAccount.name }} {{- else -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml index 39ee80a6..9ebe80ad 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -12,6 +12,6 @@ roleRef: name: {{ include "argo-cd.controller.fullname" . }} subjects: - kind: ServiceAccount - name: {{ include "argo-cd.controllerServiceAccountName" . }} + name: {{ include "argo-cd.controller.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml index 5f07f109..9a87f771 100644 --- a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml @@ -1,15 +1,15 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace }} \ No newline at end of file + name: {{ include "argo-cd.controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index fe56d376..1b9619d6 100644 --- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.controllerServiceAccountName" . }} + name: {{ include "argo-cd.controller.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.controller.serviceAccount.annotations }} + {{- with .Values.controller.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.controller.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - {{- range $key, $value := .Values.controller.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- with .Values.controller.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 31bce299..6d1d3e2f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -55,7 +55,7 @@ spec: {{- if .Values.controller.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.controller.serviceAccountName" . }} containers: - args: - /usr/local/bin/argocd-application-controller diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index b704650a..655e8f19 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -55,7 +55,7 @@ spec: {{- if .Values.applicationSet.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.applicationSet.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.applicationSet.serviceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} diff --git a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml index 8a70526c..a012f1ed 100644 --- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml @@ -2,16 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.applicationSet.fullname" . }} + name: {{ include "argo-cd.applicationSet.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.applicationSet.fullname" . }} + name: {{ include "argo-cd.applicationSet.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.applicationSetServiceAccountName" . }} + name: {{ include "argo-cd.applicationSet.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml index a196626e..7c0cf017 100644 --- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.applicationSetServiceAccountName" . }} + name: {{ include "argo-cd.applicationSet.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.applicationSet.serviceAccount.annotations }} + {{- with .Values.applicationSet.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.applicationSet.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} - {{- range $key, $value := .Values.applicationSet.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- with .Values.applicationSet.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml index 3dba71a2..cfdba38a 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml @@ -11,6 +11,6 @@ roleRef: name: {{ include "argo-cd.notifications.fullname" . }} subjects: - kind: ServiceAccount - name: {{ include "argo-cd.notificationsServiceAccountName" . }} + name: {{ include "argo-cd.notifications.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index edee786a..2ed9f1e8 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -54,7 +54,7 @@ spec: {{- if .Values.notifications.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.notifications.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.notifications.serviceAccountName" . }} containers: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} diff --git a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml index 7bc6e1d1..32324190 100644 --- a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml @@ -2,16 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.notifications.fullname" . }} + name: {{ include "argo-cd.notifications.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.notifications.fullname" . }} + name: {{ include "argo-cd.notifications.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.notificationsServiceAccountName" . }} + name: {{ include "argo-cd.notifications.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml index aa824242..8f58ff8d 100644 --- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.notificationsServiceAccountName" . }} + name: {{ include "argo-cd.notifications.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.notifications.serviceAccount.annotations }} + {{- with .Values.notifications.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.notifications.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} - {{- range $key, $value := .Values.notifications.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- with .Values.notifications.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml index c3e21edb..ba156d24 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -12,6 +12,6 @@ roleRef: name: {{ include "argo-cd.repoServer.fullname" . }} subjects: - kind: ServiceAccount - name: {{ include "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServer.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 90941428..a9565a2e 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -65,7 +65,7 @@ spec: {{- if .Values.repoServer.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.repoServer.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.repoServer.serviceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} diff --git a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml index 8834b778..ea4baded 100644 --- a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml @@ -2,16 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServer.serviceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml index 7b26928f..945483fa 100644 --- a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServer.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.repoServer.serviceAccount.annotations }} + {{- with .Values.repoServer.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} - {{- range $key, $value := .Values.repoServer.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- range $key, $value := .Values.repoServer.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 72e4d450..27fd13d6 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -12,6 +12,6 @@ roleRef: name: {{ include "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: {{ include "argo-cd.serverServiceAccountName" . }} + name: {{ include "argo-cd.server.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index c56ea680..a09b5656 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -56,7 +56,7 @@ spec: {{- if .Values.server.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.server.serviceAccountName" . }} containers: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} diff --git a/charts/argo-cd/templates/argocd-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-server/rolebinding.yaml index 93b1fa94..61276d60 100644 --- a/charts/argo-cd/templates/argocd-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/rolebinding.yaml @@ -1,7 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} @@ -11,5 +11,5 @@ roleRef: name: {{ template "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace }} \ No newline at end of file + name: {{ include "argo-cd.server.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index 5d03aaf6..12f571fd 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.server.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.serverServiceAccountName" . }} + name: {{ include "argo-cd.server.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.server.serviceAccount.annotations }} + {{- with .Values.server.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.server.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- range $key, $value := .Values.server.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- range $key, $value := .Values.server.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 9f782c8d..c8e2c929 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -58,7 +58,7 @@ spec: {{- if .Values.dex.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.dex.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} + serviceAccountName: {{ template "argo-cd.dex.serviceAccountName" . }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} diff --git a/charts/argo-cd/templates/dex/rolebinding.yaml b/charts/argo-cd/templates/dex/rolebinding.yaml index 08da1544..30b92c06 100644 --- a/charts/argo-cd/templates/dex/rolebinding.yaml +++ b/charts/argo-cd/templates/dex/rolebinding.yaml @@ -2,16 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.dex.fullname" . }} + name: {{ include "argo-cd.dex.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.dex.fullname" . }} + name: {{ include "argo-cd.dex.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.dexServiceAccountName" . }} + name: {{ include "argo-cd.dex.serviceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/dex/serviceaccount.yaml b/charts/argo-cd/templates/dex/serviceaccount.yaml index 65abd57c..66bf3076 100644 --- a/charts/argo-cd/templates/dex/serviceaccount.yaml +++ b/charts/argo-cd/templates/dex/serviceaccount.yaml @@ -3,14 +3,14 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.dex.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.dexServiceAccountName" . }} + name: {{ include "argo-cd.dex.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.dex.serviceAccount.annotations }} + {{- with .Values.dex.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.dex.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 3f272d02..b3182245 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -51,7 +51,7 @@ spec: {{- if .Values.redis.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.redis.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.redis.serviceAccountName" . }} containers: - name: {{ .Values.redis.name }} image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} diff --git a/charts/argo-cd/templates/redis/serviceaccount.yaml b/charts/argo-cd/templates/redis/serviceaccount.yaml index 503fb434..f45ece13 100644 --- a/charts/argo-cd/templates/redis/serviceaccount.yaml +++ b/charts/argo-cd/templates/redis/serviceaccount.yaml @@ -3,14 +3,14 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.redisServiceAccountName" . }} + name: {{ include "argo-cd.redis.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.redis.serviceAccount.annotations }} + {{- with .Values.redis.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.redis.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- end }} From 51bb7f98069940ff6c053915f04b30bf5f546153 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 6 Jan 2024 00:28:42 +0900 Subject: [PATCH 0846/1248] fix(argocd-image-updater): Update outdated link on README (#2414) * fixed(argocd-image-updater): Update outdated link on README Signed-off-by: yu-croco * fix: correct "ArgoCD" to "Argo CD" Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argocd-image-updater/Chart.yaml | 8 ++++-- charts/argocd-image-updater/README.md | 30 +++++++++++--------- charts/argocd-image-updater/README.md.gotmpl | 20 +++++++------ charts/argocd-image-updater/values.yaml | 10 +++---- 4 files changed, 39 insertions(+), 29 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 665f4bad..203c6206 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.1 +version: 0.9.2 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -18,5 +18,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Introduce chart signing + - kind: fixed + description: Update outdated link on README + - kind: changed + description: Refactor README diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 5d5c7253..148a5073 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -14,7 +14,7 @@ helm repo add argo https://argoproj.github.io/argo-helm helm install argocd-image-updater argo/argocd-image-updater ``` -You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). +You will also need to run through the [secret setup documentation] so Argo CD Image Updater can talk to the Argo CD API (until its automated in this chart). ## Prerequisites @@ -22,9 +22,9 @@ You will also need to run through the [secret setup documentation](https://argoc ## Configuration options -In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags). +In order for your deployment of Argo CD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page]. -All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your ArgoCD instance is setup, are set in the `config.argocd` values block. For instance: +All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your Argo CD instance is setup, are set in the `config.argocd` values block. For instance: ```yaml config: @@ -35,12 +35,12 @@ config: plaintext: true ``` -Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. +Any additional arguments mentioned on the [argocd-image-updater flags page] can be configured using the `extraArgs` value, like so. -### ArgoCD API key +### Argo CD API key If you are unable to install Argo CD Image Updater into the same Kubernetes cluster you might configure it to use API of your Argo CD installation. -Please also read [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/). +Please also read [Configuration of Container Registries]. ```yaml config: @@ -52,7 +52,7 @@ If you specify a token value the secret will be created. ### Registries -ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): +Argo CD Image Updater natively supports the following registries (as mentioned in [Configuration of Container Registries]): - Docker Hub - Google Container Registry @@ -60,7 +60,7 @@ ArgoCD Image Updater natively supports the following registries (as mentioned in - GitHub Container Registry - GitHub Docker Packages -If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. +If you need support for ECR, you can reference this issue, [Support ECR authentication], for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. @@ -74,16 +74,16 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.applicationsAPIKind | string | `""` | API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`) | | config.argocd.grpcWeb | bool | `true` | Use the gRPC-web protocol to connect to the Argo CD API | | config.argocd.insecure | bool | `false` | If specified, the certificate of the Argo CD API server is not verified. | -| config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. | +| config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the Argo CD API instead of TLS. | | config.argocd.serverAddress | string | `""` | Connect to the Argo CD API server at server address | -| config.argocd.token | string | `""` | If specified, the secret with ArgoCD API key will be created. | +| config.argocd.token | string | `""` | If specified, the secret with Argo CD API key will be created. | | config.disableKubeEvents | bool | `false` | Disable kubernetes events | | config.gitCommitMail | string | `""` | E-Mail address to use for Git commits | | config.gitCommitTemplate | string | `""` | Changing the Git commit message | | config.gitCommitUser | string | `""` | Username to use for Git commits | -| config.logLevel | string | `"info"` | ArgoCD Image Update log level | -| config.registries | list | `[]` | ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | -| config.sshConfig | object | `{}` | ArgoCD Image Updater ssh client parameter configuration. | +| config.logLevel | string | `"info"` | Argo CD Image Update log level | +| config.registries | list | `[]` | Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | +| config.sshConfig | object | `{}` | Argo CD Image Updater ssh client parameter configuration. | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | | extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | @@ -125,3 +125,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +[secret setup documentation]: https://argocd-image-updater.readthedocs.io/en/stable/install/installation/#method-2-connect-using-argo-cd-api-server +[argocd-image-updater flags page]: https://argocd-image-updater.readthedocs.io/en/stable/install/reference/#flags +[Configuration of Container Registries]: https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/ +[Support ECR authentication]: https://github.com/argoproj-labs/argocd-image-updater/issues/112 diff --git a/charts/argocd-image-updater/README.md.gotmpl b/charts/argocd-image-updater/README.md.gotmpl index bbd2e1b5..68ddd814 100644 --- a/charts/argocd-image-updater/README.md.gotmpl +++ b/charts/argocd-image-updater/README.md.gotmpl @@ -14,7 +14,7 @@ helm repo add argo https://argoproj.github.io/argo-helm helm install argocd-image-updater argo/argocd-image-updater ``` -You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). +You will also need to run through the [secret setup documentation] so Argo CD Image Updater can talk to the Argo CD API (until its automated in this chart). ## Prerequisites @@ -22,9 +22,9 @@ You will also need to run through the [secret setup documentation](https://argoc ## Configuration options -In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags). +In order for your deployment of Argo CD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page]. -All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your ArgoCD instance is setup, are set in the `config.argocd` values block. For instance: +All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your Argo CD instance is setup, are set in the `config.argocd` values block. For instance: ```yaml config: @@ -35,12 +35,12 @@ config: plaintext: true ``` -Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. +Any additional arguments mentioned on the [argocd-image-updater flags page] can be configured using the `extraArgs` value, like so. -### ArgoCD API key +### Argo CD API key If you are unable to install Argo CD Image Updater into the same Kubernetes cluster you might configure it to use API of your Argo CD installation. -Please also read [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/). +Please also read [Configuration of Container Registries]. ```yaml config: @@ -52,7 +52,7 @@ If you specify a token value the secret will be created. ### Registries -ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): +Argo CD Image Updater natively supports the following registries (as mentioned in [Configuration of Container Registries]): - Docker Hub - Google Container Registry @@ -60,7 +60,7 @@ ArgoCD Image Updater natively supports the following registries (as mentioned in - GitHub Container Registry - GitHub Docker Packages -If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. +If you need support for ECR, you can reference this issue, [Support ECR authentication], for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. @@ -71,3 +71,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +[secret setup documentation]: https://argocd-image-updater.readthedocs.io/en/stable/install/installation/#method-2-connect-using-argo-cd-api-server +[argocd-image-updater flags page]: https://argocd-image-updater.readthedocs.io/en/stable/install/reference/#flags +[Configuration of Container Registries]: https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/ +[Support ECR authentication]: https://github.com/argoproj-labs/argocd-image-updater/issues/112 diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 90498e26..4d490572 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -77,9 +77,9 @@ config: serverAddress: "" # -- If specified, the certificate of the Argo CD API server is not verified. insecure: false - # -- If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. + # -- If specified, use an unencrypted HTTP connection to the Argo CD API instead of TLS. plaintext: false - # -- If specified, the secret with ArgoCD API key will be created. + # -- If specified, the secret with Argo CD API key will be created. token: "" # -- Disable kubernetes events @@ -94,10 +94,10 @@ config: # -- Changing the Git commit message gitCommitTemplate: "" - # -- ArgoCD Image Update log level + # -- Argo CD Image Update log level logLevel: "info" - # -- ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) + # -- Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) registries: [] # - name: Docker Hub # api_url: https://registry-1.docker.io @@ -122,7 +122,7 @@ config: # credentials: ext:/scripts/auth1.sh # credsexpire: 10h - # -- ArgoCD Image Updater ssh client parameter configuration. + # -- Argo CD Image Updater ssh client parameter configuration. sshConfig: {} # config: | From d1389a90b9906c5ad419b53ced3250ed4208f7ca Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 6 Jan 2024 13:17:33 +0900 Subject: [PATCH 0847/1248] chore(argo-workflows): Update doc for Argo Workflows server authentication (#2411) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 15 +++++++-------- charts/argo-workflows/README.md.gotmpl | 16 ++++++++-------- 3 files changed, 18 insertions(+), 19 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 15950d66..2bfb706d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.3 +version: 0.40.4 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add instruction for SSO + - kind: changed + description: Update doc for Argo Workflows server authentication diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 81e65359..3a2a91d7 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -56,11 +56,6 @@ spec: args: [ "hello world" ] ``` -### Argo Workflows Server SSO -In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`. - -In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details. - ## Installing the Chart To install the chart with the release name `my-release`: @@ -89,9 +84,12 @@ Please see the upstream [Operator Manual's High Availability page](https://argop This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. -### Workflow server authentication +### Argo Workflows server authentication -By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting. +Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means. +Please refer to [Argo Server Auth Mode] for more details. + +Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details. ## Values @@ -392,4 +390,5 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog -[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac +[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/ +[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/ diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index aa296179..4d1ec4d5 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -56,11 +56,6 @@ spec: args: [ "hello world" ] ``` -### Argo Workflows Server SSO -In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`. - -In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details. - ## Installing the Chart To install the chart with the release name `my-release`: @@ -89,9 +84,13 @@ Please see the upstream [Operator Manual's High Availability page](https://argop This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. -### Workflow server authentication +### Argo Workflows server authentication + +Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means. +Please refer to [Argo Server Auth Mode] for more details. + +Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details. -By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting. ## Values @@ -209,4 +208,5 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog -[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac +[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/ +[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/ From 9892e505f17a24fd13e1aef8248222e141887201 Mon Sep 17 00:00:00 2001 From: Brian Gottfried Date: Sat, 6 Jan 2024 22:30:45 -0600 Subject: [PATCH 0848/1248] feat(argo-rollouts): Add rollout plugin gloo platform rbac (#2404) * feat(argo-rollouts): Add rollout plugin gloo platform rbac Signed-off-by: Brian Gottfried * feat(argo-rollouts): Add rollout plugin gloo platform rbac information to README Signed-off-by: Brian Gottfried --------- Signed-off-by: Brian Gottfried Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 1 + .../argo-rollouts/templates/controller/clusterrole.yaml | 9 +++++++++ charts/argo-rollouts/templates/controller/role.yaml | 9 +++++++++ charts/argo-rollouts/values.yaml | 2 ++ 5 files changed, 24 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a879e08c..caf26b58 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.4 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.34.0 +version: 2.34.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Allow setting log config for rollouts dashboard + - kind: added + description: Added Gloo Platform provider RBAC rules diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 23f25df7..3627de83 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -66,6 +66,7 @@ For full list of changes please check ArtifactHub [changelog]. | providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider | | providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider | | providerRBAC.providers.contour | bool | `true` | Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` | +| providerRBAC.providers.glooPlatform | bool | `true` | Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md` | | providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider | | providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider | | providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider | diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 56afb5cb..35fd8215 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -267,5 +267,14 @@ rules: - watch - update {{- end }} +{{- if .Values.providerRBAC.providers.glooPlatform }} + # Access needed when using the Gloo Platform provider +- apiGroups: + - networking.gloo.solo.io + resources: + - routetables + verbs: + - '*' +{{- end }} {{- end }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index eb69db62..dc656cde 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -256,5 +256,14 @@ rules: - get - update {{- end }} +{{- if .Values.providerRBAC.providers.glooPlatform }} + # Access needed when using the Gloo Platform provider +- apiGroups: + - networking.gloo.solo.io + resources: + - routetables + verbs: + - '*' +{{- end }} {{- end }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e7a5f133..19ab340e 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -271,6 +271,8 @@ providerRBAC: apisix: true # -- Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` contour: true + # -- Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md` + glooPlatform: true dashboard: # -- Deploy dashboard server From 3a2645782ceaac12a19d630cd870dcf202cee9a2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 9 Jan 2024 10:14:11 +0000 Subject: [PATCH 0849/1248] chore(argo-events): Update dependency argoproj/argo-events to v1.9.0 (#2417) * chore(argo-events): Update dependency argoproj/argo-events to v1.9.0 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index b9f441fe..d219afc7 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.8.1 +appVersion: v1.9.0 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.1 +version: 2.4.2 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Events to v1.8.1 + description: Bump argo-events to v1.9.0 From 5aaa79be36e9a283a75a148d85ee44b41858e768 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 11 Jan 2024 16:20:25 +0900 Subject: [PATCH 0850/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.3 (#2419) * chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.3 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 2bfb706d..54b893cf 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.2 +appVersion: v3.5.3 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.4 +version: 0.40.5 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update doc for Argo Workflows server authentication + description: Bump argo-workflows to v3.5.3 From 1cc80bfe107ccf24379ba71cf024311c8240ee89 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 Jan 2024 09:09:25 -0600 Subject: [PATCH 0851/1248] chore(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 (#2421) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e86279fa..76b0264c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0 with: name: SARIF file path: results.sarif From 524089b9dfbcd78b26ec78a502dbe9ce1e1f6df7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 14 Jan 2024 17:10:59 +0900 Subject: [PATCH 0852/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.4 (#2422) * chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.4 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 54b893cf..ed2e3048 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.3 +appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.5 +version: 0.40.6 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-workflows to v3.5.3 + description: Bump argo-workflows to v3.5.4 From e6de8c47b9afaeb55aee532f35f9ed01c1323abb Mon Sep 17 00:00:00 2001 From: Aman Gupta Date: Mon, 15 Jan 2024 14:42:39 +0530 Subject: [PATCH 0853/1248] docs(argo-cd): Fix policy.csv block (#2423) * Minor Changes to policy.csv block Added Missing ':' Signed-off-by: Aman Gupta * Update Chart.yaml Signed-off-by: Aman Gupta * Update Changelog Signed-off-by: Aman Gupta --------- Signed-off-by: Aman Gupta --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 91dcac84..42cfbcc2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.52.1 +version: 5.52.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: DRY cleanup of ServiceAccounts + - kind: fixed + description: Missing colon for policy.csv block diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index bc93065e..8b725375 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -291,7 +291,7 @@ configs: # p, subject, resource, action, object, effect # Role definitions and bindings are in the form: # g, subject, inherited-subject - # policy.csv | + # policy.csv: | # p, role:org-admin, applications, *, */*, allow # p, role:org-admin, clusters, get, *, allow # p, role:org-admin, repositories, *, *, allow From d5b942a873af4fe0826d099895efa4fed476ecce Mon Sep 17 00:00:00 2001 From: Lucas Fernando Cardoso Nunes Date: Wed, 17 Jan 2024 04:56:17 -0300 Subject: [PATCH 0854/1248] docs(argo-workflows): fix wrong `artifactRepository` identations on values.yaml (#2426) * fix: wrong `artifactRepository` identations on values.yaml on `artifactRepository.gcs` the following 3 keys were in the same level: - `.serviceAccountKeySecret` - `.name` - `.key` Signed-off-by: Lucas Fernando Cardoso Nunes * Update Chart.yaml Signed-off-by: Lucas Fernando Cardoso Nunes --------- Signed-off-by: Lucas Fernando Cardoso Nunes --- charts/argo-workflows/Chart.yaml | 6 ++-- charts/argo-workflows/values.yaml | 58 +++++++++++++++---------------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ed2e3048..f529072b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.6 +version: 0.40.7 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-workflows to v3.5.4 + - kind: fixed + description: Wrong identation in artifactRepository block diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index e6440439..570f5986 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -769,41 +769,41 @@ artifactRepository: # roleARN: # useSDKCreds: true # encryptionOptions: - # enableEncryption: true + # enableEncryption: true # -- Store artifact in a GCS object store # @default -- `{}` (See [values.yaml]) gcs: {} - # bucket: -argo - # keyFormat: "{{ \"{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}\" }}" - # serviceAccountKeySecret is a secret selector. - # It references the k8s secret named 'my-gcs-credentials'. - # This secret is expected to have have the key 'serviceAccountKey', - # containing the base64 encoded credentials - # to the bucket. - # - # If it's running on GKE and Workload Identity is used, - # serviceAccountKeySecret is not needed. - # serviceAccountKeySecret: - # name: my-gcs-credentials - # key: serviceAccountKey + # bucket: -argo + # keyFormat: "{{ \"{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}\" }}" + # # serviceAccountKeySecret is a secret selector. + # # It references the k8s secret named 'my-gcs-credentials'. + # # This secret is expected to have have the key 'serviceAccountKey', + # # containing the base64 encoded credentials + # # to the bucket. + # # + # # If it's running on GKE and Workload Identity is used, + # # serviceAccountKeySecret is not needed. + # serviceAccountKeySecret: + # name: my-gcs-credentials + # key: serviceAccountKey # -- Store artifact in Azure Blob Storage # @default -- `{}` (See [values.yaml]) azure: {} - # endpoint: https://mystorageaccountname.blob.core.windows.net - # container: my-container-name - # blobNameFormat: path/in/container - ## accountKeySecret is a secret selector. - ## It references the k8s secret named 'my-azure-storage-credentials'. - ## This secret is expected to have have the key 'account-access-key', - ## containing the base64 encoded credentials to the storage account. - ## If a managed identity has been assigned to the machines running the - ## workflow (e.g., https://docs.microsoft.com/en-us/azure/aks/use-managed-identity) - ## then accountKeySecret is not needed, and useSDKCreds should be - ## set to true instead: - # useSDKCreds: true - # accountKeySecret: - # name: my-azure-storage-credentials - # key: account-access-key + # endpoint: https://mystorageaccountname.blob.core.windows.net + # container: my-container-name + # blobNameFormat: path/in/container + # # accountKeySecret is a secret selector. + # # It references the k8s secret named 'my-azure-storage-credentials'. + # # This secret is expected to have have the key 'account-access-key', + # # containing the base64 encoded credentials to the storage account. + # # If a managed identity has been assigned to the machines running the + # # workflow (e.g., https://docs.microsoft.com/en-us/azure/aks/use-managed-identity) + # # then accountKeySecret is not needed, and useSDKCreds should be + # # set to true instead: + # useSDKCreds: true + # accountKeySecret: + # name: my-azure-storage-credentials + # key: account-access-key # -- The section of custom artifact repository. # Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) From e37093f273b1843a78e01268ca55777670f6b8a8 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 18 Jan 2024 15:21:37 +0900 Subject: [PATCH 0855/1248] feat(argocd-image-updater): Support extra K8s manifests (#2429) * feat(argocd-image-updater): Support extra K8s manifests Signed-off-by: yu-croco * chore(argocd-image-updater): add CI for extraObjects Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argocd-image-updater/Chart.yaml | 8 ++--- charts/argocd-image-updater/README.md | 1 + .../ci/enable-extra-objects-values.yaml | 14 +++++++++ .../templates/extra-manifests.yaml | 8 +++++ charts/argocd-image-updater/values.yaml | 29 +++++++++++++++++++ 5 files changed, 55 insertions(+), 5 deletions(-) create mode 100644 charts/argocd-image-updater/ci/enable-extra-objects-values.yaml create mode 100644 charts/argocd-image-updater/templates/extra-manifests.yaml diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 203c6206..613f76aa 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.2 +version: 0.9.3 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -18,7 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Update outdated link on README - - kind: changed - description: Refactor README + - kind: added + description: Support extra K8s manifests diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 148a5073..c62e480f 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -86,6 +86,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.sshConfig | object | `{}` | Argo CD Image Updater ssh client parameter configuration. | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | | extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | +| extraObjects | list | `[]` | Extra K8s manifests to deploy for argocd-image-updater | | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | | image.pullPolicy | string | `"Always"` | Default image pull policy | | image.repository | string | `"quay.io/argoprojlabs/argocd-image-updater"` | Default image repository | diff --git a/charts/argocd-image-updater/ci/enable-extra-objects-values.yaml b/charts/argocd-image-updater/ci/enable-extra-objects-values.yaml new file mode 100644 index 00000000..8d18ecd3 --- /dev/null +++ b/charts/argocd-image-updater/ci/enable-extra-objects-values.yaml @@ -0,0 +1,14 @@ +# Test with extraObjects enabled +# Do not deploy the CRDs as they are already present from the previous test +installCRDs: false + +extraObjects: + - apiVersion: v1 + kind: Secret + metadata: + name: datadog + type: Opaque + data: + address: aHR0cHM6Ly9hcGkuZGF0YWRvZ2hxLmNvbQo= # https://api.datadoghq.com + api-key: dGVzdC1hcGkta2V5Cg== # test-api-key + app-key: dGVzdC1hcHAta2V5Cg== # test-app-key diff --git a/charts/argocd-image-updater/templates/extra-manifests.yaml b/charts/argocd-image-updater/templates/extra-manifests.yaml new file mode 100644 index 00000000..fc9a76b8 --- /dev/null +++ b/charts/argocd-image-updater/templates/extra-manifests.yaml @@ -0,0 +1,8 @@ +{{ range .Values.extraObjects }} +--- +{{ if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} +{{ end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 4d490572..f06edf3b 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -42,6 +42,35 @@ extraEnv: [] # - name: AWS_REGION # value: "us-west-1" +# -- Extra K8s manifests to deploy for argocd-image-updater +## Note: Supports use of custom Helm templates +extraObjects: [] + # - apiVersion: secrets-store.csi.x-k8s.io/v1 + # kind: SecretProviderClass + # metadata: + # name: argocd-image-updater-secrets-store + # spec: + # provider: aws + # parameters: + # objects: | + # - objectName: "argocd-image-updater" + # objectType: "secretsmanager" + # jmesPath: + # - path: "client_id" + # objectAlias: "client_id" + # - path: "client_secret" + # objectAlias: "client_secret" + # secretObjects: + # - data: + # - key: client_id + # objectName: client_id + # - key: client_secret + # objectName: client_secret + # secretName: argocd-image-updater-secrets-store + # type: Opaque + # labels: + # app.kubernetes.io/part-of: argocd + # -- Init containers to add to the image updater pod initContainers: [] # - name: download-tools From 508162f1cc9852ccfbac6fb46b8e7c180d95d298 Mon Sep 17 00:00:00 2001 From: Michele Sacchetti Date: Thu, 18 Jan 2024 14:56:33 +0100 Subject: [PATCH 0856/1248] feat(argo-cd): Add optional mapping of argocd-repo-server emptydir to custom volumes (#2410) * Add optional volumes to replace emptydir Provide user-driven option to replace emptydir volumes with desired solution Signed-off-by: Michele Sacchetti * existingVolumes default values provide default values with empy object to ensure default behavior is backward-compatible Signed-off-by: Michele Sacchetti * Update Chart.yaml bump version Signed-off-by: Michele Sacchetti * Update Chart.yaml add changelog Signed-off-by: Michele Sacchetti * fix docs fix docs on new entry Signed-off-by: Michele Sacchetti * fix readme Signed-off-by: Michele Sacchetti * Update README.md.gotmpl Signoff commit Signed-off-by: Michele Sacchetti * fix readme Signed-off-by: Michele Sacchetti * fixCamelCase Signed-off-by: Michele Sacchetti --------- Signed-off-by: Michele Sacchetti --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 5 +++++ charts/argo-cd/README.md.gotmpl | 4 ++++ .../argocd-repo-server/deployment.yaml | 20 +++++++++++++++++++ charts/argo-cd/values.yaml | 18 +++++++++++++++++ 5 files changed, 50 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 42cfbcc2..6986775f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.52.2 +version: 5.53.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Missing colon for policy.csv block + - kind: added + description: Optionally map argocd-repo-server emptydir volumes on custom volumes diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 919149b5..ed421bb4 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.53.0 + +Argocd-repo-server can now optionally use Persistent Volumes for its mountpoints instead of only emptydir() + ### 5.52.0 Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. @@ -609,6 +613,7 @@ NAME: my-release | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | +| repoServer.existingVolumes | object | `{}` | Volumes to be used in replacement of emptydir on default volumes | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | | repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod | | repoServer.hostNetwork | bool | `false` | Host Network for Repo server pods | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index ba94725f..bb296e6a 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.53.0 + +Argocd-repo-server can now optionally use Persistent Volumes for its mountpoints instead of only emptydir() + ### 5.52.0 Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index a9565a2e..2a18df6c 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -373,14 +373,30 @@ spec: {{- end }} {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: helm-working-dir + {{- if .Values.repoServer.existingVolumes.helmWorkingDir -}} + {{ toYaml .Values.repoServer.existingVolumes.helmWorkingDir | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} {{- end }} - name: plugins + {{- if .Values.repoServer.existingVolumes.plugins -}} + {{ toYaml .Values.repoServer.existingVolumes.plugins | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} - name: var-files + {{- if .Values.repoServer.existingVolumes.varFiles -}} + {{ toYaml .Values.repoServer.existingVolumes.varFiles | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} - name: tmp + {{- if .Values.repoServer.existingVolumes.tmp -}} + {{ toYaml .Values.repoServer.existingVolumes.tmp | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} - name: ssh-known-hosts configMap: name: argocd-ssh-known-hosts-cm @@ -391,7 +407,11 @@ spec: configMap: name: argocd-gpg-keys-cm - name: gpg-keyring + {{- if .Values.repoServer.existingVolumes.gpgKeyring -}} + {{ toYaml .Values.repoServer.existingVolumes.gpgKeyring | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} - name: argocd-repo-server-tls secret: secretName: argocd-repo-server-tls diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8b725375..ab8c7d0a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2217,6 +2217,24 @@ repoServer: # - name: cmp-tmp # emptyDir: {} + # -- Volumes to be used in replacement of emptydir on default volumes + existingVolumes: {} + # gpgKeyring: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-keyring + # helmWorkingDir: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-workdir + # tmp: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-tmp + # varFiles: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-varfiles + # plugins: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-plugins + # -- Toggle the usage of a ephemeral Helm working directory useEphemeralHelmWorkingDir: true From 0a851b87efd35640084a5aae09dc1103b0b3aad8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 19 Jan 2024 06:48:24 +0100 Subject: [PATCH 0857/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.9.4 (#2434) --- charts/argo-cd/Chart.yaml | 8 ++++---- .../templates/argocd-application-controller/role.yaml | 10 +++++++++- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6986775f..38cdee65 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.3 +appVersion: v2.9.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.0 +version: 5.53.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Optionally map argocd-repo-server emptydir volumes on custom volumes + - kind: changed + description: Bump argo-cd to v2.9.4 diff --git a/charts/argo-cd/templates/argocd-application-controller/role.yaml b/charts/argo-cd/templates/argocd-application-controller/role.yaml index 56ef17b5..ea550e1f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/role.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml @@ -34,4 +34,12 @@ rules: - events verbs: - create - - list \ No newline at end of file + - list +- apiGroups: + - apps + resources: + - deployments + verbs: + - get + - list + - watch From f2fa2ce9cb5e031225c360e53d32775ca9966a1d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 19 Jan 2024 20:19:53 +0000 Subject: [PATCH 0858/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.9.5 (#2436) --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 38cdee65..bd8560da 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.4 +appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.1 +version: 5.53.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.9.4 + description: Bump argo-cd to v2.9.5 From cc5b21f9adf064b1a60ee466ec727106f092badc Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 20 Jan 2024 21:07:38 +0900 Subject: [PATCH 0859/1248] docs(argo-cd): Add reference for Argo CD extensions (#2438) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/values.yaml | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bd8560da..33fc7c71 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.2 +version: 5.53.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.9.5 + - kind: added + description: Add reference for Argo CD extensions. diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ab8c7d0a..3863513d 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1577,6 +1577,8 @@ server: ## Argo CD extensions ## This function in tech preview stage, do expect instability or breaking changes in newer versions. ## Ref: https://github.com/argoproj-labs/argocd-extension-installer + ## When you enable extensions, you need to configure RBAC of logged in Argo CD user. + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/#the-extensions-resource extensions: # -- Enable support for Argo CD extensions enabled: false From 1b5f7874227c3d4cd66f540cd471860a4a0e8003 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Jan 2024 06:49:38 -0600 Subject: [PATCH 0860/1248] chore(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 (#2441) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 76b0264c..ebce033b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0 + uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: SARIF file path: results.sarif From be7ed3d232e6369e03c8600a44fea6fcb32aa0be Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Jan 2024 06:52:58 -0600 Subject: [PATCH 0861/1248] chore(deps): bump tj-actions/changed-files from 41.0.1 to 42.0.0 (#2440) --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index 30bd26ee..3f62f59b 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@716b1e13042866565e00e85fd4ec490e186c4a2f # v41.0.1 + uses: tj-actions/changed-files@ae82ed4ae04587b665efad2f206578aa6f0e8539 # v42.0.0 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From 9e31be4a603eabab31df4b570df6e727c9ff9991 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 21 Jan 2024 22:35:46 +0900 Subject: [PATCH 0862/1248] feat(argo-cd): Support Azure DevOps webhook Secret (#2439) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 4 ++++ charts/argo-cd/values.yaml | 6 ++++++ 4 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 33fc7c71..7bd023e1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.3 +version: 5.53.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add reference for Argo CD extensions. + description: Support Azure DevOps webhook Secret diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ed421bb4..22218736 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -493,6 +493,8 @@ NAME: my-release | configs.secret.annotations | object | `{}` | Annotations to be added to argocd-secret | | configs.secret.argocdServerAdminPassword | string | `""` | Bcrypt hashed admin password | | configs.secret.argocdServerAdminPasswordMtime | string | `""` (defaults to current time) | Admin password modification time. Eg. `"2006-01-02T15:04:05Z"` | +| configs.secret.azureDevops.password | string | `""` | Shared secret password for authenticating Azure DevOps webhook events | +| configs.secret.azureDevops.username | string | `""` | Shared secret username for authenticating Azure DevOps webhook events | | configs.secret.bitbucketServerSecret | string | `""` | Shared secret for authenticating BitbucketServer webhook events | | configs.secret.bitbucketUUID | string | `""` | UUID for authenticating Bitbucket webhook events | | configs.secret.createSecret | bool | `true` | Create the argocd-secret | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 1e69bcea..3011904a 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -34,6 +34,10 @@ data: {{- with .Values.configs.secret.gogsSecret }} webhook.gogs.secret: {{ . | b64enc }} {{- end }} + {{- with .Values.configs.secret.azureDevops }} + webhook.azuredevops.username: {{ .username }} + webhook.azuredevops.password: {{ .password | b64enc }} + {{- end }} {{- with .Values.configs.secret.argocdServerTlsConfig }} tls.key: {{ .key | b64enc }} tls.crt: {{ .crt | b64enc }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3863513d..df03a58f 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -516,6 +516,12 @@ configs: bitbucketUUID: "" # -- Shared secret for authenticating Gogs webhook events gogsSecret: "" + ## Azure DevOps + azureDevops: + # -- Shared secret username for authenticating Azure DevOps webhook events + username: "" + # -- Shared secret password for authenticating Azure DevOps webhook events + password: "" # -- add additional secrets to be added to argocd-secret ## Custom secrets. Useful for injecting SSO secrets into environment variables. From 53620e31022d27d0580e23ad600304e6be616130 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 22 Jan 2024 19:14:32 +0900 Subject: [PATCH 0863/1248] fix(argo-cd): Fix fail to render `.Values.configs.secret.azureDevops` (#2443) * fix(argo-cd): Fix fail to render `.Values.configs.secret.azureDevops` Signed-off-by: yu-croco * chore(argo-cd): Remove unnecessary comment Signed-off-by: yu-croco * fix(argo-cd): base64 username Signed-off-by: yu-croco * fix(argo-cd): correct syntax Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-configs/argocd-secret.yaml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7bd023e1..bf53fe4f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.4 +version: 5.53.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support Azure DevOps webhook Secret + - kind: fixed + description: Fix fail to render `.Values.configs.secret.azureDevops` diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 3011904a..4561440a 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} {{- end }} type: Opaque -{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }} +{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret (and .Values.configs.secret.azureDevops.username .Values.configs.secret.azureDevops.password) .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }} # Setting a blank data again will wipe admin password/key/cert data: {{- with .Values.configs.secret.githubSecret }} @@ -34,9 +34,9 @@ data: {{- with .Values.configs.secret.gogsSecret }} webhook.gogs.secret: {{ . | b64enc }} {{- end }} - {{- with .Values.configs.secret.azureDevops }} - webhook.azuredevops.username: {{ .username }} - webhook.azuredevops.password: {{ .password | b64enc }} + {{- if and .Values.configs.secret.azureDevops.username .Values.configs.secret.azureDevops.password }} + webhook.azuredevops.username: {{ .Values.configs.secret.azureDevops.username | b64enc }} + webhook.azuredevops.password: {{ .Values.configs.secret.azureDevops.password | b64enc }} {{- end }} {{- with .Values.configs.secret.argocdServerTlsConfig }} tls.key: {{ .key | b64enc }} From 5ac542fabb7db08f52f1551ccbcfc99f274596a6 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 22 Jan 2024 22:09:08 +0900 Subject: [PATCH 0864/1248] chore(argo-cd): Provide Casbin matcher explicitly (#2445) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/values.yaml | 3 +++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bf53fe4f..c204c098 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.5 +version: 5.53.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix fail to render `.Values.configs.secret.azureDevops` + - kind: added + description: Provide Casbin matcher explicitly diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 22218736..cab5f054 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -485,6 +485,7 @@ NAME: my-release | configs.params.create | bool | `true` | Create the argocd-cmd-params-cm configmap If false, it is expected the configmap will be created by something else. | | configs.rbac."policy.csv" | string | `''` (See [values.yaml]) | File containing user-defined policies and role definitions. | | configs.rbac."policy.default" | string | `""` | The name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... | +| configs.rbac."policy.matchMode" | string | `"glob"` | Matcher function for Casbin, `glob` for glob matcher and `regex` for regex matcher. | | configs.rbac.annotations | object | `{}` | Annotations to be added to argocd-rbac-cm configmap | | configs.rbac.create | bool | `true` | Create the argocd-rbac-cm configmap with ([Argo CD RBAC policy]) definitions. If false, it is expected the configmap will be created by something else. Argo CD will not work if there is no configmap created with the name above. | | configs.rbac.scopes | string | `"[groups]"` | OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). The scope value can be a string, or a list of strings. | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index df03a58f..84da62d2 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -303,6 +303,9 @@ configs: # The scope value can be a string, or a list of strings. scopes: "[groups]" + # -- Matcher function for Casbin, `glob` for glob matcher and `regex` for regex matcher. + policy.matchMode: "glob" + # GnuPG public keys for commit verification ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/ gpg: From c734875b81faa0e07bd567ebef4bb345d67a7d8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Estrela?= <6763969+joaoestrela@users.noreply.github.com> Date: Mon, 22 Jan 2024 23:54:49 +0000 Subject: [PATCH 0865/1248] chore(argo-cd): Change redis repository to public.ecr.aws (#2446) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: João Estrela --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c204c098..10451acf 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.6 +version: 5.53.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Provide Casbin matcher explicitly + - kind: changed + description: Change redis repository to public.ecr.aws diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index cab5f054..0fe0c966 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1041,7 +1041,7 @@ The main options are listed here: | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | -| redis-ha.image.repository | string | `"redis"` | Redis repository | +| redis-ha.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis-ha.image.tag | string | `"7.0.13-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 84da62d2..6ad0d4bf 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1404,7 +1404,7 @@ redis-ha: ## Redis image image: # -- Redis repository - repository: redis + repository: public.ecr.aws/docker/library/redis # -- Redis tag tag: 7.0.13-alpine ## Prometheus redis-exporter sidecar From 9e70f24c64ee5fda44ce6c2edeeaa5bd73b8d7da Mon Sep 17 00:00:00 2001 From: Matt Dainty Date: Tue, 23 Jan 2024 01:07:30 +0000 Subject: [PATCH 0866/1248] docs(argo-cd): Update docs with the correct default for application.instanceLabelKey (#2447) docs: Update docs with the correct default for application.instanceLabelKey Signed-off-by: Matt Dainty --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 1 - 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 10451acf..ab8d07cd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.7 +version: 5.53.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Change redis repository to public.ecr.aws + description: Updated documented default value for application.instanceLabelKey. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 0fe0c966..88280075 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -450,7 +450,7 @@ NAME: my-release |-----|------|---------|-------------| | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | | configs.cm."admin.enabled" | bool | `true` | Enable local admin user | -| configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning | +| configs.cm."application.instanceLabelKey" | string | `"argocd.argoproj.io/instance"` | The name of tracking label used by Argo CD for resource pruning | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | | configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6ad0d4bf..58560eb5 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -161,7 +161,6 @@ configs: url: "" # -- The name of tracking label used by Argo CD for resource pruning - # @default -- Defaults to app.kubernetes.io/instance application.instanceLabelKey: argocd.argoproj.io/instance # -- Enable logs RBAC enforcement From 03c26fc21f804060559ee78f9b21459d6a513667 Mon Sep 17 00:00:00 2001 From: James Slater <844263+SlaterByte@users.noreply.github.com> Date: Wed, 24 Jan 2024 18:57:56 -0500 Subject: [PATCH 0867/1248] fix(argo-workflows): Fix trailing whitespace in controller ConfigMap (#2451) This commit addresses two places where trailing whitespace may be generated in the workflow-controller ConfigMap. When the value `.resourceRateLimit` is not null, a trailing whitespace is added after "resourceRateLimit:". This commit trims that whitespace. When the value `.sso.redirectUrl` is left as the default of empty string, a trailing whitespace is left after "redirectUrl:" as this value is not quoted. This commit pipes this value through `quote` to ensure this whitespace is no longer trailing and instead followed by `"` pair. The main motivation of this commit is to generate a workflow-controller ConfigMap that is properly pretty-printed, which trailing whitespace prevents. Signed-off-by: James Slater Co-authored-by: James Slater --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f529072b..50f60329 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.7 +version: 0.40.8 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Wrong identation in artifactRepository block + description: Remove trailing whitespace from `.resourceRateLimit` when value is set and `.sso.redirectUrl` when value is an empty string. diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d3ad349b..2d5ebdd0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -19,7 +19,7 @@ data: parallelism: {{ .Values.controller.parallelism }} {{- end }} {{- if .Values.controller.resourceRateLimit }} - resourceRateLimit: {{ toYaml .Values.controller.resourceRateLimit | nindent 6 }} + resourceRateLimit: {{- toYaml .Values.controller.resourceRateLimit | nindent 6 }} {{- end }} {{- with .Values.controller.namespaceParallelism }} namespaceParallelism: {{ . }} @@ -141,7 +141,7 @@ data: clientSecret: name: {{ .Values.server.sso.clientSecret.name }} key: {{ .Values.server.sso.clientSecret.key }} - redirectUrl: {{ .Values.server.sso.redirectUrl }} + redirectUrl: {{ .Values.server.sso.redirectUrl | quote }} rbac: enabled: {{ .Values.server.sso.rbac.enabled }} {{- with .Values.server.sso.scopes }} From bc89bb5dd6b4c71e5eea38bffe808307ea76ea28 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 25 Jan 2024 16:07:29 +0900 Subject: [PATCH 0868/1248] docs(argocd-apps): Add deprecated note for Argo CD Extensions (#2449) * docs(argocd-apps): Add deprecated note for Argo CD Extensions Signed-off-by: yu-croco * fix(argocd-apps): Remove broken CI Signed-off-by: yu-croco * chore(argocd-apps): Bump minor version due to deprecation Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argocd-apps/Chart.yaml | 6 +++--- charts/argocd-apps/README.md | 2 +- charts/argocd-apps/ci/extensions-values.yaml | 12 ------------ charts/argocd-apps/values.yaml | 2 +- 4 files changed, 5 insertions(+), 17 deletions(-) delete mode 100644 charts/argocd-apps/ci/extensions-values.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 5494db99..ecc79c3e 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.4.1 +version: 1.5.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: syncOptions for applications + - kind: deprecated + description: Add deprecated note for Argo CD Extensions diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index 0e5bbbe2..2cc1541f 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -30,7 +30,7 @@ $ helm install my-release argo/argocd-apps |-----|------|---------|-------------| | applications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | | applicationsets | list | `[]` (See [values.yaml]) | Deploy Argo CD ApplicationSets within this helm release | -| extensions | list | `[]` (See [values.yaml]) | Deploy Argo UI Extensions within this helm release | +| extensions | list | `[]` (See [values.yaml]) | DEPRECATED - Please refer [Deprecation Notice](https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice) for more info. | | itemTemplates | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications/ApplicationSets/Projects within this helm release | | projects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | diff --git a/charts/argocd-apps/ci/extensions-values.yaml b/charts/argocd-apps/ci/extensions-values.yaml deleted file mode 100644 index 15a9fa73..00000000 --- a/charts/argocd-apps/ci/extensions-values.yaml +++ /dev/null @@ -1,12 +0,0 @@ -# Test with extensions - -extensions: - - name: example - namespace: default - additionalLabels: {} - additionalAnnotations: {} - sources: - - git: - url: https://github.com/argoproj-labs/argocd-example-extension.git - - web: - url: https://github.com/argoproj-labs/argocd-example-extension/releases/download/v0.1.0/extension.tar diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index a7996369..fb31bde1 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -219,7 +219,7 @@ itemTemplates: [] # server: '{{`{{cluster}}`}}' # namespace: guestbook -# -- Deploy Argo UI Extensions within this helm release +# -- DEPRECATED - Please refer [Deprecation Notice](https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice) for more info. # @default -- `[]` (See [values.yaml]) ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary. ## Ref: https://github.com/argoproj-labs/argocd-extensions From 9bb5330eb8157c55fd34371c5056b5532fccb753 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 26 Jan 2024 00:31:11 -0600 Subject: [PATCH 0869/1248] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.5 (#2453) --- charts/argo-rollouts/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index caf26b58..38882433 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.4 +appVersion: v1.6.5 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.34.1 +version: 2.34.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added Gloo Platform provider RBAC rules + - kind: changed + description: Bump argo-rollouts to v1.6.5 From 1de9659d1c3f8086a9c130d4bd80647e2ac556bf Mon Sep 17 00:00:00 2001 From: Ishan Sharma <38211728+ishuar@users.noreply.github.com> Date: Fri, 26 Jan 2024 08:35:45 +0100 Subject: [PATCH 0870/1248] fix(argo-cd): Fix Repo server `serviceaccount` label template (#2454) Signed-off-by: ishuar Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/serviceaccount.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ab8d07cd..5cb85cc2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.8 +version: 5.53.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Updated documented default value for application.instanceLabelKey. + - kind: fixed + description: Fixed labels template for ArgoCD server service account. diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index 12f571fd..a8efe1e5 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -13,7 +13,7 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- range $key, $value := .Values.server.serviceAccount.labels }} + {{- with .Values.server.serviceAccount.labels }} {{- toYaml . | nindent 4 }} {{- end }} {{- end }} From a2c964045a81b81477804b38f38be20c3c1af185 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 27 Jan 2024 06:02:37 +0900 Subject: [PATCH 0871/1248] docs(argo-workflows): Add MySQL persistence support explicitly on README (#2448) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 14 +++++++++++++- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 50f60329..778b83f7 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.8 +version: 0.40.9 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Remove trailing whitespace from `.resourceRateLimit` when value is set and `.sso.redirectUrl` when value is an empty string. + - kind: added + description: Add MySQL persistence support explicitly on README diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 3a2a91d7..fa730ddc 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -186,7 +186,7 @@ Fields to note: | controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | | controller.parallelism | string | `nil` | parallelism dictates how many workflows can be running at the same time | | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | -| controller.persistence | object | `{}` | enable persistence using postgres | +| controller.persistence | object | `{}` | enable Workflow Archive to store the status of workflows. Postgres and MySQL (>= 5.7.8) are available. | | controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | | controller.podCleanupWorkers | string | `nil` | Number of pod cleanup workers | | controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. | diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 570f5986..101aafba 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -146,7 +146,8 @@ controller: capabilities: drop: - ALL - # -- enable persistence using postgres + # -- enable Workflow Archive to store the status of workflows. Postgres and MySQL (>= 5.7.8) are available. + ## Ref: https://argo-workflows.readthedocs.io/en/latest/workflow-archive/ persistence: {} # connectionPool: # maxIdleConns: 100 @@ -171,6 +172,17 @@ controller: # # sslMode must be one of: disable, require, verify-ca, verify-full # # you can find more information about those ssl options here: https://godoc.org/github.com/lib/pq # sslMode: require + # mysql: + # host: localhost + # port: 3306 + # database: argo + # tableName: argo_workflows + # userNameSecret: + # name: argo-mysql-config + # key: username + # passwordSecret: + # name: argo-mysql-config + # key: password # -- Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. # Only valid for 2.7+ From a31b3f02de21d6273bcd92e1a22bae4fa5155c25 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 Jan 2024 05:55:28 -0600 Subject: [PATCH 0872/1248] chore(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 (#2457) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index ebce033b..45338c22 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: SARIF file path: results.sarif From b40ec3246783703920d82c7b6defc4ab1775db3a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 Jan 2024 09:27:37 -0600 Subject: [PATCH 0873/1248] chore(deps): bump tj-actions/changed-files from 42.0.0 to 42.0.2 (#2458) --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index 3f62f59b..43b6b5ba 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@ae82ed4ae04587b665efad2f206578aa6f0e8539 # v42.0.0 + uses: tj-actions/changed-files@90a06d6ba9543371ab4df8eeca0be07ca6054959 # v42.0.2 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From 47102d9768ff2a4cd1657e017a7df8631950b0b5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 29 Jan 2024 22:58:33 +0900 Subject: [PATCH 0874/1248] fix(argo-cd): Restart argocd-server when argocd-cm CM is updated (#2459) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/deployment.yaml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5cb85cc2..3c17096f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.9 +version: 5.53.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fixed labels template for ArgoCD server service account. + description: Restart argocd-server when argocd-cm CM is updated diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index a09b5656..fc1e3f7e 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -27,6 +27,9 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.server.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 3b7a005ce359b3cc1a23b4ac4ce2ea760b847e09 Mon Sep 17 00:00:00 2001 From: Imran Ismail Date: Tue, 30 Jan 2024 13:34:04 +1300 Subject: [PATCH 0875/1248] feat(argocd-apps): support ignoreApplicationDifferences for appsets (#2442) * feat(argocd-apps): support ignoreApplicationDifferences Signed-off-by: imranismail * chore: bump version Signed-off-by: Imran Ismail --------- Signed-off-by: imranismail Signed-off-by: Imran Ismail Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 6 +++--- charts/argocd-apps/ci/applicationsets-values.yaml | 4 ++++ charts/argocd-apps/templates/applicationsets.yaml | 4 ++++ charts/argocd-apps/values.yaml | 4 ++++ 4 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index ecc79c3e..693b73d5 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.5.0 +version: 1.6.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: deprecated - description: Add deprecated note for Argo CD Extensions + - kind: added + description: ability to specify ignoreApplicationDifferences for applicationsets diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index 6142b1bb..e4f9101b 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -13,6 +13,10 @@ applicationsets: directories: - path: guestbook - path: kustomize-* + # Ref https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Controlling-Resource-Modification/#allow-temporarily-toggling-auto-sync + ignoreApplicationDifferences: + - jsonPointers: + - /spec/syncPolicy template: metadata: name: '{{path.basename}}' diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index 0d3a47e9..d3fcdd69 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -27,6 +27,10 @@ spec: {{- toYaml . | nindent 4 }} {{- end }} {{- with .strategy }} + {{- with .ignoreApplicationDifferences }} + ignoreApplicationDifferences: + {{- toYaml . | nindent 4 }} + {{- end }} strategy: {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index fb31bde1..87874dad 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -106,6 +106,10 @@ applicationsets: [] # directories: # - path: guestbook # - path: kustomize-* +# # Ref https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Controlling-Resource-Modification/#allow-temporarily-toggling-auto-sync +# ignoreApplicationDifferences: +# - jsonPointers: +# - /spec/syncPolicy # # Progressive Syncs is an experimental feature and it must be explicitly enabled # # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Progressive-Syncs/#enabling-progressive-syncs # strategy: From 1f824314d48591fb14ea633ac324594e850d651e Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Tue, 30 Jan 2024 12:46:30 +0200 Subject: [PATCH 0876/1248] feat(argo-cd): bump redis deps to fix cves (#2466) * bump redis deps Signed-off-by: drfaust92 * bump redis deps Signed-off-by: drfaust92 * bump redis deps Signed-off-by: drfaust92 * bump redis deps Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 8 ++++---- charts/argo-cd/values.yaml | 8 ++++---- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3c17096f..46942075 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.10 +version: 5.53.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Restart argocd-server when argocd-cm CM is updated + - kind: security + description: updated redis and redis exporter images to fix some cves diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 88280075..0244b6d7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -967,13 +967,13 @@ server: | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.57.0"` | Tag to use for the redis-exporter | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.13-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.15-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -1032,7 +1032,7 @@ The main options are listed here: | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.57.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | | redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.containerSecurityContext | object | See [values.yaml] | HAProxy container-level security context | @@ -1042,7 +1042,7 @@ The main options are listed here: | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | | redis-ha.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis-ha.image.tag | string | `"7.0.13-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.15-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 58560eb5..dce6df2f 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1182,7 +1182,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.13-alpine + tag: 7.0.15-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1198,7 +1198,7 @@ redis: # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.53.0 + tag: 1.57.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1405,7 +1405,7 @@ redis-ha: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.13-alpine + tag: 7.0.15-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar @@ -1413,7 +1413,7 @@ redis-ha: # -- Repository to use for the redis-exporter image: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.53.0 + tag: 1.57.0 persistentVolume: # -- Configures persistence on Redis nodes enabled: false From 8b98cf177a6a1bd0900004435ac782cee0a66ce6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20G=C3=A4rtner?= Date: Tue, 30 Jan 2024 17:58:02 +0100 Subject: [PATCH 0877/1248] fix(argo-cd): bump dex image version to fix cves (#2468) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: René Gärtner --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 46942075..3cbebd17 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.11 +version: 5.53.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: security - description: updated redis and redis exporter images to fix some cves + description: updated dex image version to fix cves diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 0244b6d7..c8420005 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -885,7 +885,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.37.0"` | Dex image tag | +| dex.image.tag | string | `"v2.38.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index dce6df2f..7b8976b3 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -944,7 +944,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.37.0 + tag: v2.38.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From dc738a111b11862afff31279655683c497c815cb Mon Sep 17 00:00:00 2001 From: Imran Ismail Date: Fri, 2 Feb 2024 22:37:27 +1300 Subject: [PATCH 0878/1248] fix(argocd-apps): move ignoreApplicationDifferences block up a level (#2471) Signed-off-by: imranismail --- charts/argocd-apps/Chart.yaml | 6 +++--- charts/argocd-apps/templates/applicationsets.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 693b73d5..811c39e8 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.6.0 +version: 1.6.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: ability to specify ignoreApplicationDifferences for applicationsets + - kind: fixed + description: move ignoreApplicationDifferences block up a level to fix render diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index d3fcdd69..10560075 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -26,11 +26,11 @@ spec: generators: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .strategy }} {{- with .ignoreApplicationDifferences }} ignoreApplicationDifferences: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .strategy }} strategy: {{- toYaml . | nindent 4 }} {{- end }} From 865f45211942624f33927ce9d8b2d60d69a206b1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 2 Feb 2024 23:50:17 +0100 Subject: [PATCH 0879/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.9.6 (#2473) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3cbebd17..e311b5c2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.5 +appVersion: v2.9.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.12 +version: 5.53.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: security - description: updated dex image version to fix cves + - kind: changed + description: Bump argo-cd to v2.9.6 From 186065e31f82319a87c56ae626c9ed0c7018e750 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 2 Feb 2024 18:44:56 -0600 Subject: [PATCH 0880/1248] docs(argo-workflows): update documentation links to readthedocs (#2472) argo-workflows docs moved from github pages to readthedocs Signed-off-by: jmeridth Co-authored-by: Aikawa --- CONTRIBUTING.md | 2 +- charts/argo-workflows/Chart.yaml | 8 ++++---- charts/argo-workflows/README.md | 10 +++++----- charts/argo-workflows/README.md.gotmpl | 8 ++++---- charts/argo-workflows/ci/ha-values.yaml | 4 ++-- charts/argo-workflows/values.yaml | 18 +++++++++--------- 6 files changed, 25 insertions(+), 25 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f9861dcb..c20486f6 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -124,7 +124,7 @@ helm install charts/argo-workflows -n argo argo version ``` -Follow [these](https://argoproj.github.io/argo-workflows/quick-start/#submitting-an-example-workflow) instructions for running a hello world workflow. +Follow [these](https://argo-workflows.readthedocs.io/en/stable/quick-start/#submitting-an-example-workflow) instructions for running a hello world workflow. ### Testing Argo CD Changes diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 778b83f7..048385d4 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,8 +3,8 @@ appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.9 -icon: https://argoproj.github.io/argo-workflows/assets/logo.png +version: 0.40.10 +icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: - https://github.com/argoproj/argo-workflows @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add MySQL persistence support explicitly on README + - kind: fixed + description: Update argo-workflows documentation links to readthedocs diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index fa730ddc..75ecb19a 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -78,7 +78,7 @@ For full list of changes, please check ArtifactHub [changelog]. ### High Availability This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. -Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. +Please see the upstream [Operator Manual's High Availability page](https://argo-workflows.readthedocs.io/en/stable/high-availability/) to understand how to scale Argo Workflows in depth. ### Workflow controller @@ -354,7 +354,7 @@ Fields to note: | artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | -| artifactRepositoryRef | object | `{}` (See [values.yaml]) | The section of [artifact repository ref](https://argoproj.github.io/argo-workflows/artifact-repository-ref/). Each map key is the name of configmap | +| artifactRepositoryRef | object | `{}` (See [values.yaml]) | The section of [artifact repository ref](https://argo-workflows.readthedocs.io/en/stable/artifact-repository-ref/). Each map key is the name of configmap | | customArtifactRepository | object | `{}` | The section of custom artifact repository. Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) | | useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | @@ -381,7 +381,7 @@ Fields to note: [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters -[links]: https://argoproj.github.io/argo-workflows/links/ +[links]: https://argo-workflows.readthedocs.io/en/stable/links/ [columns]: https://github.com/argoproj/argo-workflows/pull/10693 [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ @@ -390,5 +390,5 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog -[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/ -[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/ +[SSO RBAC]: https://argo-workflows.readthedocs.io/en/stable/argo-server-sso/ +[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/stable/argo-server-auth-mode/ diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 4d1ec4d5..69838b5a 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -78,7 +78,7 @@ For full list of changes, please check ArtifactHub [changelog]. ### High Availability This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. -Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. +Please see the upstream [Operator Manual's High Availability page](https://argo-workflows.readthedocs.io/en/stable/high-availability/) to understand how to scale Argo Workflows in depth. ### Workflow controller @@ -199,7 +199,7 @@ Fields to note: [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters -[links]: https://argoproj.github.io/argo-workflows/links/ +[links]: https://argo-workflows.readthedocs.io/en/stable/links/ [columns]: https://github.com/argoproj/argo-workflows/pull/10693 [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ @@ -208,5 +208,5 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog -[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/ -[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/ +[SSO RBAC]: https://argo-workflows.readthedocs.io/en/stable/argo-server-sso/ +[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/stable/argo-server-auth-mode/ diff --git a/charts/argo-workflows/ci/ha-values.yaml b/charts/argo-workflows/ci/ha-values.yaml index 3dfbb572..2f495169 100644 --- a/charts/argo-workflows/ci/ha-values.yaml +++ b/charts/argo-workflows/ci/ha-values.yaml @@ -1,7 +1,7 @@ -# Sample values for High Availability configuration, following https://argoproj.github.io/argo-workflows/high-availability/ +# Sample values for High Availability configuration, following https://argo-workflows.readthedocs.io/en/stable/high-availability/ controller: - # in v3.0+, a second controller can be ran as a hot-standby: https://argoproj.github.io/argo-workflows/high-availability/#workflow-controller + # in v3.0+, a second controller can be ran as a hot-standby: https://argo-workflows.readthedocs.io/en/stable/high-availability/#workflow-controller replicas: 2 # should be strictly greater than PDB minAvailable # enable PDB with at least one Pod pdb: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 101aafba..5ec3bac2 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -147,7 +147,7 @@ controller: drop: - ALL # -- enable Workflow Archive to store the status of workflows. Postgres and MySQL (>= 5.7.8) are available. - ## Ref: https://argo-workflows.readthedocs.io/en/latest/workflow-archive/ + ## Ref: https://argo-workflows.readthedocs.io/en/stable/workflow-archive/ persistence: {} # connectionPool: # maxIdleConns: 100 @@ -186,12 +186,12 @@ controller: # -- Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. # Only valid for 2.7+ - ## See more: https://argoproj.github.io/argo-workflows/default-workflow-specs/ + ## See more: https://argo-workflows.readthedocs.io/en/stable/default-workflow-specs/ workflowDefaults: {} # spec: # ttlStrategy: # secondsAfterCompletion: 84600 - # # Ref: https://argoproj.github.io/argo-workflows/artifact-repository-ref/ + # # Ref: https://argo-workflows.readthedocs.io/en/stable/artifact-repository-ref/ # artifactRepositoryRef: # configMap: my-artifact-repository # default is "artifact-repositories" # key: v2-s3-artifact-repository # default can be set by the `workflows.argoproj.io/default-artifact-repository` annotation in config map. @@ -343,7 +343,7 @@ controller: priorityClassName: "" # -- Configure Argo Server to show custom [links] - ## Ref: https://argoproj.github.io/argo-workflows/links/ + ## Ref: https://argo-workflows.readthedocs.io/en/stable/links/ links: [] # -- Configure Argo Server to show custom [columns] ## Ref: https://github.com/argoproj/argo-workflows/pull/10693 @@ -556,7 +556,7 @@ server: # -- Run the argo server in "secure" mode. Configure this value instead of `--secure` in extraArgs. ## See the following documentation for more details on secure mode: - ## https://argoproj.github.io/argo-workflows/tls/ + ## https://argo-workflows.readthedocs.io/en/stable/tls/ secure: false # -- Extra environment variables to provide to the argo-server container @@ -568,11 +568,11 @@ server: authMode: "" # -- A list of supported authentication modes. Available values are `server`, `client`, or `sso`. If you provide sso, please configure `.Values.server.sso` as well. - ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + ## Ref: https://argo-workflows.readthedocs.io/en/stable/argo-server-auth-mode/ authModes: [] # -- Extra arguments to provide to the Argo server binary. - ## Ref: https://argoproj.github.io/argo-workflows/argo-server/#options + ## Ref: https://argo-workflows.readthedocs.io/en/stable/argo-server/#options extraArgs: [] logging: @@ -829,7 +829,7 @@ customArtifactRepository: {} # name: artifactory-creds # key: password -# -- The section of [artifact repository ref](https://argoproj.github.io/argo-workflows/artifact-repository-ref/). +# -- The section of [artifact repository ref](https://argo-workflows.readthedocs.io/en/stable/artifact-repository-ref/). # Each map key is the name of configmap # @default -- `{}` (See [values.yaml]) artifactRepositoryRef: {} @@ -884,7 +884,7 @@ artifactRepositoryRef: {} emissary: # -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. - ## See more: https://argoproj.github.io/argo-workflows/workflow-executors/#emissary-emissary + ## See more: https://argo-workflows.readthedocs.io/en/stable/workflow-executors/#emissary-emissary images: [] # argoproj/argosay:v2: # cmd: [/argosay] From 4a50afcc77ed8e06b076d69f220b21f9b186f069 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Mon, 5 Feb 2024 08:25:42 +0200 Subject: [PATCH 0881/1248] chore(argo-cd): refresh from upstream (#2474) * refresh from upstream Signed-off-by: drfaust92 * refresh from upstream Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 --- charts/argo-cd/Chart.yaml | 4 +-- .../argocd-notifications/clusterrole.yaml | 33 +++++++++++++++++-- .../templates/argocd-server/deployment.yaml | 6 ++++ .../argo-cd/templates/crds/crd-project.yaml | 8 +++-- 4 files changed, 44 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e311b5c2..67714f08 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.13 +version: 5.53.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.9.6 + description: refresh from upstream diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml index 927d30a0..793bb5d3 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml @@ -10,13 +10,42 @@ rules: {{- toYaml . | nindent 2 }} {{- end }} - apiGroups: - - "argoproj.io" + - argoproj.io resources: - - "applications" + - applications + - appprojects verbs: - get - list - watch - update - patch + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - list + - watch + {{- if .Values.notifications.cm.create }} + - apiGroups: + - "" + resourceNames: + - argocd-notifications-cm + resources: + - configmaps + verbs: + - get + {{- end }} + {{- if .Values.notifications.secret.create }} + - apiGroups: + - "" + resourceNames: + - argocd-notifications-secret + resources: + - secrets + verbs: + - get + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index fc1e3f7e..130aa623 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -299,6 +299,12 @@ spec: name: argocd-cmd-params-cm key: server.enable.proxy.extension optional: true + - name: ARGOCD_API_CONTENT_TYPES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.api.content.types + optional: true {{- with .Values.server.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/crds/crd-project.yaml b/charts/argo-cd/templates/crds/crd-project.yaml index 0a6da4f0..8a6bbd95 100644 --- a/charts/argo-cd/templates/crds/crd-project.yaml +++ b/charts/argo-cd/templates/crds/crd-project.yaml @@ -99,7 +99,8 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name + cluster by its symbolic name. This must be set if Server is + not set. type: string namespace: description: Namespace specifies the target namespace for the @@ -107,8 +108,9 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster - and must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name is + not set. type: string type: object type: array From 5da598289d1fb0494a53ccaa1a7f9f0017ad424b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Blondel?= Date: Tue, 6 Feb 2024 14:11:23 +0100 Subject: [PATCH 0882/1248] feat(argo-cd): Add Probes for redis (#2400) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-cd): Add Probes for redis Signed-off-by: François Blondel * fix: redis: move probes scripts from tpl file into configmap Signed-off-by: François Blondel * Version Bump Signed-off-by: François Blondel * feat: set Redis probes optionnal and disabled by default Signed-off-by: François Blondel --------- Signed-off-by: François Blondel Co-authored-by: François Blondel --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 24 ++++++++ .../argo-cd/templates/redis/deployment.yaml | 58 ++++++++++++++++++- .../templates/redis/health-configmap.yaml | 35 +++++++++++ charts/argo-cd/values.yaml | 58 +++++++++++++++++++ 5 files changed, 176 insertions(+), 5 deletions(-) create mode 100644 charts/argo-cd/templates/redis/health-configmap.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 67714f08..941238ac 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.14 +version: 5.54.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: refresh from upstream + - kind: added + description: Add Probes for redis diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c8420005..95ed6468 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -968,6 +968,18 @@ server: | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis.exporter.image.tag | string | `"1.57.0"` | Tag to use for the redis-exporter | +| redis.exporter.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis exporter | +| redis.exporter.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| redis.exporter.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | +| redis.exporter.livenessProbe.periodSeconds | int | `15` | How often (in seconds) to perform the [probe] | +| redis.exporter.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| redis.exporter.livenessProbe.timeoutSeconds | int | `15` | Number of seconds after which the [probe] times out | +| redis.exporter.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis exporter (optional) | +| redis.exporter.readinessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| redis.exporter.readinessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | +| redis.exporter.readinessProbe.periodSeconds | int | `15` | How often (in seconds) to perform the [probe] | +| redis.exporter.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| redis.exporter.readinessProbe.timeoutSeconds | int | `15` | Number of seconds after which the [probe] times out | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | @@ -976,6 +988,12 @@ server: | redis.image.tag | string | `"7.0.15-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | +| redis.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis server | +| redis.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| redis.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | +| redis.livenessProbe.periodSeconds | int | `15` | How often (in seconds) to perform the [probe] | +| redis.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| redis.livenessProbe.timeoutSeconds | int | `15` | Number of seconds after which the [probe] times out | | redis.metrics.enabled | bool | `false` | Deploy metrics service | | redis.metrics.service.annotations | object | `{}` | Metrics service annotations | | redis.metrics.service.clusterIP | string | `"None"` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | @@ -1003,6 +1021,12 @@ server: | redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods | | redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | | redis.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for redis pods | +| redis.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis server | +| redis.readinessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| redis.readinessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | +| redis.readinessProbe.periodSeconds | int | `15` | How often (in seconds) to perform the [probe] | +| redis.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| redis.readinessProbe.timeoutSeconds | int | `15` | Number of seconds after which the [probe] times out | | redis.resources | object | `{}` | Resource limits and requests for redis | | redis.securityContext | object | See [values.yaml] | Redis pod-level security context | | redis.service.annotations | object | `{}` | Redis service annotations | diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index b3182245..94c445c8 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -72,6 +72,32 @@ spec: envFrom: {{- toYaml . | nindent 8 }} {{- end }} + {{- if .Values.redis.livenessProbe.enabled }} + livenessProbe: + initialDelaySeconds: {{ .Values.redis.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.redis.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.redis.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.redis.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.redis.livenessProbe.failureThreshold }} + exec: + command: + - sh + - -c + - /health/redis_liveness.sh + {{- end }} + {{- if .Values.redis.readinessProbe.enabled }} + readinessProbe: + initialDelaySeconds: {{ .Values.redis.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.redis.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.redis.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.redis.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.redis.readinessProbe.failureThreshold }} + exec: + command: + - sh + - -c + - /health/redis_readiness.sh + {{- end }} ports: - name: redis containerPort: {{ .Values.redis.containerPorts.redis }} @@ -82,8 +108,10 @@ spec: securityContext: {{- toYaml . | nindent 10 }} {{- end }} - {{- with .Values.redis.volumeMounts }} volumeMounts: + - mountPath: /health + name: health + {{- with .Values.redis.volumeMounts }} {{- toYaml . | nindent 10 }} {{- end }} {{- if .Values.redis.exporter.enabled }} @@ -102,6 +130,28 @@ spec: - name: metrics containerPort: {{ .Values.redis.containerPorts.metrics }} protocol: TCP + {{- if .Values.redis.exporter.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /metrics + port: {{ .Values.redis.containerPorts.metrics }} + initialDelaySeconds: {{ .Values.redis.exporter.livenessProbe.initialDelaySeconds }} + timeoutSeconds: {{ .Values.redis.exporter.livenessProbe.timeoutSeconds }} + periodSeconds: {{ .Values.redis.exporter.livenessProbe.periodSeconds }} + successThreshold: {{ .Values.redis.exporter.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.redis.exporter.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.redis.exporter.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /metrics + port: {{ .Values.redis.containerPorts.metrics }} + initialDelaySeconds: {{ .Values.redis.exporter.readinessProbe.initialDelaySeconds }} + timeoutSeconds: {{ .Values.redis.exporter.readinessProbe.timeoutSeconds }} + periodSeconds: {{ .Values.redis.exporter.readinessProbe.periodSeconds }} + successThreshold: {{ .Values.redis.exporter.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.redis.exporter.readinessProbe.failureThreshold }} + {{- end }} resources: {{- toYaml .Values.redis.exporter.resources | nindent 10 }} {{- with .Values.redis.exporter.containerSecurityContext }} @@ -139,8 +189,12 @@ spec: {{- end }} {{- end }} {{- end }} - {{- with .Values.redis.volumes }} volumes: + - name: health + configMap: + name: {{ include "argo-cd.redis.fullname" . }}-health-configmap + defaultMode: 0755 + {{- with .Values.redis.volumes }} {{- toYaml . | nindent 8}} {{- end }} {{- with .Values.redis.dnsConfig }} diff --git a/charts/argo-cd/templates/redis/health-configmap.yaml b/charts/argo-cd/templates/redis/health-configmap.yaml new file mode 100644 index 00000000..fd0ecff7 --- /dev/null +++ b/charts/argo-cd/templates/redis/health-configmap.yaml @@ -0,0 +1,35 @@ +{{- $redisHa := index .Values "redis-ha" -}} +{{- if and .Values.redis.enabled (not $redisHa.enabled) -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "argo-cd.redis.fullname" . }}-health-configmap + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} +data: + redis_liveness.sh: | + response=$( + redis-cli \ + -h localhost \ + -p {{ .Values.redis.containerPorts.redis }} \ + ping + ) + if [ "$response" != "PONG" ] && [ "${response:0:7}" != "LOADING" ] ; then + echo "$response" + exit 1 + fi + echo "response=$response" + redis_readiness.sh: | + response=$( + redis-cli \ + -h localhost \ + -p {{ .Values.redis.containerPorts.redis }} \ + ping + ) + if [ "$response" != "PONG" ] ; then + echo "$response" + exit 1 + fi + echo "response=$response" +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7b8976b3..b3fc3ef5 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1215,6 +1215,35 @@ redis: drop: - ALL + ## Probes for Redis exporter (optional) + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + readinessProbe: + # -- Enable Kubernetes liveness probe for Redis exporter (optional) + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 30 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 15 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 15 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 5 + livenessProbe: + # -- Enable Kubernetes liveness probe for Redis exporter + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 30 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 15 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 15 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 5 + # -- Resource limits and requests for redis-exporter sidecar resources: {} # limits: @@ -1244,6 +1273,35 @@ redis: # - secretRef: # name: secret-name + ## Probes for Redis server (optional) + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + readinessProbe: + # -- Enable Kubernetes liveness probe for Redis server + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 30 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 15 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 15 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 5 + livenessProbe: + # -- Enable Kubernetes liveness probe for Redis server + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 30 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 15 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 15 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 5 + # -- Additional containers to be added to the redis pod ## Note: Supports use of custom Helm templates extraContainers: [] From 0b79f5e5c1beb4912e32c473c5a1f77fbf1f2e8b Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 7 Feb 2024 08:10:12 +0100 Subject: [PATCH 0883/1248] feat(argo-cd): Upgrade Argo CD to 2.10.0 (#2476) * chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.0 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Update CRDs to v2.10.0 Signed-off-by: Petr Drastil * Add variables for new features Signed-off-by: Petr Drastil * Fix version in Chart.yaml Signed-off-by: Petr Drastil --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Petr Drastil Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 8 +- .../statefulset.yaml | 42 ++++ .../argocd-applicationset/deployment.yaml | 6 + .../argocd-notifications/deployment.yaml | 6 + .../argocd-repo-server/deployment.yaml | 24 +++ .../templates/argocd-server/deployment.yaml | 24 +++ .../templates/crds/crd-application.yaml | 76 +++++++ .../templates/crds/crd-applicationset.yaml | 194 ++++++++++++++++++ .../argo-cd/templates/crds/crd-project.yaml | 2 +- 9 files changed, 377 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 941238ac..09ccbc76 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.6 +appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.54.0 +version: 5.55.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add Probes for redis + - kind: changed + description: Upgrade argo-cd to v2.10.0 diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 6d1d3e2f..5a8c3745 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -122,6 +122,18 @@ spec: name: argocd-cm key: timeout.hard.reconciliation optional: true + - name: ARGOCD_RECONCILIATION_JITTER + valueFrom: + configMapKeyRef: + key: timeout.reconciliation.jitter + name: argocd-cm + optional: true + - name: ARGOCD_REPO_ERROR_GRACE_PERIOD_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.error.grace.period.seconds + optional: true - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: @@ -236,6 +248,18 @@ spec: name: argocd-cmd-params-cm key: otlp.address optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true - name: ARGOCD_APPLICATION_NAMESPACES valueFrom: configMapKeyRef: @@ -254,6 +278,24 @@ spec: name: argocd-cmd-params-cm key: controller.kubectl.parallelism.limit optional: true + - name: ARGOCD_K8SCLIENT_RETRY_MAX + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.k8sclient.retry.max + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.k8sclient.retry.base.backoff + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SERVER_SIDE_DIFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.diff.server.side + optional: true {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 655e8f19..4a5f75a5 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -210,6 +210,12 @@ spec: name: argocd-cmd-params-cm key: applicationsetcontroller.allowed.scm.providers optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.enable.scm.providers + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 2ed9f1e8..f9b766f4 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -91,6 +91,12 @@ spec: key: application.namespaces name: argocd-cmd-params-cm optional: true + - name: ARGOCD_NOTIFICATION_CONTROLLER_SELF_SERVICE_NOTIFICATION_ENABLED + valueFrom: + configMapKeyRef: + key: notificationscontroller.selfservice.enabled + name: argocd-cmd-params-cm + optional: true {{- with .Values.notifications.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 2a18df6c..c47fb1f7 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -201,6 +201,18 @@ spec: name: argocd-cmd-params-cm key: otlp.address optional: true + - name: ARGOCD_REPO_SERVER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_REPO_SERVER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE valueFrom: configMapKeyRef: @@ -249,6 +261,18 @@ spec: key: reposerver.enable.git.submodule name: argocd-cmd-params-cm optional: true + - name: ARGOCD_GIT_LS_REMOTE_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + key: reposerver.git.lsremote.parallelism.limit + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_REQUEST_TIMEOUT + valueFrom: + configMapKeyRef: + key: reposerver.git.request.timeout + name: argocd-cmd-params-cm + optional: true {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: HELM_CACHE_HOME value: /helm-working-dir diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 130aa623..08ef3650 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -287,6 +287,18 @@ spec: name: argocd-cmd-params-cm key: otlp.address optional: true + - name: ARGOCD_SERVER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_SERVER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true - name: ARGOCD_APPLICATION_NAMESPACES valueFrom: configMapKeyRef: @@ -299,6 +311,18 @@ spec: name: argocd-cmd-params-cm key: server.enable.proxy.extension optional: true + - name: ARGOCD_K8SCLIENT_RETRY_MAX + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.k8sclient.retry.max + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.k8sclient.retry.base.backoff + optional: true - name: ARGOCD_API_CONTENT_TYPES valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 03401574..9869efbb 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -330,6 +330,12 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for @@ -658,6 +664,12 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources @@ -1103,6 +1115,12 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize components + to add to the kustomization before building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize apps @@ -1421,6 +1439,12 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize components + to add to the kustomization before building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources for Kustomize @@ -1892,6 +1916,12 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources @@ -2224,6 +2254,12 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources @@ -2700,6 +2736,13 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before + building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations @@ -3049,6 +3092,13 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of + kustomize components to add to the kustomization + before building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations @@ -3513,6 +3563,12 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources @@ -3855,6 +3911,13 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before + building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources @@ -4341,6 +4404,12 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources @@ -4683,6 +4752,13 @@ spec: description: CommonLabels is a list of additional labels to add to rendered manifests type: object + components: + description: Components specifies a list of kustomize + components to add to the kustomization before + building + items: + type: string + type: array forceCommonAnnotations: description: ForceCommonAnnotations specifies whether to force applying common annotations to resources diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 8d7409e5..02623f6c 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -255,6 +255,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -465,6 +469,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -834,6 +842,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -1044,6 +1056,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -1417,6 +1433,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -1627,6 +1647,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -1980,6 +2004,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -2190,6 +2218,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -2567,6 +2599,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -2777,6 +2813,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -3146,6 +3186,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -3356,6 +3400,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -3729,6 +3777,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -3939,6 +3991,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -4292,6 +4348,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -4502,6 +4562,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -4865,6 +4929,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -5075,6 +5143,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -5618,6 +5690,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -5828,6 +5904,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -6366,6 +6446,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -6576,6 +6660,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -6943,6 +7031,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -7153,6 +7245,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -7530,6 +7626,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -7740,6 +7840,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -8109,6 +8213,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -8319,6 +8427,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -8692,6 +8804,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -8902,6 +9018,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -9255,6 +9375,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -9465,6 +9589,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -9828,6 +9956,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -10038,6 +10170,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -10581,6 +10717,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -10791,6 +10931,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -11329,6 +11473,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -11539,6 +11687,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -11910,6 +12062,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -12120,6 +12276,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -12480,6 +12640,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -12690,6 +12854,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -13233,6 +13401,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -13443,6 +13615,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -13981,6 +14157,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -14191,6 +14371,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -14633,6 +14817,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -14843,6 +15031,10 @@ spec: additionalProperties: type: string type: object + components: + items: + type: string + type: array forceCommonAnnotations: type: boolean forceCommonLabels: @@ -15002,6 +15194,8 @@ spec: - metadata - spec type: object + templatePatch: + type: string required: - generators - template diff --git a/charts/argo-cd/templates/crds/crd-project.yaml b/charts/argo-cd/templates/crds/crd-project.yaml index 8a6bbd95..38801469 100644 --- a/charts/argo-cd/templates/crds/crd-project.yaml +++ b/charts/argo-cd/templates/crds/crd-project.yaml @@ -14,7 +14,7 @@ metadata: app.kubernetes.io/part-of: argocd {{- with .Values.crds.additionalLabels }} {{- toYaml . | nindent 4}} - {{- end }} + {{- end }} name: appprojects.argoproj.io spec: group: argoproj.io From b8212e0b300e2cf68249802df892dfa561d475f8 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 7 Feb 2024 22:40:05 +0100 Subject: [PATCH 0884/1248] chore(argo-cd): Remove deprecated features and redesign Ingress (#2407) * chore(argo-cd): Remove deprecated features Signed-off-by: Petr Drastil * Remove wildcard catch all ingress rule Signed-off-by: Petr Drastil * Add ingress extra rules Signed-off-by: Petr Drastil * Remove unnecessary ingress variables Signed-off-by: Petr Drastil * Improve documentation Signed-off-by: Petr Drastil * Replace ingress paths and hosts with single backend service Signed-off-by: Petr Drastil * Use only port number to support all ingress controllers Signed-off-by: Petr Drastil * Minor gRPC fixes Signed-off-by: Petr Drastil * Simplify TLS configuration Signed-off-by: Petr Drastil * Decouple AWS and GKE ALB from generic ingress Signed-off-by: Petr Drastil * Remove map nesting for ApplicationSet ingress Signed-off-by: Petr Drastil * Use example.com domain Signed-off-by: Petr Drastil * Remove fallback for argocd-cm checksum annotation Signed-off-by: Petr Drastil * Add revisionHistoryLimit for controller Signed-off-by: Petr Drastil * Update README Signed-off-by: Petr Drastil * Update README Signed-off-by: Petr Drastil --------- Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 12 +- charts/argo-cd/README.md | 136 +++++-- charts/argo-cd/README.md.gotmpl | 69 ++++ charts/argo-cd/templates/NOTES.txt | 132 +------ charts/argo-cd/templates/_helpers.tpl | 2 +- charts/argo-cd/templates/_versions.tpl | 13 - .../clusterrole.yaml | 3 +- .../clusterrolebinding.yaml | 3 +- .../statefulset.yaml | 35 +- .../argocd-applicationset/deployment.yaml | 16 +- .../argocd-applicationset/ingress.yaml | 64 ++++ .../webhook-ingress.yaml | 73 ---- .../templates/argocd-configs/argocd-cm.yaml | 4 +- .../argocd-configs/argocd-gpg-keys-cm.yaml | 4 +- .../argocd-configs/argocd-rbac-cm.yaml | 6 +- .../argocd-configs/argocd-secret.yaml | 6 +- .../argocd-ssh-known-hosts-cm.yaml | 8 +- .../argocd-configs/argocd-tls-certs-cm.yaml | 8 +- .../argocd-repo-server/clusterrole.yaml | 3 +- .../clusterrolebinding.yaml | 3 +- .../argocd-repo-server/deployment.yaml | 8 - .../templates/argocd-server/aws/ingress.yaml | 71 ++++ .../templates/argocd-server/aws/service.yaml | 6 +- .../templates/argocd-server/clusterrole.yaml | 5 +- .../argocd-server/clusterrolebinding.yaml | 3 +- .../templates/argocd-server/deployment.yaml | 10 +- .../argocd-server/gke/backendconfig.yaml | 10 +- .../argocd-server/gke/frontendconfig.yaml | 8 +- .../templates/argocd-server/gke/ingress.yaml | 69 ++++ .../argocd-server/gke/managedcertificate.yaml | 11 +- .../templates/argocd-server/ingress-grpc.yaml | 70 ++-- .../templates/argocd-server/ingress.yaml | 90 ++--- charts/argo-cd/values.yaml | 358 ++++++++++-------- 33 files changed, 685 insertions(+), 634 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-applicationset/ingress.yaml delete mode 100644 charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml create mode 100644 charts/argo-cd/templates/argocd-server/aws/ingress.yaml create mode 100644 charts/argo-cd/templates/argocd-server/gke/ingress.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 09ccbc76..14b62197 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.55.0 +version: 6.0.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,13 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: removed + description: Support for deprecated features + - kind: removed + description: Wildcard catch all ingress rule + - kind: added + description: Ingress extra rules to allow custom ingress custom rules + - kind: added + description: Dedicated ingress implementation for AWS and GKE Application Load Balancers - kind: changed - description: Upgrade argo-cd to v2.10.0 + description: Support for multiple ingress hosts and paths refactored into `extraHosts` and `extraPaths` diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 95ed6468..862a818e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,15 +105,84 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.0.0 + +This version **removes support for**: + +* deprecated component options `logLevel` and `logFormat` +* deprecated component arguments `.args.` that were replaced with `configs.params` +* deprecated configuration `server.config` that was replaced with `configs.cm` +* deprecated configuration `server.rbacConfig` that was replaced with `configs.rbac` + +Major version also contains breaking **changes related to Argo CD Ingress** resources that were hard to extend and maintain for various ingress controller implementations. +Please review your setup and adjust to new configuration options: + +* catch all rule was removed for security reasons. If you need this please use `server.ingress.extraRules` to provide ingress rule without hostname +* ingress rule for `paths` changed to `path` as there is only single Argo CD backend path +* ingress rule for `hosts` changed to `hostname` as there can be only single SSO redirect for given hostname +* ingress TLS for server uses by default `argocd-server-tls` secret required by Argo CD server, additional ingresses are using `-tls` secret when `tls: true` +* additional hostnames and routing can be provided via `extraHosts` configuration section +* additional TLS secrets can be provided via `extraTls` configuration section + +Specific ingress implementations for cloud providers were decoupled from generic ingress resource. + +To configure AWS Application Load Balancer: + +```yaml +server: + ingress: + enabled: true + controller: aws + annotations: + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + aws: + backendProtocolVersion: HTTP2 + serviceType: NodePort +``` + +To configure GKE Application Load Balancer: + +```yaml +configs: + params: + "server.insecure": true + +server: + service: + annotations: + cloud.google.com/neg: '{"ingress": true}' + cloud.google.com/backend-config: '{"ports": {"http":"argocd-server"}}' + + ingress: + enabled: true + controller: gke + gke: + backendConfig: + healthCheck: + checkIntervalSec: 30 + timeoutSec: 5 + healthyThreshold: 1 + unhealthyThreshold: 2 + type: HTTP + requestPath: /healthz + port: 8080 + frontendConfig: + redirectToHttps: + enabled: true +``` + ### 5.53.0 Argocd-repo-server can now optionally use Persistent Volumes for its mountpoints instead of only emptydir() ### 5.52.0 + Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. ### 5.35.0 + This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. @@ -399,7 +468,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | +| apiVersionOverrides | object | `{}` | | | crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | @@ -516,7 +585,6 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | controller.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | -| controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPorts.metrics | int | `8082` | Metrics container port | @@ -575,6 +643,7 @@ NAME: my-release | controller.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | controller.replicas | int | `1` | The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. | | controller.resources | object | `{}` | Resource limits and requests for the application controller pods | +| controller.revisionHistoryLimit | int | `5` | Maximum number of controller revisions that will be maintained in StatefulSet history | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | controller.serviceAccount.create | bool | `true` | Create a service account for the application controller | @@ -686,12 +755,6 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| server.GKEbackendConfig.enabled | bool | `false` | Enable BackendConfig custom resource for Google Kubernetes Engine | -| server.GKEbackendConfig.spec | object | `{}` | [BackendConfigSpec] | -| server.GKEfrontendConfig.enabled | bool | `false` | Enable FrontConfig custom resource for Google Kubernetes Engine | -| server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] | -| server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | -| server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | @@ -744,28 +807,37 @@ NAME: my-release | server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server | | server.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | server.ingress.annotations | object | `{}` | Additional ingress annotations | +| server.ingress.aws.backendProtocolVersion | string | `"HTTP2"` | Backend protocol version for the AWS ALB gRPC service | +| server.ingress.aws.serviceType | string | `"NodePort"` | Service type for the AWS ALB gRPC service | +| server.ingress.controller | string | `"generic"` | Specific implementation for ingress controller. One of `generic`, `aws` or `gke` | | server.ingress.enabled | bool | `false` | Enable an ingress resource for the Argo CD server | -| server.ingress.extraPaths | list | `[]` | Additional ingress paths | -| server.ingress.hosts | list | `[]` | List of ingress hosts | -| server.ingress.https | bool | `false` | Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` | +| server.ingress.extraHosts | list | `[]` (See [values.yaml]) | The list of additional hostnames to be covered by ingress record | +| server.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths | +| server.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | +| server.ingress.extraTls | list | `[]` (See [values.yaml]) | Additional TLS configuration | +| server.ingress.gke.backendConfig | object | `{}` (See [values.yaml]) | Google [BackendConfig] resource, for use with the GKE Ingress Controller | +| server.ingress.gke.frontendConfig | object | `{}` (See [values.yaml]) | Google [FrontendConfig] resource, for use with the GKE Ingress Controller | +| server.ingress.gke.managedCertificate.create | bool | `true` | Create ManagedCertificate resource and annotations for Google Load balancer | +| server.ingress.gke.managedCertificate.extraDomains | list | `[]` | Additional domains for ManagedCertificate resource | +| server.ingress.hostname | string | `"argocd.example.com"` | Argo CD server hostname | | server.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | | server.ingress.labels | object | `{}` | Additional ingress labels | +| server.ingress.path | string | `"/"` | The path to Argo CD server | | server.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | -| server.ingress.paths | list | `["/"]` | List of ingress paths | -| server.ingress.tls | list | `[]` | Ingress TLS configuration | +| server.ingress.tls | bool | `false` | Enable TLS configuration for the hostname defined at `server.ingress.hostname` | | server.ingressGrpc.annotations | object | `{}` | Additional ingress annotations for dedicated [gRPC-ingress] | -| server.ingressGrpc.awsALB.backendProtocolVersion | string | `"HTTP2"` | Backend protocol version for the AWS ALB gRPC service | -| server.ingressGrpc.awsALB.serviceType | string | `"NodePort"` | Service type for the AWS ALB gRPC service | | server.ingressGrpc.enabled | bool | `false` | Enable an ingress resource for the Argo CD server for dedicated [gRPC-ingress] | -| server.ingressGrpc.extraPaths | list | `[]` | Additional ingress paths for dedicated [gRPC-ingress] | -| server.ingressGrpc.hosts | list | `[]` | List of ingress hosts for dedicated [gRPC-ingress] | -| server.ingressGrpc.https | bool | `false` | Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` | +| server.ingressGrpc.extraHosts | list | `[]` (See [values.yaml]) | The list of additional hostnames to be covered by ingress record | +| server.ingressGrpc.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths for dedicated [gRPC-ingress] | +| server.ingressGrpc.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | +| server.ingressGrpc.extraTls | list | `[]` (See [values.yaml]) | Additional TLS configuration for dedicated [gRPC-ingress] | +| server.ingressGrpc.hostname | string | `""` | Argo CD server hostname for dedicated [gRPC-ingress] | | server.ingressGrpc.ingressClassName | string | `""` | Defines which ingress controller will implement the resource [gRPC-ingress] | | server.ingressGrpc.isAWSALB | bool | `false` | Setup up gRPC ingress to work with an AWS ALB | | server.ingressGrpc.labels | object | `{}` | Additional ingress labels for dedicated [gRPC-ingress] | +| server.ingressGrpc.path | string | `"/"` | Argo CD server ingress path for dedicated [gRPC-ingress] | | server.ingressGrpc.pathType | string | `"Prefix"` | Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` | -| server.ingressGrpc.paths | list | `["/"]` | List of ingress paths for dedicated [gRPC-ingress] | -| server.ingressGrpc.tls | list | `[]` | Ingress TLS configuration for dedicated [gRPC-ingress] | +| server.ingressGrpc.tls | bool | `false` | Enable TLS configuration for the hostname defined at `server.ingressGrpc.hostname` | | server.initContainers | list | `[]` | Init containers to add to the server pod | | server.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for your argo-cd-server container | | server.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | @@ -1101,7 +1173,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | -| applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | | applicationSet.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | @@ -1125,7 +1196,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.dnsConfig | object | `{}` | [DNS configuration] | | applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | -| applicationSet.extraArgs | list | `[]` | List of extra cli args to add | +| applicationSet.extraArgs | list | `[]` | ApplicationSet controller command line flags | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | | applicationSet.extraEnv | list | `[]` | Environment variables to pass to the ApplicationSet controller | | applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the ApplicationSet controller | @@ -1135,6 +1206,18 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller | | applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.ingress.annotations | object | `{}` | Additional ingress annotations | +| applicationSet.ingress.enabled | bool | `false` | Enable an ingress resource for ApplicationSet webhook | +| applicationSet.ingress.extraHosts | list | `[]` (See [values.yaml]) | The list of additional hostnames to be covered by ingress record | +| applicationSet.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths | +| applicationSet.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | +| applicationSet.ingress.extraTls | list | `[]` (See [values.yaml]) | Additional ingress TLS configuration | +| applicationSet.ingress.hostname | string | `"argocd.example.com"` | Argo CD ApplicationSet hostname | +| applicationSet.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | +| applicationSet.ingress.labels | object | `{}` | Additional ingress labels | +| applicationSet.ingress.path | string | `"/api/webhook"` | List of ingress paths | +| applicationSet.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | +| applicationSet.ingress.tls | bool | `false` | Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` | | applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod | | applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | @@ -1190,15 +1273,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | -| applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | -| applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | -| applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | -| applicationSet.webhook.ingress.hosts | list | `[]` | List of ingress hosts | -| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | -| applicationSet.webhook.ingress.labels | object | `{}` | Additional ingress labels | -| applicationSet.webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | -| applicationSet.webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths | -| applicationSet.webhook.ingress.tls | list | `[]` | Ingress TLS configuration | ## Notifications diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index bb296e6a..5dc99217 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,15 +104,84 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.0.0 + +This version **removes support for**: + +* deprecated component options `logLevel` and `logFormat` +* deprecated component arguments `.args.` that were replaced with `configs.params` +* deprecated configuration `server.config` that was replaced with `configs.cm` +* deprecated configuration `server.rbacConfig` that was replaced with `configs.rbac` + +Major version also contains breaking **changes related to Argo CD Ingress** resources that were hard to extend and maintain for various ingress controller implementations. +Please review your setup and adjust to new configuration options: + +* catch all rule was removed for security reasons. If you need this please use `server.ingress.extraRules` to provide ingress rule without hostname +* ingress rule for `paths` changed to `path` as there is only single Argo CD backend path +* ingress rule for `hosts` changed to `hostname` as there can be only single SSO redirect for given hostname +* ingress TLS for server uses by default `argocd-server-tls` secret required by Argo CD server, additional ingresses are using `-tls` secret when `tls: true` +* additional hostnames and routing can be provided via `extraHosts` configuration section +* additional TLS secrets can be provided via `extraTls` configuration section + +Specific ingress implementations for cloud providers were decoupled from generic ingress resource. + +To configure AWS Application Load Balancer: + +```yaml +server: + ingress: + enabled: true + controller: aws + annotations: + alb.ingress.kubernetes.io/backend-protocol: HTTPS + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' + aws: + backendProtocolVersion: HTTP2 + serviceType: NodePort +``` + +To configure GKE Application Load Balancer: + +```yaml +configs: + params: + "server.insecure": true + +server: + service: + annotations: + cloud.google.com/neg: '{"ingress": true}' + cloud.google.com/backend-config: '{"ports": {"http":"argocd-server"}}' + + ingress: + enabled: true + controller: gke + gke: + backendConfig: + healthCheck: + checkIntervalSec: 30 + timeoutSec: 5 + healthyThreshold: 1 + unhealthyThreshold: 2 + type: HTTP + requestPath: /healthz + port: 8080 + frontendConfig: + redirectToHttps: + enabled: true +``` + ### 5.53.0 Argocd-repo-server can now optionally use Persistent Volumes for its mountpoints instead of only emptydir() ### 5.52.0 + Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. ### 5.35.0 + This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 1b626796..f2dbdfab 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -1,133 +1,3 @@ -{{- if .Values.controller.args.statusProcessors }} -DEPRECATED option controller.args.statusProcessors - Use configs.params.controller.status.processors -{{- end }} -{{- if .Values.controller.args.operationProcessors }} -DEPRECATED option controller.args.operationProcessors - Use configs.params.controller.operation.processors -{{- end }} -{{- if .Values.controller.args.appResyncPeriod }} -DEPRECATED option controller.args.appResyncPeriod - Use server.config.timeout.reconciliation -{{- end }} -{{- if .Values.controller.args.appHardResyncPeriod }} -DEPRECATED option controller.args.appHardResyncPeriod - Use server.config.timeout.hard.reconciliation -{{- end }} -{{- if .Values.controller.args.selfHealTimeout }} -DEPRECATED option controller.args.selfHealTimeout - Use configs.params.controller.self.heal.timeout.seconds -{{- end }} -{{- if .Values.controller.args.repoServerTimeoutSeconds }} -DEPRECATED option controller.args.repoServerTimeoutSeconds - Use configs.params.controller.repo.server.timeout.seconds -{{- end }} -{{- if .Values.controller.logFormat }} -DEPRECATED option controller.logFormat - Use configs.params.controller.log.format -{{- end }} -{{- if .Values.controller.logLevel }} -DEPRECATED option controller.logLevel - Use configs.params.controller.log.level -{{- end }} -{{- if .Values.server.logFormat }} -DEPRECATED option server.logFormat - Use configs.params.server.log.format -{{- end }} -{{- if .Values.server.logLevel }} -DEPRECATED option server.logLevel - Use configs.params.server.log.level -{{- end }} -{{- if has "--insecure" .Values.server.extraArgs }} -DEPRECATED option server.extraArgs."--insecure" - Use configs.params.server.insecure -{{- end }} -{{- if .Values.repoServer.logFormat }} -DEPRECATED option repoServer.logFormat - Use configs.params.repoServer.log.format -{{- end }} -{{- if .Values.repoServer.logLevel }} -DEPRECATED option repoServer.logLevel - Use configs.params.repoServer.log.level -{{- end }} -{{- if or .Values.server.config (hasKey .Values.server "configEnabled") .Values.server.configAnnotations }} -DEPRECATED option server.config - Use configs.cm -{{- end }} -{{- if or .Values.server.rbacConfig (hasKey .Values.server "rbacConfigCreate") .Values.server.rbacConfigAnnotations }} -DEPRECATED option server.rbacConfig - Use configs.rbac -{{- end }} -{{- if .Values.configs.secret.argocdServerTlsConfig }} -DEPRECATED option config.secret.argocdServerTlsConfig - Use server.certificate or server.certificateSecret -{{- end }} -{{- if .Values.configs.gpgKeys }} -DEPRECATED option configs.gpgKeys - Use config.gpg.keys -{{- end }} -{{- if .Values.configs.gpgKeysAnnotations }} -DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations -{{- end }} -{{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }} -DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles -{{- end }} -{{- if hasKey (.Values.server.clusterAdminAccess | default dict) "enabled" }} -DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles -{{- end }} -{{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }} -DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles -{{- end }} -{{- if .Values.configs.knownHostsAnnotations }} -DEPRECATED option configs.knownHostsAnnotations - Use configs.ssh.annotations -{{- end }} -{{- if hasKey .Values.configs "knownHosts" }} -DEPRECATED option configs.knownHosts.data.ssh_known_hosts - Use configs.ssh.knownHosts -{{- end }} -{{- if .Values.configs.tlsCertsAnnotations }} -DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations -{{- end }} -{{- if hasKey .Values.configs "tlsCerts" }} -DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates -{{- end }} -{{- if .Values.applicationSet.replicaCount }} -DEPRECATED option applicationSet.replicaCount - Use applicationSet.replicas -{{- end }} -{{- if .Values.applicationSet.logFormat }} -DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format -{{- end }} -{{- if .Values.applicationSet.logLevel }} -DEPRECATED option applicationSet.logLevel - Use configs.params.applicationsetcontroller.log.level -{{- end }} -{{- if .Values.applicationSet.args.policy }} -DEPRECATED option applicationSet.args.policy - Use configs.params.applicationsetcontroller.policy -{{- end }} -{{- if .Values.applicationSet.args.dryRun }} -DEPRECATED option applicationSet.args.dryRun - Use configs.params.applicationsetcontroller.dryRun -{{- end }} -{{- if .Values.controller.service }} -REMOVED option controller.service - Use controller.metrics -{{- end }} -{{- if .Values.repoServer.copyutil }} -REMOVED option repoSever.copyutil.resources - Use repoServer.resources -{{- end }} -{{- if .Values.applicationSet.args.debug }} -REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug -{{- end }} -{{- if .Values.applicationSet.args.enableLeaderElection }} -REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas -{{- end }} -{{- if .Values.controller.containerPort }} -REMOVED option controller.containerPort - Use controller.containerPorts -{{- end }} -{{- if .Values.server.containerPort }} -REMOVED option server.containerPort - Use server.containerPorts -{{- end }} -{{- if .Values.repoServer.containerPort }} -REMOVED option repoServer.containerPort - Use repoServer.containerPorts -{{- end }} -{{- if .Values.applicationSet.args.metricsAddr }} -REMOVED option applicationSet.args.metricsAddr - Use applicationSet.containerPorts -{{- end }} -{{- if .Values.applicationSet.args.probeBindAddr }} -REMOVED option applicationSet.args.probeBindAddr - Use applicationSet.containerPorts -{{- end }} -{{- if .Values.redis.containerPort }} -REMOVED option redis.containerPort - Use redis.containerPorts -{{- end }} -{{- if .Values.redis.metrics.containerPort }} -REMOVED option redis.metrics.containerPort - Use redis.containerPorts -{{- end }} -{{- if .Values.apiVersionOverrides.autoscaling }} -REMOVED option apiVersionOverrides.autoscaling - API autoscaling/v2 is GA from 1.23 -{{- end }} -{{- if .Values.apiVersionOverrides.certmanager }} -REMOVED option apiVersionOverrides.certmanager - API v1 is only possible option after K8s 1.22 -{{- end }} - In order to access the server UI you have the following options: 1. kubectl port-forward service/{{ include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443 @@ -139,7 +9,7 @@ In order to access the server UI you have the following options: - Set the `configs.params."server.insecure"` in the values file and terminate SSL at your ingress: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-2-multiple-ingress-objects-and-hosts -{{ if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "admin.enabled")) "true" -}} +{{ if eq (toString (index .Values.configs.cm "admin.enabled")) "true" -}} After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running: kubectl -n {{ .Release.Namespace }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 97ba5c25..4898172f 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -173,7 +173,7 @@ Argo Configuration Preset Values (Incluenced by Values configuration) Merge Argo Configuration with Preset Configuration */}} {{- define "argo-cd.config.cm" -}} -{{- $config := (mergeOverwrite (deepCopy (omit .Values.configs.cm "create" "annotations")) (.Values.server.config | default dict)) -}} +{{- $config := omit .Values.configs.cm "create" "annotations" -}} {{- $preset := include "argo-cd.config.cm.presets" . | fromYaml | default dict -}} {{- range $key, $value := mergeOverwrite $preset $config }} {{- $fmted := $value | toString }} diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 5d65fcd6..966dad97 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -5,16 +5,3 @@ Return the target Kubernetes version {{- define "argo-cd.kubeVersion" -}} {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} {{- end }} - -{{/* -Return the appropriate apiVersion for GKE resources -*/}} -{{- define "argo-cd.apiVersions.cloudgoogle" -}} -{{- if .Values.apiVersionOverrides.cloudgoogle -}} -{{- print .Values.apiVersionOverrides.cloudgoogle -}} -{{- else if .Capabilities.APIVersions.Has "cloud.google.com/v1" -}} -{{- print "cloud.google.com/v1" -}} -{{- else -}} -{{- print "cloud.google.com/v1beta1" -}} -{{- end -}} -{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml index 5ebe00b3..615b56f9 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml @@ -1,5 +1,4 @@ -{{- $config := .Values.controller.clusterAdminAccess | default dict -}} -{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} +{{- if .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml index 9ebe80ad..7b6df782 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -1,5 +1,4 @@ -{{- $config := .Values.controller.clusterAdminAccess | default dict -}} -{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} +{{- if .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 5a8c3745..c08a4a34 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -13,8 +13,7 @@ metadata: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: replicas: {{ .Values.controller.replicas }} - # TODO: Remove for breaking release as history limit cannot be patched - revisionHistoryLimit: 5 + revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit | default .Values.global.revisionHistoryLimit }} serviceName: {{ include "argo-cd.controller.fullname" . }} selector: matchLabels: @@ -66,38 +65,6 @@ spec: - {{ . }} {{- end }} {{- end }} - {{- with .Values.controller.args.statusProcessors }} - - --status-processors - - {{ . | quote }} - {{- end }} - {{- with .Values.controller.args.operationProcessors }} - - --operation-processors - - {{ . | quote }} - {{- end }} - {{- with .Values.controller.args.appResyncPeriod }} - - --app-resync - - {{ . | quote }} - {{- end }} - {{- with .Values.controller.args.appHardResyncPeriod }} - - --app-hard-resync - - {{ . | quote }} - {{- end }} - {{- with .Values.controller.args.selfHealTimeout }} - - --self-heal-timeout-seconds - - {{ . | quote }} - {{- end }} - {{- with .Values.controller.args.repoServerTimeoutSeconds }} - - --repo-server-timeout-seconds - - {{ . | quote }} - {{- end }} - {{- with .Values.controller.logFormat }} - - --logformat - - {{ . | quote }} - {{- end }} - {{- with .Values.controller.logLevel }} - - --loglevel - - {{ . | quote }} - {{- end }} {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 4a5f75a5..96fc3804 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -17,7 +17,7 @@ spec: strategy: {{- trim . | nindent 4 }} {{- end }} - replicas: {{ .Values.applicationSet.replicas | default .Values.applicationSet.replicaCount }} + replicas: {{ .Values.applicationSet.replicas }} revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: @@ -65,20 +65,6 @@ spec: - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} - {{- with .Values.applicationSet.args.policy }} - - --policy={{ . }} - {{- end }} - {{- with .Values.applicationSet.args.dryRun }} - - --dry-run={{ . }} - {{- end }} - {{- with .Values.applicationSet.logFormat }} - - --logformat - - {{ . }} - {{- end }} - {{- with .Values.applicationSet.logLevel }} - - --loglevel - - {{ . }} - {{- end }} {{- with .Values.applicationSet.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml new file mode 100644 index 00000000..ce01e7c6 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml @@ -0,0 +1,64 @@ +{{- if and .Values.applicationSet.enabled .Values.applicationSet.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- with .Values.applicationSet.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.applicationSet.ingress.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- with .Values.applicationSet.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + rules: + {{- if .Values.applicationSet.ingress.hostname }} + - host: {{ .Values.applicationSet.ingress.hostname }} + http: + paths: + {{- with .Values.applicationSet.ingress.extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} + - path: {{ .Values.applicationSet.ingress.path }} + pathType: {{ $.Values.applicationSet.ingress.pathType }} + backend: + service: + name: {{ include "argo-cd.applicationSet.fullname" $ }} + port: + number: {{ .Values.applicationSet.service.port }} + {{- end }} + {{- range .Values.server.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default .Values.server.ingress.path .path }} + pathType: {{ default .Values.server.ingress.pathType .pathType }} + backend: + service: + name: {{ include "argo-cd.applicationSet.fullname" . }} + port: + number: {{ .Values.applicationSet.service.port }} + {{- end }} + {{- with .Values.applicationSet.ingress.extraRules }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if or .Values.applicationSet.ingress.tls .Values.applicationSet.ingress.extraTls }} + tls: + {{- if .Values.applicationSet.ingress.tls }} + - hosts: + - {{ .Values.applicationSet.ingress.hostname }} + secretName: argocd-application-controller-tls + {{- end }} + {{- with .Values.applicationSet.ingress.extraTls }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml deleted file mode 100644 index d98f9423..00000000 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ /dev/null @@ -1,73 +0,0 @@ -{{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}} -{{- $servicePort := .Values.applicationSet.service.portName -}} -{{- $paths := .Values.applicationSet.webhook.ingress.paths -}} -{{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}} -{{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ include "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} - {{- with .Values.applicationSet.webhook.ingress.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.applicationSet.webhook.ingress.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - {{- with .Values.applicationSet.webhook.ingress.ingressClassName }} - ingressClassName: {{ . }} - {{- end }} - rules: - {{- if .Values.applicationSet.webhook.ingress.hosts }} - {{- range $host := .Values.applicationSet.webhook.ingress.hosts }} - - host: {{ $host }} - http: - paths: - {{- with $extraPaths }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- range $p := $paths }} - - path: {{ $p }} - pathType: {{ $pathType }} - backend: - service: - name: {{ include "argo-cd.applicationSet.fullname" $ }} - port: - {{- if kindIs "float64" $servicePort }} - number: {{ $servicePort }} - {{- else }} - name: {{ $servicePort }} - {{- end }} - {{- end -}} - {{- end -}} - {{- else }} - - http: - paths: - {{- with $extraPaths }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- range $p := $paths }} - - path: {{ $p }} - pathType: {{ $pathType }} - backend: - service: - name: {{ include "argo-cd.applicationSet.fullname" $ }} - port: - {{- if kindIs "float64" $servicePort }} - number: {{ $servicePort }} - {{- else }} - name: {{ $servicePort }} - {{- end }} - {{- end -}} - {{- end -}} - {{- with .Values.applicationSet.webhook.ingress.tls }} - tls: - {{- toYaml . | nindent 4 }} - {{- end -}} -{{- end -}} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 829a6776..c0c8bc86 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -1,4 +1,4 @@ -{{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} +{{- if .Values.configs.cm.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -6,7 +6,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.cm.annotations) (.Values.server.configAnnotations | default dict)) }} + {{- with .Values.configs.cm.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml index 982867f9..f94113a2 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -5,13 +5,13 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} - {{ with (mergeOverwrite (deepCopy .Values.configs.gpg.annotations) (.Values.configs.gpgKeysAnnotations | default dict)) -}} + {{- with .Values.configs.gpg.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{ with (mergeOverwrite (deepCopy .Values.configs.gpg.keys) (.Values.configs.gpgKeys | default dict)) -}} +{{- with .Values.configs.gpg.keys }} data: {{- toYaml . | nindent 2 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index c882cb39..f9b62f76 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -1,4 +1,4 @@ -{{- if (hasKey .Values.server "rbacConfigCreate") | ternary .Values.server.rbacConfigCreate .Values.configs.rbac.create }} +{{- if .Values.configs.rbac.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -6,13 +6,13 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "rbac-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.rbac.annotations) (.Values.server.rbacConfigAnnotations | default dict)) }} + {{- with .Values.configs.rbac.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- with (mergeOverwrite (deepCopy (omit .Values.configs.rbac "create" "annotations")) (.Values.server.rbacConfig | default dict)) }} +{{- with (omit .Values.configs.rbac "create" "annotations") }} data: {{- toYaml . | nindent 2 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 4561440a..9e25e376 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} {{- end }} type: Opaque -{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret (and .Values.configs.secret.azureDevops.username .Values.configs.secret.azureDevops.password) .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }} +{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret (and .Values.configs.secret.azureDevops.username .Values.configs.secret.azureDevops.password) .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.extra) }} # Setting a blank data again will wipe admin password/key/cert data: {{- with .Values.configs.secret.githubSecret }} @@ -38,10 +38,6 @@ data: webhook.azuredevops.username: {{ .Values.configs.secret.azureDevops.username | b64enc }} webhook.azuredevops.password: {{ .Values.configs.secret.azureDevops.password | b64enc }} {{- end }} - {{- with .Values.configs.secret.argocdServerTlsConfig }} - tls.key: {{ .key | b64enc }} - tls.crt: {{ .crt | b64enc }} - {{- end }} {{- if .Values.configs.secret.argocdServerAdminPassword }} admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }} admin.passwordMtime: {{ default (dateInZone "2006-01-02T15:04:05Z" (now) "UTC") .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index a7f3abdf..845d219d 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -5,7 +5,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) }} + {{- with .Values.configs.ssh.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} @@ -13,11 +13,7 @@ metadata: {{- end }} data: ssh_known_hosts: | - {{- if hasKey .Values.configs "knownHosts" }} - {{- .Values.configs.knownHosts.data.ssh_known_hosts | nindent 4 }} - {{- else }} - {{- .Values.configs.ssh.knownHosts | nindent 4 }} - {{- end }} + {{- .Values.configs.ssh.knownHosts | nindent 4 }} {{- with .Values.configs.ssh.extraHosts }} {{- . | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 6a5a95e5..fa6e7433 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -5,19 +5,13 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.tls.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) }} + {{- with .Values.configs.tls.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- if hasKey .Values.configs "tlsCerts" }} - {{- with .Values.configs.tlsCerts }} - {{- toYaml . | nindent 0 }} - {{- end }} -{{- else }} {{- with .Values.configs.tls.certificates }} data: {{- toYaml . | nindent 2 }} {{- end }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml index 21dff1a9..e6efa08a 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml @@ -1,5 +1,4 @@ -{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} -{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} +{{- if .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml index ba156d24..f15b1cec 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -1,5 +1,4 @@ -{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} -{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} +{{- if .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index c47fb1f7..2d232591 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -74,14 +74,6 @@ spec: - /usr/local/bin/argocd-repo-server - --port={{ .Values.repoServer.containerPorts.server }} - --metrics-port={{ .Values.repoServer.containerPorts.metrics }} - {{- with .Values.repoServer.logFormat }} - - --logformat - - {{ . | quote }} - {{- end }} - {{- with .Values.repoServer.logLevel }} - - --loglevel - - {{ . | quote }} - {{- end }} {{- with .Values.repoServer.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml new file mode 100644 index 00000000..181e2b9d --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml @@ -0,0 +1,71 @@ +{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "aws") }} +{{- $insecure := index .Values.configs.params "server.insecure" | toString -}} +{{- $servicePort := eq $insecure "true" | ternary .Values.server.service.servicePortHttp .Values.server.service.servicePortHttps -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + annotations: + alb.ingress.kubernetes.io/conditions.{{ include "argo-cd.server.fullname" . }}-grpc: | + [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] + {{- range $key, $value := .Values.server.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + {{- with .Values.server.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + rules: + - host: {{ .Values.server.ingress.hostname }} + http: + paths: + {{- with .Values.server.ingress.extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} + - path: {{ .Values.server.ingress.path }} + pathType: {{ $.Values.server.ingress.pathType }} + backend: + service: + name: {{ include "argo-cd.server.fullname" . }} + port: + number: {{ $servicePort }} + - path: {{ .Values.server.ingress.path }} + pathType: {{ $.Values.server.ingressGrpc.pathType }} + backend: + service: + name: {{ include "argo-cd.server.fullname" $ }}-grpc + port: + number: {{ $servicePort }} + {{- range .Values.server.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default .Values.server.ingress.path .path }} + pathType: {{ default .Values.server.ingress.pathType .pathType }} + backend: + service: + name: {{ include "argo-cd.server.fullname" . }} + port: + number: {{ $servicePort }} + {{- end }} + {{- with .Values.server.ingress.extraRules }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if or .Values.server.ingress.tls .Values.server.ingress.extraTls }} + tls: + {{- if .Values.server.ingress.tls }} + - hosts: + - {{ .Values.server.ingress.hostname }} + secretName: argocd-server-tls + {{- end }} + {{- with .Values.server.ingress.extraTls }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index e9032f92..376699e3 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -1,9 +1,9 @@ -{{- if and .Values.server.ingressGrpc.enabled .Values.server.ingressGrpc.isAWSALB -}} +{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "aws") }} apiVersion: v1 kind: Service metadata: annotations: - alb.ingress.kubernetes.io/backend-protocol-version: {{ .Values.server.ingressGrpc.awsALB.backendProtocolVersion }} + alb.ingress.kubernetes.io/backend-protocol-version: {{ .Values.server.ingress.aws.backendProtocolVersion }} labels: {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-grpc @@ -21,5 +21,5 @@ spec: selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None - type: {{ .Values.server.ingressGrpc.awsALB.serviceType }} + type: {{ .Values.server.ingress.aws.serviceType }} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index bd10316b..f4877980 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -1,5 +1,4 @@ -{{- $config := .Values.server.clusterAdminAccess | default dict -}} -{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} +{{- if .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -31,7 +30,7 @@ rules: - pods/log verbs: - get - {{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }} + {{- if eq (toString (index .Values.configs.cm "exec.enabled")) "true" }} - apiGroups: - "" resources: diff --git a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 27fd13d6..1e5a98fa 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -1,5 +1,4 @@ -{{- $config := .Values.server.clusterAdminAccess | default dict -}} -{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} +{{- if .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 08ef3650..6de12319 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -27,7 +27,7 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} - {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + {{- if .Values.configs.cm.create }} checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.server.podAnnotations) }} @@ -68,14 +68,6 @@ spec: - /usr/local/bin/argocd-server - --port={{ .Values.server.containerPorts.server }} - --metrics-port={{ .Values.server.containerPorts.metrics }} - {{- with .Values.server.logFormat }} - - --logformat - - {{ . | quote }} - {{- end }} - {{- with .Values.server.logLevel }} - - --loglevel - - {{ . | quote }} - {{- end }} {{- with .Values.server.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml index e2ae3d84..cd040c90 100644 --- a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml @@ -1,11 +1,13 @@ -{{- if .Values.server.GKEbackendConfig.enabled }} -apiVersion: {{ include "argo-cd.apiVersions.cloudgoogle" . }} +{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "gke") .Values.server.ingress.gke.backendConfig }} +apiVersion: cloud.google.com/v1 kind: BackendConfig metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +{{- with .Values.server.ingress.gke.backendConfig }} spec: - {{- toYaml .Values.server.GKEbackendConfig.spec | nindent 2 }} + {{- toYaml . | nindent 2 }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml index 31687596..d8b3b1ea 100644 --- a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml @@ -1,11 +1,13 @@ -{{- if .Values.server.GKEfrontendConfig.enabled }} +{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "gke") .Values.server.ingress.gke.frontendConfig }} apiVersion: networking.gke.io/v1beta1 kind: FrontendConfig metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +{{- with .Values.server.ingress.gke.frontendConfig }} spec: - {{- toYaml .Values.server.GKEfrontendConfig.spec | nindent 2 }} + {{- toYaml . | nindent 2 }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml new file mode 100644 index 00000000..ffa583e4 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml @@ -0,0 +1,69 @@ +{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "gke") }} +{{- $insecure := index .Values.configs.params "server.insecure" | toString -}} +{{- $servicePort := eq $insecure "true" | ternary .Values.server.service.servicePortHttp .Values.server.service.servicePortHttps -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + annotations: + ingressClassName: "gce" + {{- if .Values.server.ingress.gke.managedCertificate.create }} + networking.gke.io/managed-certificates: {{ include "argo-cd.server.fullname" . }} + {{- end }} + {{- if .Values.server.ingress.gke.frontendConfig }} + networking.gke.io/v1beta1.FrontendConfig: {{ include "argo-cd.server.fullname" . }} + {{- end }} + {{- range $key, $value := .Values.server.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + {{- with .Values.server.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + rules: + - host: {{ .Values.server.ingress.hostname }} + http: + paths: + {{- with .Values.server.ingress.extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} + - path: {{ .Values.server.ingress.path }} + pathType: {{ .Values.server.ingress.pathType }} + backend: + service: + name: {{ include "argo-cd.server.fullname" . }} + port: + number: {{ $servicePort }} + {{- range .Values.server.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default .Values.server.ingress.path .path }} + pathType: {{ default .Values.server.ingress.pathType .pathType }} + backend: + service: + name: {{ include "argo-cd.server.fullname" . }} + port: + number: {{ $servicePort }} + {{- end }} + {{- with .Values.server.ingress.extraRules }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if or .Values.server.ingress.tls .Values.server.ingress.extraTls }} + tls: + {{- if .Values.server.ingress.tls }} + - hosts: + - {{ .Values.server.ingress.hostname }} + secretName: argocd-server-tls + {{- end }} + {{- with .Values.server.ingress.extraTls }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml index 942c6b3f..569063be 100644 --- a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml @@ -1,12 +1,15 @@ -{{- if .Values.server.GKEmanagedCertificate.enabled }} +{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "gke") .Values.server.ingress.gke.managedCertificate.create }} apiVersion: networking.gke.io/v1 kind: ManagedCertificate metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: domains: - {{- with .Values.server.GKEmanagedCertificate.domains }} - {{- toYaml . | nindent 4 }} + - {{ .Values.server.ingress.hostname }} + {{- with .Values.server.ingress.gke.managedCertificate.extraDomains }} + {{- toYaml . | nindent 4 }} {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index b671f86f..c4ce93c3 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,8 +1,7 @@ -{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}} -{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} -{{- $paths := .Values.server.ingressGrpc.paths -}} -{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} -{{- $pathType := .Values.server.ingressGrpc.pathType -}} +{{- if and .Values.server.ingressGrpc.enabled (eq .Values.server.ingress.controller "generic") -}} +{{- $hostname := .Values.server.ingressGrpc.hostname | default (printf "grpc.%s" .Values.server.ingress.hostname) -}} +{{- $insecure := index .Values.configs.params "server.insecure" | toString -}} +{{- $servicePort := eq $insecure "true" | ternary .Values.server.service.servicePortHttp .Values.server.service.servicePortHttps -}} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -24,50 +23,43 @@ spec: ingressClassName: {{ . }} {{- end }} rules: - {{- if .Values.server.ingressGrpc.hosts }} - {{- range $host := .Values.server.ingressGrpc.hosts }} - - host: {{ $host }} + - host: {{ $hostname }} http: paths: - {{- with $extraPaths }} - {{- toYaml . | nindent 10 }} + {{- with .Values.server.ingressGrpc.extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} - {{- range $p := $paths }} - - path: {{ $p }} - pathType: {{ $pathType }} + - path: {{ .Values.server.ingressGrpc.path }} + pathType: {{ .Values.server.ingressGrpc.pathType }} backend: service: - name: {{ include "argo-cd.server.fullname" $ }} + name: {{ include "argo-cd.server.fullname" . }} port: - {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} - {{- else }} - name: {{ $servicePort }} - {{- end }} - {{- end -}} - {{- end -}} - {{- else }} - - http: + {{- range .Values.server.ingressGrpc.extraHosts }} + - host: {{ .name | quote }} + http: paths: - {{- with $extraPaths }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- range $p := $paths }} - - path: {{ $p }} - pathType: {{ $pathType }} + - path: {{ default .Values.server.ingressGrpc.path .path }} + pathType: {{ default .Values.server.ingressGrpc.pathType .pathType }} backend: service: - name: {{ include "argo-cd.server.fullname" $ }} + name: {{ include "argo-cd.server.fullname" . }} port: - {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} - {{- else }} - name: {{ $servicePort }} - {{- end }} - {{- end -}} - {{- end -}} - {{- with .Values.server.ingressGrpc.tls }} + {{- end }} + {{- with .Values.server.ingressGrpc.extraRules }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if or .Values.server.ingressGrpc.tls .Values.server.ingressGrpc.extraTls }} tls: - {{- toYaml . | nindent 4 }} - {{- end -}} -{{- end -}} + {{- if .Values.server.ingressGrpc.tls }} + - hosts: + - {{ $hostname }} + secretName: {{ printf "%s-tls" $hostname }} + {{- end }} + {{- with .Values.server.ingressGrpc.tls }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index a142bb66..5d8959e7 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -1,8 +1,6 @@ -{{- if .Values.server.ingress.enabled -}} -{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} -{{- $paths := .Values.server.ingress.paths -}} -{{- $extraPaths := .Values.server.ingress.extraPaths -}} -{{- $pathType := .Values.server.ingress.pathType -}} +{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "generic") }} +{{- $insecure := index .Values.configs.params "server.insecure" | toString -}} +{{- $servicePort := eq $insecure "true" | ternary .Values.server.service.servicePortHttp .Values.server.service.servicePortHttps -}} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -13,78 +11,54 @@ metadata: {{- with .Values.server.ingress.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.server.ingress.annotations }} + {{- with .Values.server.ingress.annotations }} annotations: - {{- range $key, $value := .Values.server.ingress.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} - {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} - alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | - [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] - {{- end }} {{- end }} spec: {{- with .Values.server.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} rules: - {{- if .Values.server.ingress.hosts }} - {{- range $host := .Values.server.ingress.hosts }} - - host: {{ $host | quote }} + - host: {{ .Values.server.ingress.hostname }} http: paths: - {{- with $extraPaths }} - {{- toYaml . | nindent 10 }} + {{- with .Values.server.ingress.extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} - {{- range $p := $paths }} - {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} - - path: {{ $p }} - pathType: {{ $.Values.server.ingressGrpc.pathType }} + - path: {{ .Values.server.ingress.path }} + pathType: {{ $.Values.server.ingress.pathType }} backend: service: - name: {{ template "argo-cd.server.fullname" $ }}-grpc + name: {{ include "argo-cd.server.fullname" . }} port: - {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} - {{- else }} - name: {{ $servicePort }} - {{- end }} - {{- end }} - - path: {{ $p }} - pathType: {{ $pathType }} - backend: - service: - name: {{ include "argo-cd.server.fullname" $ }} - port: - {{- if kindIs "float64" $servicePort }} - number: {{ $servicePort }} - {{- else }} - name: {{ $servicePort }} - {{- end }} - {{- end -}} - {{- end -}} - {{- else }} - - http: + {{- range .Values.server.ingress.extraHosts }} + - host: {{ .name | quote }} + http: paths: - {{- with $extraPaths }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- range $p := $paths }} - - path: {{ $p }} - pathType: {{ $pathType }} + - path: {{ default .Values.server.ingress.path .path }} + pathType: {{ default .Values.server.ingress.pathType .pathType }} backend: service: - name: {{ include "argo-cd.server.fullname" $ }} + name: {{ include "argo-cd.server.fullname" . }} port: - {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} - {{- else }} - name: {{ $servicePort }} - {{- end }} - {{- end -}} - {{- end -}} - {{- with .Values.server.ingress.tls }} + {{- end }} + {{- with .Values.server.ingress.extraRules }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if or .Values.server.ingress.tls .Values.server.ingress.extraTls }} tls: - {{- toYaml . | nindent 4 }} - {{- end -}} -{{- end -}} + {{- if .Values.server.ingress.tls }} + - hosts: + - {{ .Values.server.ingress.hostname }} + secretName: argocd-server-tls + {{- end }} + {{- with .Values.server.ingress.extraTls }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b3fc3ef5..146dac34 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -11,9 +11,7 @@ kubeVersionOverride: "" # Override APIVersions # If you want to template helm charts but cannot access k8s API server # you can set api versions here -apiVersionOverrides: - # -- String to override apiVersion of GKE resources rendered by this helm chart - cloudgoogle: "" # cloud.google.com/v1 +apiVersionOverrides: {} # -- Create aggregated roles that extend existing cluster roles to interact with argo-cd resources ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles @@ -442,16 +440,6 @@ configs: # insecure: false # caData: "" - # DEPRECATED - Moved to configs.ssh.annotations - # knownHostsAnnotations: {} - # DEPRECATED - Moved to configs.ssh.knownHosts - # knownHosts: {} - - # DEPRECATED - Moved to configs.tls.annotations - # tlsCertsAnnotations: {} - # DEPRECATED - Moved to configs.tls.certificates - # tlsCerts: {} - # -- Repository credentials to be used as Templates for other repos ## Creates a secret for each key/value specified below to create repository credentials credentialTemplates: {} @@ -533,12 +521,6 @@ configs: {} # LDAP_PASSWORD: "mypassword" - # -- Argo TLS Data - # DEPRECATED - Use server.certificate or server.certificateSecret - # argocdServerTlsConfig: - # key: '' - # crt: '' - # -- Bcrypt hashed admin password ## Argo expects the password in the secret to be bcrypt hashed. You can create this hash with ## `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` @@ -595,6 +577,9 @@ controller: # Additional replicas will cause sharding of managed clusters across number of replicas. replicas: 1 + # -- Maximum number of controller revisions that will be maintained in StatefulSet history + revisionHistoryLimit: 5 + ## Application controller Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ pdb: @@ -627,22 +612,6 @@ controller: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # -- DEPRECATED - Application controller commandline flags - args: {} - # DEPRECATED - Use configs.params to override - # # -- define the application controller `--status-processors` - # statusProcessors: "20" - # # -- define the application controller `--operation-processors` - # operationProcessors: "10" - # # -- define the application controller `--app-hard-resync` - # appHardResyncPeriod: "0" - # # -- define the application controller `--app-resync` - # appResyncPeriod: "180" - # # -- define the application controller `--self-heal-timeout-seconds` - # selfHealTimeout: "5" - # # -- define the application controller `--repo-server-timeout-seconds` - # repoServerTimeoutSeconds: "60" - # -- Additional command line arguments to pass to application controller extraArgs: [] @@ -1992,29 +1961,47 @@ server: # -- Automount API credentials for the Service Account automountServiceAccountToken: true + # Argo CD server ingress configuration ingress: # -- Enable an ingress resource for the Argo CD server enabled: false - # -- Additional ingress annotations - annotations: {} + # -- Specific implementation for ingress controller. One of `generic`, `aws` or `gke` + ## Additional configuration might be required in related configuration sections + controller: generic # -- Additional ingress labels labels: {} + # -- Additional ingress annotations + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-1-ssl-passthrough + annotations: {} + # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + # nginx.ingress.kubernetes.io/ssl-passthrough: "true" + # -- Defines which ingress controller will implement the resource ingressClassName: "" - # -- List of ingress hosts - ## Argo Ingress. - ## Hostnames must be provided if Ingress is enabled. - ## Secrets must be manually created in the namespace - hosts: [] - # - argocd.example.com + # -- Argo CD server hostname + ## NOTE: Hostname must be provided if Ingress is enabled + hostname: argocd.example.com + + # -- The path to Argo CD server + path: / - # -- List of ingress paths - paths: - - / # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix + + # -- Enable TLS configuration for the hostname defined at `server.ingress.hostname` + ## TLS certificate will be retrieved from a TLS secret `argocd-server-tls` + ## You can create this secret via `certificate` or `certificateSecret` option + tls: false + + # -- The list of additional hostnames to be covered by ingress record + # @default -- `[]` (See [values.yaml]) + extraHosts: [] + # - name: argocd.example.com + # path: / + # -- Additional ingress paths + # @default -- `[]` (See [values.yaml]) extraPaths: [] # - path: /* # pathType: Prefix @@ -2024,17 +2011,70 @@ server: # port: # name: use-annotation - # -- Ingress TLS configuration - tls: [] - # - secretName: your-certificate-name - # hosts: - # - argocd.example.com + # -- Additional ingress rules + # @default -- `[]` (See [values.yaml]) + extraRules: [] + # - host: example.example.com + # http: + # path: / + # backend: + # service: + # name: example-svc + # port: + # name: http - # -- Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` - https: false + # -- Additional TLS configuration + # @default -- `[]` (See [values.yaml]) + extraTls: [] + # - hosts: + # - argocd.example.com + # secretName: your-certificate-name - # dedicated ingress for gRPC as documented at - # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ + # AWS specific options for Application Load Balancer + # Applies only when `serv.ingress.controller` is set to `aws` + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#aws-application-load-balancers-albs-and-classic-elb-http-mode + aws: + # -- Backend protocol version for the AWS ALB gRPC service + ## This tells AWS to send traffic from the ALB using HTTP2. Can use gRPC as well if you want to leverage gRPC specific features + backendProtocolVersion: HTTP2 + # -- Service type for the AWS ALB gRPC service + ## Can be of type NodePort or ClusterIP depending on which mode you are running. + ## Instance mode needs type NodePort, IP mode needs type ClusterIP + ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic + serviceType: NodePort + + # Google specific options for Google Application Load Balancer + # Applies only when `server.ingress.controller` is set to `gke` + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#google-cloud-load-balancers-with-kubernetes-ingress + gke: + # -- Google [BackendConfig] resource, for use with the GKE Ingress Controller + # @default -- `{}` (See [values.yaml]) + ## Ref: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters + backendConfig: {} + # iap: + # enabled: true + # oauthclientCredentials: + # secretName: argocd-secret + + # -- Google [FrontendConfig] resource, for use with the GKE Ingress Controller + # @default -- `{}` (See [values.yaml]) + ## Ref: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters + frontendConfig: {} + # redirectToHttps: + # enabled: true + # responseCodeName: RESPONSE_CODE + + # Managed GKE certificate for ingress hostname + managedCertificate: + # -- Create ManagedCertificate resource and annotations for Google Load balancer + ## Ref: https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs + create: true + # -- Additional domains for ManagedCertificate resource + extraDomains: [] + # - argocd.example.com + + # Dedicated gRPC ingress for ingress controllers that supports only single backend protocol per Ingress resource + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-2-multiple-ingress-objects-and-hosts ingressGrpc: # -- Enable an ingress resource for the Argo CD server for dedicated [gRPC-ingress] enabled: false @@ -2047,32 +2087,27 @@ server: # -- Defines which ingress controller will implement the resource [gRPC-ingress] ingressClassName: "" - awsALB: - # -- Service type for the AWS ALB gRPC service - ## Service Type if isAWSALB is set to true - ## Can be of type NodePort or ClusterIP depending on which mode you are - ## are running. Instance mode needs type NodePort, IP mode needs type - ## ClusterIP - ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic - serviceType: NodePort - # -- Backend protocol version for the AWS ALB gRPC service - ## This tells AWS to send traffic from the ALB using HTTP2. Can use gRPC as well if you want to leverage gRPC specific features - backendProtocolVersion: HTTP2 + # -- Argo CD server hostname for dedicated [gRPC-ingress] + hostname: "" - # -- List of ingress hosts for dedicated [gRPC-ingress] - ## Argo Ingress. - ## Hostnames must be provided if Ingress is enabled. - ## Secrets must be manually created in the namespace - ## - hosts: [] - # - argocd.example.com + # -- Argo CD server ingress path for dedicated [gRPC-ingress] + path: / - # -- List of ingress paths for dedicated [gRPC-ingress] - paths: - - / # -- Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix + + # -- Enable TLS configuration for the hostname defined at `server.ingressGrpc.hostname` + ## TLS certificate will be retrieved from a TLS secret with name: `-tls` + tls: false + + # -- The list of additional hostnames to be covered by ingress record + # @default -- `[]` (See [values.yaml]) + extraHosts: [] + # - name: grpc.argocd.example.com + # path: / + # -- Additional ingress paths for dedicated [gRPC-ingress] + # @default -- `[]` (See [values.yaml]) extraPaths: [] # - path: /* # pathType: Prefix @@ -2082,15 +2117,25 @@ server: # port: # name: use-annotation - # -- Ingress TLS configuration for dedicated [gRPC-ingress] - tls: [] + # -- Additional ingress rules + # @default -- `[]` (See [values.yaml]) + extraRules: [] + # - host: example.example.com + # http: + # path: / + # backend: + # service: + # name: example-svc + # port: + # name: http + + # -- Additional TLS configuration for dedicated [gRPC-ingress] + # @default -- `[]` (See [values.yaml]) + extraTls: [] # - secretName: your-certificate-name # hosts: # - argocd.example.com - # -- Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp` - https: false - # Create a OpenShift Route with SSL passthrough for UI and CLI # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: @@ -2107,38 +2152,6 @@ server: # -- Termination policy of Openshift Route termination_policy: None - GKEbackendConfig: - # -- Enable BackendConfig custom resource for Google Kubernetes Engine - enabled: false - # -- [BackendConfigSpec] - spec: {} - # spec: - # iap: - # enabled: true - # oauthclientCredentials: - # secretName: argocd-secret - - ## Create a Google Managed Certificate for use with the GKE Ingress Controller - ## https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs - GKEmanagedCertificate: - # -- Enable ManagedCertificate custom resource for Google Kubernetes Engine. - enabled: false - # -- Domains for the Google Managed Certificate - domains: - - argocd.example.com - - ## Create a Google FrontendConfig Custom Resource, for use with the GKE Ingress Controller - ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters - GKEfrontendConfig: - # -- Enable FrontConfig custom resource for Google Kubernetes Engine - enabled: false - # -- [FrontendConfigSpec] - spec: {} - # spec: - # redirectToHttps: - # enabled: true - # responseCodeName: RESPONSE_CODE - ## Repo Server repoServer: # -- Repo server name @@ -2558,16 +2571,7 @@ applicationSet: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # -- DEPRECATED - ApplicationSet controller command line flags - args: {} - # DEPRECATED - Use configs.params.applicationsetcontroller.policy to override - # -- How application is synced between the generator and the cluster - # policy: sync - # DEPRECATED - Use configs.params.applicationsetcontroller.dryrun to override - # -- Enable dry run mode - # dryRun: false - - # -- List of extra cli args to add + # -- ApplicationSet controller command line flags extraArgs: [] # -- Environment variables to pass to the ApplicationSet controller @@ -2772,51 +2776,6 @@ applicationSet: # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" - ## Webhook for the Git Generator - ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) - webhook: - ingress: - # -- Enable an ingress resource for Webhooks - enabled: false - # -- Additional ingress annotations - annotations: {} - # -- Additional ingress labels - labels: {} - # -- Defines which ingress ApplicationSet controller will implement the resource - ingressClassName: "" - - # -- List of ingress hosts - ## Hostnames must be provided if Ingress is enabled. - ## Secrets must be manually created in the namespace - hosts: [] - # - argocd-applicationset.example.com - - # -- List of ingress paths - paths: - - /api/webhook - # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` - pathType: Prefix - # -- Additional ingress paths - extraPaths: [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: use-annotation - - # -- Ingress TLS configuration - tls: [] - # - secretName: argocd-applicationset-tls - # hosts: - # - argocd-applicationset.example.com - # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-configuration certificate: @@ -2858,6 +2817,69 @@ applicationSet: # -- Annotations to be applied to the ApplicationSet Certificate annotations: {} + ## Ingress for the Git Generator webhook + ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) + ingress: + # -- Enable an ingress resource for ApplicationSet webhook + enabled: false + # -- Additional ingress labels + labels: {} + # -- Additional ingress annotations + annotations: {} + + # -- Defines which ingress ApplicationSet controller will implement the resource + ingressClassName: "" + + # -- Argo CD ApplicationSet hostname + ## NOTE: Hostname must be provided if Ingress is enabled + hostname: argocd.example.com + + # -- List of ingress paths + path: /api/webhook + + # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` + pathType: Prefix + + # -- Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` + ## TLS certificate will be retrieved from a TLS secret with name:`argocd-application-controller-tls` + tls: false + + # -- The list of additional hostnames to be covered by ingress record + # @default -- `[]` (See [values.yaml]) + extraHosts: [] + # - name: argocd.example.com + # path: / + + # -- Additional ingress paths + # @default -- `[]` (See [values.yaml]) + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: use-annotation + + # -- Additional ingress rules + # @default -- `[]` (See [values.yaml]) + extraRules: [] + # - host: example.example.com + # http: + # path: / + # backend: + # service: + # name: example-svc + # port: + # name: http + + # -- Additional ingress TLS configuration + # @default -- `[]` (See [values.yaml]) + extraTls: [] + # - secretName: argocd-applicationset-tls + # hosts: + # - argocd-applicationset.example.com + ## Notifications controller notifications: # -- Enable notifications controller From e785763b59a43b16ed95b25ea1053f1d2f55ba38 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 8 Feb 2024 11:58:53 +0100 Subject: [PATCH 0885/1248] fix(argo-cd): Fix ingress extraHosts (#2479) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 14 +++------- .../argocd-applicationset/ingress.yaml | 26 +++++++++---------- .../templates/argocd-server/aws/ingress.yaml | 6 ++--- .../templates/argocd-server/gke/ingress.yaml | 6 ++--- .../templates/argocd-server/ingress-grpc.yaml | 6 ++--- .../templates/argocd-server/ingress.yaml | 6 ++--- 6 files changed, 28 insertions(+), 36 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 14b62197..a69f6fb0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.0 +version: 6.0.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,13 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: removed - description: Support for deprecated features - - kind: removed - description: Wildcard catch all ingress rule - - kind: added - description: Ingress extra rules to allow custom ingress custom rules - - kind: added - description: Dedicated ingress implementation for AWS and GKE Application Load Balancers - - kind: changed - description: Support for multiple ingress hosts and paths refactored into `extraHosts` and `extraPaths` + - kind: fixed + description: Fixed rendering of ingress extraHosts sections diff --git a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml index ce01e7c6..ad2db865 100644 --- a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml @@ -28,25 +28,25 @@ spec: {{- toYaml . | nindent 10 }} {{- end }} - path: {{ .Values.applicationSet.ingress.path }} - pathType: {{ $.Values.applicationSet.ingress.pathType }} - backend: - service: - name: {{ include "argo-cd.applicationSet.fullname" $ }} - port: - number: {{ .Values.applicationSet.service.port }} - {{- end }} - {{- range .Values.server.ingress.extraHosts }} - - host: {{ .name | quote }} - http: - paths: - - path: {{ default .Values.server.ingress.path .path }} - pathType: {{ default .Values.server.ingress.pathType .pathType }} + pathType: {{ .Values.applicationSet.ingress.pathType }} backend: service: name: {{ include "argo-cd.applicationSet.fullname" . }} port: number: {{ .Values.applicationSet.service.port }} {{- end }} + {{- range .Values.applicationSet.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default $.Values.applicationSet.ingress.path .path }} + pathType: {{ default $.Values.applicationSet.ingress.pathType .pathType }} + backend: + service: + name: {{ include "argo-cd.applicationSet.fullname" $ }} + port: + number: {{ $.Values.applicationSet.service.port }} + {{- end }} {{- with .Values.applicationSet.ingress.extraRules }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml index 181e2b9d..940ed427 100644 --- a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml @@ -46,11 +46,11 @@ spec: - host: {{ .name | quote }} http: paths: - - path: {{ default .Values.server.ingress.path .path }} - pathType: {{ default .Values.server.ingress.pathType .pathType }} + - path: {{ default $.Values.server.ingress.path .path }} + pathType: {{ default $.Values.server.ingress.pathType .pathType }} backend: service: - name: {{ include "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" $ }} port: number: {{ $servicePort }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml index ffa583e4..31d98e10 100644 --- a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml @@ -44,11 +44,11 @@ spec: - host: {{ .name | quote }} http: paths: - - path: {{ default .Values.server.ingress.path .path }} - pathType: {{ default .Values.server.ingress.pathType .pathType }} + - path: {{ default $.Values.server.ingress.path .path }} + pathType: {{ default $.Values.server.ingress.pathType .pathType }} backend: service: - name: {{ include "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" $ }} port: number: {{ $servicePort }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index c4ce93c3..29d8e421 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -40,11 +40,11 @@ spec: - host: {{ .name | quote }} http: paths: - - path: {{ default .Values.server.ingressGrpc.path .path }} - pathType: {{ default .Values.server.ingressGrpc.pathType .pathType }} + - path: {{ default $.Values.server.ingressGrpc.path .path }} + pathType: {{ default $.Values.server.ingressGrpc.pathType .pathType }} backend: service: - name: {{ include "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" $ }} port: number: {{ $servicePort }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 5d8959e7..dda08082 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -39,11 +39,11 @@ spec: - host: {{ .name | quote }} http: paths: - - path: {{ default .Values.server.ingress.path .path }} - pathType: {{ default .Values.server.ingress.pathType .pathType }} + - path: {{ default $.Values.server.ingress.path .path }} + pathType: {{ default $.Values.server.ingress.pathType .pathType }} backend: service: - name: {{ include "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" $ }} port: number: {{ $servicePort }} {{- end }} From 5f2f0edad09d73e388d3a66b153b4eaff4312034 Mon Sep 17 00:00:00 2001 From: Matthias Baur Date: Thu, 8 Feb 2024 15:26:21 +0100 Subject: [PATCH 0886/1248] fix(argo-cd): Fix ingressGrpc extraTls (#2480) Signed-off-by: Matthias Baur --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a69f6fb0..40c10b7b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.1 +version: 6.0.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fixed rendering of ingress extraHosts sections + description: Fixed rendering of ingressGrpc extraTls sections diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 29d8e421..bfa9a242 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -58,7 +58,7 @@ spec: - {{ $hostname }} secretName: {{ printf "%s-tls" $hostname }} {{- end }} - {{- with .Values.server.ingressGrpc.tls }} + {{- with .Values.server.ingressGrpc.extraTls }} {{- toYaml . | nindent 4 }} {{- end }} {{- end }} From b1f9827b1711a9e6ed27cbd4bee08afb46365e20 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 8 Feb 2024 18:46:47 +0100 Subject: [PATCH 0887/1248] fix(argo-cd): Fix applicationset network policy when webhook is enabled (#2484) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-applicationset/networkpolicy.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 40c10b7b..85f07b9a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.2 +version: 6.0.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fixed rendering of ingressGrpc extraTls sections + description: Fixed rendering of network policy when applicationset webhook is enabled diff --git a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml index 81020f54..c6333f88 100644 --- a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.applicationSet.enabled .Values.global.networkPolicy.create (or .Values.applicationSet.metrics.enabled .Values.applicationSet.webhook.ingress.enabled) }} +{{- if and .Values.applicationSet.enabled .Values.global.networkPolicy.create (or .Values.applicationSet.metrics.enabled .Values.applicationSet.ingress.enabled) }} apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: @@ -8,7 +8,7 @@ metadata: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: ingress: - {{- if .Values.applicationSet.webhook.ingress.enabled }} + {{- if .Values.applicationSet.ingress.enabled }} - ports: - port: webhook {{- end }} From 3c29c6f543f73f1e90e06a74a9a0ba96188fb3b2 Mon Sep 17 00:00:00 2001 From: Sjouke de Vries Date: Fri, 9 Feb 2024 12:45:54 +0100 Subject: [PATCH 0888/1248] fix(argo-cd): add hostname of extraHost to tls hosts (#2485) * fix(argo-cd): add hostname of extraHost to tls hosts Signed-off-by: Sjouke de Vries * fix(argo-cd): bump chart to 6.0.4 Signed-off-by: Sjouke de Vries * chore(argo-cd): update artifacthub.io/changes for 6.0.4 Signed-off-by: Sjouke de Vries --------- Signed-off-by: Sjouke de Vries --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 85f07b9a..45b70a3a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.3 +version: 6.0.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fixed rendering of network policy when applicationset webhook is enabled + description: Also added extraHosts defined to the TLS hostnames diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index dda08082..627f56b9 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -55,6 +55,11 @@ spec: {{- if .Values.server.ingress.tls }} - hosts: - {{ .Values.server.ingress.hostname }} + {{- range .Values.server.ingress.extraHosts }} + {{- if .name }} + - {{ .name }} + {{- end }} + {{- end }} secretName: argocd-server-tls {{- end }} {{- with .Values.server.ingress.extraTls }} From d2b9b34c8cf8cb69f810c0e8f0943c4f8124e844 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 9 Feb 2024 13:14:05 +0100 Subject: [PATCH 0889/1248] docs(argo-cd): Document various ingress setups (#2486) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 235 +++++++++++++++++++++---------- charts/argo-cd/README.md.gotmpl | 236 ++++++++++++++++++++++---------- 3 files changed, 334 insertions(+), 143 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 45b70a3a..5346f909 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.4 +version: 6.0.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Also added extraHosts defined to the TLS hostnames + - kind: changed + description: Improved documentation for various ingress setups diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 862a818e..e8369d23 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -64,7 +64,170 @@ applicationSet: replicas: 2 ``` -### Synchronizing Changes from Original Repository +## Ingress configuration + +Please refer to the [Operator Manual](https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#ingress-configurationh) for details as the samples +below corespond to their respective sections. + +### SSL-Passthrough + +The `tls: true` option will expect that the `argocd-server-tls` secret exists as Argo CD server loads TLS certificates from this place. + +```yaml +certificate: + enabled: true + domain: argocd.example.com + +server: + ingress: + enabled: true + hostname: argocd.example.com + ingressClassName: nginx + annotations: + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + tls: true +``` + +### SSL Termination at Ingress Controller + +```yaml +configs: + params: + server.insecure: true + +server: + ingress: + enabled: true + hostname: argocd.example.com + ingressClassName: nginx + annotations: + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + extraTls: + - hosts: + - argocd.example.com + # Based on the ingress controller used secret might be optional + secretName: wildcard-tls +``` + +> **Note:** +> If you don't plan on using a wildcard certificate it's also possible to use `tls: true` without `extraTls` section. + +### Multiple ingress resources for gRPC protocol support + +Use `ingressGrpc` section if your ingress controller supports only a single protocol per Ingress resource (i.e.: Contour). + +```yaml +configs: + params: + server.insecure: true + +server: + ingress: + enabled: true + hostname: argocd.example.com + ingressClassName: contour-internal + extraTls: + - hosts: + - argocd.example.com + secretName: wildcard-tls + + ingressGrpc: + enabled: true + hostname: grpc.argocd.example.com + ingressClassName: contour-internal + extraTls: + - hosts: + - grpc.argocd.example.com + secretName: wildcard-tls +``` + +### Multiple ingress domains + +```yaml +server: + ingress: + enabled: true + hostname: argocd.example.com + ingressClassName: nginx + annotations: + cert-manager.io/cluster-issuer: "" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + tls: true + extraHosts: + - name: argocd-alias.example.com + path: / +``` + +### AWS Application Load Balancer + +Refer to the Operator Manual for [AWS Application Load Balancer mode](https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#aws-application-load-balancers-albs-and-classic-elb-http-mode). +The provided example assumes you are using TLS off-loading via AWS ACM service. + +> **Note:** +> Using `controller: aws` creates additional service for gRPC traffic and it's no longer need to use `ingressGrpc` configuration section. + +```yaml +configs: + params: + server.insecure: true + +server: + ingress: + enabled: true + hostname: argocd.example.com + controller: aws + ingressClassName: alb + annotations: + alb.ingress.kubernetes.io/scheme: internal + alb.ingress.kubernetes.io/target-type: ip + alb.ingress.kubernetes.io/backend-protocol: HTTP + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' + alb.ingress.kubernetes.io/ssl-redirect" '443' + aws: + serviceType: ClusterIP # <- Used with target-type: ip + backendProtocolVersion: GRPC +``` + +### GKE Application Load Balancer + +The implementation will populate `ingressClassName`, `networking.gke.io/managed-certificates` and `networking.gke.io/v1beta1.FrontendConfig` annotations +automatically if you provide configuration for GKE resources. + +```yaml +configs: + params: + server.insecure: true + +server: + service: + annotations: + cloud.google.com/neg: '{"ingress": true}' + cloud.google.com/backend-config: '{"ports": {"http":"argocd-server"}}' + + ingress: + enabled: true + hostname: argocd.example.com + controller: gke + gke: + backendConfig: + healthCheck: + checkIntervalSec: 30 + timeoutSec: 5 + healthyThreshold: 1 + unhealthyThreshold: 2 + type: HTTP + requestPath: /healthz + port: 8080 + frontendConfig: + redirectToHttps: + enabled: true + managedCertificate: + enabled: true +``` + +## Synchronizing Changes from Original Repository In the original [Argo CD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). @@ -124,53 +287,7 @@ Please review your setup and adjust to new configuration options: * additional hostnames and routing can be provided via `extraHosts` configuration section * additional TLS secrets can be provided via `extraTls` configuration section -Specific ingress implementations for cloud providers were decoupled from generic ingress resource. - -To configure AWS Application Load Balancer: - -```yaml -server: - ingress: - enabled: true - controller: aws - annotations: - alb.ingress.kubernetes.io/backend-protocol: HTTPS - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' - aws: - backendProtocolVersion: HTTP2 - serviceType: NodePort -``` - -To configure GKE Application Load Balancer: - -```yaml -configs: - params: - "server.insecure": true - -server: - service: - annotations: - cloud.google.com/neg: '{"ingress": true}' - cloud.google.com/backend-config: '{"ports": {"http":"argocd-server"}}' - - ingress: - enabled: true - controller: gke - gke: - backendConfig: - healthCheck: - checkIntervalSec: 30 - timeoutSec: 5 - healthyThreshold: 1 - unhealthyThreshold: 2 - type: HTTP - requestPath: /healthz - port: 8080 - frontendConfig: - redirectToHttps: - enabled: true -``` +Please refer to [ingress configuration](#ingress-configuration) for examples. ### 5.53.0 @@ -909,28 +1026,6 @@ NAME: my-release | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | | server.volumes | list | `[]` | Additional volumes to the server pod | -### Using AWS ALB Ingress Controller With GRPC - -If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. - -Example: - -```yaml -server: - ingress: - enabled: true - annotations: - alb.ingress.kubernetes.io/backend-protocol: HTTPS - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' - alb.ingress.kubernetes.io/scheme: internal - alb.ingress.kubernetes.io/target-type: ip - ingressGrpc: - enabled: true - isAWSALB: true - awsALB: - serviceType: ClusterIP -``` - ## Dex | Key | Type | Default | Description | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 5dc99217..27f13c7e 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -63,7 +63,171 @@ applicationSet: replicas: 2 ``` -### Synchronizing Changes from Original Repository +## Ingress configuration + +Please refer to the [Operator Manual](https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#ingress-configurationh) for details as the samples +below corespond to their respective sections. + +### SSL-Passthrough + +The `tls: true` option will expect that the `argocd-server-tls` secret exists as Argo CD server loads TLS certificates from this place. + +```yaml +certificate: + enabled: true + domain: argocd.example.com + +server: + ingress: + enabled: true + hostname: argocd.example.com + ingressClassName: nginx + annotations: + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + tls: true +``` + +### SSL Termination at Ingress Controller + +```yaml +configs: + params: + server.insecure: true + +server: + ingress: + enabled: true + hostname: argocd.example.com + ingressClassName: nginx + annotations: + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + extraTls: + - hosts: + - argocd.example.com + # Based on the ingress controller used secret might be optional + secretName: wildcard-tls +``` + +> **Note:** +> If you don't plan on using a wildcard certificate it's also possible to use `tls: true` without `extraTls` section. + +### Multiple ingress resources for gRPC protocol support + +Use `ingressGrpc` section if your ingress controller supports only a single protocol per Ingress resource (i.e.: Contour). + +```yaml +configs: + params: + server.insecure: true + +server: + ingress: + enabled: true + hostname: argocd.example.com + ingressClassName: contour-internal + extraTls: + - hosts: + - argocd.example.com + secretName: wildcard-tls + + ingressGrpc: + enabled: true + hostname: grpc.argocd.example.com + ingressClassName: contour-internal + extraTls: + - hosts: + - grpc.argocd.example.com + secretName: wildcard-tls +``` + +### Multiple ingress domains + +```yaml +server: + ingress: + enabled: true + hostname: argocd.example.com + ingressClassName: nginx + annotations: + cert-manager.io/cluster-issuer: "" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + tls: true + extraHosts: + - name: argocd-alias.example.com + path: / +``` + +### AWS Application Load Balancer + +Refer to the Operator Manual for [AWS Application Load Balancer mode](https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#aws-application-load-balancers-albs-and-classic-elb-http-mode). +The provided example assumes you are using TLS off-loading via AWS ACM service. + +> **Note:** +> Using `controller: aws` creates additional service for gRPC traffic and it's no longer need to use `ingressGrpc` configuration section. + +```yaml +configs: + params: + server.insecure: true + +server: + ingress: + enabled: true + hostname: argocd.example.com + controller: aws + ingressClassName: alb + annotations: + alb.ingress.kubernetes.io/scheme: internal + alb.ingress.kubernetes.io/target-type: ip + alb.ingress.kubernetes.io/backend-protocol: HTTP + alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' + alb.ingress.kubernetes.io/ssl-redirect" '443' + aws: + serviceType: ClusterIP # <- Used with target-type: ip + backendProtocolVersion: GRPC +``` + +### GKE Application Load Balancer + +The implementation will populate `ingressClassName`, `networking.gke.io/managed-certificates` and `networking.gke.io/v1beta1.FrontendConfig` annotations +automatically if you provide configuration for GKE resources. + +```yaml +configs: + params: + server.insecure: true + +server: + service: + annotations: + cloud.google.com/neg: '{"ingress": true}' + cloud.google.com/backend-config: '{"ports": {"http":"argocd-server"}}' + + ingress: + enabled: true + hostname: argocd.example.com + controller: gke + gke: + backendConfig: + healthCheck: + checkIntervalSec: 30 + timeoutSec: 5 + healthyThreshold: 1 + unhealthyThreshold: 2 + type: HTTP + requestPath: /healthz + port: 8080 + frontendConfig: + redirectToHttps: + enabled: true + managedCertificate: + enabled: true +``` + + +## Synchronizing Changes from Original Repository In the original [Argo CD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). @@ -123,53 +287,7 @@ Please review your setup and adjust to new configuration options: * additional hostnames and routing can be provided via `extraHosts` configuration section * additional TLS secrets can be provided via `extraTls` configuration section -Specific ingress implementations for cloud providers were decoupled from generic ingress resource. - -To configure AWS Application Load Balancer: - -```yaml -server: - ingress: - enabled: true - controller: aws - annotations: - alb.ingress.kubernetes.io/backend-protocol: HTTPS - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' - aws: - backendProtocolVersion: HTTP2 - serviceType: NodePort -``` - -To configure GKE Application Load Balancer: - -```yaml -configs: - params: - "server.insecure": true - -server: - service: - annotations: - cloud.google.com/neg: '{"ingress": true}' - cloud.google.com/backend-config: '{"ports": {"http":"argocd-server"}}' - - ingress: - enabled: true - controller: gke - gke: - backendConfig: - healthCheck: - checkIntervalSec: 30 - timeoutSec: 5 - healthyThreshold: 1 - unhealthyThreshold: 2 - type: HTTP - requestPath: /healthz - port: 8080 - frontendConfig: - redirectToHttps: - enabled: true -``` +Please refer to [ingress configuration](#ingress-configuration) for examples. ### 5.53.0 @@ -525,28 +643,6 @@ NAME: my-release {{- end }} {{- end }} -### Using AWS ALB Ingress Controller With GRPC - -If you are using an AWS ALB Ingress controller, you will need to set `server.ingressGrpc.isAWSALB` to `true`. This will create a second service with the annotation `alb.ingress.kubernetes.io/backend-protocol-version: HTTP2` and modify the server ingress to add a condition annotation to route GRPC traffic to the new service. - -Example: - -```yaml -server: - ingress: - enabled: true - annotations: - alb.ingress.kubernetes.io/backend-protocol: HTTPS - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' - alb.ingress.kubernetes.io/scheme: internal - alb.ingress.kubernetes.io/target-type: ip - ingressGrpc: - enabled: true - isAWSALB: true - awsALB: - serviceType: ClusterIP -``` - ## Dex | Key | Type | Default | Description | From c25c83b0db957226008331afea578b29768daf11 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Feb 2024 13:12:28 +0100 Subject: [PATCH 0890/1248] chore(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 (#2490) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.0 to 4.3.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/26f96dfa697d77e81fd5907df203aa23a56210a8...5d5d22a31266ced268874388b861e4b58bb5c2f3) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 45338c22..3ccb86fe 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: SARIF file path: results.sarif From 5d20cfa70c8eff645125d4b0de1586cdf6442a08 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 11 Feb 2024 15:52:23 +0100 Subject: [PATCH 0891/1248] fix(argo-cd): Fix ports and TLS for dedicated gRPC ingress (#2497) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 3 +-- charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 8 +++----- charts/argo-cd/values.yaml | 6 +++--- 4 files changed, 11 insertions(+), 12 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5346f909..392d00ed 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.5 +version: 6.0.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: fixed + description: Dedicated gRPC ingress should route to HTTPS port even when running with insecure server - kind: changed - description: Improved documentation for various ingress setups + description: Dedicated gRPC ingress TLS secret changed to argocd-server-grpc-tls based on feedback diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e8369d23..ad9ceb6e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -948,9 +948,8 @@ NAME: my-release | server.ingressGrpc.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths for dedicated [gRPC-ingress] | | server.ingressGrpc.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | | server.ingressGrpc.extraTls | list | `[]` (See [values.yaml]) | Additional TLS configuration for dedicated [gRPC-ingress] | -| server.ingressGrpc.hostname | string | `""` | Argo CD server hostname for dedicated [gRPC-ingress] | +| server.ingressGrpc.hostname | string | `""` (defaults to grpc.`server.ingress.hostname`) | Argo CD server hostname for dedicated [gRPC-ingress] | | server.ingressGrpc.ingressClassName | string | `""` | Defines which ingress controller will implement the resource [gRPC-ingress] | -| server.ingressGrpc.isAWSALB | bool | `false` | Setup up gRPC ingress to work with an AWS ALB | | server.ingressGrpc.labels | object | `{}` | Additional ingress labels for dedicated [gRPC-ingress] | | server.ingressGrpc.path | string | `"/"` | Argo CD server ingress path for dedicated [gRPC-ingress] | | server.ingressGrpc.pathType | string | `"Prefix"` | Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` | diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index bfa9a242..f9c27346 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,7 +1,5 @@ {{- if and .Values.server.ingressGrpc.enabled (eq .Values.server.ingress.controller "generic") -}} {{- $hostname := .Values.server.ingressGrpc.hostname | default (printf "grpc.%s" .Values.server.ingress.hostname) -}} -{{- $insecure := index .Values.configs.params "server.insecure" | toString -}} -{{- $servicePort := eq $insecure "true" | ternary .Values.server.service.servicePortHttp .Values.server.service.servicePortHttps -}} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -35,7 +33,7 @@ spec: service: name: {{ include "argo-cd.server.fullname" . }} port: - number: {{ $servicePort }} + number: {{ .Values.server.service.servicePortHttps }} {{- range .Values.server.ingressGrpc.extraHosts }} - host: {{ .name | quote }} http: @@ -46,7 +44,7 @@ spec: service: name: {{ include "argo-cd.server.fullname" $ }} port: - number: {{ $servicePort }} + number: {{ $.Values.server.service.servicePortHttps }} {{- end }} {{- with .Values.server.ingressGrpc.extraRules }} {{- toYaml . | nindent 4 }} @@ -56,7 +54,7 @@ spec: {{- if .Values.server.ingressGrpc.tls }} - hosts: - {{ $hostname }} - secretName: {{ printf "%s-tls" $hostname }} + secretName: argocd-server-grpc-tls {{- end }} {{- with .Values.server.ingressGrpc.extraTls }} {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 146dac34..8b115102 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -236,6 +236,7 @@ configs: ## Server properties # -- Run server without TLS + ## NOTE: This value should be set when you generate params by other means as it changes ports used by ingress template. server.insecure: false # -- Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / server.basehref: / @@ -2078,8 +2079,6 @@ server: ingressGrpc: # -- Enable an ingress resource for the Argo CD server for dedicated [gRPC-ingress] enabled: false - # -- Setup up gRPC ingress to work with an AWS ALB - isAWSALB: false # -- Additional ingress annotations for dedicated [gRPC-ingress] annotations: {} # -- Additional ingress labels for dedicated [gRPC-ingress] @@ -2088,6 +2087,7 @@ server: ingressClassName: "" # -- Argo CD server hostname for dedicated [gRPC-ingress] + # @default -- `""` (defaults to grpc.`server.ingress.hostname`) hostname: "" # -- Argo CD server ingress path for dedicated [gRPC-ingress] @@ -2097,7 +2097,7 @@ server: pathType: Prefix # -- Enable TLS configuration for the hostname defined at `server.ingressGrpc.hostname` - ## TLS certificate will be retrieved from a TLS secret with name: `-tls` + ## TLS certificate will be retrieved from a TLS secret with name: `argocd-server-grpc-tls` tls: false # -- The list of additional hostnames to be covered by ingress record From b44f9a0eb5e92089c54380edef73f5feed46eb65 Mon Sep 17 00:00:00 2001 From: nikolay-o <83726016+nikolay-o@users.noreply.github.com> Date: Mon, 12 Feb 2024 21:36:39 +0300 Subject: [PATCH 0892/1248] =?UTF-8?q?feat(argo-cd):=20Add=20scrapeTimeout?= =?UTF-8?q?=20property=20to=20server=20and=20application=E2=80=A6=20(#2489?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit feat(argo-cd): Add scrapeTimeout property to server and application, applicationset controllers. Signed-off-by: Nikolay Osmolovskiy Co-authored-by: Nikolay Osmolovskiy --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 4 ++++ .../argocd-application-controller/servicemonitor.yaml | 3 +++ .../templates/argocd-applicationset/servicemonitor.yaml | 3 +++ .../templates/argocd-repo-server/servicemonitor.yaml | 3 +++ .../argo-cd/templates/argocd-server/servicemonitor.yaml | 3 +++ charts/argo-cd/values.yaml | 8 ++++++++ 7 files changed, 26 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 392d00ed..5e066489 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.6 +version: 6.0.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Dedicated gRPC ingress should route to HTTPS port even when running with insecure server - kind: changed - description: Dedicated gRPC ingress TLS secret changed to argocd-server-grpc-tls based on feedback + description: Added scrapeTimeout property for server and application,applicationSet controllers. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ad9ceb6e..5846b2e2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -727,6 +727,7 @@ NAME: my-release | controller.metrics.rules.namespace | string | `""` | PrometheusRule namespace | | controller.metrics.rules.selector | object | `{}` | PrometheusRule selector | | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | +| controller.metrics.scrapeTimeout | string | `""` | Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. | | controller.metrics.service.annotations | object | `{}` | Metrics service annotations | | controller.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | controller.metrics.service.labels | object | `{}` | Metrics service labels | @@ -832,6 +833,7 @@ NAME: my-release | repoServer.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | repoServer.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | | repoServer.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | +| repoServer.metrics.serviceMonitor.scrapeTimeout | string | `""` | Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. | | repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | repoServer.name | string | `"repo-server"` | Repo server name | @@ -976,6 +978,7 @@ NAME: my-release | server.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | server.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | | server.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | +| server.metrics.serviceMonitor.scrapeTimeout | string | `""` | Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. | | server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | server.name | string | `"server"` | Argo CD server name | @@ -1334,6 +1337,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | | applicationSet.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | | applicationSet.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | +| applicationSet.metrics.serviceMonitor.scrapeTimeout | string | `""` | Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. | | applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string | diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 3ce0c10d..342dbc01 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -22,6 +22,9 @@ spec: {{- with .Values.controller.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} path: /metrics {{- with .Values.controller.metrics.serviceMonitor.relabelings }} relabelings: diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index b3554675..8bcb6ca0 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -23,6 +23,9 @@ spec: {{- with .Values.applicationSet.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} path: /metrics {{- with .Values.applicationSet.metrics.serviceMonitor.relabelings }} relabelings: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index c41520b7..9ca16e74 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -22,6 +22,9 @@ spec: {{- with .Values.repoServer.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} + {{- with .Values.repoServer.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} path: /metrics {{- with .Values.repoServer.metrics.serviceMonitor.relabelings }} relabelings: diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index d036a8e1..e8820768 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -22,6 +22,9 @@ spec: {{- with .Values.server.metrics.serviceMonitor.interval }} interval: {{ . }} {{- end }} + {{- with .Values.server.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} path: /metrics {{- with .Values.server.metrics.serviceMonitor.relabelings }} relabelings: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8b115102..bcc630ed 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -759,6 +759,8 @@ controller: metrics: # -- Deploy metrics service enabled: false + # -- Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. + scrapeTimeout: "" applicationLabels: # -- Enables additional labels in argocd_app_labels metric enabled: false @@ -1931,6 +1933,8 @@ server: enabled: false # -- Prometheus ServiceMonitor interval interval: 30s + # -- Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. + scrapeTimeout: "" # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion @@ -2475,6 +2479,8 @@ repoServer: enabled: false # -- Prometheus ServiceMonitor interval interval: 30s + # -- Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. + scrapeTimeout: "" # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion @@ -2623,6 +2629,8 @@ applicationSet: enabled: false # -- Prometheus ServiceMonitor interval interval: 30s + # -- Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. + scrapeTimeout: "" # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion From 2139f15727151f75e79577ecae44112d17d6f3a3 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 13 Feb 2024 09:23:39 +0100 Subject: [PATCH 0893/1248] fix(argo-cd): Use correct protocols for Istio service discovery (#2500) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5e066489..f77a7adb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.7 +version: 6.0.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Added scrapeTimeout property for server and application,applicationSet controllers. + - kind: fixed + description: Fixed port name for argocd-repo-server and applicationset webhook for Istio service discovery diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5846b2e2..be66568e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -857,7 +857,7 @@ NAME: my-release | repoServer.service.annotations | object | `{}` | Repo server service annotations | | repoServer.service.labels | object | `{}` | Repo server service labels | | repoServer.service.port | int | `8081` | Repo server service port | -| repoServer.service.portName | string | `"https-repo-server"` | Repo server service port name | +| repoServer.service.portName | string | `"tcp-repo-server"` | Repo server service port name | | repoServer.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | repoServer.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | @@ -1361,7 +1361,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations | | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | | applicationSet.service.port | int | `7000` | ApplicationSet service port | -| applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | +| applicationSet.service.portName | string | `"http-webhook"` | ApplicationSet service port name | | applicationSet.service.type | string | `"ClusterIP"` | ApplicationSet service type | | applicationSet.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | applicationSet.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index bcc630ed..7fad7539 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2455,7 +2455,7 @@ repoServer: # -- Repo server service port port: 8081 # -- Repo server service port name - portName: https-repo-server + portName: tcp-repo-server ## Repo server metrics service configuration metrics: @@ -2661,7 +2661,7 @@ applicationSet: # -- ApplicationSet service port port: 7000 # -- ApplicationSet service port name - portName: webhook + portName: http-webhook serviceAccount: # -- Create ApplicationSet controller service account From 79a24410b5fe781fabdc9986cbcbe54094599471 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 13 Feb 2024 12:13:41 +0100 Subject: [PATCH 0894/1248] chore(argo-cd): Remove server.config leftovers (#2504) --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-application-controller/statefulset.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-server/role.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f77a7adb..c2dc5617 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.8 +version: 6.0.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fixed port name for argocd-repo-server and applicationset webhook for Istio service discovery + description: Conditions that still checked for old configuration sections diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index c08a4a34..8c929e41 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -22,7 +22,7 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} - {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + {{- if .Values.configs.cm.create }} checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.controller.podAnnotations) }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 2d232591..9f72d33b 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -30,7 +30,7 @@ spec: {{- if .Values.repoServer.certificateSecret.enabled }} checksum/repo-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-repo-server-tls-secret.yaml") . | sha256sum }} {{- end }} - {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + {{- if .Values.configs.cm.create }} checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} {{- end }} {{- if .Values.configs.cmp.create }} diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index adc6f014..1a2b3851 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -42,7 +42,7 @@ rules: verbs: - create - list -{{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }} +{{- if eq (toString (index .Values.configs.cm "exec.enabled")) "true" }} - apiGroups: - "" resources: From 866ee08bc06036fadd167e0a6d576c63c1be068a Mon Sep 17 00:00:00 2001 From: Luke Date: Tue, 13 Feb 2024 04:27:08 -0700 Subject: [PATCH 0895/1248] chore(argo-cd): update notifications links to latest documentation (#2503) Signed-off-by: lukepatrick Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 20 ++++++++++---------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c2dc5617..32dec045 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.9 +version: 6.0.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Conditions that still checked for old configuration sections + description: Update notifications links to updated documentation diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7fad7539..7d58a699 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2967,7 +2967,7 @@ notifications: extraVolumes: [] # -- Define user-defined context - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/#defining-user-defined-context + ## For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/templates/#defining-user-defined-context context: {} # region: east # environmentName: staging @@ -2984,19 +2984,19 @@ notifications: # -- Generic key:value pairs to be inserted into the secret ## Can be used for templates, notification services etc. Some examples given below. - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ + ## For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/services/overview/ items: {} # slack-token: - # # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/slack/ + # # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/services/slack/ # grafana-apiKey: - # # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/grafana/ + # # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/services/grafana/ # webhooks-github-token: # email-username: # email-password: - # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ + # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/services/email/ metrics: # -- Enables prometheus metrics server @@ -3038,7 +3038,7 @@ notifications: # -- Configures notification services such as slack, email or custom webhook # @default -- See [values.yaml] - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ + ## For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/services/overview/ notifiers: {} # service.slack: | # token: $slack-token @@ -3138,7 +3138,7 @@ notifications: rules: [] # -- Contains centrally managed global application subscriptions - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ + ## For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/subscriptions/ subscriptions: [] # # subscription for on-sync-status-unknown trigger notifications # - recipients: @@ -3154,7 +3154,7 @@ notifications: # - on-sync-status-unknown # -- The notification template is used to generate the notification content - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/ + ## For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/templates/ templates: {} # template.app-deployed: | # email: @@ -3371,7 +3371,7 @@ notifications: # }] # -- The trigger defines the condition when the notification should be sent - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/ + ## For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/triggers/ triggers: {} # trigger.on-deployed: | # - description: Application is synced and healthy. Triggered once per commit. @@ -3405,6 +3405,6 @@ notifications: # - app-sync-succeeded # when: app.status.operationState.phase in ['Succeeded'] # - # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers + # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/triggers/#default-triggers # defaultTriggers: | # - on-sync-status-unknown From 6c47b2a69bf076c371f35d46785b1271ea32b31b Mon Sep 17 00:00:00 2001 From: Florian Blampey Date: Tue, 13 Feb 2024 12:42:29 +0100 Subject: [PATCH 0896/1248] fix(argo-cd): Use `with` instead of `range` on reposerver serviceaccount (#2506) fixes #2505 with instead of range serviceaccount reposerver Signed-off-by: Florian Blampey Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-repo-server/serviceaccount.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 32dec045..95b46b16 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.10 +version: 6.0.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Update notifications links to updated documentation + description: Use `with` instead of `range` on reposerver serviceaccount diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml index 945483fa..2facd9af 100644 --- a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -13,7 +13,7 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} - {{- range $key, $value := .Values.repoServer.serviceAccount.labels }} + {{- with .Values.repoServer.serviceAccount.labels }} {{- toYaml . | nindent 4 }} {{- end }} {{- end }} From c0b7a7e074ff1eb0bee134a04fed351f3de9b633 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 13 Feb 2024 16:26:29 +0100 Subject: [PATCH 0897/1248] chore(argo-cd): Disable argocd-repo-server cluster role by default (#2498) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-repo-server/clusterrole.yaml | 6 +++--- .../templates/argocd-repo-server/clusterrolebinding.yaml | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 95b46b16..8ad20a03 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.11 +version: 6.0.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Use `with` instead of `range` on reposerver serviceaccount + - kind: security + description: Argo CD repo-server cluster role is not deployed by default diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml index e6efa08a..23439b18 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml @@ -1,4 +1,4 @@ -{{- if .Values.createClusterRoles }} +{{- if and .Values.createClusterRoles .Values.repoServer.clusterRoleRules.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -6,8 +6,8 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} rules: - {{- if .Values.repoServer.clusterRoleRules.enabled }} - {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 2 }} + {{- with .Values.repoServer.clusterRoleRules.rules }} + {{- toYaml . | nindent 2 }} {{- else }} - apiGroups: - '*' diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml index f15b1cec..8531520c 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -{{- if .Values.createClusterRoles }} +{{- if and .Values.createClusterRoles .Values.repoServer.clusterRoleRules.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: From e351448b0573e40896584e22d534e1b2a53162be Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 14 Feb 2024 09:50:00 +0100 Subject: [PATCH 0898/1248] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.6 (#2508) * chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.6 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-rollouts/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 38882433..2db0614d 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.5 +appVersion: v1.6.6 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.34.2 +version: 2.34.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-rollouts to v1.6.5 + description: Bump argo-rollouts to v1.6.6 From d8c64b80fea155370d4a54e37d7da0af566608e9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 14 Feb 2024 09:52:44 +0100 Subject: [PATCH 0899/1248] chore(argo-events): Update dependency argoproj/argo-events to v1.9.1 (#2510) * chore(argo-events): Update dependency argoproj/argo-events to v1.9.1 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] Co-authored-by: Petr Drastil --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index d219afc7..99f3b601 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.9.0 +appVersion: v1.9.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.2 +version: 2.4.3 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-events to v1.9.0 + description: Bump argo-events to v1.9.1 From 5915340fc7040a356e101150e84d068dd3cd23c9 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 14 Feb 2024 11:52:32 +0100 Subject: [PATCH 0900/1248] fix(argo-cd): Fix secret name for applicationset webhook ingress (#2511) Signed-off-by: Petr Drastil Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 8 +++++--- charts/argo-cd/README.md | 2 +- .../argo-cd/templates/argocd-applicationset/ingress.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++-- 4 files changed, 9 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8ad20a03..aa182352 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.12 +version: 6.0.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: security - description: Argo CD repo-server cluster role is not deployed by default + - kind: fixed + description: Use argocd-applicationset-controller-tls secret for ApplicationSet certificate + - kind: fixed + description: Use argocd-applicationset-controller-tls secret for ApplicationSet webhook ingress diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index be66568e..d8e213f3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1283,7 +1283,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | -| applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | +| applicationSet.certificate.secretName | string | `"argocd-applicationset-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | diff --git a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml index ad2db865..bc411704 100644 --- a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml @@ -55,7 +55,7 @@ spec: {{- if .Values.applicationSet.ingress.tls }} - hosts: - {{ .Values.applicationSet.ingress.hostname }} - secretName: argocd-application-controller-tls + secretName: argocd-applicationset-controller-tls {{- end }} {{- with .Values.applicationSet.ingress.extraTls }} {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7d58a699..7f3b26c7 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2790,7 +2790,7 @@ applicationSet: # -- Deploy a Certificate resource (requires cert-manager) enabled: false # -- The name of the Secret that will be automatically created and managed by this Certificate resource - secretName: argocd-application-controller-tls + secretName: argocd-applicationset-controller-tls # -- Certificate primary domain (commonName) domain: argocd.example.com # -- Certificate Subject Alternate Names (SANs) @@ -2849,7 +2849,7 @@ applicationSet: pathType: Prefix # -- Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` - ## TLS certificate will be retrieved from a TLS secret with name:`argocd-application-controller-tls` + ## TLS certificate will be retrieved from a TLS secret with name:`argocd-applicationset-controller-tls` tls: false # -- The list of additional hostnames to be covered by ingress record From ba20d9518291fba3b7fc218957cea145d9d2bcdd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 14 Feb 2024 22:04:20 +0100 Subject: [PATCH 0901/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.1 (#2514) * chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.1 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index aa182352..369061fa 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.0 +appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.13 +version: 6.0.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Use argocd-applicationset-controller-tls secret for ApplicationSet certificate - - kind: fixed - description: Use argocd-applicationset-controller-tls secret for ApplicationSet webhook ingress + - kind: changed + description: Bump argo-cd to v2.10.1 From f8b1fecd81edf915bb0df9997ff2d3f61f1ae476 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 16 Feb 2024 15:44:51 +0100 Subject: [PATCH 0902/1248] feat(argo-cd): Add global domain configuration (#2499) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 44 ++++++++++++------- charts/argo-cd/README.md.gotmpl | 32 ++++++++++---- charts/argo-cd/templates/_helpers.tpl | 1 + .../argocd-applicationset/certificate.yaml | 4 +- .../argocd-applicationset/ingress.yaml | 4 +- .../argocd-notifications-cm.yaml | 2 +- .../templates/argocd-server/certificate.yaml | 4 +- .../templates/argocd-server/ingress-grpc.yaml | 4 +- .../templates/argocd-server/ingress.yaml | 4 +- charts/argo-cd/values.yaml | 24 +++++----- 11 files changed, 80 insertions(+), 49 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 369061fa..d0293d82 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.0.14 +version: 6.1.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.10.1 + - kind: added + description: Configuration option global.domain that is tied to all components diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d8e213f3..39bd3544 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -74,14 +74,15 @@ below corespond to their respective sections. The `tls: true` option will expect that the `argocd-server-tls` secret exists as Argo CD server loads TLS certificates from this place. ```yaml +global: + domain: argocd.example.com + certificate: enabled: true - domain: argocd.example.com server: ingress: enabled: true - hostname: argocd.example.com ingressClassName: nginx annotations: nginx.ingress.kubernetes.io/force-ssl-redirect: "true" @@ -92,6 +93,9 @@ server: ### SSL Termination at Ingress Controller ```yaml +global: + domain: argocd.example.com + configs: params: server.insecure: true @@ -99,7 +103,6 @@ configs: server: ingress: enabled: true - hostname: argocd.example.com ingressClassName: nginx annotations: nginx.ingress.kubernetes.io/force-ssl-redirect: "true" @@ -119,6 +122,9 @@ server: Use `ingressGrpc` section if your ingress controller supports only a single protocol per Ingress resource (i.e.: Contour). ```yaml +global: + domain: argocd.example.com + configs: params: server.insecure: true @@ -126,7 +132,6 @@ configs: server: ingress: enabled: true - hostname: argocd.example.com ingressClassName: contour-internal extraTls: - hosts: @@ -135,7 +140,6 @@ server: ingressGrpc: enabled: true - hostname: grpc.argocd.example.com ingressClassName: contour-internal extraTls: - hosts: @@ -146,10 +150,12 @@ server: ### Multiple ingress domains ```yaml +global: + domain: argocd.example.com + server: ingress: enabled: true - hostname: argocd.example.com ingressClassName: nginx annotations: cert-manager.io/cluster-issuer: "" @@ -169,6 +175,9 @@ The provided example assumes you are using TLS off-loading via AWS ACM service. > Using `controller: aws` creates additional service for gRPC traffic and it's no longer need to use `ingressGrpc` configuration section. ```yaml +global: + domain: argocd.example.com + configs: params: server.insecure: true @@ -176,7 +185,6 @@ configs: server: ingress: enabled: true - hostname: argocd.example.com controller: aws ingressClassName: alb annotations: @@ -184,7 +192,7 @@ server: alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/backend-protocol: HTTP alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' - alb.ingress.kubernetes.io/ssl-redirect" '443' + alb.ingress.kubernetes.io/ssl-redirect: '443' aws: serviceType: ClusterIP # <- Used with target-type: ip backendProtocolVersion: GRPC @@ -196,6 +204,9 @@ The implementation will populate `ingressClassName`, `networking.gke.io/managed- automatically if you provide configuration for GKE resources. ```yaml +global: + domain: argocd.example.com + configs: params: server.insecure: true @@ -208,7 +219,6 @@ server: ingress: enabled: true - hostname: argocd.example.com controller: gke gke: backendConfig: @@ -268,6 +278,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.1.0 + +Added support for global domain used by all components. + ### 6.0.0 This version **removes support for**: @@ -610,6 +624,7 @@ NAME: my-release | global.certificateAnnotations | object | `{}` | Annotations for the all deployed Certificates | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | +| global.domain | string | `"argocd.example.com"` | Default domain used by all components | | global.env | list | `[]` | Environment variables to pass to all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | @@ -643,7 +658,6 @@ NAME: my-release | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | | configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] | -| configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO | | configs.cmp.annotations | object | `{}` | Annotations to be added to argocd-cmp-cm configmap | | configs.cmp.create | bool | `false` | Create the argocd-cmp-cm configmap | | configs.cmp.plugins | object | `{}` | Plugin yaml files to be added to argocd-cmp-cm | @@ -884,7 +898,7 @@ NAME: my-release | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | | server.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | server.certificate.annotations | object | `{}` | Annotations to be applied to the Server Certificate | -| server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | +| server.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) | | server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | @@ -938,7 +952,7 @@ NAME: my-release | server.ingress.gke.frontendConfig | object | `{}` (See [values.yaml]) | Google [FrontendConfig] resource, for use with the GKE Ingress Controller | | server.ingress.gke.managedCertificate.create | bool | `true` | Create ManagedCertificate resource and annotations for Google Load balancer | | server.ingress.gke.managedCertificate.extraDomains | list | `[]` | Additional domains for ManagedCertificate resource | -| server.ingress.hostname | string | `"argocd.example.com"` | Argo CD server hostname | +| server.ingress.hostname | string | `""` (defaults to global.domain) | Argo CD server hostname | | server.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | | server.ingress.labels | object | `{}` | Additional ingress labels | | server.ingress.path | string | `"/"` | The path to Argo CD server | @@ -1272,7 +1286,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | -| applicationSet.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | +| applicationSet.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) | | applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | applicationSet.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | @@ -1309,7 +1323,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths | | applicationSet.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | | applicationSet.ingress.extraTls | list | `[]` (See [values.yaml]) | Additional ingress TLS configuration | -| applicationSet.ingress.hostname | string | `"argocd.example.com"` | Argo CD ApplicationSet hostname | +| applicationSet.ingress.hostname | string | `""` (defaults to global.domain) | Argo CD ApplicationSet hostname | | applicationSet.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | | applicationSet.ingress.labels | object | `{}` | Additional ingress labels | | applicationSet.ingress.path | string | `"/api/webhook"` | List of ingress paths | @@ -1377,7 +1391,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | -| notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | +| notifications.argocdUrl | string | `""` (defaults to https://`global.domain`) | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | | notifications.clusterRoleRules.rules | list | `[]` | List of custom rules for the notifications controller's ClusterRole resource | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerPorts.metrics | int | `9001` | Metrics container port | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 27f13c7e..6c7c035a 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -73,14 +73,15 @@ below corespond to their respective sections. The `tls: true` option will expect that the `argocd-server-tls` secret exists as Argo CD server loads TLS certificates from this place. ```yaml +global: + domain: argocd.example.com + certificate: enabled: true - domain: argocd.example.com server: ingress: enabled: true - hostname: argocd.example.com ingressClassName: nginx annotations: nginx.ingress.kubernetes.io/force-ssl-redirect: "true" @@ -91,6 +92,9 @@ server: ### SSL Termination at Ingress Controller ```yaml +global: + domain: argocd.example.com + configs: params: server.insecure: true @@ -98,7 +102,6 @@ configs: server: ingress: enabled: true - hostname: argocd.example.com ingressClassName: nginx annotations: nginx.ingress.kubernetes.io/force-ssl-redirect: "true" @@ -118,6 +121,9 @@ server: Use `ingressGrpc` section if your ingress controller supports only a single protocol per Ingress resource (i.e.: Contour). ```yaml +global: + domain: argocd.example.com + configs: params: server.insecure: true @@ -125,7 +131,6 @@ configs: server: ingress: enabled: true - hostname: argocd.example.com ingressClassName: contour-internal extraTls: - hosts: @@ -134,7 +139,6 @@ server: ingressGrpc: enabled: true - hostname: grpc.argocd.example.com ingressClassName: contour-internal extraTls: - hosts: @@ -145,10 +149,12 @@ server: ### Multiple ingress domains ```yaml +global: + domain: argocd.example.com + server: ingress: enabled: true - hostname: argocd.example.com ingressClassName: nginx annotations: cert-manager.io/cluster-issuer: "" @@ -168,6 +174,9 @@ The provided example assumes you are using TLS off-loading via AWS ACM service. > Using `controller: aws` creates additional service for gRPC traffic and it's no longer need to use `ingressGrpc` configuration section. ```yaml +global: + domain: argocd.example.com + configs: params: server.insecure: true @@ -175,7 +184,6 @@ configs: server: ingress: enabled: true - hostname: argocd.example.com controller: aws ingressClassName: alb annotations: @@ -183,7 +191,7 @@ server: alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/backend-protocol: HTTP alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' - alb.ingress.kubernetes.io/ssl-redirect" '443' + alb.ingress.kubernetes.io/ssl-redirect: '443' aws: serviceType: ClusterIP # <- Used with target-type: ip backendProtocolVersion: GRPC @@ -195,6 +203,9 @@ The implementation will populate `ingressClassName`, `networking.gke.io/managed- automatically if you provide configuration for GKE resources. ```yaml +global: + domain: argocd.example.com + configs: params: server.insecure: true @@ -207,7 +218,6 @@ server: ingress: enabled: true - hostname: argocd.example.com controller: gke gke: backendConfig: @@ -268,6 +278,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.1.0 + +Added support for global domain used by all components. + ### 6.0.0 This version **removes support for**: diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 4898172f..5dc957a2 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -163,6 +163,7 @@ Argo Configuration Preset Values (Incluenced by Values configuration) */}} {{- define "argo-cd.config.cm.presets" -}} {{- $presets := dict -}} +{{- $_ := set $presets "url" (printf "https://%s" .Values.global.domain) -}} {{- if .Values.configs.styles -}} {{- $_ := set $presets "ui.cssurl" "./custom/custom.styles.css" -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index 76e63eb3..3f623614 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -14,9 +14,9 @@ metadata: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: secretName: {{ .Values.applicationSet.certificate.secretName }} - commonName: {{ .Values.applicationSet.certificate.domain | quote }} + commonName: {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }} dnsNames: - - {{ .Values.applicationSet.certificate.domain | quote }} + - {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }} {{- range .Values.applicationSet.certificate.additionalHosts }} - {{ . | quote }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml index bc411704..dda61550 100644 --- a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml @@ -20,8 +20,7 @@ spec: ingressClassName: {{ . }} {{- end }} rules: - {{- if .Values.applicationSet.ingress.hostname }} - - host: {{ .Values.applicationSet.ingress.hostname }} + - host: {{ .Values.applicationSet.ingress.hostname | default .Values.global.domain }} http: paths: {{- with .Values.applicationSet.ingress.extraPaths }} @@ -34,7 +33,6 @@ spec: name: {{ include "argo-cd.applicationSet.fullname" . }} port: number: {{ .Values.applicationSet.service.port }} - {{- end }} {{- range .Values.applicationSet.ingress.extraHosts }} - host: {{ .name | quote }} http: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml index c8cdefc4..2a18a2fc 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml @@ -8,7 +8,7 @@ metadata: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} data: context: | - argocdUrl: {{ .Values.notifications.argocdUrl | quote }} + argocdUrl: {{ .Values.notifications.argocdUrl | default (printf "https://%s" .Values.global.domain) }} {{- with .Values.notifications.context }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 74066ef8..84a0e62c 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -14,9 +14,9 @@ metadata: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: secretName: {{ .Values.server.certificate.secretName }} - commonName: {{ .Values.server.certificate.domain | quote }} + commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }} dnsNames: - - {{ .Values.server.certificate.domain | quote }} + - {{ .Values.server.certificate.domain | default .Values.global.domain }} {{- range .Values.server.certificate.additionalHosts }} - {{ . | quote }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index f9c27346..3c6e5303 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,5 +1,5 @@ {{- if and .Values.server.ingressGrpc.enabled (eq .Values.server.ingress.controller "generic") -}} -{{- $hostname := .Values.server.ingressGrpc.hostname | default (printf "grpc.%s" .Values.server.ingress.hostname) -}} +{{- $hostname := printf "grpc.%s" (.Values.server.ingress.hostname | default .Values.global.domain) -}} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -21,7 +21,7 @@ spec: ingressClassName: {{ . }} {{- end }} rules: - - host: {{ $hostname }} + - host: {{ .Values.server.ingressGrpc.hostname | default $hostname }} http: paths: {{- with .Values.server.ingressGrpc.extraPaths }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 627f56b9..b09b6a95 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -22,7 +22,7 @@ spec: ingressClassName: {{ . }} {{- end }} rules: - - host: {{ .Values.server.ingress.hostname }} + - host: {{ .Values.server.ingress.hostname | default .Values.global.domain }} http: paths: {{- with .Values.server.ingress.extraPaths }} @@ -57,7 +57,7 @@ spec: - {{ .Values.server.ingress.hostname }} {{- range .Values.server.ingress.extraHosts }} {{- if .name }} - - {{ .name }} + - {{ .name }} {{- end }} {{- end }} secretName: argocd-server-tls diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7f3b26c7..bf12c547 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -37,6 +37,10 @@ crds: ## Globally shared configuration global: + # -- Default domain used by all components + ## Used for ingresses, certificates, SSO, notifications, etc. + domain: argocd.example.com + # -- Common labels for the all resources additionalLabels: {} # app: argo-cd @@ -155,9 +159,6 @@ configs: # -- Annotations to be added to argocd-cm configmap annotations: {} - # -- Argo CD's externally facing base URL (optional). Required when configuring SSO - url: "" - # -- The name of tracking label used by Argo CD for resource pruning application.instanceLabelKey: argocd.argoproj.io/instance @@ -1828,7 +1829,8 @@ server: # -- The name of the Secret that will be automatically created and managed by this Certificate resource secretName: argocd-server-tls # -- Certificate primary domain (commonName) - domain: argocd.example.com + # @default -- `""` (defaults to global.domain) + domain: "" # -- Certificate Subject Alternate Names (SANs) additionalHosts: [] # -- The requested 'duration' (i.e. lifetime) of the certificate. @@ -1985,8 +1987,8 @@ server: ingressClassName: "" # -- Argo CD server hostname - ## NOTE: Hostname must be provided if Ingress is enabled - hostname: argocd.example.com + # @default -- `""` (defaults to global.domain) + hostname: "" # -- The path to Argo CD server path: / @@ -2792,7 +2794,8 @@ applicationSet: # -- The name of the Secret that will be automatically created and managed by this Certificate resource secretName: argocd-applicationset-controller-tls # -- Certificate primary domain (commonName) - domain: argocd.example.com + # @default -- `""` (defaults to global.domain) + domain: "" # -- Certificate Subject Alternate Names (SANs) additionalHosts: [] # -- The requested 'duration' (i.e. lifetime) of the certificate. @@ -2839,8 +2842,8 @@ applicationSet: ingressClassName: "" # -- Argo CD ApplicationSet hostname - ## NOTE: Hostname must be provided if Ingress is enabled - hostname: argocd.example.com + # @default -- `""` (defaults to global.domain) + hostname: "" # -- List of ingress paths path: /api/webhook @@ -2897,7 +2900,8 @@ notifications: name: notifications-controller # -- Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates - argocdUrl: + # @default -- `""` (defaults to https://`global.domain`) + argocdUrl: "" ## Notifications controller Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ From 0cf32acff2d69471698c5dfaa852ec05e893fa2d Mon Sep 17 00:00:00 2001 From: Alexis Dondon <63847345+alexisdondon@users.noreply.github.com> Date: Sat, 17 Feb 2024 10:14:34 +0100 Subject: [PATCH 0903/1248] feat(argo-workflows): add caSecret in s3 configuration (#2519) * add caSecret Signed-off-by: Dondon Alexis * bump chart version Signed-off-by: Dondon Alexis * add changelog Signed-off-by: Dondon Alexis --------- Signed-off-by: Dondon Alexis Co-authored-by: Dondon Alexis Co-authored-by: Vlad Losev --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 5 +++++ charts/argo-workflows/values.yaml | 3 +++ 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 048385d4..6110c4c1 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.10 +version: 0.40.11 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Update argo-workflows documentation links to readthedocs + description: Add caSecret in the artifactory.s3 configuration values. diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 2d5ebdd0..0fefd01f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -83,6 +83,11 @@ data: bucket: {{ tpl (.Values.artifactRepository.s3.bucket | default "") . }} endpoint: {{ tpl (.Values.artifactRepository.s3.endpoint | default "") . }} insecure: {{ .Values.artifactRepository.s3.insecure }} + {{- if .Values.artifactRepository.s3.caSecret }} + caSecret: + name: {{ tpl .Values.artifactRepository.s3.caSecret.name . }} + key: {{ tpl .Values.artifactRepository.s3.caSecret.key . }} + {{- end }} {{- if .Values.artifactRepository.s3.keyFormat }} keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 5ec3bac2..def967b1 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -775,6 +775,9 @@ artifactRepository: # key: secretkey # # insecure will disable TLS. Primarily used for minio installs not configured with TLS # insecure: false + # caSecret: + # name: ca-root + # key: cert.pem # bucket: # endpoint: # region: From 4f382e5db1b5aa43fe1714f91221ff74c88bce07 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 17 Feb 2024 12:00:07 +0100 Subject: [PATCH 0904/1248] chore(deps): bump helm/kind-action from 1.8.0 to 1.9.0 (#2522) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.8.0 to 1.9.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/dda0770415bac9fc20092cacbc54aa298604d140...99576bfa6ddf9a8e612d83b513da5a75875caced) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 79782374..faf003de 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 + uses: helm/kind-action@99576bfa6ddf9a8e612d83b513da5a75875caced # v1.9.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 75b48cef3c6ddbe820ee72e53e3418c4c457bd55 Mon Sep 17 00:00:00 2001 From: Etienne <995474+etiennetremel@users.noreply.github.com> Date: Sun, 18 Feb 2024 19:44:25 +0100 Subject: [PATCH 0905/1248] feat(argocd-image-updater): allow defining additional labels to service account (#2517) --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 1 + charts/argocd-image-updater/templates/serviceaccount.yaml | 3 +++ charts/argocd-image-updater/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 613f76aa..856e5621 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.3 +version: 0.9.4 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Support extra K8s manifests + description: Allow defining additional labels to Service Account diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index c62e480f..955e4370 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -115,6 +115,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | securityContext | object | `{}` | Security context settings for the deployment | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.labels | object | `{}` | Labels to add to the service account | | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | tolerations | list | `[]` | Kubernetes toleration settings for the deployment | | updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | diff --git a/charts/argocd-image-updater/templates/serviceaccount.yaml b/charts/argocd-image-updater/templates/serviceaccount.yaml index c755731d..3e5d60f0 100644 --- a/charts/argocd-image-updater/templates/serviceaccount.yaml +++ b/charts/argocd-image-updater/templates/serviceaccount.yaml @@ -6,6 +6,9 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index f06edf3b..1b645fc7 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -178,6 +178,8 @@ serviceAccount: create: true # -- Annotations to add to the service account annotations: {} + # -- Labels to add to the service account + labels: {} # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" From 1808903a6bbae9f7c46651bbceebb9dbf5150e02 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Mon, 19 Feb 2024 00:06:23 +0200 Subject: [PATCH 0906/1248] feat(argo-cd): bump redis chart dep and redis exporter (#2524) * bump redis deps Signed-off-by: drfaust92 * bump redis deps Signed-off-by: drfaust92 * bump redis deps Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 Co-authored-by: Aikawa --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 8 ++++---- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index edd5df2b..bc11a715 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.23.0 -digest: sha256:589f9972fbdf36194d443c9d3be2a1747f43e03c435fc48004cc0cbe6b3c6e3c -generated: "2023-05-15T19:25:26.049618+09:00" + version: 4.26.1 +digest: sha256:d72c308ab0eef4233e25bfc3f8fc97cf9b02a9c5d0186ea89e2f8fb332cb9c41 +generated: "2024-02-18T19:42:53.135599+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d0293d82..6432e687 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.1.0 +version: 6.2.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,7 +18,7 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.23.0 + version: 4.26.1 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Configuration option global.domain that is tied to all components + - kind: changed + description: bumped redis chart and redis exporter diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 39bd3544..a8775ecb 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1150,7 +1150,7 @@ NAME: my-release | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"1.57.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.58.0"` | Tag to use for the redis-exporter | | redis.exporter.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis exporter | | redis.exporter.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | redis.exporter.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | @@ -1239,7 +1239,7 @@ The main options are listed here: | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis-ha.exporter.tag | string | `"1.57.0"` | Tag to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.58.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | | redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.containerSecurityContext | object | See [values.yaml] | HAProxy container-level security context | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index bf12c547..11fae55f 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1171,7 +1171,7 @@ redis: # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.57.0 + tag: 1.58.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1444,7 +1444,7 @@ redis-ha: # -- Repository to use for the redis-exporter image: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.57.0 + tag: 1.58.0 persistentVolume: # -- Configures persistence on Redis nodes enabled: false From aa69a7769109d414391970468e5189a748ac4dfd Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Mon, 19 Feb 2024 09:37:38 +0100 Subject: [PATCH 0907/1248] fix(argo-cd): Add missing `global.domain` default values (#2525) Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-applicationset/ingress.yaml | 2 +- charts/argo-cd/templates/argocd-server/aws/ingress.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/gke/ingress.yaml | 4 ++-- .../templates/argocd-server/gke/managedcertificate.yaml | 2 +- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- charts/argo-cd/templates/argocd-server/openshift/route.yaml | 2 +- 7 files changed, 11 insertions(+), 11 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6432e687..a6c03d2f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.2.0 +version: 6.2.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: bumped redis chart and redis exporter + - kind: fixed + description: Add missing `global.domain` default values diff --git a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml index dda61550..88c45f62 100644 --- a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml @@ -52,7 +52,7 @@ spec: tls: {{- if .Values.applicationSet.ingress.tls }} - hosts: - - {{ .Values.applicationSet.ingress.hostname }} + - {{ .Values.applicationSet.ingress.hostname | default .Values.global.domain }} secretName: argocd-applicationset-controller-tls {{- end }} {{- with .Values.applicationSet.ingress.extraTls }} diff --git a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml index 940ed427..b44d1739 100644 --- a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml @@ -22,7 +22,7 @@ spec: ingressClassName: {{ . }} {{- end }} rules: - - host: {{ .Values.server.ingress.hostname }} + - host: {{ .Values.server.ingress.hostname | default .Values.global.domain }} http: paths: {{- with .Values.server.ingress.extraPaths }} @@ -61,7 +61,7 @@ spec: tls: {{- if .Values.server.ingress.tls }} - hosts: - - {{ .Values.server.ingress.hostname }} + - {{ .Values.server.ingress.hostname | default .Values.global.domain }} secretName: argocd-server-tls {{- end }} {{- with .Values.server.ingress.extraTls }} diff --git a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml index 31d98e10..c2644491 100644 --- a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml @@ -27,7 +27,7 @@ spec: ingressClassName: {{ . }} {{- end }} rules: - - host: {{ .Values.server.ingress.hostname }} + - host: {{ .Values.server.ingress.hostname | default .Values.global.domain }} http: paths: {{- with .Values.server.ingress.extraPaths }} @@ -59,7 +59,7 @@ spec: tls: {{- if .Values.server.ingress.tls }} - hosts: - - {{ .Values.server.ingress.hostname }} + - {{ .Values.server.ingress.hostname | default .Values.global.domain }} secretName: argocd-server-tls {{- end }} {{- with .Values.server.ingress.extraTls }} diff --git a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml index 569063be..63c089b8 100644 --- a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml @@ -8,7 +8,7 @@ metadata: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: domains: - - {{ .Values.server.ingress.hostname }} + - {{ .Values.server.ingress.hostname | default .Values.global.domain }} {{- with .Values.server.ingress.gke.managedCertificate.extraDomains }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index b09b6a95..1739de4f 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -54,7 +54,7 @@ spec: tls: {{- if .Values.server.ingress.tls }} - hosts: - - {{ .Values.server.ingress.hostname }} + - {{ .Values.server.ingress.hostname | default .Values.global.domain }} {{- range .Values.server.ingress.extraHosts }} {{- if .name }} - {{ .name }} diff --git a/charts/argo-cd/templates/argocd-server/openshift/route.yaml b/charts/argo-cd/templates/argocd-server/openshift/route.yaml index 59313798..01cb6aed 100644 --- a/charts/argo-cd/templates/argocd-server/openshift/route.yaml +++ b/charts/argo-cd/templates/argocd-server/openshift/route.yaml @@ -13,7 +13,7 @@ metadata: {{- end }} {{- end }} spec: - host: {{ .Values.server.route.hostname | quote }} + host: {{ .Values.server.route.hostname | default .Values.global.domain | quote }} to: kind: Service name: {{ template "argo-cd.server.fullname" . }} From f198eecc231b2decad86c41773412f4185755879 Mon Sep 17 00:00:00 2001 From: fulcrum29 <35672150+fulcrum29@users.noreply.github.com> Date: Tue, 20 Feb 2024 12:38:50 +0100 Subject: [PATCH 0908/1248] fix(argo-cd): Fix path order in AWS Ingress declaration (#2531) * fix(ingress-aws): Fix path order in AWS Ingress declaration Fix path order to evaluate GRPc endpoint first Signed-off-by: fulcrum29 <35672150+fulcrum29@users.noreply.github.com> * chore: update Chart version Signed-off-by: fulcrum29 <35672150+fulcrum29@users.noreply.github.com> * chore: add aritfacthub description Signed-off-by: fulcrum29 <35672150+fulcrum29@users.noreply.github.com> --------- Signed-off-by: fulcrum29 <35672150+fulcrum29@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-server/aws/ingress.yaml | 14 +++++++------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a6c03d2f..0ca54554 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.2.1 +version: 6.2.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Add missing `global.domain` default values + description: AWS gRPC Ingress rule ordering diff --git a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml index b44d1739..2238acbc 100644 --- a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml @@ -28,13 +28,6 @@ spec: {{- with .Values.server.ingress.extraPaths }} {{- toYaml . | nindent 10 }} {{- end }} - - path: {{ .Values.server.ingress.path }} - pathType: {{ $.Values.server.ingress.pathType }} - backend: - service: - name: {{ include "argo-cd.server.fullname" . }} - port: - number: {{ $servicePort }} - path: {{ .Values.server.ingress.path }} pathType: {{ $.Values.server.ingressGrpc.pathType }} backend: @@ -42,6 +35,13 @@ spec: name: {{ include "argo-cd.server.fullname" $ }}-grpc port: number: {{ $servicePort }} + - path: {{ .Values.server.ingress.path }} + pathType: {{ $.Values.server.ingress.pathType }} + backend: + service: + name: {{ include "argo-cd.server.fullname" . }} + port: + number: {{ $servicePort }} {{- range .Values.server.ingress.extraHosts }} - host: {{ .name | quote }} http: From 43337b5e14f715f172c0f7987d66db9d63e2d221 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 20 Feb 2024 13:04:59 +0100 Subject: [PATCH 0909/1248] chore(argo-cd): Update Redis image to 7.2.4 (#2533) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0ca54554..32424032 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.2.2 +version: 6.2.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: AWS gRPC Ingress rule ordering + - kind: changed + description: Updated Redis image tag to 7.2.4 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a8775ecb..7b6fd58b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1168,7 +1168,7 @@ NAME: my-release | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.15-alpine"` | Redis tag | +| redis.image.tag | string | `"7.2.4-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis server | @@ -1249,7 +1249,7 @@ The main options are listed here: | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | | redis-ha.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis-ha.image.tag | string | `"7.0.15-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.2.4-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 11fae55f..b8fcdc55 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1155,7 +1155,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.15-alpine + tag: 7.2.4-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1436,7 +1436,7 @@ redis-ha: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.15-alpine + tag: 7.2.4-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar From 394d6f17c803f87deac46a14a3dcc0217d7743b8 Mon Sep 17 00:00:00 2001 From: LucasBoisserie Date: Fri, 23 Feb 2024 13:15:47 +0100 Subject: [PATCH 0910/1248] feat(argo-cd): Format redis health check confimap mode in decimal (#2535) feat: format redis health check confimap mode in decimal Signed-off-by: lucas boisserie --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/redis/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 32424032..ddf2bfa8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.2.3 +version: 6.2.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Updated Redis image tag to 7.2.4 + - kind: fixed + description: Format redis health check confimap mode in decimal. diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 94c445c8..a25c1bd8 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -193,7 +193,7 @@ spec: - name: health configMap: name: {{ include "argo-cd.redis.fullname" . }}-health-configmap - defaultMode: 0755 + defaultMode: 493 {{- with .Values.redis.volumes }} {{- toYaml . | nindent 8}} {{- end }} From 2f913784220fd24610d13efbde9efe70d40c261f Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 23 Feb 2024 14:58:13 +0100 Subject: [PATCH 0911/1248] fix(argo-cd): Allow to use dedicated gRCP ingress with GKE implementation (#2541) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ddf2bfa8..baadb98c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.2.4 +version: 6.2.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Format redis health check confimap mode in decimal. + description: Dedicated gRPC ingress could be used with GKE ingress implementation diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 3c6e5303..118fb2f9 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.server.ingressGrpc.enabled (eq .Values.server.ingress.controller "generic") -}} +{{- if .Values.server.ingressGrpc.enabled -}} {{- $hostname := printf "grpc.%s" (.Values.server.ingress.hostname | default .Values.global.domain) -}} apiVersion: networking.k8s.io/v1 kind: Ingress From 30836b841cd6d1e03fa1172f107a3eb1bea7ed0f Mon Sep 17 00:00:00 2001 From: Florian Boulanger Date: Fri, 23 Feb 2024 15:17:55 +0100 Subject: [PATCH 0912/1248] feat(argo-cd): Allow modification of path and port for dex liveness and readiness probes (#2542) feat(argo-cd): allow defining custom dex probes Signed-off-by: Florian Boulanger Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++++ charts/argo-cd/templates/dex/deployment.yaml | 8 ++++---- charts/argo-cd/values.yaml | 8 ++++++++ 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index baadb98c..9fc66045 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.2.5 +version: 6.3.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Dedicated gRPC ingress could be used with GKE ingress implementation + - kind: changed + description: Allow modification of path and port for dex liveness and readiness probes diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 7b6fd58b..2a47a0cc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1077,6 +1077,8 @@ NAME: my-release | dex.initImage.tag | string | `""` (defaults to global.image.tag) | Argo CD init image tag | | dex.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Dex >= 2.28.0 | | dex.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| dex.livenessProbe.httpPath | string | `"/healthz/live"` | Http path to use for the liveness probe | +| dex.livenessProbe.httpPort | string | `"metrics"` | Http port to use for the liveness probe | | dex.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | dex.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | dex.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | @@ -1109,6 +1111,8 @@ NAME: my-release | dex.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the dex pods | | dex.readinessProbe.enabled | bool | `false` | Enable Kubernetes readiness probe for Dex >= 2.28.0 | | dex.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| dex.readinessProbe.httpPath | string | `"/healthz/ready"` | Http path to use for the readiness probe | +| dex.readinessProbe.httpPort | string | `"metrics"` | Http port to use for the readiness probe | | dex.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | dex.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | dex.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index c8e2c929..3b21649a 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -99,8 +99,8 @@ spec: {{- if .Values.dex.livenessProbe.enabled }} livenessProbe: httpGet: - path: /healthz/live - port: metrics + path: {{ .Values.dex.livenessProbe.httpPort }} + port: {{ .Values.dex.livenessProbe.httpPath }} initialDelaySeconds: {{ .Values.dex.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.dex.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.dex.livenessProbe.timeoutSeconds }} @@ -110,8 +110,8 @@ spec: {{- if .Values.dex.readinessProbe.enabled }} readinessProbe: httpGet: - path: /healthz/ready - port: metrics + path: {{ .Values.dex.readinessProbe.httpPort }} + port: {{ .Values.dex.readinessProbe.httpPath }} initialDelaySeconds: {{ .Values.dex.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.dex.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.dex.readinessProbe.timeoutSeconds }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b8fcdc55..8c1b2985 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1039,6 +1039,10 @@ dex: livenessProbe: # -- Enable Kubernetes liveness probe for Dex >= 2.28.0 enabled: false + # -- Http path to use for the liveness probe + httpPath: /healthz/live + # -- Http port to use for the liveness probe + httpPort: metrics # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 # -- Number of seconds after the container has started before [probe] is initiated @@ -1053,6 +1057,10 @@ dex: readinessProbe: # -- Enable Kubernetes readiness probe for Dex >= 2.28.0 enabled: false + # -- Http path to use for the readiness probe + httpPath: /healthz/ready + # -- Http port to use for the readiness probe + httpPort: metrics # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 # -- Number of seconds after the container has started before [probe] is initiated From 285ff7a2263639b216534a9e49c676829e31bd8f Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 23 Feb 2024 19:05:19 +0100 Subject: [PATCH 0913/1248] fix(argo-cd): Fix dex probes (#2546) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/dex/deployment.yaml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9fc66045..ea35dab2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.3.0 +version: 6.3.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Allow modification of path and port for dex liveness and readiness probes + - kind: fixed + description: Fix templated values for Dex probes diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 3b21649a..7c40622c 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -99,8 +99,8 @@ spec: {{- if .Values.dex.livenessProbe.enabled }} livenessProbe: httpGet: - path: {{ .Values.dex.livenessProbe.httpPort }} - port: {{ .Values.dex.livenessProbe.httpPath }} + path: {{ .Values.dex.livenessProbe.httpPath }} + port: {{ .Values.dex.livenessProbe.httpPort }} initialDelaySeconds: {{ .Values.dex.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.dex.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.dex.livenessProbe.timeoutSeconds }} @@ -110,8 +110,8 @@ spec: {{- if .Values.dex.readinessProbe.enabled }} readinessProbe: httpGet: - path: {{ .Values.dex.readinessProbe.httpPort }} - port: {{ .Values.dex.readinessProbe.httpPath }} + path: {{ .Values.dex.readinessProbe.httpPath }} + port: {{ .Values.dex.readinessProbe.httpPort }} initialDelaySeconds: {{ .Values.dex.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.dex.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.dex.readinessProbe.timeoutSeconds }} From 42b20e0b6b8d871aa28416c8519d1621d6c26683 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 24 Feb 2024 21:31:01 +0900 Subject: [PATCH 0914/1248] chore(deps): bump tj-actions/changed-files from 42.0.2 to 42.0.4 (#2548) Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 42.0.2 to 42.0.4. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/90a06d6ba9543371ab4df8eeca0be07ca6054959...3f54ebb830831fc121d3263c1857cfbdc310cdb9) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index 43b6b5ba..e6020c95 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@90a06d6ba9543371ab4df8eeca0be07ca6054959 # v42.0.2 + uses: tj-actions/changed-files@3f54ebb830831fc121d3263c1857cfbdc310cdb9 # v42.0.4 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From 7c8fab5a7f8c330a4608186d1bbcf5f26950a92d Mon Sep 17 00:00:00 2001 From: Oscar Wieman Date: Sun, 25 Feb 2024 13:47:00 +0100 Subject: [PATCH 0915/1248] feat(argo-cd): Add support for application controller dynamic cluster distribution. (#2539) * Add support for application controller dynamic cluster distribution. Signed-off-by: Oscar Wieman * Added env variables to handle the non-standard names generated by the helm chart. https://argo-cd.readthedocs.io/en/release-2.9/user-guide/environment-variables/ https://github.com/argoproj/argo-cd/blob/99723143b96ceec9ef5b0a7feb7b4f4b0dce3497/common/common.go#L252 Signed-off-by: Oscar Wieman --------- Signed-off-by: Oscar Wieman --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 12 + charts/argo-cd/README.md.gotmpl | 9 + .../argo-cd/ci/dynamic-sharding-values.yaml | 6 + .../deployment.yaml | 357 ++++++++++++++++++ .../statefulset.yaml | 4 + .../argocd-repo-server/deployment.yaml | 2 + .../templates/argocd-server/deployment.yaml | 2 + charts/argo-cd/values.yaml | 17 + 9 files changed, 413 insertions(+), 2 deletions(-) create mode 100644 charts/argo-cd/ci/dynamic-sharding-values.yaml create mode 100644 charts/argo-cd/templates/argocd-application-controller/deployment.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ea35dab2..d1824528 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.3.1 +version: 6.4.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: changed + description: Added support for application controller dynamic cluster distribution. - kind: fixed - description: Fix templated values for Dex probes + description: Added env variables to handle the non-standard names generated by the helm chart. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2a47a0cc..9ef7c481 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -278,6 +278,15 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.4.0 + +Added support for application controller dynamic cluster distribution. +Please refer to [the docs](https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution) for more information. + +Added env variables to handle the non-standard names generated by the helm chart. +Here are the [docs](https://argo-cd.readthedocs.io/en/release-2.9/user-guide/environment-variables/) +and [code](https://github.com/argoproj/argo-cd/blob/99723143b96ceec9ef5b0a7feb7b4f4b0dce3497/common/common.go#L252) + ### 6.1.0 Added support for global domain used by all components. @@ -720,12 +729,15 @@ NAME: my-release | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | +| controller.deploymentAnnotations | object | `{}` | Annotations for the application controller Deployment | | controller.dnsConfig | object | `{}` | [DNS configuration] | | controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods | +| controller.dynamicClusterDistribution | bool | `false` | Enable dynamic cluster distribution (alpha) Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | | controller.extraContainers | list | `[]` | Additional containers to be added to the application controller pod | +| controller.heartbeatTime | int | `10` | Application controller heartbeat time Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution/#working-of-dynamic-distribution | | controller.hostNetwork | bool | `false` | Host Network for application controller pods | | controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller | | controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 6c7c035a..62c1759d 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -278,6 +278,15 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.4.0 + +Added support for application controller dynamic cluster distribution. +Please refer to [the docs](https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution) for more information. + +Added env variables to handle the non-standard names generated by the helm chart. +Here are the [docs](https://argo-cd.readthedocs.io/en/release-2.9/user-guide/environment-variables/) +and [code](https://github.com/argoproj/argo-cd/blob/99723143b96ceec9ef5b0a7feb7b4f4b0dce3497/common/common.go#L252) + ### 6.1.0 Added support for global domain used by all components. diff --git a/charts/argo-cd/ci/dynamic-sharding-values.yaml b/charts/argo-cd/ci/dynamic-sharding-values.yaml new file mode 100644 index 00000000..e0b72e73 --- /dev/null +++ b/charts/argo-cd/ci/dynamic-sharding-values.yaml @@ -0,0 +1,6 @@ +# Test application controller dynamic cluster distribution +crds: + keep: false + +controller: + dynamicClusterDistribution: true diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml new file mode 100644 index 00000000..e0c12135 --- /dev/null +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -0,0 +1,357 @@ +{{- if .Values.controller.dynamicClusterDistribution }} +apiVersion: apps/v1 +kind: Deployment +metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.controller.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} +spec: + replicas: {{ .Values.controller.replicas }} + revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit | default .Values.global.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} + template: + metadata: + annotations: + checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.controller.podAnnotations) }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 8 }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.controller.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + {{- if .Values.controller.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} + {{- end }} + serviceAccountName: {{ include "argo-cd.controller.serviceAccountName" . }} + containers: + - args: + - /usr/local/bin/argocd-application-controller + - --metrics-port={{ .Values.controller.containerPorts.metrics }} + {{- if .Values.controller.metrics.applicationLabels.enabled }} + {{- range .Values.controller.metrics.applicationLabels.labels }} + - --metrics-application-labels + - {{ . }} + {{- end }} + {{- end }} + {{- with .Values.controller.extraArgs }} + {{- toYaml . | nindent 8 }} + {{- end }} + image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.controller.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} + name: {{ .Values.controller.name }} + env: + {{- with (concat .Values.global.env .Values.controller.env) }} + {{- toYaml . | nindent 10 }} + {{- end }} + - name: ARGOCD_ENABLE_DYNAMIC_CLUSTER_DISTRIBUTION + value: "true" + - name: ARGOCD_CONTROLLER_HEARTBEAT_TIME + value: {{ .Values.controller.heartbeatTime | quote }} + - name: ARGOCD_APPLICATION_CONTROLLER_NAME + value: {{ template "argo-cd.controller.fullname" . }} + - name: ARGOCD_RECONCILIATION_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cm + key: timeout.reconciliation + optional: true + - name: ARGOCD_HARD_RECONCILIATION_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cm + key: timeout.hard.reconciliation + optional: true + - name: ARGOCD_RECONCILIATION_JITTER + valueFrom: + configMapKeyRef: + key: timeout.reconciliation.jitter + name: argocd-cm + optional: true + - name: ARGOCD_REPO_ERROR_GRACE_PERIOD_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.error.grace.period.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: repo.server + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_STATUS_PROCESSORS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.status.processors + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OPERATION_PROCESSORS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.operation.processors + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.log.format + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.log.level + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.metrics.cache.expiration + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.resource.health.persist + optional: true + - name: ARGOCD_APP_STATE_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.app.state.cache.expiration + optional: true + - name: REDIS_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server + optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true + - name: REDISDB + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.db + optional: true + - name: REDIS_USERNAME + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-username + optional: true + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-password + optional: true + - name: ARGOCD_DEFAULT_CACHE_EXPIRATION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.default.cache.expiration + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.address + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.insecure + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_HEADERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: otlp.headers + optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: application.namespaces + optional: true + - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sharding.algorithm + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.kubectl.parallelism.limit + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_MAX + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.k8sclient.retry.max + optional: true + - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.k8sclient.retry.base.backoff + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SERVER_SIDE_DIFF + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.diff.server.side + optional: true + {{- with .Values.controller.envFrom }} + envFrom: + {{- toYaml . | nindent 10 }} + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.controller.containerPorts.metrics }} + protocol: TCP + readinessProbe: + httpGet: + path: /healthz + port: metrics + initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} + resources: + {{- toYaml .Values.controller.resources | nindent 10 }} + {{- with .Values.controller.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + workingDir: /home/argocd + volumeMounts: + {{- with .Values.controller.volumeMounts }} + {{- toYaml . | nindent 8 }} + {{- end }} + - mountPath: /app/config/controller/tls + name: argocd-repo-server-tls + - mountPath: /home/argocd + name: argocd-home + {{- with .Values.controller.extraContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.controller.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.controller) }} + affinity: + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.controller.nodeSelector | default .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.tolerations | default .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.controller.name) | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} + volumes: + {{- with .Values.controller.volumes }} + {{- toYaml . | nindent 6 }} + {{- end }} + - name: argocd-home + emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + {{- if .Values.controller.hostNetwork }} + hostNetwork: {{ .Values.controller.hostNetwork }} + {{- end }} + {{- with .Values.controller.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.controller.dnsPolicy }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 8c929e41..3b72d19f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.controller.dynamicClusterDistribution | default false }} apiVersion: apps/v1 kind: StatefulSet metadata: @@ -77,6 +78,8 @@ spec: {{- end }} - name: ARGOCD_CONTROLLER_REPLICAS value: {{ .Values.controller.replicas | quote }} + - name: ARGOCD_APPLICATION_CONTROLLER_NAME + value: {{ template "argo-cd.controller.fullname" . }} - name: ARGOCD_RECONCILIATION_TIMEOUT valueFrom: configMapKeyRef: @@ -350,3 +353,4 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} dnsPolicy: {{ .Values.controller.dnsPolicy }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 9f72d33b..d27c15d9 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -85,6 +85,8 @@ spec: - name: USER_NAME value: argocd {{- end }} + - name: ARGOCD_REPO_SERVER_NAME + value: {{ template "argo-cd.repoServer.fullname" . }} - name: ARGOCD_RECONCILIATION_TIMEOUT valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 6de12319..6d614b0f 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -75,6 +75,8 @@ spec: {{- with (concat .Values.global.env .Values.server.env) }} {{- toYaml . | nindent 10 }} {{- end }} + - name: ARGOCD_SERVER_NAME + value: {{ template "argo-cd.server.fullname" . }} - name: ARGOCD_SERVER_INSECURE valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8c1b2985..20ecf6e9 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -577,8 +577,22 @@ controller: # -- The number of application controller pods to run. # Additional replicas will cause sharding of managed clusters across number of replicas. + ## With dynamic cluster distribution turned on, sharding of the clusters will gracefully + ## rebalance if the number of replica's changes or one becomes unhealthy. (alpha) replicas: 1 + # -- Enable dynamic cluster distribution (alpha) + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution + ## This is done using a deployment instead of a statefulSet + ## When replicas are added or removed, the sharding algorithm is re-run to ensure that the + ## clusters are distributed according to the algorithm. If the algorithm is well-balanced, + ## like round-robin, then the shards will be well-balanced. + dynamicClusterDistribution: false + + # -- Application controller heartbeat time + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution/#working-of-dynamic-distribution + heartbeatTime: 10 + # -- Maximum number of controller revisions that will be maintained in StatefulSet history revisionHistoryLimit: 5 @@ -662,6 +676,9 @@ controller: # -- Annotations for the application controller StatefulSet statefulsetAnnotations: {} + # -- Annotations for the application controller Deployment + deploymentAnnotations: {} + # -- Annotations to be added to application controller pods podAnnotations: {} From fa85e824f014ef7bf19163d4ecf7e9b8eb01f6b9 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 25 Feb 2024 22:11:42 +0900 Subject: [PATCH 0916/1248] feat(argocd-apps): Support Template Patch to ApplicationSet (#2549) Signed-off-by: yu-croco Co-authored-by: Petr Drastil --- charts/argocd-apps/Chart.yaml | 6 +++--- charts/argocd-apps/ci/applicationsets-values.yaml | 13 +++++++++++++ charts/argocd-apps/templates/applicationsets.yaml | 4 ++++ charts/argocd-apps/values.yaml | 14 ++++++++++++++ 4 files changed, 34 insertions(+), 3 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 811c39e8..0b550fb4 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.6.1 +version: 1.6.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: move ignoreApplicationDifferences block up a level to fix render + - kind: added + description: Support Template Patch to ApplicationSet diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index e4f9101b..375367ca 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -46,6 +46,19 @@ applicationsets: syncPolicy: # Set Application finalizer preserveResourcesOnDeletion: false + templatePatch: | + spec: + source: + helm: + valueFiles: + {{- range $valueFile := .valueFiles }} + - {{ $valueFile }} + {{- end }} + {{- if .autoSync }} + syncPolicy: + automated: + prune: {{ .prune }} + {{- end }} - name: applicationset-list-generator generators: - list: diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index 10560075..72c8f2e2 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -84,4 +84,8 @@ spec: {{- end }} {{- end -}} {{- end }} + {{- with .templatePatch }} + templatePatch: | + {{- . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 87874dad..41ee1ef9 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -157,6 +157,20 @@ applicationsets: [] # syncPolicy: # # Set Application finalizer # preserveResourcesOnDeletion: false +# # Templating is only available on string type +# templatePatch: | +# spec: +# source: +# helm: +# valueFiles: +# {{- range $valueFile := .valueFiles }} +# - {{ $valueFile }} +# {{- end }} +# {{- if .autoSync }} +# syncPolicy: +# automated: +# prune: {{ .prune }} +# {{- end }} # -- Deploy Argo CD Applications/ApplicationSets/Projects within this helm release # @default -- `[]` (See [values.yaml]) From 2f82fb5992fe1e390d1ebdbc4be6d5d6c6549a37 Mon Sep 17 00:00:00 2001 From: Florian Boulanger Date: Wed, 28 Feb 2024 07:28:35 +0100 Subject: [PATCH 0917/1248] chore(argo-cd): add support for http probe scheme for dex (#2550) --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/dex/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d1824528..ac3128a5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.4.0 +version: 6.4.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,6 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Added support for application controller dynamic cluster distribution. - - kind: fixed - description: Added env variables to handle the non-standard names generated by the helm chart. + description: Added support for http probe scheme for dex liveness and readiness diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 9ef7c481..bddda8e2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1091,6 +1091,7 @@ NAME: my-release | dex.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | dex.livenessProbe.httpPath | string | `"/healthz/live"` | Http path to use for the liveness probe | | dex.livenessProbe.httpPort | string | `"metrics"` | Http port to use for the liveness probe | +| dex.livenessProbe.httpScheme | string | `"HTTP"` | Scheme to use for for the liveness probe (can be HTTP or HTTPS) | | dex.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | dex.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | dex.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | @@ -1125,6 +1126,7 @@ NAME: my-release | dex.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | dex.readinessProbe.httpPath | string | `"/healthz/ready"` | Http path to use for the readiness probe | | dex.readinessProbe.httpPort | string | `"metrics"` | Http port to use for the readiness probe | +| dex.readinessProbe.httpScheme | string | `"HTTP"` | Scheme to use for for the liveness probe (can be HTTP or HTTPS) | | dex.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | dex.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | dex.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 7c40622c..61f3fe86 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -101,6 +101,7 @@ spec: httpGet: path: {{ .Values.dex.livenessProbe.httpPath }} port: {{ .Values.dex.livenessProbe.httpPort }} + scheme: {{ .Values.dex.livenessProbe.httpScheme }} initialDelaySeconds: {{ .Values.dex.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.dex.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.dex.livenessProbe.timeoutSeconds }} @@ -112,6 +113,7 @@ spec: httpGet: path: {{ .Values.dex.readinessProbe.httpPath }} port: {{ .Values.dex.readinessProbe.httpPort }} + scheme: {{ .Values.dex.readinessProbe.httpScheme }} initialDelaySeconds: {{ .Values.dex.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.dex.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.dex.readinessProbe.timeoutSeconds }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 20ecf6e9..565320a8 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1060,6 +1060,8 @@ dex: httpPath: /healthz/live # -- Http port to use for the liveness probe httpPort: metrics + # -- Scheme to use for for the liveness probe (can be HTTP or HTTPS) + httpScheme: HTTP # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 # -- Number of seconds after the container has started before [probe] is initiated @@ -1078,6 +1080,8 @@ dex: httpPath: /healthz/ready # -- Http port to use for the readiness probe httpPort: metrics + # -- Scheme to use for for the liveness probe (can be HTTP or HTTPS) + httpScheme: HTTP # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 # -- Number of seconds after the container has started before [probe] is initiated From 48824664e904bc165ebef4ef7630d6296743cd1c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 29 Feb 2024 20:24:21 +0900 Subject: [PATCH 0918/1248] fix(argo-cd): Pass argocd-server's ALB health check (#2553) * fix(argo-cd): Pass argocd-server's ALB health check Signed-off-by: yu-croco * fix: changelog lint Signed-off-by: yu-croco * fix: revert unnecessary diffs Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 5 +++-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac3128a5..8e66db48 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.4.1 +version: 6.4.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Added support for http probe scheme for dex liveness and readiness + - kind: fixed + description: Pass argocd-server's ALB health check diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bddda8e2..d1c95206 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -952,7 +952,7 @@ NAME: my-release | server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server | | server.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | server.ingress.annotations | object | `{}` | Additional ingress annotations | -| server.ingress.aws.backendProtocolVersion | string | `"HTTP2"` | Backend protocol version for the AWS ALB gRPC service | +| server.ingress.aws.backendProtocolVersion | string | `"GRPC"` | Backend protocol version for the AWS ALB gRPC service | | server.ingress.aws.serviceType | string | `"NodePort"` | Service type for the AWS ALB gRPC service | | server.ingress.controller | string | `"generic"` | Specific implementation for ingress controller. One of `generic`, `aws` or `gke` | | server.ingress.enabled | bool | `false` | Enable an ingress resource for the Argo CD server | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 565320a8..2bee3895 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2071,8 +2071,9 @@ server: ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#aws-application-load-balancers-albs-and-classic-elb-http-mode aws: # -- Backend protocol version for the AWS ALB gRPC service - ## This tells AWS to send traffic from the ALB using HTTP2. Can use gRPC as well if you want to leverage gRPC specific features - backendProtocolVersion: HTTP2 + ## This tells AWS to send traffic from the ALB using gRPC. + ## For more information: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html#health-check-settings + backendProtocolVersion: GRPC # -- Service type for the AWS ALB gRPC service ## Can be of type NodePort or ClusterIP depending on which mode you are running. ## Instance mode needs type NodePort, IP mode needs type ClusterIP From e0f6a16ce87159d613e7315ceb28d4456ce37ef5 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Thu, 29 Feb 2024 19:54:21 +0100 Subject: [PATCH 0919/1248] chore(github): Migrate to renovate GH action (#2520) chore: Migrate to renovate GH action Signed-off-by: Marco Maurer --- .github/configs/renovate-config.js | 7 +++ .github/workflows/chart-version-bump.yml | 57 ------------------------ .github/workflows/renovate.yaml | 36 +++++++++++++++ renovate.json | 48 ++++++++++++-------- scripts/renovate-bump-version.sh | 31 +++++++++++++ 5 files changed, 104 insertions(+), 75 deletions(-) create mode 100644 .github/configs/renovate-config.js delete mode 100644 .github/workflows/chart-version-bump.yml create mode 100644 .github/workflows/renovate.yaml create mode 100755 scripts/renovate-bump-version.sh diff --git a/.github/configs/renovate-config.js b/.github/configs/renovate-config.js new file mode 100644 index 00000000..9118ffe9 --- /dev/null +++ b/.github/configs/renovate-config.js @@ -0,0 +1,7 @@ +module.exports = { + platform: 'github', + gitAuthor: 'renovate[bot] ', + autodiscover: false, + allowPostUpgradeCommandTemplating: true, + allowedPostUpgradeCommands: [".*"], + }; diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml deleted file mode 100644 index e6020c95..00000000 --- a/.github/workflows/chart-version-bump.yml +++ /dev/null @@ -1,57 +0,0 @@ -## Used on Renovate PRs to bump the chart version and add a changelog entry -## Reference: https://github.com/stefanzweifel/git-auto-commit-action -## Reference: https://github.com/marketplace/actions/changed-files -name: 'Chart Version Bump and Changelog' - -on: - pull_request: - types: - - labeled - -permissions: - contents: write - -jobs: - helm-bumper: - if: ${{ (contains(github.event.pull_request.labels.*.name, 'renovate')) }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - token: ${{ secrets.PAT }} - fetch-depth: 0 - - - name: Get changed files - id: changed-files - uses: tj-actions/changed-files@3f54ebb830831fc121d3263c1857cfbdc310cdb9 # v42.0.4 - with: - files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml - - - name: "Bump Version and Changelog" - run: | - chartName="$(echo \"${{ steps.changed-files.outputs.all_changed_files }}\" | cut -d '/' -f2)" - echo "Changed chart name is: $chartName" - echo "----------------------------------------" - - parentDir="charts/${chartName}" - - # Bump the chart version by one patch version - version=$(grep '^version:' ${parentDir}/Chart.yaml | awk '{print $2}') - major=$(echo $version | cut -d. -f1) - minor=$(echo $version | cut -d. -f2) - patch=$(echo $version | cut -d. -f3) - patch=$(expr $patch + 1) - sed -i "s/^version:.*/version: ${major}.${minor}.${patch}/g" ${parentDir}/Chart.yaml - - # Add a changelog entry - appVersion=$(grep '^appVersion:' ${parentDir}/Chart.yaml | awk '{print $2}') - sed -i -e '/^ artifacthub.io\/changes: |/,$d' ${parentDir}/Chart.yaml - echo " artifacthub.io/changes: |" >> ${parentDir}/Chart.yaml - echo " - kind: changed" >> ${parentDir}/Chart.yaml - echo " description: Bump ${chartName} to ${appVersion}" >> ${parentDir}/Chart.yaml - cat ${parentDir}/Chart.yaml - - - name: "Commit and push changes" - uses: stefanzweifel/git-auto-commit-action@8756aa072ef5b4a080af5dc8fef36c5d586e521d # v5.0.0 - with: - commit_options: '--signoff' diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml new file mode 100644 index 00000000..4f938beb --- /dev/null +++ b/.github/workflows/renovate.yaml @@ -0,0 +1,36 @@ +name: Renovate +on: + # The "*" (#42, asterisk) character has special semantics in YAML, so this + # string has to be quoted. + schedule: + - cron: '0 * * * *' + # Manual trigger is also possible + workflow_dispatch: {} + +permissions: + contents: read + +jobs: + renovate: + runs-on: ubuntu-latest + steps: + - name: Get token + uses: actions/create-github-app-token@f4c6bf6752984b3a29fcc135a5e70eb792c40c6b # v1.8.0 + id: get_token + with: + app-id: ${{ vars.RENOVATE_APP_ID }} + private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} + + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Self-hosted Renovate + uses: renovatebot/github-action@2d90417499f45ff78a09586f7b9874b19817dba3 # v40.1.0 + with: + configurationFile: .github/configs/renovate-config.js + # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate + renovate-version: 37.192.1 + token: '${{ steps.get_token.outputs.token }}' + env: + LOG_LEVEL: 'debug' + RENOVATE_REPOSITORIES: '${{ github.repository }}' diff --git a/renovate.json b/renovate.json index 12c7f3ea..cb8bacc8 100644 --- a/renovate.json +++ b/renovate.json @@ -4,7 +4,7 @@ "fileMatch": ["\\.yaml$", "\\.yml$"] }, "extends": [ - "config:base", + "config:recommended", "docker:enableMajor" ], "labels": ["renovate"], @@ -13,10 +13,12 @@ "**/charts/argo-cd/Chart.yaml", "**/charts/argo-events/Chart.yaml", "**/charts/argo-rollouts/Chart.yaml", - "**/charts/argocd-image-updater/Chart.yaml" + "**/charts/argocd-image-updater/Chart.yaml", + "**/.github/workflows/renovate.yaml" ], - "regexManagers": [ + "customManagers": [ { + "customType": "regex", "fileMatch": ["charts/argo-workflows/Chart.yaml$"], "matchStrings": [ "\\sappVersion: (?.*)\\s" @@ -26,6 +28,7 @@ "datasourceTemplate": "github-releases" }, { + "customType": "regex", "fileMatch": ["charts/argo-cd/Chart.yaml$"], "matchStrings": [ "\\sappVersion: (?.*)\\s" @@ -35,6 +38,7 @@ "datasourceTemplate": "github-releases" }, { + "customType": "regex", "fileMatch": ["charts/argo-events/Chart.yaml$"], "matchStrings": [ "\\sappVersion: (?.*)\\s" @@ -44,6 +48,7 @@ "datasourceTemplate": "github-releases" }, { + "customType": "regex", "fileMatch": ["charts/argo-rollouts/Chart.yaml$"], "matchStrings": [ "\\sappVersion: (?.*)\\s" @@ -53,6 +58,7 @@ "datasourceTemplate": "github-releases" }, { + "customType": "regex", "fileMatch": ["charts/argocd-image-updater/Chart.yaml$"], "matchStrings": [ "\\sappVersion: (?.*)\\s" @@ -60,28 +66,34 @@ "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", "depNameTemplate": "argoproj-labs/argocd-image-updater", "datasourceTemplate": "github-releases" + }, + { + "customType": "regex", + "fileMatch": ["^\\.github/workflows/[^/]+\\.ya?ml$"], + "matchStrings": [ + "# renovate: datasource=(?.*?) depName=(?.*?)\\s+.+version: (?.*)" + ] } ], "packageRules": [ { - "matchPackagePatterns": ["argoproj/argo-workflows"], - "commitMessagePrefix": "chore(argo-workflows):" - }, - { - "matchPackagePatterns": ["argoproj/argo-cd"], - "commitMessagePrefix": "chore(argo-cd):" - }, - { - "matchPackagePatterns": ["argoproj/argo-events"], - "commitMessagePrefix": "chore(argo-events):" - }, - { - "matchPackagePatterns": ["argoproj/argo-rollouts"], - "commitMessagePrefix": "chore(argo-rollouts):" + "matchPackagePatterns": [ + "argoproj/argo-workflows", + "argoproj/argo-cd", + "argoproj/argo-events", + "argoproj/argo-rollouts" + ], + "commitMessagePrefix": "chore({{{replace 'argoproj/' '' depName}}}):", + "postUpgradeTasks": { + "commands": ["./scripts/renovate-bump-version.sh {{depName}}"] + } }, { "matchPackagePatterns": ["argoproj-labs/argocd-image-updater"], - "commitMessagePrefix": "chore(argocd-image-updater):" + "commitMessagePrefix": "chore({{{replace 'argoproj-labs/' '' depName}}}):", + "postUpgradeTasks": { + "commands": ["./scripts/renovate-bump-version.sh {{depName}}"] + } }, { "matchPackagePatterns": ["redis-ha"], diff --git a/scripts/renovate-bump-version.sh b/scripts/renovate-bump-version.sh new file mode 100755 index 00000000..1ec6e125 --- /dev/null +++ b/scripts/renovate-bump-version.sh @@ -0,0 +1,31 @@ +#!/bin/bash +depName="${1}" +if [ -z "${depName}" ]; then + echo "Missing argument 'depName'" >&2 + echo "Example usage: $0 argoproj/argo-cd" >&2 + exit 1 +fi + +chartName=$(echo "$depName" | sed -e "s+^argoproj/++" -e "s+^argoproj-labs/++") +echo "Changed chart name is: $chartName" +echo "----------------------------------------" + +parentDir="charts/${chartName}" + +# Bump the chart version by one patch version +version=$(grep '^version:' "${parentDir}/Chart.yaml" | awk '{print $2}') +major=$(echo "${version}" | cut -d. -f1) +minor=$(echo "${version}" | cut -d. -f2) +patch=$(echo "${version}" | cut -d. -f3) +patch=$((patch + 1)) +sed -i "s/^version:.*/version: ${major}.${minor}.${patch}/g" "${parentDir}/Chart.yaml" + +# Add a changelog entry +appVersion=$(grep '^appVersion:' "${parentDir}/Chart.yaml" | awk '{print $2}') +sed -i -e '/^ artifacthub.io\/changes: |/,$ d' "${parentDir}/Chart.yaml" +{ + echo " artifacthub.io/changes: |" + echo " - kind: changed" + echo " description: Bump ${chartName} to ${appVersion}" +} >> "${parentDir}/Chart.yaml" +cat "${parentDir}/Chart.yaml" From d684a9f4e8a88329962d7be176d9574c5205d9bd Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 29 Feb 2024 19:57:22 +0100 Subject: [PATCH 0920/1248] chore(deps): update renovatebot/github-action action to v40.1.2 (#2558) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 4f938beb..22932e35 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -25,7 +25,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Self-hosted Renovate - uses: renovatebot/github-action@2d90417499f45ff78a09586f7b9874b19817dba3 # v40.1.0 + uses: renovatebot/github-action@a6e57359b32af9a54d5b3b6603011f50629a0a05 # v40.1.2 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 31de7d359455bb752618b5c952ec497c26c534f8 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 29 Feb 2024 20:00:49 +0100 Subject: [PATCH 0921/1248] chore(deps): update actions/create-github-app-token action to v1.8.1 (#2557) Co-authored-by: renovate[bot] Co-authored-by: Marco Maurer (-Kilchhofer) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 22932e35..87a6f906 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@f4c6bf6752984b3a29fcc135a5e70eb792c40c6b # v1.8.0 + uses: actions/create-github-app-token@e8e39f73bb84fdf315a015fa3104f314c0a258b4 # v1.8.1 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 74fbd561b74f7b290531ace2ac8b90e225d5a2a6 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Feb 2024 20:45:29 +0100 Subject: [PATCH 0922/1248] feat(argo-cd): Add templating of ingress extra paths and rules (#2530) Signed-off-by: Petr Drastil Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-cd/Chart.yaml | 6 +-- .../argocd-applicationset/ingress.yaml | 4 +- .../templates/argocd-server/aws/ingress.yaml | 4 +- .../templates/argocd-server/gke/ingress.yaml | 4 +- .../templates/argocd-server/ingress-grpc.yaml | 4 +- .../templates/argocd-server/ingress.yaml | 4 +- charts/argo-cd/values.yaml | 44 +++++++++++-------- 7 files changed, 39 insertions(+), 31 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8e66db48..13ded9d9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.4.2 +version: 6.5.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Pass argocd-server's ALB health check + - kind: added + description: Support for templating ingress extraPaths and extraRules diff --git a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml index 88c45f62..fbaa862b 100644 --- a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml @@ -24,7 +24,7 @@ spec: http: paths: {{- with .Values.applicationSet.ingress.extraPaths }} - {{- toYaml . | nindent 10 }} + {{- tpl (toYaml .) $ | nindent 10 }} {{- end }} - path: {{ .Values.applicationSet.ingress.path }} pathType: {{ .Values.applicationSet.ingress.pathType }} @@ -46,7 +46,7 @@ spec: number: {{ $.Values.applicationSet.service.port }} {{- end }} {{- with .Values.applicationSet.ingress.extraRules }} - {{- toYaml . | nindent 4 }} + {{- tpl (toYaml .) $ | nindent 4 }} {{- end }} {{- if or .Values.applicationSet.ingress.tls .Values.applicationSet.ingress.extraTls }} tls: diff --git a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml index 2238acbc..ffe0b79b 100644 --- a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml @@ -26,7 +26,7 @@ spec: http: paths: {{- with .Values.server.ingress.extraPaths }} - {{- toYaml . | nindent 10 }} + {{- tpl (toYaml .) $ | nindent 10 }} {{- end }} - path: {{ .Values.server.ingress.path }} pathType: {{ $.Values.server.ingressGrpc.pathType }} @@ -55,7 +55,7 @@ spec: number: {{ $servicePort }} {{- end }} {{- with .Values.server.ingress.extraRules }} - {{- toYaml . | nindent 4 }} + {{- tpl (toYaml .) $ | nindent 4 }} {{- end }} {{- if or .Values.server.ingress.tls .Values.server.ingress.extraTls }} tls: diff --git a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml index c2644491..160308bd 100644 --- a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml @@ -31,7 +31,7 @@ spec: http: paths: {{- with .Values.server.ingress.extraPaths }} - {{- toYaml . | nindent 10 }} + {{- tpl (toYaml .) $ | nindent 10 }} {{- end }} - path: {{ .Values.server.ingress.path }} pathType: {{ .Values.server.ingress.pathType }} @@ -53,7 +53,7 @@ spec: number: {{ $servicePort }} {{- end }} {{- with .Values.server.ingress.extraRules }} - {{- toYaml . | nindent 4 }} + {{- tpl (toYaml .) $ | nindent 4 }} {{- end }} {{- if or .Values.server.ingress.tls .Values.server.ingress.extraTls }} tls: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 118fb2f9..73f447bf 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -25,7 +25,7 @@ spec: http: paths: {{- with .Values.server.ingressGrpc.extraPaths }} - {{- toYaml . | nindent 10 }} + {{- tpl (toYaml .) $ | nindent 10 }} {{- end }} - path: {{ .Values.server.ingressGrpc.path }} pathType: {{ .Values.server.ingressGrpc.pathType }} @@ -47,7 +47,7 @@ spec: number: {{ $.Values.server.service.servicePortHttps }} {{- end }} {{- with .Values.server.ingressGrpc.extraRules }} - {{- toYaml . | nindent 4 }} + {{- tpl (toYaml .) $ | nindent 4 }} {{- end }} {{- if or .Values.server.ingressGrpc.tls .Values.server.ingressGrpc.extraTls }} tls: diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 1739de4f..cfd0696d 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -26,7 +26,7 @@ spec: http: paths: {{- with .Values.server.ingress.extraPaths }} - {{- toYaml . | nindent 10 }} + {{- tpl (toYaml .) $ | nindent 10 }} {{- end }} - path: {{ .Values.server.ingress.path }} pathType: {{ $.Values.server.ingress.pathType }} @@ -48,7 +48,7 @@ spec: number: {{ $servicePort }} {{- end }} {{- with .Values.server.ingress.extraRules }} - {{- toYaml . | nindent 4 }} + {{- tpl (toYaml .) $ | nindent 4 }} {{- end }} {{- if or .Values.server.ingress.tls .Values.server.ingress.extraTls }} tls: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2bee3895..68581a3c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2038,6 +2038,7 @@ server: # -- Additional ingress paths # @default -- `[]` (See [values.yaml]) + ## Note: Supports use of custom Helm templates extraPaths: [] # - path: /* # pathType: Prefix @@ -2049,15 +2050,17 @@ server: # -- Additional ingress rules # @default -- `[]` (See [values.yaml]) + ## Note: Supports use of custom Helm templates extraRules: [] - # - host: example.example.com - # http: - # path: / + # - http: + # paths: + # - path: / + # pathType: Prefix # backend: # service: - # name: example-svc + # name: '{{ include "argo-cd.server.fullname" . }}' # port: - # name: http + # name: '{{ .Values.server.service.servicePortHttpsName }}' # -- Additional TLS configuration # @default -- `[]` (See [values.yaml]) @@ -2144,6 +2147,7 @@ server: # -- Additional ingress paths for dedicated [gRPC-ingress] # @default -- `[]` (See [values.yaml]) + ## Note: Supports use of custom Helm templates extraPaths: [] # - path: /* # pathType: Prefix @@ -2155,15 +2159,17 @@ server: # -- Additional ingress rules # @default -- `[]` (See [values.yaml]) + ## Note: Supports use of custom Helm templates extraRules: [] - # - host: example.example.com - # http: - # path: / + # - http: + # paths: + # - path: / + # pathType: Prefix # backend: # service: - # name: example-svc + # name: '{{ include "argo-cd.server.fullname" . }}' # port: - # name: http + # name: '{{ .Values.server.service.servicePortHttpName }}' # -- Additional TLS configuration for dedicated [gRPC-ingress] # @default -- `[]` (See [values.yaml]) @@ -2904,15 +2910,17 @@ applicationSet: # -- Additional ingress rules # @default -- `[]` (See [values.yaml]) + ## Note: Supports use of custom Helm templates extraRules: [] - # - host: example.example.com - # http: - # path: / - # backend: - # service: - # name: example-svc - # port: - # name: http + # - http: + # paths: + # - path: /api/webhook + # pathType: Prefix + # backend: + # service: + # name: '{{ include "argo-cd.applicationSet.fullname" . }}' + # port: + # name: '{{ .Values.applicationSet.service.portName }}' # -- Additional ingress TLS configuration # @default -- `[]` (See [values.yaml]) From ebd499140728a4a5718291fcfb738c02ee85112a Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 1 Mar 2024 09:02:40 +0900 Subject: [PATCH 0923/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.5 (#2561) Co-authored-by: renovate[bot] --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6110c4c1..4acf4e9d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.4 +appVersion: v3.5.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.11 +version: 0.40.12 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add caSecret in the artifactory.s3 configuration values. + - kind: changed + description: Bump argo-workflows to v3.5.5 From 09679ae4d3492c2a1466354c46e369076baa47ef Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 1 Mar 2024 09:11:05 +0900 Subject: [PATCH 0924/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v37.221.0 (#2560) Co-authored-by: renovate[bot] Co-authored-by: Aikawa --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 87a6f906..acd15404 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -29,7 +29,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 37.192.1 + renovate-version: 37.221.0 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From fba54d4597e93536b2fcb8faf76a66b3b03f5bec Mon Sep 17 00:00:00 2001 From: Braden Wright Date: Fri, 1 Mar 2024 01:41:23 -0700 Subject: [PATCH 0925/1248] feat(argocd-image-updater): Add ability to set .Values.namespaceOverride (#2562) Signed-off-by: Braden Wright --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 1 + charts/argocd-image-updater/templates/_helpers.tpl | 7 +++++++ .../templates/configmap-authscripts.yaml | 2 +- .../templates/configmap-sshconfig.yaml | 2 +- charts/argocd-image-updater/templates/configmap.yaml | 2 +- charts/argocd-image-updater/templates/deployment.yaml | 2 +- charts/argocd-image-updater/templates/metrics-service.yaml | 2 +- charts/argocd-image-updater/templates/rbac.yaml | 5 +++-- charts/argocd-image-updater/templates/secret.yaml | 2 +- charts/argocd-image-updater/templates/serviceaccount.yaml | 2 +- charts/argocd-image-updater/templates/servicemonitor.yaml | 4 ++-- charts/argocd-image-updater/values.yaml | 2 ++ 13 files changed, 24 insertions(+), 13 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 856e5621..43d69f51 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.4 +version: 0.9.5 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Allow defining additional labels to Service Account + description: Allow overriding of .Release.Namespace with .Values.namespaceOverride diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 955e4370..f094d77a 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -105,6 +105,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | | metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | nameOverride | string | `""` | Global name (argocd-image-updater.name in _helpers.tpl) override | +| namespaceOverride | string | `""` | Global namespace (argocd-image-updater.namespace in _helpers.tpl) override | | nodeSelector | object | `{}` | Kubernetes nodeSelector settings for the deployment | | podAnnotations | object | `{}` | Pod Annotations for the deployment | | podLabels | object | `{}` | Pod Labels for the deployment | diff --git a/charts/argocd-image-updater/templates/_helpers.tpl b/charts/argocd-image-updater/templates/_helpers.tpl index 934d894c..abfba11e 100644 --- a/charts/argocd-image-updater/templates/_helpers.tpl +++ b/charts/argocd-image-updater/templates/_helpers.tpl @@ -24,6 +24,13 @@ If release name contains chart name it will be used as a full name. {{- end }} {{- end }} +{{/* +Override .Release.Namespace +*/}} +{{- define "argocd-image-updater.namespace" -}} +{{- default .Release.Namespace .Values.namespaceOverride }} +{{- end }} + {{/* Create chart name and version as used by the chart label. */}} diff --git a/charts/argocd-image-updater/templates/configmap-authscripts.yaml b/charts/argocd-image-updater/templates/configmap-authscripts.yaml index 3659fbaf..fbb345e3 100644 --- a/charts/argocd-image-updater/templates/configmap-authscripts.yaml +++ b/charts/argocd-image-updater/templates/configmap-authscripts.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-authscripts - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} data: {{- toYaml .Values.authScripts.scripts | nindent 2}} {{- end }} diff --git a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml index 45554c0e..9233137c 100644 --- a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml +++ b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml @@ -4,7 +4,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-ssh-config - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} data: {{- with .Values.config.sshConfig }} {{- toYaml . | nindent 2 }} diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml index 75f69b13..57ef2197 100644 --- a/charts/argocd-image-updater/templates/configmap.yaml +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-config - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} data: {{- with .Values.config.applicationsAPIKind }} applications_api: {{ . }} diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 9cc71fe3..6a4f592c 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argocd-image-updater.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} spec: diff --git a/charts/argocd-image-updater/templates/metrics-service.yaml b/charts/argocd-image-updater/templates/metrics-service.yaml index 186abb41..8ca83b53 100644 --- a/charts/argocd-image-updater/templates/metrics-service.yaml +++ b/charts/argocd-image-updater/templates/metrics-service.yaml @@ -14,7 +14,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "argocd-image-updater.fullname" . }}-metrics - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} spec: ports: - name: metrics diff --git a/charts/argocd-image-updater/templates/rbac.yaml b/charts/argocd-image-updater/templates/rbac.yaml index c6316f42..685b0b89 100644 --- a/charts/argocd-image-updater/templates/rbac.yaml +++ b/charts/argocd-image-updater/templates/rbac.yaml @@ -6,7 +6,7 @@ metadata: labels: {{ include "argocd-image-updater.labels" . | nindent 4 }} name: {{ include "argocd-image-updater.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} rules: - apiGroups: - '' @@ -39,6 +39,7 @@ metadata: labels: {{ include "argocd-image-updater.labels" . | nindent 4 }} name: {{ include "argocd-image-updater.fullname" . }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -46,5 +47,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argocd-image-updater.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} {{- end }} diff --git a/charts/argocd-image-updater/templates/secret.yaml b/charts/argocd-image-updater/templates/secret.yaml index c4cb7781..08955095 100644 --- a/charts/argocd-image-updater/templates/secret.yaml +++ b/charts/argocd-image-updater/templates/secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-image-updater-secret - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} type: Opaque diff --git a/charts/argocd-image-updater/templates/serviceaccount.yaml b/charts/argocd-image-updater/templates/serviceaccount.yaml index 3e5d60f0..a676f6fb 100644 --- a/charts/argocd-image-updater/templates/serviceaccount.yaml +++ b/charts/argocd-image-updater/templates/serviceaccount.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argocd-image-updater.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} {{- with .Values.serviceAccount.labels }} diff --git a/charts/argocd-image-updater/templates/servicemonitor.yaml b/charts/argocd-image-updater/templates/servicemonitor.yaml index 969f1190..de9bcd52 100644 --- a/charts/argocd-image-updater/templates/servicemonitor.yaml +++ b/charts/argocd-image-updater/templates/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argocd-image-updater.fullname" . }}-metrics - namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} + namespace: {{ default (include "argocd-image-updater.namespace" .) .Values.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} {{- with .Values.metrics.serviceMonitor.selector }} @@ -29,7 +29,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ include "argocd-image-updater.namespace" . | quote }} selector: matchLabels: {{- include "argocd-image-updater.selectorLabels" . | nindent 6 }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 1b645fc7..fb5aad1a 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -17,6 +17,8 @@ imagePullSecrets: [] nameOverride: "" # -- Global fullname (argocd-image-updater.fullname in _helpers.tpl) override fullnameOverride: "" +# -- Global namespace (argocd-image-updater.namespace in _helpers.tpl) override +namespaceOverride: "" # -- Extra arguments for argocd-image-updater not defined in `config.argocd`. # If a flag contains both key and value, they need to be split to a new entry From d0cf368fcd955143536d0b0f1a0d01797e581823 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 1 Mar 2024 09:45:12 +0100 Subject: [PATCH 0926/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v37.221.1 (#2563) Co-authored-by: renovate[bot] Co-authored-by: Marco Maurer (-Kilchhofer) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index acd15404..94afae3f 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -29,7 +29,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 37.221.0 + renovate-version: 37.221.1 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From d0647e4a50932aa081dc69e3601b56647eb1b100 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 1 Mar 2024 11:08:44 +0000 Subject: [PATCH 0927/1248] chore(github): Disable some GH actions on forks (#2566) Signed-off-by: Tim Collins --- .github/workflows/publish.yml | 1 + .github/workflows/renovate.yaml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 7c0e768b..788bd8e0 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -12,6 +12,7 @@ permissions: jobs: publish: + if: github.repository == 'argoproj/argo-helm' permissions: contents: write # for helm/chart-releaser-action to push chart release and create a release packages: write # to push OCI chart package to GitHub Registry diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 94afae3f..b536061e 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -12,6 +12,7 @@ permissions: jobs: renovate: + if: github.repository == 'argoproj/argo-helm' runs-on: ubuntu-latest steps: - name: Get token From 29e341091c4ac4343bf9a76a2ce1fb9260a80587 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 1 Mar 2024 17:17:04 +0000 Subject: [PATCH 0928/1248] feat(argo-workflows): Disable leader election on single repl controllers (#2565) Signed-off-by: Tim Collins Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- .../controller/workflow-controller-deployment.yaml | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 4acf4e9d..b59241fa 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.12 +version: 0.40.13 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-workflows to v3.5.5 + - kind: added + description: Disable leader election if only 1 repl of the Workflow Controller diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 2cc8a903..4a4e9f64 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -89,6 +89,10 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.name + {{- if eq (int .Values.controller.replicas) 1 }} + - name: LEADER_ELECTION_DISABLE + value: "true" + {{- end }} {{- with .Values.controller.extraEnv }} {{- toYaml . | nindent 12 }} {{- end }} From 5c256cce1844f66be85db340b018d09d6b676dcf Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 1 Mar 2024 22:05:37 +0100 Subject: [PATCH 0929/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v37.222.0 (#2567) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index b536061e..b9ba882c 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 37.221.1 + renovate-version: 37.222.0 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From 075a8a634f257b356c98dd47da684d249b12a054 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Fri, 1 Mar 2024 22:48:29 +0100 Subject: [PATCH 0930/1248] chore(github): Update renovate image only monthly (#2568) --- renovate.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/renovate.json b/renovate.json index cb8bacc8..4e068215 100644 --- a/renovate.json +++ b/renovate.json @@ -98,6 +98,10 @@ { "matchPackagePatterns": ["redis-ha"], "enabled": false + }, + { + "matchPackageNames": ["ghcr.io/renovatebot/renovate"], + "extends": ["schedule:monthly"] } ] } From baa566bd6b00ca2641ecce57cc43cd91a7a4fe34 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 1 Mar 2024 22:26:54 +0000 Subject: [PATCH 0931/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.2 (#2570) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 13ded9d9..22f637bd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.1 +appVersion: v2.10.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.5.0 +version: 6.5.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support for templating ingress extraPaths and extraRules + - kind: changed + description: Bump argo-cd to v2.10.2 From f7a6060fce7ed0b1fa8cd2379c2bba8fba31c061 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 2 Mar 2024 09:29:24 +0900 Subject: [PATCH 0932/1248] chore(deps): update actions/create-github-app-token action to v1.9.0 (#2569) Co-authored-by: renovate[bot] Co-authored-by: Marco Maurer (-Kilchhofer) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index b9ba882c..488c65f2 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@e8e39f73bb84fdf315a015fa3104f314c0a258b4 # v1.8.1 + uses: actions/create-github-app-token@f2acddfb5195534d487896a656232b016a682f3c # v1.9.0 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From de462b7e809b06472a706f0c9d23ef2f5727ae35 Mon Sep 17 00:00:00 2001 From: mugi <62197019+mugioka@users.noreply.github.com> Date: Sat, 2 Mar 2024 20:20:12 +0900 Subject: [PATCH 0933/1248] feat(argo-cd): support ApplicationSet in any namespace. (#2402) * chore(argo-cd): support ApplicationSet in any namespace. Signed-off-by: mugioka * chore: apply feedback by maintainer. Signed-off-by: mugioka * fix: docs is not generated. Signed-off-by: mugioka --------- Signed-off-by: mugioka --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 1 + .../argocd-applicationset/clusterrole.yaml | 89 +++++++++++++++++++ .../clusterrolebinding.yaml | 17 ++++ charts/argo-cd/values.yaml | 3 +- 5 files changed, 111 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml create mode 100644 charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 22f637bd..680b5d04 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.5.1 +version: 6.6.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.10.2 + description: Support ApplicationSet in any namespace. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d1c95206..eab256f7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1302,6 +1302,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | +| applicationSet.allowAnyNamespace | bool | `false` | Enable ApplicationSet in any namespace feature | | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | | applicationSet.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) | diff --git a/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml b/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml new file mode 100644 index 00000000..6ac4c1e7 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml @@ -0,0 +1,89 @@ +{{- if .Values.applicationSet.allowAnyNamespace }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +rules: + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + - applicationsets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - applicationsets/status + verbs: + - get + - patch + - update + - apiGroups: + - argoproj.io + resources: + - appprojects + verbs: + - get + - apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - update + - delete + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - deployments + verbs: + - get + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml new file mode 100644 index 00000000..152b31f4 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if .Values.applicationSet.allowAnyNamespace }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "argo-cd.applicationSet.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "argo-cd.applicationSet.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 68581a3c..42b44183 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2928,7 +2928,8 @@ applicationSet: # - secretName: argocd-applicationset-tls # hosts: # - argocd-applicationset.example.com - + # -- Enable ApplicationSet in any namespace feature + allowAnyNamespace: false ## Notifications controller notifications: # -- Enable notifications controller From 1af4bf5f48c6d7de31600b60366649d71fb19e39 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 4 Mar 2024 04:12:41 +0900 Subject: [PATCH 0934/1248] feat(argo-workflows): Add ability to set .Values.namespaceOverride (#2564) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/_helpers.tpl | 8 ++++++++ .../templates/controller/artifact-repository-ref-cm.yaml | 2 +- .../controller/workflow-controller-cluster-roles.yaml | 2 +- .../controller/workflow-controller-config-map.yaml | 2 +- .../templates/controller/workflow-controller-crb.yaml | 6 +++--- .../controller/workflow-controller-deployment-pdb.yaml | 2 +- .../controller/workflow-controller-deployment.yaml | 2 +- .../templates/controller/workflow-controller-sa.yaml | 2 +- .../templates/controller/workflow-controller-service.yaml | 2 +- .../controller/workflow-controller-servicemonitor.yaml | 4 ++-- .../argo-workflows/templates/controller/workflow-rb.yaml | 2 +- .../templates/controller/workflow-role.yaml | 2 +- .../argo-workflows/templates/controller/workflow-sa.yaml | 2 +- .../templates/server/gke/backendconfig.yaml | 2 +- .../templates/server/gke/frontendconfig.yaml | 2 +- .../templates/server/gke/managedcertificate.yaml | 2 +- .../templates/server/server-cluster-roles.yaml | 2 +- charts/argo-workflows/templates/server/server-crb.yaml | 6 +++--- .../templates/server/server-deployment-hpa.yaml | 2 +- .../templates/server/server-deployment-pdb.yaml | 2 +- .../templates/server/server-deployment.yaml | 2 +- .../argo-workflows/templates/server/server-ingress.yaml | 2 +- charts/argo-workflows/templates/server/server-sa.yaml | 2 +- .../argo-workflows/templates/server/server-service.yaml | 2 +- charts/argo-workflows/values.yaml | 4 ++++ 27 files changed, 43 insertions(+), 30 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b59241fa..99b190bc 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.13 +version: 0.40.14 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Disable leader election if only 1 repl of the Workflow Controller + description: Support namespaceOverride diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 75ecb19a..785bf9f8 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -124,6 +124,7 @@ Fields to note: | images.tag | string | `""` | Common tag for Argo Workflows images. Defaults to `.Chart.AppVersion`. | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | nameOverride | string | `nil` | String to partially override "argo-workflows.fullname" template | +| namespaceOverride | string | `.Release.Namespace` | Override the namespace | | singleNamespace | bool | `false` | Restrict Argo to operate only in a single namespace (the namespace of the Helm release) by apply Roles and RoleBindings instead of the Cluster equivalents, and start workflow-controller with the --namespaced flag. Use it in clusters with strict access policy. | ### Workflow diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 0d170ec9..118f9a52 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -189,3 +189,11 @@ Return the appropriate apiVersion for GKE resources {{- print "cloud.google.com/v1beta1" -}} {{- end -}} {{- end -}} + +{{/* +Expand the namespace of the release. +Allows overriding it for multi-namespace deployments in combined charts. +*/}} +{{- define "argo-workflows.namespace" -}} +{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml index ce7cd55b..81c1d0a7 100644 --- a/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml +++ b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ $cm_name }} - namespace: {{ $.Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" $ | quote }} labels: {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $cm_name) | nindent 4 }} {{- with $cm_val.annotations }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index c2d2a771..1b01b117 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -8,7 +8,7 @@ kind: ClusterRole metadata: name: {{ template "argo-workflows.controller.fullname" . }} {{- if .Values.singleNamespace }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 0fefd01f..1997d9d3 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ template "argo-workflows.controller.config-map.name" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} data: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index 9fa7a7f6..69883f60 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -8,7 +8,7 @@ kind: ClusterRoleBinding metadata: name: {{ template "argo-workflows.controller.fullname" . }} {{- if .Values.singleNamespace }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} @@ -23,7 +23,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- @@ -40,6 +40,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml index ee38445f..bee7c199 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 4a4e9f64..b3db5f4e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "argo-workflows.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index c6a8bf66..fd1db89f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.serviceAccount.labels }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 1959eb2e..51362c4f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-workflows.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index 6643d634..df318fc2 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-workflows.controller.fullname" . }} - namespace: {{ default .Release.Namespace .Values.controller.serviceMonitor.namespace | quote }} + namespace: {{ default (include "argo-workflows.namespace" .) .Values.controller.serviceMonitor.namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.serviceMonitor.additionalLabels }} @@ -43,7 +43,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace | quote }} + - {{ include "argo-workflows.namespace" . | quote }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 6f9ba23d..4402a722 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 80309119..14265372 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.rbac.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 273487c4..c6fff691 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -1,5 +1,5 @@ {{- if .Values.workflow.serviceAccount.create -}} - {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace .Release.Namespace) | uniq) }} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} --- apiVersion: v1 kind: ServiceAccount diff --git a/charts/argo-workflows/templates/server/gke/backendconfig.yaml b/charts/argo-workflows/templates/server/gke/backendconfig.yaml index 4597db3d..0d439b62 100644 --- a/charts/argo-workflows/templates/server/gke/backendconfig.yaml +++ b/charts/argo-workflows/templates/server/gke/backendconfig.yaml @@ -3,7 +3,7 @@ apiVersion: {{ include "argo-workflows.apiVersions.cloudgoogle" . }} kind: BackendConfig metadata: name: {{ template "argo-workflows.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/server/gke/frontendconfig.yaml b/charts/argo-workflows/templates/server/gke/frontendconfig.yaml index 6b81c923..32cfc3a1 100644 --- a/charts/argo-workflows/templates/server/gke/frontendconfig.yaml +++ b/charts/argo-workflows/templates/server/gke/frontendconfig.yaml @@ -3,7 +3,7 @@ apiVersion: networking.gke.io/v1beta1 kind: FrontendConfig metadata: name: {{ template "argo-workflows.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/server/gke/managedcertificate.yaml b/charts/argo-workflows/templates/server/gke/managedcertificate.yaml index b77c3131..4d1f840e 100644 --- a/charts/argo-workflows/templates/server/gke/managedcertificate.yaml +++ b/charts/argo-workflows/templates/server/gke/managedcertificate.yaml @@ -3,7 +3,7 @@ apiVersion: networking.gke.io/v1 kind: ManagedCertificate metadata: name: {{ template "argo-workflows.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} spec: domains: {{- with .Values.server.GKEmanagedCertificate.domains }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 56d4dcaa..dbb5ff9f 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -8,7 +8,7 @@ kind: ClusterRole metadata: name: {{ template "argo-workflows.server.fullname" . }} {{- if .Values.singleNamespace }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index e8d6511d..4ffb9107 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -8,7 +8,7 @@ kind: ClusterRoleBinding metadata: name: {{ template "argo-workflows.server.fullname" . }} {{- if .Values.singleNamespace }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} @@ -23,7 +23,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} {{- if .Values.server.clusterWorkflowTemplates.enabled }} --- @@ -40,6 +40,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} {{- end -}} {{- end -}} diff --git a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml index 9194bbd9..142bc31b 100644 --- a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml @@ -3,7 +3,7 @@ apiVersion: {{ include "argo-workflows.apiVersion.autoscaling" . }} kind: HorizontalPodAutoscaler metadata: name: {{ template "argo-workflows.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml index 7ea6d465..47f8394d 100644 --- a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index b3aa3728..a4b8df7b 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "argo-workflows.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index 36209f5b..db69b012 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -14,7 +14,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-workflows.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- if .Values.server.ingress.labels }} diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml index 382d565e..d2c9c535 100644 --- a/charts/argo-workflows/templates/server/server-sa.yaml +++ b/charts/argo-workflows/templates/server/server-sa.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.serviceAccount.labels }} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index f7096a8d..7f81bd39 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-workflows.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index def967b1..0f2d6ca7 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -26,6 +26,10 @@ nameOverride: # -- String to fully override "argo-workflows.fullname" template fullnameOverride: +# -- Override the namespace +# @default -- `.Release.Namespace` +namespaceOverride: "" + # -- Labels to set on all resources commonLabels: {} From c4d79885816f09214287e39cc36bee06d1411278 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 4 Mar 2024 23:52:59 +0900 Subject: [PATCH 0935/1248] chore(deps): update renovatebot/github-action action to v40.1.3 (#2573) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 488c65f2..f159b705 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Self-hosted Renovate - uses: renovatebot/github-action@a6e57359b32af9a54d5b3b6603011f50629a0a05 # v40.1.2 + uses: renovatebot/github-action@78bdcb3bffa5e95e646183ca0a2ac2895abd6a20 # v40.1.3 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From fc620a3d51afb448fd3a14ed86a8949ed3e47af6 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 11 Mar 2024 17:26:10 +0900 Subject: [PATCH 0936/1248] chore(deps): update renovatebot/github-action action to v40.1.4 (#2579) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index f159b705..a61d4b9c 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Self-hosted Renovate - uses: renovatebot/github-action@78bdcb3bffa5e95e646183ca0a2ac2895abd6a20 # v40.1.3 + uses: renovatebot/github-action@c134f38c01867794a23c35e86660bd9609caf30c # v40.1.4 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From b9615e451cd1637c13d4b6881ce53cb4e95e24c7 Mon Sep 17 00:00:00 2001 From: Ran Rubin Date: Mon, 11 Mar 2024 20:26:07 +0200 Subject: [PATCH 0937/1248] feat(argo-cd): Support setting ArgoCD Notifications secret (#2577) * chore(deps): update renovatebot/github-action action to v40.1.3 (#2573) Co-authored-by: renovate[bot] Signed-off-by: ranrubin * feat(argo-cd): Support for existing Secret in ArgoCD Notifications, and ability to set its name. Signed-off-by: ranrubin * feat(argo-cd): Pass Secret name to Notification controller Signed-off-by: ranrubin * chore(deps): update renovatebot/github-action action to v40.1.4 (#2579) Co-authored-by: renovate[bot] Signed-off-by: ranrubin * feat(argo-cd): Remove redundant useExistingSecret, and assume existence of a secret Signed-off-by: ranrubin --------- Signed-off-by: ranrubin Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + .../argocd-configs/argocd-notifications-secret.yaml | 2 +- .../argo-cd/templates/argocd-notifications/clusterrole.yaml | 4 +--- .../argo-cd/templates/argocd-notifications/deployment.yaml | 1 + charts/argo-cd/templates/argocd-notifications/role.yaml | 2 +- charts/argo-cd/values.yaml | 4 ++++ 7 files changed, 12 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 680b5d04..f77df4c1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.6.0 +version: 6.7.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Support ApplicationSet in any namespace. + - kind: Added + description: Support for existing Secret for ArgoCD Notifications, and ability to set its name. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index eab256f7..d43a0fda 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1465,6 +1465,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | | notifications.secret.labels | object | `{}` | key:value pairs of labels to be added to the secret | +| notifications.secret.name | string | `"argocd-notifications-secret"` | notifications controller Secret name | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index 75027ed5..9c261c6a 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: argocd-notifications-secret + name: {{ .Values.notifications.secret.name }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml index 793bb5d3..edb957f3 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml @@ -38,14 +38,12 @@ rules: verbs: - get {{- end }} - {{- if .Values.notifications.secret.create }} - apiGroups: - "" resourceNames: - - argocd-notifications-secret + - {{ .Values.notifications.secret.name }} resources: - secrets verbs: - get - {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index f9b766f4..674639f4 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -66,6 +66,7 @@ spec: - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} - --namespace={{ .Release.Namespace }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --secret-name={{ .Values.notifications.secret.name }} {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/role.yaml b/charts/argo-cd/templates/argocd-notifications/role.yaml index 128c24f5..22eaa473 100644 --- a/charts/argo-cd/templates/argocd-notifications/role.yaml +++ b/charts/argo-cd/templates/argocd-notifications/role.yaml @@ -37,7 +37,7 @@ rules: - apiGroups: - "" resourceNames: - - argocd-notifications-secret + - {{ .Values.notifications.secret.name }} resources: - secrets verbs: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 42b44183..a281d019 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -3017,8 +3017,12 @@ notifications: secret: # -- Whether helm chart creates notifications controller secret + ## If true, will create a secret with the name below. Otherwise, will assume existence of a secret with that name. create: true + # -- notifications controller Secret name + name: "argocd-notifications-secret" + # -- key:value pairs of annotations to be added to the secret annotations: {} From 6a58945969d2711cb476901ce08fb1a998b9d888 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=B6ran=20P=C3=B6hner?= <10630407+groundhog2k@users.noreply.github.com> Date: Tue, 12 Mar 2024 00:08:20 +0100 Subject: [PATCH 0938/1248] fix(argo-cd): Fixed default tls hosts for grpc ingress endpoint (#2580) * Fixed default tls hosts for grpc ingress endpoint Signed-off-by: Goeran Poehner * Increased chart version Signed-off-by: Goeran Poehner * Added changelog entry Signed-off-by: Goeran Poehner * Updated changelog Signed-off-by: Goeran Poehner --------- Signed-off-by: Goeran Poehner Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f77df4c1..8a461c90 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.0 +version: 6.7.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: Added - description: Support for existing Secret for ArgoCD Notifications, and ability to set its name. + - kind: changed + description: Fixed a bug for TLS host value in GRPC ingress endpoint diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 73f447bf..2d15b9d7 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -53,7 +53,7 @@ spec: tls: {{- if .Values.server.ingressGrpc.tls }} - hosts: - - {{ $hostname }} + - {{ .Values.server.ingressGrpc.hostname | default $hostname }} secretName: argocd-server-grpc-tls {{- end }} {{- with .Values.server.ingressGrpc.extraTls }} From 1786f6e54488f90ff0e0df321d3775a302cc8f7e Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 12 Mar 2024 07:26:50 -0500 Subject: [PATCH 0939/1248] chore(deps): update actions/checkout action to v4.1.2 (#2582) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index a61d4b9c..f3cd30ae 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -23,7 +23,7 @@ jobs: private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Self-hosted Renovate uses: renovatebot/github-action@c134f38c01867794a23c35e86660bd9609caf30c # v40.1.4 From b4e645c75fa5b3c843fb7b76dcfbe78dd70b6ab9 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 13 Mar 2024 20:45:56 +0000 Subject: [PATCH 0940/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.3 (#2583) --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8a461c90..d0155755 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.2 +appVersion: v2.10.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.1 +version: 6.7.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Fixed a bug for TLS host value in GRPC ingress endpoint + description: Bump argo-cd to v2.10.3 From 718589628b97194a586926df7893ccc851340eb0 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 14 Mar 2024 13:18:13 +0900 Subject: [PATCH 0941/1248] chore(deps): update renovatebot/github-action action to v40.1.5 (#2584) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index f3cd30ae..6e9edaa0 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@c134f38c01867794a23c35e86660bd9609caf30c # v40.1.4 + uses: renovatebot/github-action@89bd050bafa5a15de5d9383e3129edf210422004 # v40.1.5 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From a148991ff83c0a3b36aeef2fbd69da873f8c0c7a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 Mar 2024 07:32:19 -0500 Subject: [PATCH 0942/1248] chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 (#2587) --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index faf003de..895cbe52 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 788bd8e0..fb1de5ea 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3ccb86fe..971961e7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: persist-credentials: false From e7ad44173de7c56f86a73966ca61608aaf2f692b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 Mar 2024 07:37:38 -0500 Subject: [PATCH 0943/1248] chore(deps): bump docker/login-action from 3.0.0 to 3.1.0 (#2586) --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index fb1de5ea..3a3b41d6 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -66,7 +66,7 @@ jobs: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: Login to GHCR - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 with: registry: ghcr.io username: ${{ github.actor }} From 85de0a16e70df7501ad6ea3d3922dbc1c602180e Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 18 Mar 2024 09:36:40 +0000 Subject: [PATCH 0944/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.4 (#2588) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d0155755..2cbf4bd0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.3 +appVersion: v2.10.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.2 +version: 6.7.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.10.3 + description: Bump argo-cd to v2.10.4 From e248b6b3166491e187f7cdf499b28fb9fbf70408 Mon Sep 17 00:00:00 2001 From: Abdullah Alaqeel Date: Thu, 21 Mar 2024 02:52:58 +0300 Subject: [PATCH 0945/1248] fix(argocd-image-updater): Properly quoting the config map values (and other fixes) (#2512) fix(argocd-image-updater): Properly quoting the config map values fix(argocd-image-updater): Only adding a data field to argocd-image-updater-ssh-config when there's data to be added fix(argocd-image-updater): Only include config.argocd if config.applicationsAPIKind is set to 'argocd' chore(argocd-image-updater): removing unneeded whitespace in Role and RoleBinding Signed-off-by: Abdullah Alaqeel --- charts/argocd-image-updater/Chart.yaml | 10 +++++-- .../templates/configmap-sshconfig.yaml | 4 +-- .../templates/configmap.yaml | 28 ++++++++++--------- .../argocd-image-updater/templates/rbac.yaml | 4 +-- charts/argocd-image-updater/values.yaml | 1 + 5 files changed, 27 insertions(+), 20 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 43d69f51..2e34fad6 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.5 +version: 0.9.6 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -18,5 +18,9 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Allow overriding of .Release.Namespace with .Values.namespaceOverride + - kind: fixed + description: Properly quoting the config map values + - kind: fixed + description: Only adding a data field to argocd-image-updater-ssh-config when there's data to be added + - kind: changed + description: Only include config.argocd if config.applicationsAPIKind is set to 'argocd' diff --git a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml index 9233137c..9fd83d92 100644 --- a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml +++ b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml @@ -5,7 +5,7 @@ metadata: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-ssh-config namespace: {{ include "argocd-image-updater.namespace" . | quote }} +{{- with .Values.config.sshConfig }} data: - {{- with .Values.config.sshConfig }} {{- toYaml . | nindent 2 }} - {{- end }} +{{- end }} diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml index 57ef2197..84eb6875 100644 --- a/charts/argocd-image-updater/templates/configmap.yaml +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -8,30 +8,32 @@ metadata: namespace: {{ include "argocd-image-updater.namespace" . | quote }} data: {{- with .Values.config.applicationsAPIKind }} - applications_api: {{ . }} + applications_api: {{ . | quote }} + {{- if eq . "argocd" }} + argocd.grpc_web: {{ $.Values.config.argocd.grpcWeb | quote }} + {{- with $.Values.config.argocd.serverAddress }} + argocd.server_addr: {{ . | quote }} {{- end }} - argocd.grpc_web: {{ .Values.config.argocd.grpcWeb | quote }} - {{- with .Values.config.argocd.serverAddress }} - argocd.server_addr: {{ . }} + argocd.insecure: {{ $.Values.config.argocd.insecure | quote }} + argocd.plaintext: {{ $.Values.config.argocd.plaintext | quote }} + {{- end -}} {{- end }} - argocd.insecure: {{ .Values.config.argocd.insecure | quote }} - argocd.plaintext: {{ .Values.config.argocd.plaintext | quote }} {{- with .Values.config.logLevel }} - log.level: {{ . }} + log.level: {{ . | quote }} {{- end }} {{- with .Values.config.gitCommitUser }} - git.user: {{ . }} + git.user: {{ . | quote }} {{- end }} {{- with .Values.config.gitCommitMail }} - git.email: {{ . }} + git.email: {{ . | quote }} {{- end }} {{- with .Values.config.gitCommitTemplate }} git.commit-message-template: | {{- nindent 4 . }} {{- end }} kube.events: {{ .Values.config.disableKubeEvents | quote }} + {{- with .Values.config.registries }} registries.conf: | - {{- with .Values.config.registries }} - registries: - {{- toYaml . | nindent 6 }} - {{- end }} + registries: + {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argocd-image-updater/templates/rbac.yaml b/charts/argocd-image-updater/templates/rbac.yaml index 685b0b89..50d75876 100644 --- a/charts/argocd-image-updater/templates/rbac.yaml +++ b/charts/argocd-image-updater/templates/rbac.yaml @@ -4,7 +4,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: - {{ include "argocd-image-updater.labels" . | nindent 4 }} + {{- include "argocd-image-updater.labels" . | nindent 4 }} name: {{ include "argocd-image-updater.fullname" . }} namespace: {{ include "argocd-image-updater.namespace" . | quote }} rules: @@ -37,7 +37,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: - {{ include "argocd-image-updater.labels" . | nindent 4 }} + {{- include "argocd-image-updater.labels" . | nindent 4 }} name: {{ include "argocd-image-updater.fullname" . }} namespace: {{ include "argocd-image-updater.namespace" . | quote }} roleRef: diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index fb5aad1a..7cbbe05b 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -101,6 +101,7 @@ config: applicationsAPIKind: "" # Described in detail here https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags + # Note: this is only relevant if config.applicationsAPIKind == 'argocd' argocd: # -- Use the gRPC-web protocol to connect to the Argo CD API grpcWeb: true From 8a4c87529520a05a2026bc7ae1bfc743cace8d89 Mon Sep 17 00:00:00 2001 From: amcamina Date: Fri, 22 Mar 2024 17:09:43 +0100 Subject: [PATCH 0946/1248] feat(argo-rollouts): Allow customizing additional RBAC rules for other providers (#2556) * Allow customizing additional RBAC rules for other providers Signed-off-by: Alvaro.Camina * Changing additionalRules from dict to list Signed-off-by: Alvaro.Camina * Changing additionalRules from dict to list and addressing comment Signed-off-by: Alvaro.Camina * Runing `./scripts/helm-docs.sh` to update the README Signed-off-by: Alvaro.Camina --------- Signed-off-by: Alvaro.Camina Co-authored-by: Alvaro.Camina Co-authored-by: Aikawa Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 1 + .../templates/controller/clusterrole.yaml | 21 +++++++++++-------- charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 18 insertions(+), 12 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 2db0614d..5d6ccc7d 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.6 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.34.3 +version: 2.34.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-rollouts to v1.6.6 + - kind: added + description: Allow customizing additional RBAC rules for other providers diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 3627de83..adf27530 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -60,6 +60,7 @@ For full list of changes please check ArtifactHub [changelog]. | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret | | notifications.templates | object | `{}` | Notification templates | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | +| providerRBAC.additionalRules | list | `[]` | Additional RBAC rules for others providers | | providerRBAC.enabled | bool | `true` | Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole | | providerRBAC.providers.ambassador | bool | `true` | Adds RBAC rules for the Ambassador provider | | providerRBAC.providers.apisix | bool | `true` | Adds RBAC rules for the Apisix provider | diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 35fd8215..a60070b3 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -258,23 +258,26 @@ rules: {{- if .Values.providerRBAC.providers.contour }} # Access needed when using the Contour provider - apiGroups: - - projectcontour.io + - projectcontour.io resources: - - httpproxies + - httpproxies verbs: - - get - - list - - watch - - update + - get + - list + - watch + - update {{- end }} {{- if .Values.providerRBAC.providers.glooPlatform }} # Access needed when using the Gloo Platform provider - apiGroups: - - networking.gloo.solo.io + - networking.gloo.solo.io resources: - - routetables + - routetables verbs: - - '*' + - '*' +{{- end }} +{{- with .Values.providerRBAC.additionalRules }} +{{ toYaml . }} {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 19ab340e..1a4a9ede 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -273,6 +273,8 @@ providerRBAC: contour: true # -- Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md` glooPlatform: true + # -- Additional RBAC rules for others providers + additionalRules: [] dashboard: # -- Deploy dashboard server From 393402cb1b914a5eced42c0c0256c49b0796a5b5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 23 Mar 2024 20:06:54 +0900 Subject: [PATCH 0947/1248] feat(argo-events): Support ability to set .Values.namespaceOverride (#2594) * feat(argo-events): Support ability to set .Values.namespaceOverride Signed-off-by: yu-croco * fix(argo-events): update README Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/README.md | 1 + charts/argo-events/templates/_helpers.tpl | 8 ++++++++ .../templates/argo-events-controller/config.yaml | 2 +- .../templates/argo-events-controller/deployment.yaml | 2 +- .../argo-events/templates/argo-events-controller/pdb.yaml | 2 +- .../templates/argo-events-controller/rbac.yaml | 4 ++-- .../templates/argo-events-controller/service.yaml | 2 +- .../templates/argo-events-controller/serviceaccount.yaml | 2 +- .../templates/argo-events-controller/servicemonitor.yaml | 4 ++-- .../templates/argo-events-webhook/clusterrolebinding.yaml | 2 +- .../templates/argo-events-webhook/deployment.yaml | 2 +- charts/argo-events/templates/argo-events-webhook/pdb.yaml | 2 +- .../templates/argo-events-webhook/service.yaml | 2 +- .../templates/argo-events-webhook/serviceaccount.yaml | 2 +- charts/argo-events/values.yaml | 3 +++ 16 files changed, 29 insertions(+), 17 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 99f3b601..aed0dfdc 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.9.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.3 +version: 2.4.4 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-events to v1.9.1 + - kind: added + description: Support ability to set .Values.namespaceOverride diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 0abf2c31..c9cd5083 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -87,6 +87,7 @@ done | global.podLabels | object | `{}` | Labels for the all deployed pods | | global.securityContext | object | `{}` | Toggle and define securityContext. See [values.yaml] | | nameOverride | string | `"argo-events"` | Provide a name in place of `argo-events` | +| namespaceOverride | string | `.Release.Namespace` | Override the namespace | | openshift | bool | `false` | Deploy on OpenShift | ### Controller diff --git a/charts/argo-events/templates/_helpers.tpl b/charts/argo-events/templates/_helpers.tpl index d18f2ca9..93069ca3 100644 --- a/charts/argo-events/templates/_helpers.tpl +++ b/charts/argo-events/templates/_helpers.tpl @@ -136,3 +136,11 @@ Define Pdb apiVersion {{- printf "policy/v1beta1" -}} {{- end }} {{- end }} + +{{/* +Expand the namespace of the release. +Allows overriding it for multi-namespace deployments in combined charts. +*/}} +{{- define "argo-events.namespace" -}} +{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}} +{{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml index b3293385..119c10f5 100644 --- a/charts/argo-events/templates/argo-events-controller/config.yaml +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "argo-events.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} labels: {{- include "argo-events.labels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} data: diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index a3614c73..75d0cdb2 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-events.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }} diff --git a/charts/argo-events/templates/argo-events-controller/pdb.yaml b/charts/argo-events/templates/argo-events-controller/pdb.yaml index 0451ecd7..269e2de4 100644 --- a/charts/argo-events/templates/argo-events-controller/pdb.yaml +++ b/charts/argo-events/templates/argo-events-controller/pdb.yaml @@ -3,7 +3,7 @@ apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-events/templates/argo-events-controller/rbac.yaml b/charts/argo-events/templates/argo-events-controller/rbac.yaml index aa9c7c2b..69a0adcb 100644 --- a/charts/argo-events/templates/argo-events-controller/rbac.yaml +++ b/charts/argo-events/templates/argo-events-controller/rbac.yaml @@ -4,7 +4,7 @@ kind: {{ .Values.controller.rbac.namespaced | ternary "Role" "ClusterRole" }} metadata: name: {{ include "argo-events.controller.fullname" . }} {{- if .Values.controller.rbac.namespaced }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} {{- end }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} @@ -122,5 +122,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-events.controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} {{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/service.yaml b/charts/argo-events/templates/argo-events-controller/service.yaml index fe36320b..55fe9361 100644 --- a/charts/argo-events/templates/argo-events-controller/service.yaml +++ b/charts/argo-events/templates/argo-events-controller/service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-events.controller.fullname" . }}-metrics - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} {{- with .Values.controller.metrics.service.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml index 3b8a9c81..bd697989 100644 --- a/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml +++ b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-events.controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} {{- with .Values.controller.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml index 55cda1d4..371794ee 100644 --- a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml +++ b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-events.controller.fullname" . }} - namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} + namespace: {{ default (include "argo-events.namespace" .) .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.metrics.serviceMonitor.selector }} @@ -29,7 +29,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace | quote }} + - {{ include "argo-events.namespace" . | quote }} selector: matchLabels: {{- include "argo-events.selectorLabels" (dict "context" . "component" .Values.controller.name "name" (printf "%s-metrics" .Values.controller.name)) | nindent 6 }} diff --git a/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml index 89226483..c701c8d7 100644 --- a/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml +++ b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml @@ -12,5 +12,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-events.webhook.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} {{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index 0445484e..0b995ba2 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: events-webhook - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }} diff --git a/charts/argo-events/templates/argo-events-webhook/pdb.yaml b/charts/argo-events/templates/argo-events-webhook/pdb.yaml index a3daa745..26ee675d 100644 --- a/charts/argo-events/templates/argo-events-webhook/pdb.yaml +++ b/charts/argo-events/templates/argo-events-webhook/pdb.yaml @@ -3,7 +3,7 @@ apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.webhook.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} {{- with .Values.webhook.pdb.labels }} diff --git a/charts/argo-events/templates/argo-events-webhook/service.yaml b/charts/argo-events/templates/argo-events-webhook/service.yaml index 15563d0e..e1f2b2ee 100644 --- a/charts/argo-events/templates/argo-events-webhook/service.yaml +++ b/charts/argo-events/templates/argo-events-webhook/service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: events-webhook - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} labels: {{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }} spec: diff --git a/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml index e3e2ac5b..0efad0c2 100644 --- a/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml +++ b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.webhook.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-events.webhook.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-events.namespace" . | quote }} {{- with .Values.webhook.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index faba6939..b959e6cd 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -6,6 +6,9 @@ nameOverride: argo-events # -- String to fully override "argo-events.fullname" template fullnameOverride: "" +# -- Override the namespace +# @default -- `.Release.Namespace` +namespaceOverride: "" # -- Deploy on OpenShift openshift: false From 237493a4ab1478a0c33cb1253767f65ce4ec007c Mon Sep 17 00:00:00 2001 From: irizzant Date: Sat, 23 Mar 2024 16:38:56 +0100 Subject: [PATCH 0948/1248] feat(argocd-apps)!: use maps instead of lists (#2538) * feat(argocd-apps)!: use maps instead of lists Signed-off-by: irizzant * fix(chart): add artifacthub annotations Signed-off-by: irizzant * fix: remove not needed lines Signed-off-by: irizzant * fix: use the right range function Signed-off-by: irizzant * fix(argocd-apps): fix issues Signed-off-by: irizzant * fix: fix newline issue in values.yaml Signed-off-by: irizzant * fix: Use range function properly (revert complex changes on item-templates) Signed-off-by: Marco Maurer --------- Signed-off-by: irizzant Signed-off-by: Marco Maurer Co-authored-by: Jason Meridth Co-authored-by: Marco Maurer Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 4 +- charts/argocd-apps/README.md | 8 +- .../applications-multiple-sources-values.yaml | 50 +-- .../argocd-apps/ci/applications-values.yaml | 60 ++-- ...plicationsets-multiple-sources-values.yaml | 42 +-- ...licationsets-progressive-syncs-values.yaml | 76 ++-- .../ci/applicationsets-values.yaml | 172 ++++----- .../argocd-apps/templates/applications.yaml | 28 +- .../templates/applicationsets.yaml | 27 +- charts/argocd-apps/templates/extensions.yaml | 12 +- charts/argocd-apps/templates/projects.yaml | 38 +- charts/argocd-apps/values.yaml | 340 +++++++++--------- 12 files changed, 428 insertions(+), 429 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 0b550fb4..397e9db6 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.6.2 +version: 2.0.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Support Template Patch to ApplicationSet + description: make the chart use maps instead of lists diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index 2cc1541f..447df733 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -28,11 +28,11 @@ $ helm install my-release argo/argocd-apps | Key | Type | Default | Description | |-----|------|---------|-------------| -| applications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | -| applicationsets | list | `[]` (See [values.yaml]) | Deploy Argo CD ApplicationSets within this helm release | -| extensions | list | `[]` (See [values.yaml]) | DEPRECATED - Please refer [Deprecation Notice](https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice) for more info. | +| applications | object | `{}` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | +| applicationsets | object | `{}` (See [values.yaml]) | Deploy Argo CD ApplicationSets within this helm release | +| extensions | object | `{}` (See [values.yaml]) | DEPRECATED - Please refer [Deprecation Notice](https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice) for more info. | | itemTemplates | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications/ApplicationSets/Projects within this helm release | -| projects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | +| projects | object | `{}` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/charts/argocd-apps/ci/applications-multiple-sources-values.yaml b/charts/argocd-apps/ci/applications-multiple-sources-values.yaml index 4d21403b..f1023424 100644 --- a/charts/argocd-apps/ci/applications-multiple-sources-values.yaml +++ b/charts/argocd-apps/ci/applications-multiple-sources-values.yaml @@ -1,28 +1,28 @@ # Test with multi-source applications applications: -- name: argocd-application-multiple-sources - additionalLabels: {} - additionalAnnotations: {} - finalizers: - - resources-finalizer.argocd.argoproj.io - project: default - sources: - - chart: elasticsearch - repoURL: https://helm.elastic.co - targetRevision: 8.5.1 - - repoURL: https://github.com/argoproj/argocd-example-apps.git - path: guestbook - targetRevision: HEAD - destination: - server: https://kubernetes.default.svc - namespace: default - syncPolicy: - automated: - prune: false - selfHeal: false - ignoreDifferences: - - group: apps - kind: Deployment - jsonPointers: - - /spec/replicas + argocd-application-multiple-sources: + additionalLabels: {} + additionalAnnotations: {} + finalizers: + - resources-finalizer.argocd.argoproj.io + project: default + sources: + - chart: elasticsearch + repoURL: https://helm.elastic.co + targetRevision: 8.5.1 + - repoURL: https://github.com/argoproj/argocd-example-apps.git + path: guestbook + targetRevision: HEAD + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml index 28a627ff..4f742748 100644 --- a/charts/argocd-apps/ci/applications-values.yaml +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -1,33 +1,33 @@ # Test with applications applications: -- name: argocd-application - additionalLabels: {} - additionalAnnotations: {} - finalizers: - - resources-finalizer.argocd.argoproj.io - project: default - source: - repoURL: https://github.com/argoproj/argocd-example-apps.git - targetRevision: HEAD - path: guestbook - directory: - recurse: true - destination: - server: https://kubernetes.default.svc - namespace: default - syncPolicy: - automated: - prune: false - selfHeal: false - syncOptions: - - ApplyOutOfSyncOnly=true - revisionHistoryLimit: null - ignoreDifferences: - - group: apps - kind: Deployment - jsonPointers: - - /spec/replicas - info: - - name: url - value: https://argoproj.github.io/ + argocd-application: + additionalLabels: {} + additionalAnnotations: {} + finalizers: + - resources-finalizer.argocd.argoproj.io + project: default + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: guestbook + directory: + recurse: true + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + syncOptions: + - ApplyOutOfSyncOnly=true + revisionHistoryLimit: null + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas + info: + - name: url + value: https://argoproj.github.io/ diff --git a/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml b/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml index f1dd7cda..d8fe500c 100644 --- a/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml @@ -1,24 +1,24 @@ # Test with multi-source applicationsets applicationsets: -- name: applicationset-multiple-sources - generators: - - list: - elements: - - cluster: default-cluster - url: https://kubernetes.default.svc - template: - metadata: - name: '{{cluster}}-guestbook' - spec: - project: default - sources: - - chart: elasticsearch - repoURL: https://helm.elastic.co - targetRevision: 8.5.1 - - repoURL: https://github.com/argoproj/argocd-example-apps.git - path: guestbook - targetRevision: HEAD - destination: - server: '{{url}}' - namespace: default + applicationset-multiple-sources: + generators: + - list: + elements: + - cluster: default-cluster + url: https://kubernetes.default.svc + template: + metadata: + name: '{{cluster}}-guestbook' + spec: + project: default + sources: + - chart: elasticsearch + repoURL: https://helm.elastic.co + targetRevision: 8.5.1 + - repoURL: https://github.com/argoproj/argocd-example-apps.git + path: guestbook + targetRevision: HEAD + destination: + server: '{{url}}' + namespace: default diff --git a/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml b/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml index 2fa58978..a225e7c5 100644 --- a/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml @@ -1,41 +1,41 @@ # Test applicationsets with Progressive Syncs applicationsets: -- name: applicationset-progressive-syncs - generators: - - list: - elements: - - cluster: engineering-dev - url: https://1.2.3.4 - env: env-dev - - cluster: engineering-prod - url: https://9.8.7.6/ - env: env-prod - strategy: - type: RollingSync - rollingSync: - steps: - - matchExpressions: - - key: envLabel - operator: In - values: - - env-dev - - matchExpressions: - - key: envLabel - operator: In - values: - - env-prod - template: - metadata: - name: '{{.cluster}}-guestbook' - labels: - envLabel: '{{.env}}' - spec: - project: my-project - source: - repoURL: https://github.com/argoproj/argocd-example-apps.git - targetRevision: HEAD - path: guestbook/{{.cluster}} - destination: - server: '{{.url}}' - namespace: guestbook + applicationset-progressive-syncs: + generators: + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + env: env-dev + - cluster: engineering-prod + url: https://9.8.7.6/ + env: env-prod + strategy: + type: RollingSync + rollingSync: + steps: + - matchExpressions: + - key: envLabel + operator: In + values: + - env-dev + - matchExpressions: + - key: envLabel + operator: In + values: + - env-prod + template: + metadata: + name: '{{.cluster}}-guestbook' + labels: + envLabel: '{{.env}}' + spec: + project: my-project + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: guestbook/{{.cluster}} + destination: + server: '{{.url}}' + namespace: guestbook diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index 375367ca..ed84c5fb 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -1,90 +1,90 @@ # Test with applicationsets applicationsets: -- name: applicationset - additionalLabels: {} - additionalAnnotations: {} - # See PR #10026 (ArgoCD v2.5 or later) - # goTemplate: false - generators: - - git: - repoURL: https://github.com/argoproj/argocd-example-apps.git - revision: HEAD - directories: - - path: guestbook - - path: kustomize-* - # Ref https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Controlling-Resource-Modification/#allow-temporarily-toggling-auto-sync - ignoreApplicationDifferences: - - jsonPointers: - - /spec/syncPolicy - template: - metadata: - name: '{{path.basename}}' - labels: {} - annotations: {} - spec: - project: default - source: + applicationset: + additionalLabels: {} + additionalAnnotations: {} + # See PR #10026 (ArgoCD v2.5 or later) + # goTemplate: false + generators: + - git: repoURL: https://github.com/argoproj/argocd-example-apps.git - targetRevision: HEAD - path: '{{path}}' - destination: - server: https://kubernetes.default.svc - namespace: default - syncPolicy: - automated: - prune: false - selfHeal: false - ignoreDifferences: - - group: apps - kind: Deployment - jsonPointers: - - /spec/replicas - info: - - name: url - value: https://argoproj.github.io/ - syncPolicy: - # Set Application finalizer - preserveResourcesOnDeletion: false - templatePatch: | - spec: - source: - helm: - valueFiles: - {{- range $valueFile := .valueFiles }} - - {{ $valueFile }} - {{- end }} - {{- if .autoSync }} - syncPolicy: - automated: - prune: {{ .prune }} - {{- end }} -- name: applicationset-list-generator - generators: - - list: - elements: - - cluster: engineering-dev - url: https://kubernetes.default.svc - template: - metadata: {} - spec: - project: '{{cluster}}' - source: - targetRevision: HEAD - repoURL: https://github.com/argoproj/argo-cd.git - # New path value is generated here: - path: 'applicationset/examples/template-override/{{cluster}}-override' - destination: {} - template: - metadata: - name: '{{cluster}}-guestbook' - spec: - project: '{{cluster}}' - source: - repoURL: https://github.com/argoproj/argo-cd.git - targetRevision: HEAD - # This 'default' value is not used: it is is replaced by the generator's template path, above - path: applicationset/examples/template-override/default - destination: - server: '{{url}}' - namespace: guestbook + revision: HEAD + directories: + - path: guestbook + - path: kustomize-* + # Ref https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Controlling-Resource-Modification/#allow-temporarily-toggling-auto-sync + ignoreApplicationDifferences: + - jsonPointers: + - /spec/syncPolicy + template: + metadata: + name: '{{path.basename}}' + labels: {} + annotations: {} + spec: + project: default + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: '{{path}}' + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas + info: + - name: url + value: https://argoproj.github.io/ + syncPolicy: + # Set Application finalizer + preserveResourcesOnDeletion: false + templatePatch: | + spec: + source: + helm: + valueFiles: + {{- range $valueFile := .valueFiles }} + - {{ $valueFile }} + {{- end }} + {{- if .autoSync }} + syncPolicy: + automated: + prune: {{ .prune }} + {{- end }} + applicationset-list-generator: + generators: + - list: + elements: + - cluster: engineering-dev + url: https://kubernetes.default.svc + template: + metadata: {} + spec: + project: '{{cluster}}' + source: + targetRevision: HEAD + repoURL: https://github.com/argoproj/argo-cd.git + # New path value is generated here: + path: 'applicationset/examples/template-override/{{cluster}}-override' + destination: {} + template: + metadata: + name: '{{cluster}}-guestbook' + spec: + project: '{{cluster}}' + source: + repoURL: https://github.com/argoproj/argo-cd.git + targetRevision: HEAD + # This 'default' value is not used: it is is replaced by the generator's template path, above + path: applicationset/examples/template-override/default + destination: + server: '{{url}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index df0ea5eb..b26b6684 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -1,50 +1,50 @@ -{{- range .Values.applications }} +{{- range $appName, $appData:= .Values.applications }} --- apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - {{- with .additionalAnnotations }} + {{- with $appData.additionalAnnotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} - {{- with .additionalLabels }} + {{- with $appData.additionalLabels }} labels: {{- toYaml . | nindent 4 }} {{- end }} - name: {{ .name }} - {{- with .namespace }} + name: {{ $appName }} + {{- with $appData.namespace }} namespace: {{ . }} {{- end }} - {{- with .finalizers }} + {{- with $appData.finalizers }} finalizers: {{- toYaml . | nindent 4 }} {{- end }} spec: - project: {{ tpl .project $ }} - {{- with .source }} + project: {{ tpl $appData.project $ }} + {{- with $appData.source }} source: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .sources }} + {{- with $appData.sources }} sources: {{- toYaml . | nindent 4 }} {{- end }} destination: - {{- toYaml .destination | nindent 4 }} - {{- with .syncPolicy }} + {{- toYaml $appData.destination | nindent 4 }} + {{- with $appData.syncPolicy }} syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .revisionHistoryLimit }} + {{- with $appData.revisionHistoryLimit }} revisionHistoryLimit: {{ . }} {{- end }} - {{- with .ignoreDifferences }} + {{- with $appData.ignoreDifferences }} ignoreDifferences: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .info }} + {{- with $appData.info }} info: {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index 72c8f2e2..e8ae2134 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -1,44 +1,43 @@ - -{{- range .Values.applicationsets }} +{{- range $appSetName, $appSetData:= .Values.applicationsets }} --- apiVersion: argoproj.io/v1alpha1 kind: ApplicationSet metadata: - {{- with .additionalAnnotations }} + {{- with $appSetData.additionalAnnotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} - {{- with .additionalLabels }} + {{- with $appSetData.additionalLabels }} labels: {{- toYaml . | nindent 4 }} {{- end }} - name: {{ .name }} - {{- with .namespace }} + name: {{ $appSetName }} + {{- with $appSetData.namespace }} namespace: {{ . }} {{- end }} spec: - {{- if hasKey . "goTemplate" }} - goTemplate: {{ .goTemplate }} + {{- if hasKey $appSetData "goTemplate" }} + goTemplate: {{ $appSetData.goTemplate }} {{- end }} - {{- with .generators }} + {{- with $appSetData.generators }} generators: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .ignoreApplicationDifferences }} + {{- with $appSetData.ignoreApplicationDifferences }} ignoreApplicationDifferences: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .strategy }} + {{- with $appSetData.strategy }} strategy: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .syncPolicy }} + {{- with $appSetData.syncPolicy }} syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .template }} + {{- with $appSetData.template }} template: {{- with .metadata }} metadata: @@ -84,7 +83,7 @@ spec: {{- end }} {{- end -}} {{- end }} - {{- with .templatePatch }} + {{- with $appSetData.templatePatch }} templatePatch: | {{- . | nindent 4 }} {{- end }} diff --git a/charts/argocd-apps/templates/extensions.yaml b/charts/argocd-apps/templates/extensions.yaml index 1893c2a7..8a19e3a5 100644 --- a/charts/argocd-apps/templates/extensions.yaml +++ b/charts/argocd-apps/templates/extensions.yaml @@ -1,25 +1,25 @@ -{{- range .Values.extensions }} +{{- range $extensionName, $extensionData:= .Values.extensions }} --- apiVersion: argoproj.io/v1alpha1 kind: ArgoCDExtension metadata: - name: {{ .name }} - {{- with .namespace }} + name: {{ $extensionName }} + {{- with $extensionData.namespace }} namespace: {{ . }} {{- end }} finalizers: - extensions-finalizer.argocd.argoproj.io - {{- with .additionalLabels }} + {{- with $extensionData.additionalLabels }} labels: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .additionalAnnotations }} + {{- with $extensionData.additionalAnnotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- with .sources }} +{{- with $extensionData.sources }} spec: sources: {{- toYaml . | nindent 4 }} diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml index f4c273e8..34a865ea 100644 --- a/charts/argocd-apps/templates/projects.yaml +++ b/charts/argocd-apps/templates/projects.yaml @@ -1,72 +1,72 @@ -{{- range .Values.projects }} +{{- range $projectName, $projectData := .Values.projects }} --- apiVersion: argoproj.io/v1alpha1 kind: AppProject metadata: - {{- with .additionalAnnotations }} + {{- with $projectData.additionalAnnotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} - {{- with .additionalLabels }} + {{- with $projectData.additionalLabels }} labels: {{- toYaml . | nindent 4 }} {{- end }} - name: {{ .name }} - {{- with .namespace }} + name: {{ $projectName }} + {{- with $projectData.namespace }} namespace: {{ . }} {{- end }} - {{- with .finalizers }} + {{- with $projectData.finalizers }} finalizers: {{- toYaml . | nindent 4 }} {{- end }} spec: - {{- with .permitOnlyProjectScopedClusters }} + {{- with $projectData.permitOnlyProjectScopedClusters }} permitOnlyProjectScopedClusters: {{ . }} {{- end }} - description: {{ .description }} - {{- with .sourceRepos }} + description: {{ $projectData.description }} + {{- with $projectData.sourceRepos }} sourceRepos: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .destinations }} + {{- with $projectData.destinations }} destinations: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .clusterResourceWhitelist }} + {{- with $projectData.clusterResourceWhitelist }} clusterResourceWhitelist: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .clusterResourceBlacklist }} + {{- with $projectData.clusterResourceBlacklist }} clusterResourceBlacklist: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .namespaceResourceBlacklist }} + {{- with $projectData.namespaceResourceBlacklist }} namespaceResourceBlacklist: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .namespaceResourceWhitelist }} + {{- with $projectData.namespaceResourceWhitelist }} namespaceResourceWhitelist: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .orphanedResources }} + {{- with $projectData.orphanedResources }} orphanedResources: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .roles }} + {{- with $projectData.roles }} roles: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .syncWindows }} + {{- with $projectData.syncWindows }} syncWindows: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .signatureKeys }} + {{- with $projectData.signatureKeys }} signatureKeys: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .sourceNamespaces }} + {{- with $projectData.sourceNamespaces }} sourceNamespaces: {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 41ee1ef9..1fad3941 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -1,176 +1,176 @@ # -- Deploy Argo CD Applications within this helm release -# @default -- `[]` (See [values.yaml]) +# @default -- `{}` (See [values.yaml]) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ -applications: [] -# - name: guestbook -# namespace: argocd -# additionalLabels: {} -# additionalAnnotations: {} -# finalizers: -# - resources-finalizer.argocd.argoproj.io -# project: guestbook -# source: -# repoURL: https://github.com/argoproj/argocd-example-apps.git -# targetRevision: HEAD -# path: guestbook -# directory: -# recurse: true -# # ArgoCD v2.6 or later -# sources: +applications: {} +# guestbook: +# namespace: argocd +# additionalLabels: {} +# additionalAnnotations: {} +# finalizers: +# - resources-finalizer.argocd.argoproj.io +# project: guestbook +# source: +# repoURL: https://github.com/argoproj/argocd-example-apps.git +# targetRevision: HEAD +# path: guestbook +# directory: +# recurse: true +# # ArgoCD v2.6 or later +# sources: # - chart: elasticsearch # repoURL: https://helm.elastic.co # targetRevision: 8.5.1 # - repoURL: https://github.com/argoproj/argocd-example-apps.git # path: guestbook # targetRevision: HEAD -# destination: -# server: https://kubernetes.default.svc -# namespace: guestbook -# syncPolicy: -# automated: -# prune: false -# selfHeal: false -# syncOptions: -# - CreateNamespace=true -# revisionHistoryLimit: null -# ignoreDifferences: -# - group: apps -# kind: Deployment -# jsonPointers: -# - /spec/replicas -# info: -# - name: url -# value: https://argoproj.github.io/ +# destination: +# server: https://kubernetes.default.svc +# namespace: guestbook +# syncPolicy: +# automated: +# prune: false +# selfHeal: false +# syncOptions: +# - CreateNamespace=true +# revisionHistoryLimit: null +# ignoreDifferences: +# - group: apps +# kind: Deployment +# jsonPointers: +# - /spec/replicas +# info: +# - name: url +# value: https://argoproj.github.io/ # -- Deploy Argo CD Projects within this helm release -# @default -- `[]` (See [values.yaml]) +# @default -- `{}` (See [values.yaml]) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ -projects: [] -# - name: guestbook -# namespace: argocd -# additionalLabels: {} -# additionalAnnotations: {} -# permitOnlyProjectScopedClusters: false -# finalizers: -# - resources-finalizer.argocd.argoproj.io -# description: Example Project -# sourceRepos: -# - '*' -# destinations: -# - namespace: guestbook -# server: https://kubernetes.default.svc -# clusterResourceWhitelist: [] -# clusterResourceBlacklist: [] -# namespaceResourceBlacklist: -# - group: '' -# kind: ResourceQuota -# - group: '' -# kind: LimitRange -# - group: '' -# kind: NetworkPolicy -# orphanedResources: {} -# roles: [] -# namespaceResourceWhitelist: -# - group: 'apps' -# kind: Deployment -# - group: 'apps' -# kind: StatefulSet -# orphanedResources: {} -# roles: [] -# syncWindows: -# - kind: allow -# schedule: '10 1 * * *' -# duration: 1h -# applications: -# - '*-prod' -# manualSync: true -# signatureKeys: -# - keyID: ABCDEF1234567890 -# sourceNamespaces: -# - argocd +projects: {} +# guestbook: +# namespace: argocd +# additionalLabels: {} +# additionalAnnotations: {} +# permitOnlyProjectScopedClusters: false +# finalizers: +# - resources-finalizer.argocd.argoproj.io +# description: Example Project +# sourceRepos: +# - '*' +# destinations: +# - namespace: guestbook +# server: https://kubernetes.default.svc +# clusterResourceWhitelist: [] +# clusterResourceBlacklist: [] +# namespaceResourceBlacklist: +# - group: '' +# kind: ResourceQuota +# - group: '' +# kind: LimitRange +# - group: '' +# kind: NetworkPolicy +# orphanedResources: {} +# roles: [] +# namespaceResourceWhitelist: +# - group: 'apps' +# kind: Deployment +# - group: 'apps' +# kind: StatefulSet +# orphanedResources: {} +# roles: [] +# syncWindows: +# - kind: allow +# schedule: '10 1 * * *' +# duration: 1h +# applications: +# - '*-prod' +# manualSync: true +# signatureKeys: +# - keyID: ABCDEF1234567890 +# sourceNamespaces: +# - argocd # -- Deploy Argo CD ApplicationSets within this helm release -# @default -- `[]` (See [values.yaml]) +# @default -- `{}` (See [values.yaml]) ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/ -applicationsets: [] -# - name: guestbook -# namespace: argocd -# additionalLabels: {} -# additionalAnnotations: {} -# # See PR #10026 (ArgoCD v2.5 or later) -# # goTemplate: false -# generators: -# - git: -# repoURL: https://github.com/argoproj/argocd-example-apps.git -# revision: HEAD -# directories: -# - path: guestbook -# - path: kustomize-* -# # Ref https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Controlling-Resource-Modification/#allow-temporarily-toggling-auto-sync -# ignoreApplicationDifferences: -# - jsonPointers: -# - /spec/syncPolicy -# # Progressive Syncs is an experimental feature and it must be explicitly enabled -# # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Progressive-Syncs/#enabling-progressive-syncs -# strategy: -# type: RollingSync -# rollingSync: -# steps: -# - matchExpressions: -# - key: project -# operator: In -# values: -# - guestbook -# - matchExpressions: -# - key: project -# operator: In -# values: -# - kustomize-foo -# - kustomize-bar -# template: -# metadata: -# name: '{{path.basename}}' -# labels: -# project: '{{path.basename}}' -# annotations: {} -# spec: -# project: default -# source: -# repoURL: https://github.com/argoproj/argocd-example-apps.git -# targetRevision: HEAD -# path: '{{path}}' -# destination: -# server: https://kubernetes.default.svc -# namespace: default -# syncPolicy: -# automated: -# prune: false -# selfHeal: false -# ignoreDifferences: -# - group: apps -# kind: Deployment -# jsonPointers: -# - /spec/replicas -# info: -# - name: url -# value: https://argoproj.github.io/ -# syncPolicy: -# # Set Application finalizer -# preserveResourcesOnDeletion: false -# # Templating is only available on string type -# templatePatch: | -# spec: -# source: -# helm: -# valueFiles: -# {{- range $valueFile := .valueFiles }} -# - {{ $valueFile }} -# {{- end }} -# {{- if .autoSync }} -# syncPolicy: -# automated: -# prune: {{ .prune }} -# {{- end }} +applicationsets: {} +# guestbook: +# namespace: argocd +# additionalLabels: {} +# additionalAnnotations: {} +# # See PR #10026 (ArgoCD v2.5 or later) +# # goTemplate: false +# generators: +# - git: +# repoURL: https://github.com/argoproj/argocd-example-apps.git +# revision: HEAD +# directories: +# - path: guestbook +# - path: kustomize-* +# # Ref https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Controlling-Resource-Modification/#allow-temporarily-toggling-auto-sync +# ignoreApplicationDifferences: +# - jsonPointers: +# - /spec/syncPolicy +# # Progressive Syncs is an experimental feature and it must be explicitly enabled +# # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Progressive-Syncs/#enabling-progressive-syncs +# strategy: +# type: RollingSync +# rollingSync: +# steps: +# - matchExpressions: +# - key: project +# operator: In +# values: +# - guestbook +# - matchExpressions: +# - key: project +# operator: In +# values: +# - kustomize-foo +# - kustomize-bar +# template: +# metadata: +# name: '{{path.basename}}' +# labels: +# project: '{{path.basename}}' +# annotations: {} +# spec: +# project: default +# source: +# repoURL: https://github.com/argoproj/argocd-example-apps.git +# targetRevision: HEAD +# path: '{{path}}' +# destination: +# server: https://kubernetes.default.svc +# namespace: default +# syncPolicy: +# automated: +# prune: false +# selfHeal: false +# ignoreDifferences: +# - group: apps +# kind: Deployment +# jsonPointers: +# - /spec/replicas +# info: +# - name: url +# value: https://argoproj.github.io/ +# syncPolicy: +# # Set Application finalizer +# preserveResourcesOnDeletion: false +# # Templating is only available on string type +# templatePatch: | +# spec: +# source: +# helm: +# valueFiles: +# {{- range $valueFile := .valueFiles }} +# - {{ $valueFile }} +# {{- end }} +# {{- if .autoSync }} +# syncPolicy: +# automated: +# prune: {{ .prune }} +# {{- end }} # -- Deploy Argo CD Applications/ApplicationSets/Projects within this helm release # @default -- `[]` (See [values.yaml]) @@ -238,16 +238,16 @@ itemTemplates: [] # namespace: guestbook # -- DEPRECATED - Please refer [Deprecation Notice](https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice) for more info. -# @default -- `[]` (See [values.yaml]) +# @default -- `{}` (See [values.yaml]) ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary. ## Ref: https://github.com/argoproj-labs/argocd-extensions -extensions: [] - # - name: example - # namespace: argocd - # additionalLabels: {} - # additionalAnnotations: {} - # sources: - # - git: - # url: https://github.com/argoproj-labs/argocd-example-extension.git - # - web: - # url: https://github.com/argoproj-labs/argocd-example-extension/releases/download/v0.1.0/extension.tar +extensions: {} +# example: +# namespace: argocd +# additionalLabels: {} +# additionalAnnotations: {} +# sources: +# - git: +# url: https://github.com/argoproj-labs/argocd-example-extension.git +# - web: +# url: https://github.com/argoproj-labs/argocd-example-extension/releases/download/v0.1.0/extension.tar From 19b3d7271817910c51f0f5c6052b01735d4b301f Mon Sep 17 00:00:00 2001 From: Matthew Peterson <51802441+mpeters0n@users.noreply.github.com> Date: Sat, 23 Mar 2024 13:47:03 -0700 Subject: [PATCH 0949/1248] feat(argo-rollouts): Added Deployment labels to values.yaml (#2590) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/templates/controller/deployment.yaml | 3 +++ charts/argo-rollouts/templates/dashboard/deployment.yaml | 3 +++ charts/argo-rollouts/values.yaml | 6 ++++++ 5 files changed, 17 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 5d6ccc7d..740aba28 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.6 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.34.4 +version: 2.35.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Allow customizing additional RBAC rules for other providers + description: Added Deployment labels diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index adf27530..0bd3560a 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -50,6 +50,7 @@ For full list of changes please check ArtifactHub [changelog]. | extraObjects | list | `[]` | Additional manifests to deploy within the chart. A list of objects. | | fullnameOverride | string | `nil` | String to fully override "argo-rollouts.fullname" template | | global.deploymentAnnotations | object | `{}` | Annotations for all deployed Deployments | +| global.deploymentLabels | object | `{}` | Labels for all deployed Deployments | | imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Registry secret names as an array. | | installCRDs | bool | `true` | Install and upgrade CRDs | | keepCRDs | bool | `true` | Keep CRD's on helm uninstall | @@ -83,6 +84,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.containerPorts.metrics | int | `8090` | Metrics container port | | controller.createClusterRole | bool | `true` | flag to enable creation of cluster controller role (requires cluster RBAC) | | controller.deploymentAnnotations | object | `{}` | Annotations to be added to the controller deployment | +| controller.deploymentLabels | object | `{}` | Labels to be added to the controller deployment | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | | controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | | controller.extraEnv | list | `[]` | Additional environment variables for rollouts-controller. A list of name/value maps. | @@ -139,6 +141,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | | dashboard.createClusterRole | bool | `true` | flag to enable creation of dashbord cluster role (requires cluster RBAC) | | dashboard.deploymentAnnotations | object | `{}` | Annotations to be added to the dashboard deployment | +| dashboard.deploymentLabels | object | `{}` | Labels to be added to the dashboard deployment | | dashboard.enabled | bool | `false` | Deploy dashboard server | | dashboard.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-dashboard. A list of flags. | | dashboard.extraEnv | list | `[]` | Additional environment variables for rollouts-dashboard. A list of name/value maps. | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 9b8f456e..25301e22 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -10,6 +10,9 @@ metadata: name: {{ include "argo-rollouts.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: + {{- range $key, $value := (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.controller.deploymentLabels) }} + {{ $key }}: {{ $value | quote }} + {{- end }} app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} spec: diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index de7f525b..1c1d70c3 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -11,6 +11,9 @@ metadata: name: {{ include "argo-rollouts.fullname" . }}-dashboard namespace: {{ .Release.Namespace | quote }} labels: + {{- range $key, $value := (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.dashboard.deploymentLabels) }} + {{ $key }}: {{ $value | quote }} + {{- end }} app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} spec: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 1a4a9ede..9cc4042d 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -41,12 +41,16 @@ extraObjects: [] global: # -- Annotations for all deployed Deployments deploymentAnnotations: {} + # -- Labels for all deployed Deployments + deploymentLabels: {} controller: # -- Value of label `app.kubernetes.io/component` component: rollouts-controller # -- Annotations to be added to the controller deployment deploymentAnnotations: {} + # -- Labels to be added to the controller deployment + deploymentLabels: {} # -- Annotations to be added to application controller pods podAnnotations: {} # -- [Node selector] @@ -285,6 +289,8 @@ dashboard: component: rollouts-dashboard # -- Annotations to be added to the dashboard deployment deploymentAnnotations: {} + # -- Labels to be added to the dashboard deployment + deploymentLabels: {} # -- Annotations to be added to application dashboard pods podAnnotations: {} # -- [Node selector] From a28780fb195fb1488f65bc7af95dcd389266e60f Mon Sep 17 00:00:00 2001 From: Carlos M <1761056+cmontemuino@users.noreply.github.com> Date: Sun, 24 Mar 2024 21:26:55 +0100 Subject: [PATCH 0950/1248] feat(argo-workflows): check prometheus CRD for ServiceMonitor (#2430) * chore: Apply changes from code review Signed-off-by: Marco Maurer --------- Signed-off-by: cmontemuino <1761056+cmontemuino@users.noreply.github.com> Signed-off-by: Marco Maurer Co-authored-by: Jason Meridth Co-authored-by: Marco Maurer --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/_helpers.tpl | 11 +++++++++++ .../workflow-controller-servicemonitor.yaml | 5 +++-- charts/argo-workflows/values.yaml | 2 ++ 5 files changed, 19 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 99b190bc..6223ffc6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.14 +version: 0.41.0 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Support namespaceOverride + description: Check Prometheus CRDs are available before creating Service Monitor resource(s) diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 785bf9f8..3a387546 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -111,6 +111,7 @@ Fields to note: |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | +| apiVersionOverrides.monitoring | string | `""` | String to override apiVersion of monitoring CRDs (ServiceMonitor) rendered by this helm chart | | commonLabels | object | `{}` | Labels to set on all resources | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 118f9a52..f46af22f 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -190,6 +190,17 @@ Return the appropriate apiVersion for GKE resources {{- end -}} {{- end -}} +{{/* +Return the appropriate apiVersion for monitoring CRDs +*/}} +{{- define "argo-workflows.apiVersions.monitoring" -}} +{{- if .Values.apiVersionOverrides.monitoring -}} +{{- print .Values.apiVersionOverrides.monitoring -}} +{{- else -}} +{{- print "monitoring.coreos.com/v1" -}} +{{- end -}} +{{- end -}} + {{/* Expand the namespace of the release. Allows overriding it for multi-namespace deployments in combined charts. diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index df318fc2..1695f96d 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -1,5 +1,6 @@ -{{- if and (or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled) .Values.controller.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 +{{- $apiVersion := include "argo-workflows.apiVersions.monitoring" . }} +{{- if and (.Capabilities.APIVersions.Has $apiVersion) (or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled) .Values.controller.serviceMonitor.enabled }} +apiVersion: {{ $apiVersion }} kind: ServiceMonitor metadata: name: {{ template "argo-workflows.controller.fullname" . }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 0f2d6ca7..3c361c9c 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -42,6 +42,8 @@ apiVersionOverrides: autoscaling: "" # autoscaling/v2 # -- String to override apiVersion of GKE resources rendered by this helm chart cloudgoogle: "" # cloud.google.com/v1 + # -- String to override apiVersion of monitoring CRDs (ServiceMonitor) rendered by this helm chart + monitoring: "" # monitoring.coreos.com/v1 # -- Restrict Argo to operate only in a single namespace (the namespace of the # Helm release) by apply Roles and RoleBindings instead of the Cluster From 3e8653a7651678dadb951892d69fc49399cffd23 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 25 Mar 2024 15:26:28 +0900 Subject: [PATCH 0951/1248] chore(deps): update renovatebot/github-action action to v40.1.6 (#2602) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 6e9edaa0..6f180fc5 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@89bd050bafa5a15de5d9383e3129edf210422004 # v40.1.5 + uses: renovatebot/github-action@23b01dbf6f38965076a36aff87f802263164f204 # v40.1.6 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 776c19db6377eea7b42a81eae5e2befde52b9861 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 25 Mar 2024 21:39:36 +0000 Subject: [PATCH 0952/1248] chore(deps): update actions/create-github-app-token action to v1.9.1 (#2604) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 6f180fc5..08cfce31 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@f2acddfb5195534d487896a656232b016a682f3c # v1.9.0 + uses: actions/create-github-app-token@78e5f2ddc08efcb88fbbee6cfa3fed770ba550c3 # v1.9.1 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 38900afada6cbc51e469d53fbf20ebba6f1cb07b Mon Sep 17 00:00:00 2001 From: Connor Given <47261237+congiv@users.noreply.github.com> Date: Tue, 26 Mar 2024 04:35:50 -0400 Subject: [PATCH 0953/1248] feat(argo-rollouts): add minimum RBAC for Gateway API (#2599) --- charts/argo-rollouts/Chart.yaml | 4 +-- charts/argo-rollouts/README.md | 1 + .../templates/controller/clusterrole.yaml | 27 +++++++++++++++ .../templates/controller/role.yaml | 33 +++++++++++++++++-- charts/argo-rollouts/values.yaml | 2 ++ 5 files changed, 62 insertions(+), 5 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 740aba28..307965b9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.6 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.35.0 +version: 2.35.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added Deployment labels + description: Allow minimum set of RBAC rules for Gateway API resources diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 0bd3560a..eb30e7ee 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -68,6 +68,7 @@ For full list of changes please check ArtifactHub [changelog]. | providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider | | providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider | | providerRBAC.providers.contour | bool | `true` | Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` | +| providerRBAC.providers.gatewayAPI | bool | `true` | Adds RBAC rules for the Gateway API provider | | providerRBAC.providers.glooPlatform | bool | `true` | Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md` | | providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider | | providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider | diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index a60070b3..a80708b6 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -94,11 +94,22 @@ rules: - "" resources: - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: - configmaps verbs: - get - list - watch +{{- if .Values.providerRBAC.providers.gatewayAPI }} + - create + - update +{{- end }} # pod list/update needed for updating ephemeral data - apiGroups: - "" @@ -276,6 +287,22 @@ rules: verbs: - '*' {{- end }} +{{- if .Values.providerRBAC.providers.gatewayAPI }} + # Access needed when using the Gateway API provider +- apiGroups: + - gateway.networking.k8s.io + resources: + - httproutes + - tcproutes + - tlsroutes + - udproutes + - grpcroutes + verbs: + - get + - list + - watch + - update +{{- end }} {{- with .Values.providerRBAC.additionalRules }} {{ toYaml . }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index dc656cde..584587b9 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -95,11 +95,22 @@ rules: - "" resources: - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: - configmaps verbs: - get - list - watch +{{- if .Values.providerRBAC.providers.gatewayAPI }} + - create + - update +{{- end }} # pod list/update needed for updating ephemeral data - apiGroups: - "" @@ -259,11 +270,27 @@ rules: {{- if .Values.providerRBAC.providers.glooPlatform }} # Access needed when using the Gloo Platform provider - apiGroups: - - networking.gloo.solo.io + - networking.gloo.solo.io resources: - - routetables + - routetables verbs: - - '*' + - '*' +{{- end }} +{{- if .Values.providerRBAC.providers.gatewayAPI }} + # Access needed when using the Gateway API provider +- apiGroups: + - gateway.networking.k8s.io + resources: + - httproutes + - tcproutes + - tlsroutes + - udproutes + - grpcroutes + verbs: + - get + - list + - watch + - update {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 9cc4042d..8f3f10b4 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -277,6 +277,8 @@ providerRBAC: contour: true # -- Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md` glooPlatform: true + # -- Adds RBAC rules for the Gateway API provider + gatewayAPI: true # -- Additional RBAC rules for others providers additionalRules: [] From e56bda239d7871acfe7162def5a327d6a53dae8c Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 28 Mar 2024 08:44:07 +0100 Subject: [PATCH 0954/1248] chore(deps): update renovatebot/github-action action to v40.1.7 (#2608) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 08cfce31..6b290f1d 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@23b01dbf6f38965076a36aff87f802263164f204 # v40.1.6 + uses: renovatebot/github-action@7d358366277001f3316d7fa54ff49a81c0158948 # v40.1.7 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 6043017f34a4aab9eed905c3eec3dfe796252d1f Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 28 Mar 2024 18:29:52 +0100 Subject: [PATCH 0955/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.5 (#2610) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2cbf4bd0..7cc1ab23 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.4 +appVersion: v2.10.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.3 +version: 6.7.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.10.4 + description: Bump argo-cd to v2.10.5 From e9a3381d739f4c07069753bf5a2db4cd462ec014 Mon Sep 17 00:00:00 2001 From: GuillaumeRemyCSI <30650458+GuillaumeRemyCSI@users.noreply.github.com> Date: Fri, 29 Mar 2024 09:13:31 +0100 Subject: [PATCH 0956/1248] fix(argo-cd): Properly support "application in any namespace" for the argocd-server ClusterRole (#2609) * Properly support "application in any namespace" for the argocd-server ClusterRole Signed-off-by: GuillaumeRemyCSI <30650458+GuillaumeRemyCSI@users.noreply.github.com> * Add changelog Signed-off-by: GuillaumeRemyCSI <30650458+GuillaumeRemyCSI@users.noreply.github.com> * notification controller can handle self-managed notification in any namespace Signed-off-by: GuillaumeRemyCSI <30650458+GuillaumeRemyCSI@users.noreply.github.com> * Bump argo-cd chart to v6.7.5 Signed-off-by: GuillaumeRemyCSI <30650458+GuillaumeRemyCSI@users.noreply.github.com> --------- Signed-off-by: GuillaumeRemyCSI <30650458+GuillaumeRemyCSI@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- .../templates/argocd-notifications/clusterrole.yaml | 3 +++ .../argo-cd/templates/argocd-server/clusterrole.yaml | 11 +++++++++++ 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7cc1ab23..41acb075 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.4 +version: 6.7.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.10.5 + - kind: fixed + description: Fixed the ClusterRole of argocd-server and notification when using "application in any namespace" diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml index edb957f3..eba5973f 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml @@ -28,6 +28,9 @@ rules: verbs: - list - watch + {{- if (index .Values.configs.params "application.namespaces") }} + - create + {{- end }} {{- if .Values.notifications.cm.create }} - apiGroups: - "" diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index f4877980..0867a1b1 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -48,6 +48,17 @@ rules: - list - update - watch + {{- if (index .Values.configs.params "application.namespaces") }} + - apiGroups: + - "argoproj.io" + resources: + - "applications" + verbs: + - create + - delete + - update + - patch + {{- end }} - apiGroups: - batch resources: From d6063b9595c5692c122302fe913f28c66376747c Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Fri, 29 Mar 2024 19:13:26 +0300 Subject: [PATCH 0957/1248] fix(argo-cd): add missing crd change from 2.10.5 (#2612) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/crds/crd-applicationset.yaml | 6 ------ 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 41acb075..fa41352d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.5 +version: 6.7.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fixed the ClusterRole of argocd-server and notification when using "application in any namespace" + description: added missing crd change for 2.10.5 diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 02623f6c..323beb27 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -2381,8 +2381,6 @@ spec: - metadata - spec type: object - required: - - elements type: object matrix: properties: @@ -4725,8 +4723,6 @@ spec: - metadata - spec type: object - required: - - elements type: object matrix: x-kubernetes-preserve-unknown-fields: true @@ -9752,8 +9748,6 @@ spec: - metadata - spec type: object - required: - - elements type: object matrix: x-kubernetes-preserve-unknown-fields: true From 3a56a3e64d8edb4522531498fe9686ddafbb975a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 30 Mar 2024 12:33:40 -0500 Subject: [PATCH 0958/1248] chore(deps): bump actions/setup-python from 5.0.0 to 5.1.0 (#2615) --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 895cbe52..46cf47cd 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: 3.9 From d64b7e2d0c378635c9ce1e3ee8e800d11156dd88 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 10:18:04 +0900 Subject: [PATCH 0959/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v37.278.0 (#2617) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 6b290f1d..d5280ec2 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 37.222.0 + renovate-version: 37.278.0 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From 7b87ff19e5c034b3e4b628a9220516fe5f6ceaa3 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 19:27:32 +0200 Subject: [PATCH 0960/1248] chore(deps): update actions/create-github-app-token action to v1.9.2 (#2618) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index d5280ec2..22e06e11 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@78e5f2ddc08efcb88fbbee6cfa3fed770ba550c3 # v1.9.1 + uses: actions/create-github-app-token@6c406e8a244fdf6bbf79e6cc8a91504a48d2c2ce # v1.9.2 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 30fd5202b0c195ad8bda0406dab33eec85c3781d Mon Sep 17 00:00:00 2001 From: edmondshtogu Date: Tue, 2 Apr 2024 07:03:37 +0200 Subject: [PATCH 0961/1248] feat(argo-cd): enabled server cluster role permissions overriding (#2606) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/argocd-server/clusterrole.yaml | 4 ++++ charts/argo-cd/values.yaml | 8 ++++++++ 4 files changed, 17 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fa41352d..f86a8d52 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.6 +version: 6.7.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: added missing crd change for 2.10.5 + - kind: added + description: Support for Overriding Argo CD Server ClusterRole Permissions diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d43a0fda..70679f23 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -928,6 +928,8 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | +| server.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the server's ClusterRole resource | +| server.clusterRoleRules.rules | list | `[]` | List of custom rules for the server's ClusterRole resource | | server.containerPorts.metrics | int | `8083` | Metrics container port | | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 0867a1b1..c1439b0c 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -6,6 +6,9 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: + {{- if .Values.server.clusterRoleRules.enabled }} + {{- toYaml .Values.server.clusterRoleRules.rules | nindent 2 }} + {{- else }} - apiGroups: - '*' resources: @@ -73,4 +76,5 @@ rules: verbs: {{/* supports triggering workflows from UI */}} - create + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a281d019..000f94a3 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2194,6 +2194,14 @@ server: # -- Termination policy of Openshift Route termination_policy: None + ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. + ## Defaults to off + clusterRoleRules: + # -- Enable custom rules for the server's ClusterRole resource + enabled: false + # -- List of custom rules for the server's ClusterRole resource + rules: [] + ## Repo Server repoServer: # -- Repo server name From 72f0a50d7038ba2883a5ea87b5012824f9a7884f Mon Sep 17 00:00:00 2001 From: Pierre Blais <109473352+pierreblais@users.noreply.github.com> Date: Tue, 2 Apr 2024 15:36:34 +0200 Subject: [PATCH 0962/1248] feat(argo-cd): Add sizeLimit parameters on emptyDir (#2607) * feat(argo-cd): Add sizeLimit parameters on emptyDir Signed-off-by: Pierre BLAIS * feat(argo-cd): Bumping chart version Signed-off-by: Pierre BLAIS * Fix(argo-cd): Add missing new line Signed-off-by: Pierre BLAIS --------- Signed-off-by: Pierre BLAIS Signed-off-by: Pierre Blais <109473352+pierreblais@users.noreply.github.com> Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 4 +-- charts/argo-cd/README.md | 5 +++ .../deployment.yaml | 6 ++++ .../statefulset.yaml | 5 +++ .../argocd-applicationset/deployment.yaml | 10 ++++++ .../argocd-repo-server/deployment.yaml | 25 +++++++++++++ .../templates/argocd-server/deployment.yaml | 15 ++++++++ charts/argo-cd/templates/dex/deployment.yaml | 10 ++++++ charts/argo-cd/values.yaml | 35 +++++++++++++++++++ 9 files changed, 113 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f86a8d52..b645755d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.7 +version: 6.7.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Support for Overriding Argo CD Server ClusterRole Permissions + description: Add sizeLimit params on EmptyDir Volume diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 70679f23..244c2641 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -733,6 +733,7 @@ NAME: my-release | controller.dnsConfig | object | `{}` | [DNS configuration] | | controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods | | controller.dynamicClusterDistribution | bool | `false` | Enable dynamic cluster distribution (alpha) Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution | +| controller.emptyDir.sizeLimit | string | `""` (defaults not set if not specified i.e. no size limit) | EmptyDir size limit for application controller | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | @@ -827,6 +828,7 @@ NAME: my-release | repoServer.deploymentStrategy | object | `{}` | Deployment strategy to be added to the repo server Deployment | | repoServer.dnsConfig | object | `{}` | [DNS configuration] | | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | +| repoServer.emptyDir.sizeLimit | string | `""` (defaults not set if not specified i.e. no size limit) | EmptyDir size limit for repo server | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.existingVolumes | object | `{}` | Volumes to be used in replacement of emptydir on default volumes | @@ -937,6 +939,7 @@ NAME: my-release | server.deploymentStrategy | object | `{}` | Deployment strategy to be added to the server Deployment | | server.dnsConfig | object | `{}` | [DNS configuration] | | server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | +| server.emptyDir.sizeLimit | string | `""` (defaults not set if not specified i.e. no size limit) | EmptyDir size limit for the Argo CD server | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | @@ -1075,6 +1078,7 @@ NAME: my-release | dex.deploymentStrategy | object | `{}` | Deployment strategy to be added to the Dex server Deployment | | dex.dnsConfig | object | `{}` | [DNS configuration] | | dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods | +| dex.emptyDir.sizeLimit | string | `""` (defaults not set if not specified i.e. no size limit) | EmptyDir size limit for Dex server | | dex.enabled | bool | `true` | Enable dex | | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | @@ -1327,6 +1331,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.deploymentStrategy | object | `{}` | Deployment strategy to be added to the ApplicationSet controller Deployment | | applicationSet.dnsConfig | object | `{}` | [DNS configuration] | | applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | +| applicationSet.emptyDir.sizeLimit | string | `""` (defaults not set if not specified i.e. no size limit) | EmptyDir size limit for applicationSet controller | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | ApplicationSet controller command line flags | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index e0c12135..232ce267 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -334,7 +334,13 @@ spec: {{- toYaml . | nindent 6 }} {{- end }} - name: argocd-home + {{- if .Values.controller.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.controller.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} + - name: argocd-repo-server-tls secret: secretName: argocd-repo-server-tls diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 3b72d19f..80535e67 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -333,7 +333,12 @@ spec: {{- toYaml . | nindent 6 }} {{- end }} - name: argocd-home + {{- if .Values.controller.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.controller.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} - name: argocd-repo-server-tls secret: secretName: argocd-repo-server-tls diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 96fc3804..795f18d0 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -302,9 +302,19 @@ spec: configMap: name: argocd-gpg-keys-cm - name: gpg-keyring + {{- if .Values.applicationSet.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.applicationSet.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} - name: tmp + {{- if .Values.applicationSet.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.applicationSet.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} - name: argocd-repo-server-tls secret: secretName: argocd-repo-server-tls diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index d27c15d9..590e5387 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -394,26 +394,46 @@ spec: {{- if .Values.repoServer.existingVolumes.helmWorkingDir -}} {{ toYaml .Values.repoServer.existingVolumes.helmWorkingDir | nindent 8 }} {{- else }} + {{- if .Values.repoServer.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.repoServer.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} {{- end }} {{- end }} - name: plugins {{- if .Values.repoServer.existingVolumes.plugins -}} {{ toYaml .Values.repoServer.existingVolumes.plugins | nindent 8 }} {{- else }} + {{- if .Values.repoServer.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.repoServer.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} {{- end }} - name: var-files {{- if .Values.repoServer.existingVolumes.varFiles -}} {{ toYaml .Values.repoServer.existingVolumes.varFiles | nindent 8 }} {{- else }} + {{- if .Values.repoServer.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.repoServer.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} {{- end }} - name: tmp {{- if .Values.repoServer.existingVolumes.tmp -}} {{ toYaml .Values.repoServer.existingVolumes.tmp | nindent 8 }} {{- else }} + {{- if .Values.repoServer.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.repoServer.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} {{- end }} - name: ssh-known-hosts configMap: @@ -428,7 +448,12 @@ spec: {{- if .Values.repoServer.existingVolumes.gpgKeyring -}} {{ toYaml .Values.repoServer.existingVolumes.gpgKeyring | nindent 8 }} {{- else }} + {{- if .Values.repoServer.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.repoServer.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} {{- end }} - name: argocd-repo-server-tls secret: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 6d614b0f..faaf1c26 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -442,12 +442,27 @@ spec: {{- end }} {{- if .Values.server.extensions.enabled }} - name: extensions + {{- if .Values.server.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.server.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} {{- end }} - name: plugins-home + {{- if .Values.server.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.server.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} - name: tmp + {{- if .Values.server.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.server.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} - name: ssh-known-hosts configMap: name: argocd-ssh-known-hosts-cm diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 61f3fe86..3c293e7c 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -187,9 +187,19 @@ spec: {{- end }} volumes: - name: static-files + {{- if .Values.dex.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.dex.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} - name: dexconfig + {{- if .Values.dex.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.dex.emptyDir.sizeLimit }} + {{- else }} emptyDir: {} + {{- end }} - name: argocd-dex-server-tls secret: secretName: argocd-dex-server-tls diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 000f94a3..1285eccf 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -673,6 +673,13 @@ controller: # - name: custom-tools # emptyDir: {} + ## Application controller emptyDir volumes + emptyDir: + # -- EmptyDir size limit for application controller + # @default -- `""` (defaults not set if not specified i.e. no size limit) + sizeLimit: "" + # sizeLimit: "1Gi" + # -- Annotations for the application controller StatefulSet statefulsetAnnotations: {} @@ -989,6 +996,13 @@ dex: # -- Additional volumes to the dex pod volumes: [] + ## Dex server emptyDir volumes + emptyDir: + # -- EmptyDir size limit for Dex server + # @default -- `""` (defaults not set if not specified i.e. no size limit) + sizeLimit: "" + # sizeLimit: "1Gi" + # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-dex-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart Dex automatically without extra controllers. @@ -1744,6 +1758,13 @@ server: # - name: custom-tools # emptyDir: {} + ## Argo CD server emptyDir volumes + emptyDir: + # -- EmptyDir size limit for the Argo CD server + # @default -- `""` (defaults not set if not specified i.e. no size limit) + sizeLimit: "" + # sizeLimit: "1Gi" + # -- Annotations to be added to server Deployment deploymentAnnotations: {} @@ -2366,6 +2387,13 @@ repoServer: # persistentVolumeClaim: # claimName: pvc-argocd-repo-server-plugins + ## RepoServer emptyDir volumes + emptyDir: + # -- EmptyDir size limit for repo server + # @default -- `""` (defaults not set if not specified i.e. no size limit) + sizeLimit: "" + # sizeLimit: "1Gi" + # -- Toggle the usage of a ephemeral Helm working directory useEphemeralHelmWorkingDir: true @@ -2653,6 +2681,13 @@ applicationSet: # -- List of extra volumes to add extraVolumes: [] + ## ApplicationSet controller emptyDir volumes + emptyDir: + # -- EmptyDir size limit for applicationSet controller + # @default -- `""` (defaults not set if not specified i.e. no size limit) + sizeLimit: "" + # sizeLimit: "1Gi" + ## Metrics service configuration metrics: # -- Deploy metrics service From c30f1984e418bc12953bd967fcc8dd2598173a65 Mon Sep 17 00:00:00 2001 From: Karl Lyons <7.lyonsy@gmail.com> Date: Tue, 2 Apr 2024 13:26:07 -0400 Subject: [PATCH 0963/1248] feat(argo-workflows): Add the ability to use headless service for workflow controller (#2620) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../templates/controller/workflow-controller-service.yaml | 3 +++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6223ffc6..0243bcd7 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.0 +version: 0.41.1 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Check Prometheus CRDs are available before creating Service Monitor resource(s) + description: Add the ability to use a headless service for the workflow controller diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 3a387546..e8d99b6d 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -170,6 +170,7 @@ Fields to note: | controller.logging.globallevel | string | `"0"` | Set the glog logging level | | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | +| controller.metricsConfig.headlessService | bool | `false` | Flag to enable headless service | | controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. | | controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion | | controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 51362c4f..0cd8a75b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -32,6 +32,9 @@ spec: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} sessionAffinity: None type: {{ .Values.controller.serviceType }} + {{- if and (eq .Values.controller.serviceType "ClusterIP") .Values.controller.metricsConfig.headlessService }} + clusterIP: None + {{- end }} {{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }} loadBalancerSourceRanges: {{- toYaml .Values.controller.loadBalancerSourceRanges | nindent 4 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 3c361c9c..89fa1753 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -135,6 +135,8 @@ controller: servicePort: 8080 # -- Service metrics port name servicePortName: metrics + # -- Flag to enable headless service + headlessService: false # -- ServiceMonitor relabel configs to apply to samples before scraping ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig relabelings: [] From 1a5bded746dfcd27d8bc143b427246034606324b Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Thu, 4 Apr 2024 20:47:21 +0200 Subject: [PATCH 0964/1248] fix(argo-cd): Add required label for CLI on redis-ha-haproxy pod (#2627) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/values.yaml | 3 +++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b645755d..2bef9887 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.8 +version: 6.7.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add sizeLimit params on EmptyDir Volume + - kind: fixed + description: Add required label for CLI to redis-ha-haproxy pods diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 244c2641..c8401dd2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1269,6 +1269,7 @@ The main options are listed here: | redis-ha.haproxy.containerSecurityContext | object | See [values.yaml] | HAProxy container-level security context | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | +| redis-ha.haproxy.labels | object | `{"app.kubernetes.io/name":"argocd-redis-ha-haproxy"}` | Custom labels for the haproxy pod. This is relevant for Argo CD CLI. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1285eccf..09968523 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1505,6 +1505,9 @@ redis-ha: haproxy: # -- Enabled HAProxy LoadBalancing/Proxy enabled: true + # -- Custom labels for the haproxy pod. This is relevant for Argo CD CLI. + labels: + app.kubernetes.io/name: argocd-redis-ha-haproxy metrics: # -- HAProxy enable prometheus metric scraping enabled: true From b35d6e3618a6fd37341f2a39b618599979a009dd Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 4 Apr 2024 15:25:31 -0500 Subject: [PATCH 0965/1248] chore(deps): update actions/create-github-app-token action to v1.9.3 (#2626) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 22e06e11..13242aaf 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@6c406e8a244fdf6bbf79e6cc8a91504a48d2c2ce # v1.9.2 + uses: actions/create-github-app-token@7bfa3a4717ef143a604ee0a99d859b8886a96d00 # v1.9.3 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From b583d7742ffb460f2900244789c1eb2a098828e0 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 5 Apr 2024 05:59:50 +0100 Subject: [PATCH 0966/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.6 (#2630) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2bef9887..94a33897 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.5 +appVersion: v2.10.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.9 +version: 6.7.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add required label for CLI to redis-ha-haproxy pods + - kind: changed + description: Bump argo-cd to v2.10.6 From af50be59ed31a371f811ad586bd72a762291b810 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 8 Apr 2024 13:38:36 +0200 Subject: [PATCH 0967/1248] chore(deps): update renovatebot/github-action action to v40.1.8 (#2633) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 13242aaf..f5963f3c 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@7d358366277001f3316d7fa54ff49a81c0158948 # v40.1.7 + uses: renovatebot/github-action@10b0dbf049fea8f04c079c8802145f3eac72d9e7 # v40.1.8 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From f42e0e1fd586d48459d99db69e65f2540a5cd209 Mon Sep 17 00:00:00 2001 From: Stefan Caraiman Date: Wed, 10 Apr 2024 23:05:47 +0300 Subject: [PATCH 0968/1248] fix(argo-cd): make automountServiceAccountToken configurable (#2625) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 7 +++++++ .../deployment.yaml | 1 + .../statefulset.yaml | 1 + .../argocd-applicationset/deployment.yaml | 1 + .../argocd-notifications/deployment.yaml | 1 + .../argocd-repo-server/deployment.yaml | 1 + .../templates/argocd-server/deployment.yaml | 1 + charts/argo-cd/templates/dex/deployment.yaml | 1 + .../argo-cd/templates/redis/deployment.yaml | 1 + charts/argo-cd/values.yaml | 21 +++++++++++++++++++ 11 files changed, 39 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 94a33897..51d91732 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.10 +version: 6.7.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.10.6 + - kind: added + description: Add configurable automountServiceAccountToken diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c8401dd2..a9c7c446 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -725,6 +725,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | controller.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | +| controller.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account into the pod. | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPorts.metrics | int | `8082` | Metrics container port | @@ -806,6 +807,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | +| repoServer.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account into the pod. | | repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | @@ -903,6 +905,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | +| server.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account into the pod. | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | @@ -1064,6 +1067,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | dex.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | +| dex.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account into the pod. | | dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret | | dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | | dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) | @@ -1160,6 +1164,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | redis.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | +| redis.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account into the pod. | | redis.containerPorts.metrics | int | `9121` | Metrics container port | | redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | @@ -1310,6 +1315,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.allowAnyNamespace | bool | `false` | Enable ApplicationSet in any namespace feature | +| applicationSet.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account into the pod. | | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | | applicationSet.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) | @@ -1419,6 +1425,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `""` (defaults to https://`global.domain`) | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | +| notifications.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account into the pod. | | notifications.clusterRoleRules.rules | list | `[]` | List of custom rules for the notifications controller's ClusterRole resource | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerPorts.metrics | int | `9001` | Metrics container port | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 232ce267..c0dc1460 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -55,6 +55,7 @@ spec: terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} {{- end }} serviceAccountName: {{ include "argo-cd.controller.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.controller.automountServiceAccountToken }} containers: - args: - /usr/local/bin/argocd-application-controller diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 80535e67..14c3653e 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -56,6 +56,7 @@ spec: terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} {{- end }} serviceAccountName: {{ include "argo-cd.controller.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.controller.automountServiceAccountToken }} containers: - args: - /usr/local/bin/argocd-application-controller diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 795f18d0..0b6a51fb 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -56,6 +56,7 @@ spec: terminationGracePeriodSeconds: {{ .Values.applicationSet.terminationGracePeriodSeconds }} {{- end }} serviceAccountName: {{ include "argo-cd.applicationSet.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.applicationSet.automountServiceAccountToken }} containers: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 674639f4..eaf35623 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -55,6 +55,7 @@ spec: terminationGracePeriodSeconds: {{ .Values.notifications.terminationGracePeriodSeconds }} {{- end }} serviceAccountName: {{ include "argo-cd.notifications.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.notifications.automountServiceAccountToken }} containers: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 590e5387..84804ac6 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -66,6 +66,7 @@ spec: terminationGracePeriodSeconds: {{ .Values.repoServer.terminationGracePeriodSeconds }} {{- end }} serviceAccountName: {{ include "argo-cd.repoServer.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.repoServer.automountServiceAccountToken }} containers: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index faaf1c26..dee9cf43 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -60,6 +60,7 @@ spec: terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} {{- end }} serviceAccountName: {{ include "argo-cd.server.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.server.automountServiceAccountToken }} containers: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 3c293e7c..b6c94f90 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -59,6 +59,7 @@ spec: terminationGracePeriodSeconds: {{ .Values.dex.terminationGracePeriodSeconds }} {{- end }} serviceAccountName: {{ template "argo-cd.dex.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.dex.automountServiceAccountToken }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index a25c1bd8..56ceae93 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -52,6 +52,7 @@ spec: terminationGracePeriodSeconds: {{ .Values.redis.terminationGracePeriodSeconds }} {{- end }} serviceAccountName: {{ include "argo-cd.redis.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.redis.automountServiceAccountToken }} containers: - name: {{ .Values.redis.name }} image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 09968523..5f6d0d0b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -768,6 +768,9 @@ controller: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Automount API credentials for the Service Account into the pod. + automountServiceAccountToken: true + serviceAccount: # -- Create a service account for the application controller create: true @@ -1110,6 +1113,9 @@ dex: # -- terminationGracePeriodSeconds for container lifecycle hook terminationGracePeriodSeconds: 30 + # -- Automount API credentials for the Service Account into the pod. + automountServiceAccountToken: true + serviceAccount: # -- Create dex service account create: true @@ -1410,6 +1416,9 @@ redis: # -- terminationGracePeriodSeconds for container lifecycle hook terminationGracePeriodSeconds: 30 + # -- Automount API credentials for the Service Account into the pod. + automountServiceAccountToken: true + serviceAccount: # -- Create a service account for the redis pod create: false @@ -2009,6 +2018,9 @@ server: # -- Prometheus ServiceMonitor annotations annotations: {} + # -- Automount API credentials for the Service Account into the pod. + automountServiceAccountToken: true + serviceAccount: # -- Create server service account create: true @@ -2586,6 +2598,9 @@ repoServer: # -- List of custom rules for the Repo server's Cluster Role resource rules: [] + # -- Automount API credentials for the Service Account into the pod. + automountServiceAccountToken: true + ## Repo server service account ## If create is set to true, make sure to uncomment the name and update the rbac section below serviceAccount: @@ -2747,6 +2762,9 @@ applicationSet: # -- ApplicationSet service port name portName: http-webhook + # -- Automount API credentials for the Service Account into the pod. + automountServiceAccountToken: true + serviceAccount: # -- Create ApplicationSet controller service account create: true @@ -3208,6 +3226,9 @@ notifications: # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" + # -- Automount API credentials for the Service Account into the pod. + automountServiceAccountToken: true + serviceAccount: # -- Create notifications controller service account create: true From a51380a144fa2a6ca42879faac2756f0b703d4b4 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 12 Apr 2024 01:55:23 -0500 Subject: [PATCH 0969/1248] chore(deps): update renovatebot/github-action action to v40.1.9 (#2638) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index f5963f3c..90c0570f 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@10b0dbf049fea8f04c079c8802145f3eac72d9e7 # v40.1.8 + uses: renovatebot/github-action@74811c93da74bf38cb37f41489065619930fba44 # v40.1.9 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 7aca86035924ff9015d836669ffe5dc5a8eee38d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 Apr 2024 08:42:06 -0500 Subject: [PATCH 0970/1248] chore(deps): bump azure/setup-helm from 3.5 to 4 (#2640) --- .github/workflows/lint-and-test.yml | 2 +- .github/workflows/publish.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 46cf47cd..d28d2fce 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -27,7 +27,7 @@ jobs: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 + uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4.1.0 with: version: v3.10.1 # Also update in publish.yaml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 3a3b41d6..9584e09a 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -24,7 +24,7 @@ jobs: fetch-depth: 0 - name: Install Helm - uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 + uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4.1.0 with: version: v3.10.1 # Also update in lint-and-test.yaml From ebbe2eefad39f0f0c38ded984eeeb8d0c4816e80 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 15 Apr 2024 11:42:55 +0100 Subject: [PATCH 0971/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.7 (#2643) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 51d91732..06a52163 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.6 +appVersion: v2.10.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.11 +version: 6.7.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add configurable automountServiceAccountToken + - kind: changed + description: Bump argo-cd to v2.10.7 From 8abf55a807aec83640ee6479fca13b07cf1e7dd6 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 17 Apr 2024 22:48:41 +0200 Subject: [PATCH 0972/1248] chore(deps): update renovatebot/github-action action to v40.1.10 (#2645) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 90c0570f..f3a6ac6b 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@74811c93da74bf38cb37f41489065619930fba44 # v40.1.9 + uses: renovatebot/github-action@2e021d24483d81e77e0e902d0809adfbfff276fc # v40.1.10 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From a12dbf812c9b1eb0a1065734159e9a3c9c03fc03 Mon Sep 17 00:00:00 2001 From: Marc Brugger Date: Thu, 18 Apr 2024 23:41:24 +0200 Subject: [PATCH 0973/1248] feat(argocd-image-updater): Allow defining extraEnvFrom for the deployment (#2646) Signed-off-by: bakito --- charts/argocd-image-updater/Chart.yaml | 10 +++------- charts/argocd-image-updater/README.md | 1 + charts/argocd-image-updater/templates/deployment.yaml | 4 ++++ charts/argocd-image-updater/values.yaml | 7 +++++++ 4 files changed, 15 insertions(+), 7 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 2e34fad6..7f299aef 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.6 +version: 0.9.7 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -18,9 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Properly quoting the config map values - - kind: fixed - description: Only adding a data field to argocd-image-updater-ssh-config when there's data to be added - - kind: changed - description: Only include config.argocd if config.applicationsAPIKind is set to 'argocd' + - kind: added + description: Allow defining extraEnvFrom for the deployment diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index f094d77a..a8d28699 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -86,6 +86,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.sshConfig | object | `{}` | Argo CD Image Updater ssh client parameter configuration. | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | | extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | +| extraEnvFrom | list | `[]` | Extra envFrom to pass to argocd-image-updater | | extraObjects | list | `[]` | Extra K8s manifests to deploy for argocd-image-updater | | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | | image.pullPolicy | string | `"Always"` | Default image pull policy | diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 6a4f592c..cfd87a47 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -104,6 +104,10 @@ spec: {{- with .Values.extraEnv }} {{- toYaml . | nindent 10 }} {{- end }} + {{- with .Values.extraEnvFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 7cbbe05b..0f2a4e33 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -44,6 +44,13 @@ extraEnv: [] # - name: AWS_REGION # value: "us-west-1" +# -- Extra envFrom to pass to argocd-image-updater +extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + # -- Extra K8s manifests to deploy for argocd-image-updater ## Note: Supports use of custom Helm templates extraObjects: [] From 598a3c48c5c628a32a41078dd0d46e96e4dfa6fb Mon Sep 17 00:00:00 2001 From: Aleksei Sviridkin <3811295@gmail.com> Date: Fri, 19 Apr 2024 18:07:22 +0400 Subject: [PATCH 0974/1248] feat(argo-cd): Bump argocd-extension-installer to 0.0.5 (#2647) * Bump argocd-extension-installer to v0.0.5 Signed-off-by: Aleksey Sviridkin * Update docs Signed-off-by: Aleksey Sviridkin --------- Signed-off-by: Aleksey Sviridkin --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 06a52163..ae6fae89 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.12 +version: 6.7.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.10.7 + description: Bump argocd-extension-installer to v0.0.5 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a9c7c446..5035e24d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -950,7 +950,7 @@ NAME: my-release | server.extensions.extensionList | list | `[]` (See [values.yaml]) | Extensions for Argo CD | | server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"quay.io/argoprojlabs/argocd-extension-installer"` | Repository to use for extension installer image | -| server.extensions.image.tag | string | `"v0.0.1"` | Tag to use for extension installer image | +| server.extensions.image.tag | string | `"v0.0.5"` | Tag to use for extension installer image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5f6d0d0b..f7053281 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1682,7 +1682,7 @@ server: # -- Repository to use for extension installer image repository: "quay.io/argoprojlabs/argocd-extension-installer" # -- Tag to use for extension installer image - tag: "v0.0.1" + tag: "v0.0.5" # -- Image pull policy for extensions # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From b7ccf969ad85e27b29af749ce7a02535be0a7393 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 20 Apr 2024 05:55:00 +0100 Subject: [PATCH 0975/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.6 (#2651) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0243bcd7..50c88749 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.5 +appVersion: v3.5.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.1 +version: 0.41.2 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add the ability to use a headless service for the workflow controller + - kind: changed + description: Bump argo-workflows to v3.5.6 From 03003fff0e348113464c9687737d13cfca560d21 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Apr 2024 19:47:40 +0200 Subject: [PATCH 0976/1248] chore(deps): bump azure/setup-helm from 4.1.0 to 4.2.0 (#2652) --- .github/workflows/lint-and-test.yml | 2 +- .github/workflows/publish.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index d28d2fce..aee46a66 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -27,7 +27,7 @@ jobs: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4.1.0 + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 with: version: v3.10.1 # Also update in publish.yaml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 9584e09a..c84c90f7 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -24,7 +24,7 @@ jobs: fetch-depth: 0 - name: Install Helm - uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4.1.0 + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 with: version: v3.10.1 # Also update in lint-and-test.yaml From 71899cb56a763c23b3ba841b7d40da528c97a350 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Apr 2024 19:49:00 +0200 Subject: [PATCH 0977/1248] chore(deps): bump actions/checkout from 4.1.2 to 4.1.3 (#2654) --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/renovate.yaml | 2 +- .github/workflows/scorecard.yml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index aee46a66..f3c26ae6 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 + uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 + uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c84c90f7..f1403a97 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 + uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 with: fetch-depth: 0 diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index f3a6ac6b..8de05921 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -23,7 +23,7 @@ jobs: private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 + uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 - name: Self-hosted Renovate uses: renovatebot/github-action@2e021d24483d81e77e0e902d0809adfbfff276fc # v40.1.10 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 971961e7..6683eb3b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 + uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 with: persist-credentials: false From ae7fd924dc5a6fee6fefde587866ab1f6ba174f9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Apr 2024 20:09:35 +0200 Subject: [PATCH 0978/1248] chore(deps): bump pascalgn/size-label-action from 0.5.0 to 0.5.2 (#2653) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 01af9781..04d2b6b4 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -25,6 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - uses: pascalgn/size-label-action@37a5ad4ae20ea8032abf169d953bcd661fd82cd3 # v0.5.0 + - uses: pascalgn/size-label-action@bbbaa0d5ccce8e2e76254560df5c64b82dac2e12 # v0.5.2 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 895b26a3cbf9cb475d92a1a4bece76bbff9845d8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Apr 2024 21:17:51 +0200 Subject: [PATCH 0979/1248] chore(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 (#2655) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6683eb3b..eb0fcbf1 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2 with: name: SARIF file path: results.sarif From 7ad09a972f2610ed8d65e8d090df090cd1eed5b5 Mon Sep 17 00:00:00 2001 From: Bojan Raic Date: Sun, 21 Apr 2024 22:54:13 +0200 Subject: [PATCH 0980/1248] feat(argo-cd): Pre-set `statusbadge.url` value to `global.domain` (#2657) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ae6fae89..b5a874df 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.13 +version: 6.7.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argocd-extension-installer to v0.0.5 + description: Pre-set statusbadge.url value to global.domain value diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 5dc957a2..f8b64780 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -164,6 +164,7 @@ Argo Configuration Preset Values (Incluenced by Values configuration) {{- define "argo-cd.config.cm.presets" -}} {{- $presets := dict -}} {{- $_ := set $presets "url" (printf "https://%s" .Values.global.domain) -}} +{{- $_ := set $presets "statusbadge.url" (printf "https://%s/" .Values.global.domain) -}} {{- if .Values.configs.styles -}} {{- $_ := set $presets "ui.cssurl" "./custom/custom.styles.css" -}} {{- end -}} From da0068075833e9a58d129f3963fb915819d8a062 Mon Sep 17 00:00:00 2001 From: Bojan Raic Date: Wed, 24 Apr 2024 09:07:57 +0200 Subject: [PATCH 0981/1248] fix(argo-cd): Pre-set `statusbadge.url` only when statusbadge is enabled (#2658) - Add `statusbadge.enabled` to values.yaml as `false` - Pre-set `statusbadge.url` to `global.domain` URL only when `statusbadge.enabled` is `true` - Update README.md - Fix a minor comment typo Signed-off-by: Bojan Raic --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/_helpers.tpl | 4 +++- charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b5a874df..80e944ca 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.14 +version: 6.7.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Pre-set statusbadge.url value to global.domain value + description: Pre-set statusbadge.url to global.domain when statusbadge is enabled diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5035e24d..b76423fa 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -663,6 +663,7 @@ NAME: my-release | configs.cm."application.instanceLabelKey" | string | `"argocd.argoproj.io/instance"` | The name of tracking label used by Argo CD for resource pruning | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | +| configs.cm."statusbadge.enabled" | bool | `false` | Enable Status Badge | | configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index f8b64780..589dd002 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -159,12 +159,14 @@ Create the name of the notifications service account to use {{- end -}} {{/* -Argo Configuration Preset Values (Incluenced by Values configuration) +Argo Configuration Preset Values (Influenced by Values configuration) */}} {{- define "argo-cd.config.cm.presets" -}} {{- $presets := dict -}} {{- $_ := set $presets "url" (printf "https://%s" .Values.global.domain) -}} +{{- if index .Values.configs.cm "statusbadge.enabled" | eq true -}} {{- $_ := set $presets "statusbadge.url" (printf "https://%s/" .Values.global.domain) -}} +{{- end -}} {{- if .Values.configs.styles -}} {{- $_ := set $presets "ui.cssurl" "./custom/custom.styles.css" -}} {{- end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f7053281..529e6d94 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -180,6 +180,10 @@ configs: # -- Timeout to refresh application data as well as target manifests cache timeout.hard.reconciliation: 0s + # -- Enable Status Badge + ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/status-badge/ + statusbadge.enabled: false + # Dex configuration # dex.config: | # connectors: From 93b7a946503d2b0a7cfe09ac619d91e7c9d16c83 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 25 Apr 2024 23:12:35 +0900 Subject: [PATCH 0982/1248] chore(deps): update actions/checkout action to v4.1.4 (#2662) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 8de05921..cbfae5ad 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -23,7 +23,7 @@ jobs: private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Self-hosted Renovate uses: renovatebot/github-action@2e021d24483d81e77e0e902d0809adfbfff276fc # v40.1.10 From d82efb40cb1f491735b353b05a5954e9e4e178ce Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 26 Apr 2024 15:21:13 +0100 Subject: [PATCH 0983/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.8 (#2665) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 80e944ca..9d237a9f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.7 +appVersion: v2.10.8 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.15 +version: 6.7.16 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Pre-set statusbadge.url to global.domain when statusbadge is enabled + description: Bump argo-cd to v2.10.8 From 42bfba2cc83633c75b8aa0fd32ae58ed749cd8b6 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 26 Apr 2024 20:35:49 +0100 Subject: [PATCH 0984/1248] feat(argo-cd): added jq path expression timeout (#2666) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + .../templates/argocd-application-controller/deployment.yaml | 6 ++++++ .../argocd-application-controller/statefulset.yaml | 6 ++++++ charts/argo-cd/values.yaml | 6 ++++++ 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9d237a9f..9be5d54e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.10.8 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.16 +version: 6.7.17 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.10.8 + - kind: added + description: JQ Path expression timeout diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b76423fa..7c3e4d4a 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -678,6 +678,7 @@ NAME: my-release | configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] | | configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | | configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | +| configs.params."controller.ignore.normalizer.jq.timeout" | string | `"1s"` | JQ Path expression timeout | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index c0dc1460..dc26a8db 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -268,6 +268,12 @@ spec: name: argocd-cmd-params-cm key: controller.diff.server.side optional: true + - name: ARGOCD_IGNORE_NORMALIZER_JQ_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.ignore.normalizer.jq.timeout + optional: true {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 14c3653e..208f358f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -267,6 +267,12 @@ spec: name: argocd-cmd-params-cm key: controller.diff.server.side optional: true + - name: ARGOCD_IGNORE_NORMALIZER_JQ_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.ignore.normalizer.jq.timeout + optional: true {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 529e6d94..4ab533d0 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -272,6 +272,12 @@ configs: ## Set comma-separated list. (e.g. app-team-one, app-team-two) application.namespaces: "" + # -- JQ Path expression timeout + ## By default, the evaluation of a JQPathExpression is limited to one second. + ## If you encounter a "JQ patch execution timed out" error message due to a complex JQPathExpression + ## that requires more time to evaluate, you can extend the timeout period. + controller.ignore.normalizer.jq.timeout: "1s" + # Argo CD RBAC policy configuration ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbac: From 95b9a947011a940821c6a99d77480d0827e3beb2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 Apr 2024 18:23:23 +0900 Subject: [PATCH 0985/1248] chore(deps): bump actions/checkout from 4.1.3 to 4.1.4 (#2671) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.3 to 4.1.4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.3...0ad4b8fadaa221de15dcec353f45205ec38ea70b) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index f3c26ae6..4aac42e5 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index f1403a97..619e19d7 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index eb0fcbf1..a4ec53c6 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: persist-credentials: false From 937a1702a1fb3158a19ad298f4a1e2652634ddae Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 Apr 2024 18:26:20 +0900 Subject: [PATCH 0986/1248] chore(deps): bump helm/kind-action from 1.9.0 to 1.10.0 (#2670) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.9.0 to 1.10.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/99576bfa6ddf9a8e612d83b513da5a75875caced...0025e74a8c7512023d06dc019c617aa3cf561fde) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 4aac42e5..41ec8336 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@99576bfa6ddf9a8e612d83b513da5a75875caced # v1.9.0 + uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From dafe207ae1a274f04bf632a97933c679dda78072 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 Apr 2024 18:30:59 +0900 Subject: [PATCH 0987/1248] chore(deps): bump amannn/action-semantic-pull-request from 5.4.0 to 5.5.2 (#2669) chore(deps): bump amannn/action-semantic-pull-request Bumps [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) from 5.4.0 to 5.5.2. - [Release notes](https://github.com/amannn/action-semantic-pull-request/releases) - [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md) - [Commits](https://github.com/amannn/action-semantic-pull-request/compare/e9fabac35e210fea40ca5b14c0da95a099eff26f...cfb60706e18bc85e8aec535e3c577abe8f70378e) --- updated-dependencies: - dependency-name: amannn/action-semantic-pull-request dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/pr-title.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 256b1c38..9828761b 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0 + - uses: amannn/action-semantic-pull-request@cfb60706e18bc85e8aec535e3c577abe8f70378e # v5.5.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From 1119c0d8ccab5c0df03e487255c4ace4508f3345 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 Apr 2024 18:31:51 +0900 Subject: [PATCH 0988/1248] chore(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 (#2668) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.2 to 4.3.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/1746f4ab65b179e0ea60a494b83293b640dd5bba...65462800fd760344b1a7b4382951275a0abb4808) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index a4ec53c6..96b1ed0b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: SARIF file path: results.sarif From 9c1e15abf3c0a24bfe45ef83bcb12131a6d25862 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 22:56:09 +0900 Subject: [PATCH 0989/1248] chore(deps): update renovatebot/github-action action to v40.1.11 (#2672) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index cbfae5ad..e1e47026 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Self-hosted Renovate - uses: renovatebot/github-action@2e021d24483d81e77e0e902d0809adfbfff276fc # v40.1.10 + uses: renovatebot/github-action@063e0c946b9c1af35ef3450efc44114925d6e8e6 # v40.1.11 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 65e99a1c04bad5cbc47398204f92a136e3e57bb3 Mon Sep 17 00:00:00 2001 From: Mykyta Orlov Date: Mon, 29 Apr 2024 23:29:49 +0300 Subject: [PATCH 0990/1248] fix(argo-workflows): hyphen typo in values.yaml comment (#2673) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 50c88749..1b9d5109 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.2 +version: 0.41.3 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-workflows to v3.5.6 + description: Fix hyphen typo in values.yaml comments diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index e8d99b6d..da4c388c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -339,7 +339,7 @@ Fields to note: | server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | | server.sso.rbac.enabled | bool | `true` | Adds ServiceAccount Policy to server (Cluster)Role. | | server.sso.rbac.secretWhitelist | list | `[]` | Whitelist to allow server to fetch Secrets | -| server.sso.redirectUrl | string | `""` | | +| server.sso.redirectUrl | string | `""` | The OIDC redirect URL. Should be in the form /oauth2/callback. | | server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | | server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | | server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 89fa1753..6bc461f2 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -700,7 +700,7 @@ server: name: argo-server-sso # -- Key of a secret to retrieve the app OIDC client secret key: client-secret - # - The OIDC redirect URL. Should be in the form /oauth2/callback. + # -- The OIDC redirect URL. Should be in the form /oauth2/callback. redirectUrl: "" rbac: # -- Adds ServiceAccount Policy to server (Cluster)Role. From b9e4a3fd3413ca0adeb6036536ab678badfee319 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 30 Apr 2024 18:14:03 +0100 Subject: [PATCH 0991/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.10.9 (#2674) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9be5d54e..8c0db468 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.8 +appVersion: v2.10.9 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.17 +version: 6.7.18 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: JQ Path expression timeout + - kind: changed + description: Bump argo-cd to v2.10.9 From 6c0874513635516da103ca0d8c78566f27eb1779 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 1 May 2024 10:49:58 +0100 Subject: [PATCH 0992/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v37.332.0 (#2675) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index e1e47026..ff81e146 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 37.278.0 + renovate-version: 37.332.0 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From 966b745e7b2bed105bc838e35b1a0396cb8040ea Mon Sep 17 00:00:00 2001 From: Daniel Beilin <144586547+dbeilin@users.noreply.github.com> Date: Wed, 1 May 2024 06:37:24 -0700 Subject: [PATCH 0993/1248] feat(argo-workflows): Allow adding additional ServiceAccounts to RoleBinding (#2676) remove unnecessary if statements Signed-off-by: Daniel Beilin Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ .../templates/controller/workflow-controller-crb.yaml | 5 +++++ .../argo-workflows/templates/controller/workflow-rb.yaml | 9 ++++++--- charts/argo-workflows/values.yaml | 8 ++++++++ 5 files changed, 24 insertions(+), 6 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 1b9d5109..942eeadf 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.3 +version: 0.41.4 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Fix hyphen typo in values.yaml comments + - kind: added + description: Added option to add service accounts to RoleBindings diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index da4c388c..662b63fd 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -134,6 +134,7 @@ Fields to note: |-----|------|---------|-------------| | workflow.namespace | string | `nil` | Deprecated; use controller.workflowNamespaces instead. | | workflow.rbac.create | bool | `true` | Adds Role and RoleBinding for the above specified service account to be able to run workflows. A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) | +| workflow.rbac.serviceAccounts | list | `[]` | Extra service accounts to be added to the RoleBinding | | workflow.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | | workflow.serviceAccount.labels | object | `{}` | Labels applied to created service account | @@ -146,6 +147,7 @@ Fields to note: |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | +| controller.clusterWorkflowTemplates.serviceAccounts | list | `[]` | Extra service accounts to be added to the ClusterRoleBinding | | controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | | controller.configMap.create | bool | `true` | Create a ConfigMap for the controller | | controller.configMap.name | string | `""` | ConfigMap name | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index 69883f60..93e0557b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -41,5 +41,10 @@ subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} namespace: {{ include "argo-workflows.namespace" . | quote }} +{{- range .Values.controller.clusterWorkflowTemplates.serviceAccounts }} + - kind: ServiceAccount + name: {{ .name }} + namespace: {{ .namespace | quote }} +{{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index 4402a722..ec5ac172 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -17,8 +17,11 @@ roleRef: subjects: - kind: ServiceAccount name: {{ $.Values.workflow.serviceAccount.name }} - {{- with $namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ $namespace }} + {{- range $.Values.workflow.rbac.serviceAccounts }} + - kind: ServiceAccount + name: {{ .name }} + namespace: {{ .namespace | quote }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 6bc461f2..0c5e624d 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -69,6 +69,10 @@ workflow: # -- Adds Role and RoleBinding for the above specified service account to be able to run workflows. # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) create: true + # -- Extra service accounts to be added to the RoleBinding + serviceAccounts: [] + # - name: my-service-account + # namespace: my-namespace controller: image: @@ -361,6 +365,10 @@ controller: clusterWorkflowTemplates: # -- Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. enabled: true + # -- Extra service accounts to be added to the ClusterRoleBinding + serviceAccounts: [] + # - name: my-service-account + # namespace: my-namespace # -- Extra containers to be added to the controller deployment extraContainers: [] From 35bc505bec7c8e5ada964772e1d2dbe1625c2374 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 2 May 2024 16:57:37 +0200 Subject: [PATCH 0994/1248] chore(deps): update actions/create-github-app-token action to v1.10.0 (#2677) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index ff81e146..9487c1fe 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@7bfa3a4717ef143a604ee0a99d859b8886a96d00 # v1.9.3 + uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 0882bfcbd69d1405afc383733cfc328c2970ff29 Mon Sep 17 00:00:00 2001 From: mitchell amihod Date: Sun, 5 May 2024 20:24:13 -0400 Subject: [PATCH 0995/1248] feat(argo-rollouts): Add podLabels at the controller & dashboard level (#2678) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 2 ++ charts/argo-rollouts/templates/controller/deployment.yaml | 2 +- charts/argo-rollouts/templates/dashboard/deployment.yaml | 2 +- charts/argo-rollouts/values.yaml | 4 ++++ 5 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 307965b9..6a4645f9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.6 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.35.1 +version: 2.35.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Allow minimum set of RBAC rules for Gateway API resources + description: Added pod labels for the controller and the dashboard components diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index eb30e7ee..d5d11c26 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -116,6 +116,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | | controller.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | +| controller.podLabels | object | `{}` | Labels to be added to the application controller pods | | controller.priorityClassName | string | `""` | [priorityClassName] for the controller | | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | | controller.replicas | int | `2` | The number of controller pods to run | @@ -168,6 +169,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | | dashboard.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | | dashboard.podAnnotations | object | `{}` | Annotations to be added to application dashboard pods | +| dashboard.podLabels | object | `{}` | Labels to be added to the application dashboard pods | | dashboard.podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | dashboard.priorityClassName | string | `""` | [priorityClassName] for the dashboard server | | dashboard.readonly | bool | `false` | Set cluster role to readonly | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 25301e22..0d4c5281 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -34,7 +34,7 @@ spec: labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: {{ .Values.controller.component }} - {{- range $key, $value := .Values.podLabels }} + {{- range $key, $value := (mergeOverwrite (deepCopy .Values.podLabels) .Values.controller.podLabels) }} {{ $key }}: {{ $value | quote }} {{- end }} spec: diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 1c1d70c3..e2918f40 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -35,7 +35,7 @@ spec: labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: {{ .Values.dashboard.component }} - {{- range $key, $value := .Values.podLabels }} + {{- range $key, $value := (mergeOverwrite (deepCopy .Values.podLabels) .Values.dashboard.podLabels) }} {{ $key }}: {{ $value | quote }} {{- end }} spec: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 8f3f10b4..f9ae582c 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -53,6 +53,8 @@ controller: deploymentLabels: {} # -- Annotations to be added to application controller pods podAnnotations: {} + # -- Labels to be added to the application controller pods + podLabels: {} # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -295,6 +297,8 @@ dashboard: deploymentLabels: {} # -- Annotations to be added to application dashboard pods podAnnotations: {} + # -- Labels to be added to the application dashboard pods + podLabels: {} # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints From 1098ce1287de74ac0d189b5f5d099e98abd9914b Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Wed, 8 May 2024 09:21:09 +0300 Subject: [PATCH 0996/1248] feat(argo-cd): Upgrade argocd to 2.11.0 + crd changes (#2681) --- charts/argo-cd/Chart.yaml | 6 +- .../argocd-repo-server/deployment.yaml | 6 ++ .../templates/crds/crd-application.yaml | 68 +++++++++++++ .../templates/crds/crd-applicationset.yaml | 96 +++++++++++++++++++ 4 files changed, 173 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8c0db468..204e9d31 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.10.9 +appVersion: v2.11.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.7.18 +version: 6.8.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.10.9 + description: Bump argo-cd to v2.11.0 diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 84804ac6..dca27426 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -268,6 +268,12 @@ spec: key: reposerver.git.request.timeout name: argocd-cmd-params-cm optional: true + - name: ARGOCD_REVISION_CACHE_LOCK_TIMEOUT + valueFrom: + configMapKeyRef: + key: reposerver.revision.cache.lock.timeout + name: argocd-cmd-params-cm + optional: true {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: HELM_CACHE_HOME value: /helm-working-dir diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 9869efbb..686626ba 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -353,6 +353,10 @@ spec: definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to + apply common labels to resource selectors or not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -688,6 +692,10 @@ spec: image definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -1137,6 +1145,10 @@ spec: definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply + common labels to resource selectors or not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -1462,6 +1474,10 @@ spec: definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply + common labels to resource selectors or not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -1736,6 +1752,19 @@ spec: description: ID is an auto incrementing identifier of the RevisionHistory format: int64 type: integer + initiatedBy: + description: InitiatedBy contains information about who initiated + the operations + properties: + automated: + description: Automated is set to true if operation was initiated + automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who started + operation + type: string + type: object revision: description: Revision holds the revision the sync was performed against @@ -1940,6 +1969,10 @@ spec: image definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -2278,6 +2311,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -2761,6 +2799,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors + or not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -3117,6 +3160,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies + whether to apply common labels to resource + selectors or not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -3587,6 +3635,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -3936,6 +3989,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -4428,6 +4486,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps @@ -4777,6 +4840,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + labelWithoutSelector: + description: LabelWithoutSelector specifies whether + to apply common labels to resource selectors or + not + type: boolean namePrefix: description: NamePrefix is a prefix appended to resources for Kustomize apps diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 323beb27..032c24ea 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -267,6 +267,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -481,6 +483,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -854,6 +858,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -1068,6 +1074,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -1445,6 +1453,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -1659,6 +1669,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -2016,6 +2028,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -2230,6 +2244,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -2609,6 +2625,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -2823,6 +2841,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -3196,6 +3216,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -3410,6 +3432,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -3787,6 +3811,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -4001,6 +4027,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -4358,6 +4386,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -4572,6 +4602,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -4937,6 +4969,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -5151,6 +5185,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -5698,6 +5734,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -5912,6 +5950,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -6454,6 +6494,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -6668,6 +6710,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -7039,6 +7083,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -7253,6 +7299,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -7634,6 +7682,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -7848,6 +7898,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -8221,6 +8273,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -8435,6 +8489,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -8812,6 +8868,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -9026,6 +9084,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -9383,6 +9443,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -9597,6 +9659,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -9962,6 +10026,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -10176,6 +10242,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -10723,6 +10791,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -10937,6 +11007,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -11479,6 +11551,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -11693,6 +11767,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -12068,6 +12144,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -12282,6 +12360,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -12646,6 +12726,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -12860,6 +12942,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -13407,6 +13491,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -13621,6 +13707,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -14163,6 +14251,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -14377,6 +14467,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -14823,6 +14915,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: @@ -15037,6 +15131,8 @@ spec: items: type: string type: array + labelWithoutSelector: + type: boolean namePrefix: type: string nameSuffix: From dcdcff217698f414a4dd9e4394705e6a442ece3f Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 8 May 2024 22:58:26 -0500 Subject: [PATCH 0997/1248] chore(deps): update actions/checkout action to v4.1.5 (#2683) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 9487c1fe..4aa9875a 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -23,7 +23,7 @@ jobs: private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Self-hosted Renovate uses: renovatebot/github-action@063e0c946b9c1af35ef3450efc44114925d6e8e6 # v40.1.11 From 63306b32f8033ac02a5a2425b67ea3011dce408c Mon Sep 17 00:00:00 2001 From: Thomas Decaux Date: Fri, 10 May 2024 04:32:34 -0400 Subject: [PATCH 0998/1248] feat(argo-cd): Always install applicationset crd (#2682) * Install applicationset crd always ApplicationSet is required by argocd-server, cannot be "opt-out". If ApplicationSet CRD is not installed, we see lot of errors: ``` W0507 19:44:33.469804 7 reflector.go:424] pkg/mod/k8s.io/client-go@v0.26.11/tools/cache/reflector.go:169: failed to list *v1alpha1.ApplicationSet: the server could not find the requested resource (get applicationsets.argoproj.io) E0507 19:44:33.469828 7 reflector.go:140] pkg/mod/k8s.io/client-go@v0.26.11/tools/cache/reflector.go:169: Failed to watch *v1alpha1.ApplicationSet: failed to list *v1alpha1.ApplicationSet: the server could not find the requested resource (get applicationsets.argoproj.io) ``` Signed-off-by: Thomas Decaux * Bump chart version Signed-off-by: Thomas Decaux * Bump Chart.yaml patch version Signed-off-by: Thomas Decaux * Update Chart.yaml changelog Signed-off-by: Thomas Decaux --------- Signed-off-by: Thomas Decaux Co-authored-by: Petr Drastil Co-authored-by: yuki.kitakata --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/crds/crd-applicationset.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 204e9d31..fd726110 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.8.0 +version: 6.8.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.11.0 + description: Always install applicationset crd diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 032c24ea..6414d832 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.crds.install .Values.applicationSet.enabled }} +{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: From 8e2f3d5bc07848604664236065e2d1194c1a8681 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 11 May 2024 05:04:44 -0500 Subject: [PATCH 0999/1248] chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#2687) --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 41ec8336..50bb6a84 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 619e19d7..2894d4fc 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 96b1ed0b..714f2976 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: persist-credentials: false From 3693ed427028c581ce806a96da12627b9743ccfe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 11 May 2024 19:08:12 +0900 Subject: [PATCH 1000/1248] chore(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#2686) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.1 to 2.3.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/0864cf19026789058feabb7e87baa5f140aac736...dc50aa9510b46c811795eb24b2f1ba02a914e534) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 714f2976..b81bf415 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 with: results_file: results.sarif results_format: sarif From 510261328f083edfb206f85da8c6be7898ac9762 Mon Sep 17 00:00:00 2001 From: "yuki.kitakata" Date: Mon, 13 May 2024 13:31:48 +0900 Subject: [PATCH 1001/1248] fix(argo-cd): Always create ApplicationSet as following upstream (#2688) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 +++- charts/argo-cd/README.md.gotmpl | 3 +++ charts/argo-cd/templates/_helpers.tpl | 4 +--- charts/argo-cd/templates/aggregate-roles.yaml | 6 ------ .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 -- charts/argo-cd/templates/argocd-applicationset/ingress.yaml | 2 +- charts/argo-cd/templates/argocd-applicationset/metrics.yaml | 2 +- .../templates/argocd-applicationset/networkpolicy.yaml | 2 +- charts/argo-cd/templates/argocd-applicationset/pdb.yaml | 2 +- charts/argo-cd/templates/argocd-applicationset/role.yaml | 2 -- .../templates/argocd-applicationset/rolebinding.yaml | 2 -- charts/argo-cd/templates/argocd-applicationset/service.yaml | 2 -- .../templates/argocd-applicationset/serviceaccount.yaml | 2 +- .../templates/argocd-applicationset/servicemonitor.yaml | 2 -- .../argo-cd/templates/argocd-repo-server/networkpolicy.yaml | 2 -- charts/argo-cd/templates/argocd-server/role.yaml | 2 -- charts/argo-cd/values.yaml | 3 --- 18 files changed, 14 insertions(+), 34 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fd726110..3d992838 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.8.1 +version: 6.9.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Always install applicationset crd + description: Always create ApplicationSet as following upstream diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 7c3e4d4a..984b3c61 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -278,6 +278,9 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.9.0 +ApplicationSet controller is always created to follow [upstream's manifest](https://github.com/argoproj/argo-cd/blob/v2.11.0/manifests/core-install/kustomization.yaml#L9). + ### 6.4.0 Added support for application controller dynamic cluster distribution. @@ -1341,7 +1344,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.dnsConfig | object | `{}` | [DNS configuration] | | applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.emptyDir.sizeLimit | string | `""` (defaults not set if not specified i.e. no size limit) | EmptyDir size limit for applicationSet controller | -| applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | ApplicationSet controller command line flags | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | | applicationSet.extraEnv | list | `[]` | Environment variables to pass to the ApplicationSet controller | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 62c1759d..97a967df 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -278,6 +278,9 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.9.0 +ApplicationSet controller is always created to follow [upstream's manifest](https://github.com/argoproj/argo-cd/blob/v2.11.0/manifests/core-install/kustomization.yaml#L9). + ### 6.4.0 Added support for application controller dynamic cluster distribution. diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 589dd002..5ec03d90 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -196,6 +196,7 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ {{- $_ := set $presets "repo.server" (printf "%s:%s" (include "argo-cd.repoServer.fullname" .) (.Values.repoServer.service.port | toString)) -}} {{- $_ := set $presets "server.repo.server.strict.tls" (.Values.repoServer.certificateSecret.enabled | toString ) -}} {{- $_ := set $presets "redis.server" (include "argo-cd.redis.server" .) -}} +{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt ((.Values.applicationSet.replicas | default .Values.applicationSet.replicaCount) | int64) 1) -}} {{- if .Values.dex.enabled -}} {{- $_ := set $presets "server.dex.server" (include "argo-cd.dex.server" .) -}} {{- $_ := set $presets "server.dex.server.strict.tls" .Values.dex.certificateSecret.enabled -}} @@ -204,9 +205,6 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ {{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} {{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}} {{- end -}} -{{- if .Values.applicationSet.enabled -}} -{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt ((.Values.applicationSet.replicas | default .Values.applicationSet.replicaCount) | int64) 1) -}} -{{- end -}} {{- toYaml $presets }} {{- end -}} diff --git a/charts/argo-cd/templates/aggregate-roles.yaml b/charts/argo-cd/templates/aggregate-roles.yaml index ba93d548..12d0e006 100644 --- a/charts/argo-cd/templates/aggregate-roles.yaml +++ b/charts/argo-cd/templates/aggregate-roles.yaml @@ -11,9 +11,7 @@ rules: - argoproj.io resources: - applications - {{- if .Values.applicationSet.enabled }} - applicationsets - {{- end }} - appprojects verbs: - get @@ -33,9 +31,7 @@ rules: - argoproj.io resources: - applications - {{- if .Values.applicationSet.enabled }} - applicationsets - {{- end }} - appprojects verbs: - create @@ -60,9 +56,7 @@ rules: - argoproj.io resources: - applications - {{- if .Values.applicationSet.enabled }} - applicationsets - {{- end }} - appprojects verbs: - create diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 0b6a51fb..1c75150d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -1,4 +1,3 @@ -{{- if .Values.applicationSet.enabled }} apiVersion: apps/v1 kind: Deployment metadata: @@ -332,4 +331,3 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} dnsPolicy: {{ .Values.applicationSet.dnsPolicy }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml index fbaa862b..f7fb4142 100644 --- a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.applicationSet.enabled .Values.applicationSet.ingress.enabled -}} +{{- if .Values.applicationSet.ingress.enabled -}} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index ad26d22d..16154c81 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.applicationSet.enabled .Values.applicationSet.metrics.enabled }} +{{- if .Values.applicationSet.metrics.enabled }} apiVersion: v1 kind: Service metadata: diff --git a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml index c6333f88..fee5a80c 100644 --- a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.applicationSet.enabled .Values.global.networkPolicy.create (or .Values.applicationSet.metrics.enabled .Values.applicationSet.ingress.enabled) }} +{{- if and .Values.global.networkPolicy.create (or .Values.applicationSet.metrics.enabled .Values.applicationSet.ingress.enabled) }} apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: diff --git a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml index 8f179032..16134160 100644 --- a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.applicationSet.enabled .Values.applicationSet.pdb.enabled }} +{{- if .Values.applicationSet.pdb.enabled }} apiVersion: policy/v1 kind: PodDisruptionBudget metadata: diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index f8f55405..f33e776d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -1,4 +1,3 @@ -{{- if .Values.applicationSet.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -86,4 +85,3 @@ rules: - patch - update - watch -{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml index a012f1ed..daf8c799 100644 --- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml @@ -1,4 +1,3 @@ -{{- if .Values.applicationSet.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: @@ -14,4 +13,3 @@ subjects: - kind: ServiceAccount name: {{ include "argo-cd.applicationSet.serviceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index e3a07b6f..199c8374 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -1,4 +1,3 @@ -{{- if .Values.applicationSet.enabled }} apiVersion: v1 kind: Service metadata: @@ -23,4 +22,3 @@ spec: targetPort: webhook selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml index 7c0cf017..07839606 100644 --- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.applicationSet.enabled .Values.applicationSet.serviceAccount.create }} +{{- if .Values.applicationSet.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index 8bcb6ca0..11ddd553 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -1,4 +1,3 @@ -{{- if .Values.applicationSet.enabled }} {{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor @@ -49,4 +48,3 @@ spec: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 6 }} {{- end }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml index 08a1c214..8d2b66b5 100644 --- a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -20,11 +20,9 @@ spec: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 10 }} {{- end }} - {{- if .Values.applicationSet.enabled }} - podSelector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 10 }} - {{- end }} ports: - port: repo-server protocol: TCP diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 1a2b3851..570d07fd 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -23,9 +23,7 @@ rules: - argoproj.io resources: - applications - {{- if .Values.applicationSet.enabled }} - applicationsets - {{- end }} - appprojects verbs: - create diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4ab533d0..c3cbf9be 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2638,9 +2638,6 @@ repoServer: ## ApplicationSet controller applicationSet: - # -- Enable ApplicationSet controller - enabled: true - # -- ApplicationSet controller name string name: applicationset-controller From 87f717656a2a10af0277d3df6805a0c89ae85a27 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 14 May 2024 00:59:03 +0200 Subject: [PATCH 1002/1248] fix(argo-cd): Fix Service configuration for Argo server (#2690) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 10 ++-- charts/argo-cd/README.md | 5 +- .../templates/argocd-server/service.yaml | 53 +++++++++---------- charts/argo-cd/values.yaml | 12 +++-- 4 files changed, 44 insertions(+), 36 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3d992838..bea2c90e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.9.0 +version: 6.9.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,9 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Always create ApplicationSet as following upstream + - kind: fixed + description: Service option externalIPs is available for all service types + - kind: fixed + description: Service option externalTrafficPolicy is available only for Service types LoadBalancer and NodePort + - kind: fixed + description: Load balancer options are available only for Service type LoadBalancer diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 984b3c61..596caabd 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1044,7 +1044,7 @@ NAME: my-release | server.route.termination_type | string | `"passthrough"` | Termination type of Openshift Route | | server.service.annotations | object | `{}` | Server service annotations | | server.service.externalIPs | list | `[]` | Server service external IPs | -| server.service.externalTrafficPolicy | string | `""` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints | +| server.service.externalTrafficPolicy | string | `"Cluster"` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints | | server.service.labels | object | `{}` | Server service labels | | server.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | | server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | @@ -1053,8 +1053,9 @@ NAME: my-release | server.service.servicePortHttp | int | `80` | Server service http port | | server.service.servicePortHttpName | string | `"http"` | Server service http port name, can be used to route traffic via istio | | server.service.servicePortHttps | int | `443` | Server service https port | +| server.service.servicePortHttpsAppProtocol | string | `""` | Server service https port appProtocol | | server.service.servicePortHttpsName | string | `"https"` | Server service https port name, can be used to route traffic via istio | -| server.service.sessionAffinity | string | `""` | Used to maintain session affinity. Supports `ClientIP` and `None` | +| server.service.sessionAffinity | string | `"None"` | Used to maintain session affinity. Supports `ClientIP` and `None` | | server.service.type | string | `"ClusterIP"` | Server service type | | server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | server.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index b9881f88..61ad81d0 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -1,21 +1,37 @@ apiVersion: v1 kind: Service metadata: -{{- if .Values.server.service.annotations }} - annotations: - {{- range $key, $value := .Values.server.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} name: {{ template "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} -{{- if .Values.server.service.labels }} -{{- toYaml .Values.server.service.labels | nindent 4 }} -{{- end }} + {{- with .Values.server.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.server.service.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} spec: type: {{ .Values.server.service.type }} + {{- with .Values.server.service.externalIPs }} + externalIPs: {{ . }} + {{- end }} + {{- if or (eq .Values.server.service.type "LoadBalancer") (eq .Values.server.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.server.service.externalTrafficPolicy }} + {{- end }} + {{- if eq .Values.server.service.type "LoadBalancer" }} + {{- with .Values.server.service.loadBalancerIP }} + loadBalancerIP: {{ . }} + {{- end }} + {{- with .Values.server.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} + sessionAffinity: {{ .Values.server.service.sessionAffinity }} ports: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP @@ -36,21 +52,4 @@ spec: {{- end }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} -{{- if eq .Values.server.service.type "LoadBalancer" }} -{{- if .Values.server.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.server.service.loadBalancerIP | quote }} -{{- end }} -{{- if .Values.server.service.externalIPs }} - externalIPs: {{ .Values.server.service.externalIPs }} -{{- end }} -{{- if .Values.server.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.server.service.loadBalancerSourceRanges | indent 4 }} -{{- end }} -{{- end -}} -{{- with .Values.server.service.externalTrafficPolicy }} - externalTrafficPolicy: {{ . }} -{{- end }} -{{- with .Values.server.service.sessionAffinity }} - sessionAffinity: {{ . }} -{{- end }} + diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c3cbf9be..5df19e89 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1972,18 +1972,22 @@ server: servicePortHttpName: http # -- Server service https port name, can be used to route traffic via istio servicePortHttpsName: https - # -- Server service https port appProtocol. (should be upper case - i.e. HTTPS) - # servicePortHttpsAppProtocol: HTTPS + # -- Server service https port appProtocol + ## Ref: https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol + servicePortHttpsAppProtocol: "" # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from + ## Ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service loadBalancerSourceRanges: [] # -- Server service external IPs externalIPs: [] # -- Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints - externalTrafficPolicy: "" + ## Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + externalTrafficPolicy: Cluster # -- Used to maintain session affinity. Supports `ClientIP` and `None` - sessionAffinity: "" + ## Ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + sessionAffinity: None ## Server metrics service configuration metrics: From 7be9b016fb061e325cc5a4751739242c3bc45d59 Mon Sep 17 00:00:00 2001 From: Andres Vara <46708607+andres-vara@users.noreply.github.com> Date: Tue, 14 May 2024 17:17:31 +0200 Subject: [PATCH 1003/1248] feat(argo-cd): Support ability to set .Values.namespaceOverride (#2679) * feat(argo-workflows): Allow adding additional ServiceAccounts to RoleBinding (#2676) remove unnecessary if statements Signed-off-by: Daniel Beilin Co-authored-by: Aikawa Signed-off-by: Andres Vara Parsegov * feat(argo-cd): Support ability to set .Values.namespaceOverride Signed-off-by: Andres Vara Parsegov * fix(argo-cd): typo Signed-off-by: Andres Vara Parsegov * chore(deps): update actions/create-github-app-token action to v1.10.0 (#2677) Co-authored-by: renovate[bot] Signed-off-by: Andres Vara Parsegov * feat(argo-rollouts): Add podLabels at the controller & dashboard level (#2678) Signed-off-by: Andres Vara Parsegov * feat(argo-cd): Support ability to set .Values.namespaceOverride Signed-off-by: Andres Vara Parsegov * fix(argo-cd): typo Signed-off-by: Andres Vara Parsegov * fix(argo-cd): autocorrection Signed-off-by: Andres Vara Parsegov * fix(argo-cd): typos Signed-off-by: Andres Vara Parsegov * fix(argo-cd): typos Signed-off-by: Andres Vara Parsegov * removed auota Signed-off-by: Andres Vara Parsegov * Update Chart.yaml Signed-off-by: Andres Vara <46708607+andres-vara@users.noreply.github.com> --------- Signed-off-by: Daniel Beilin Signed-off-by: Andres Vara Parsegov Signed-off-by: Andres Vara <46708607+andres-vara@users.noreply.github.com> Co-authored-by: Daniel Beilin <144586547+dbeilin@users.noreply.github.com> Co-authored-by: Aikawa Co-authored-by: Andres Vara Parsegov Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] Co-authored-by: mitchell amihod --- charts/argo-cd/Chart.yaml | 10 +++------- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/_helpers.tpl | 8 ++++++++ .../clusterrolebinding.yaml | 2 +- .../argocd-application-controller/deployment.yaml | 2 +- .../argocd-application-controller/metrics.yaml | 2 +- .../argocd-application-controller/networkpolicy.yaml | 2 +- .../templates/argocd-application-controller/pdb.yaml | 2 +- .../templates/argocd-application-controller/role.yaml | 2 +- .../argocd-application-controller/rolebinding.yaml | 8 ++++---- .../argocd-application-controller/serviceaccount.yaml | 2 +- .../argocd-application-controller/servicemonitor.yaml | 2 +- .../argocd-application-controller/statefulset.yaml | 2 +- .../templates/argocd-applicationset/certificate.yaml | 2 +- .../templates/argocd-applicationset/clusterrole.yaml | 2 +- .../argocd-applicationset/clusterrolebinding.yaml | 4 ++-- .../templates/argocd-applicationset/deployment.yaml | 2 +- .../templates/argocd-applicationset/ingress.yaml | 2 +- .../templates/argocd-applicationset/metrics.yaml | 2 +- .../templates/argocd-applicationset/networkpolicy.yaml | 2 +- .../argo-cd/templates/argocd-applicationset/pdb.yaml | 2 +- .../argo-cd/templates/argocd-applicationset/role.yaml | 2 +- .../templates/argocd-applicationset/rolebinding.yaml | 4 ++-- .../templates/argocd-applicationset/service.yaml | 2 +- .../argocd-applicationset/serviceaccount.yaml | 2 +- .../argocd-applicationset/servicemonitor.yaml | 2 +- charts/argo-cd/templates/argocd-configs/argocd-cm.yaml | 2 +- .../templates/argocd-configs/argocd-cmd-params-cm.yaml | 2 +- .../templates/argocd-configs/argocd-cmp-cm.yaml | 2 +- .../argocd-configs/argocd-dex-server-tls-secret.yaml | 2 +- .../templates/argocd-configs/argocd-gpg-keys-cm.yaml | 2 +- .../argocd-configs/argocd-notifications-cm.yaml | 2 +- .../argocd-configs/argocd-notifications-secret.yaml | 2 +- .../templates/argocd-configs/argocd-rbac-cm.yaml | 2 +- .../argocd-configs/argocd-repo-server-tls-secret.yaml | 2 +- .../templates/argocd-configs/argocd-secret.yaml | 2 +- .../argocd-configs/argocd-server-tls-secret.yaml | 2 +- .../argocd-configs/argocd-ssh-known-hosts-cm.yaml | 2 +- .../templates/argocd-configs/argocd-styles-cm.yaml | 2 +- .../templates/argocd-configs/argocd-tls-certs-cm.yaml | 2 +- .../templates/argocd-configs/externalredis-secret.yaml | 2 +- .../argocd-notifications/clusterrolebinding.yaml | 2 +- .../templates/argocd-notifications/deployment.yaml | 4 ++-- .../templates/argocd-notifications/metrics.yaml | 2 +- .../templates/argocd-notifications/networkpolicy.yaml | 2 +- charts/argo-cd/templates/argocd-notifications/pdb.yaml | 2 +- .../argo-cd/templates/argocd-notifications/role.yaml | 2 +- .../templates/argocd-notifications/rolebinding.yaml | 4 ++-- .../templates/argocd-notifications/serviceaccount.yaml | 2 +- .../templates/argocd-notifications/servicemonitor.yaml | 2 +- .../argocd-repo-server/clusterrolebinding.yaml | 2 +- .../templates/argocd-repo-server/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/hpa.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/metrics.yaml | 2 +- .../templates/argocd-repo-server/networkpolicy.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/pdb.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/role.yaml | 2 +- .../templates/argocd-repo-server/rolebinding.yaml | 4 ++-- .../argo-cd/templates/argocd-repo-server/service.yaml | 4 ++-- .../templates/argocd-repo-server/serviceaccount.yaml | 2 +- .../templates/argocd-repo-server/servicemonitor.yaml | 2 +- .../argo-cd/templates/argocd-server/aws/ingress.yaml | 2 +- .../argo-cd/templates/argocd-server/aws/service.yaml | 2 +- .../argo-cd/templates/argocd-server/certificate.yaml | 2 +- .../templates/argocd-server/clusterrolebinding.yaml | 2 +- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 +- .../templates/argocd-server/gke/backendconfig.yaml | 2 +- .../templates/argocd-server/gke/frontendconfig.yaml | 2 +- .../argo-cd/templates/argocd-server/gke/ingress.yaml | 2 +- .../argocd-server/gke/managedcertificate.yaml | 2 +- charts/argo-cd/templates/argocd-server/hpa.yaml | 2 +- .../argo-cd/templates/argocd-server/ingress-grpc.yaml | 2 +- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- charts/argo-cd/templates/argocd-server/metrics.yaml | 2 +- .../argo-cd/templates/argocd-server/networkpolicy.yaml | 2 +- .../templates/argocd-server/openshift/route.yaml | 2 +- charts/argo-cd/templates/argocd-server/pdb.yaml | 2 +- charts/argo-cd/templates/argocd-server/role.yaml | 2 +- .../argo-cd/templates/argocd-server/rolebinding.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/service.yaml | 2 +- .../templates/argocd-server/serviceaccount.yaml | 2 +- .../templates/argocd-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/templates/dex/networkpolicy.yaml | 2 +- charts/argo-cd/templates/dex/pdb.yaml | 2 +- charts/argo-cd/templates/dex/role.yaml | 4 ++-- charts/argo-cd/templates/dex/rolebinding.yaml | 4 ++-- charts/argo-cd/templates/dex/service.yaml | 2 +- charts/argo-cd/templates/dex/serviceaccount.yaml | 2 +- charts/argo-cd/templates/dex/servicemonitor.yaml | 2 +- .../argo-cd/templates/networkpolicy-default-deny.yaml | 2 +- charts/argo-cd/templates/redis/deployment.yaml | 2 +- charts/argo-cd/templates/redis/health-configmap.yaml | 2 +- charts/argo-cd/templates/redis/metrics.yaml | 2 +- charts/argo-cd/templates/redis/networkpolicy.yaml | 2 +- charts/argo-cd/templates/redis/pdb.yaml | 2 +- charts/argo-cd/templates/redis/service.yaml | 2 +- charts/argo-cd/templates/redis/serviceaccount.yaml | 2 +- charts/argo-cd/templates/redis/servicemonitor.yaml | 2 +- charts/argo-cd/values.yaml | 3 +++ 100 files changed, 123 insertions(+), 115 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bea2c90e..83409042 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.9.1 +version: 6.9.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,9 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Service option externalIPs is available for all service types - - kind: fixed - description: Service option externalTrafficPolicy is available only for Service types LoadBalancer and NodePort - - kind: fixed - description: Load balancer options are available only for Service type LoadBalancer + - kind: added + description: Support ability to set .Values.namespaceOverride diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 596caabd..3f196f82 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -622,6 +622,7 @@ NAME: my-release | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | nameOverride | string | `"argocd"` | Provide a name in place of `argocd` | +| namespaceOverride | string | `.Release.Namespace` | Override the namespace | | openshift.enabled | bool | `false` | enables using arbitrary uid for argo repo server | ## Global Configs diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 5ec03d90..67af632c 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -218,3 +218,11 @@ Merge Argo Params Configuration with Preset Configuration {{ $key }}: {{ toString $value | toYaml }} {{- end }} {{- end -}} + +{{/* +Expand the namespace of the release. +Allows overriding it for multi-namespace deployments in combined charts. +*/}} +{{- define "argo-cd.namespace" -}} +{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml index 7b6df782..6076c531 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -12,5 +12,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-cd.controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index dc26a8db..23d2a7ad 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -9,7 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml index 01b7a779..c3ceb047 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.controller.fullname" . }}-metrics - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 4 }} {{- with .Values.controller.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml index e7448c52..db1ee7c2 100644 --- a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} name: {{ template "argo-cd.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml index 7eaf28e1..bef09799 100644 --- a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-application-controller/role.yaml b/charts/argo-cd/templates/argocd-application-controller/role.yaml index ea550e1f..f2aa2cfd 100644 --- a/charts/argo-cd/templates/argocd-application-controller/role.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml index 9a87f771..48681637 100644 --- a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "argo-cd.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: @@ -10,6 +10,6 @@ roleRef: kind: Role name: {{ include "argo-cd.controller.fullname" . }} subjects: -- kind: ServiceAccount - name: {{ include "argo-cd.controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + - kind: ServiceAccount + name: {{ include "argo-cd.controller.serviceAccountName" . }} + namespace: {{ include "argo-cd.namespace" . }} diff --git a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index 1b9619d6..575cbf6d 100644 --- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-cd.controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} {{- with .Values.controller.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 342dbc01..4a09daf3 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -43,7 +43,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ include "argo-cd.namespace" . }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 208f358f..07191359 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -9,7 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.controller.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index 3f623614..c2d2b279 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -9,7 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml b/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml index 6ac4c1e7..9c9b9193 100644 --- a/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml index 152b31f4..af6d5297 100644 --- a/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} roleRef: @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-cd.applicationSet.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 1c75150d..060d20c5 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -8,7 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml index f7fb4142..5cdf0cfe 100644 --- a/charts/argo-cd/templates/argocd-applicationset/ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml @@ -3,7 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index 16154c81..06253a81 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.applicationSet.fullname" . }}-metrics - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }} {{- with .Values.applicationSet.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml index fee5a80c..3a295f77 100644 --- a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml @@ -3,7 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml index 16134160..5d0ebc88 100644 --- a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index f33e776d..69ebf7ee 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml index daf8c799..5d4f1e4a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} roleRef: @@ -12,4 +12,4 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-cd.applicationSet.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index 199c8374..91c082aa 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -8,7 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.applicationSet.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.service.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml index 07839606..4869cad0 100644 --- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-cd.applicationSet.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} {{- with .Values.applicationSet.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index 11ddd553..9c236c45 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -43,7 +43,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ include "argo-cd.namespace" . }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index c0c8bc86..6bd19f5c 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cm - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cm") | nindent 4 }} {{- with .Values.configs.cm.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml index 9d60d932..f0c81b24 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cmd-params-cm - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cmd-params-cm") | nindent 4 }} {{- if .Values.configs.params.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml index a3400605..a5d29f6c 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cmp-cm - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "cmp-cm") | nindent 4 }} {{- with .Values.configs.cmp.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml index c543e8a7..747fa13c 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-dex-server-tls - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" "dex-server-tls") | nindent 4 }} {{- with .Values.dex.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml index f94113a2..ed299b59 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-gpg-keys-cm - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} {{- with .Values.configs.gpg.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml index 2a18a2fc..663862e2 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-notifications-cm - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index 9c261c6a..f64a91f5 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ .Values.notifications.secret.name }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.secret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index f9b62f76..ae48404e 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-rbac-cm - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "rbac-cm") | nindent 4 }} {{- with .Values.configs.rbac.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml index 4e1b3dc9..8635d64e 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-server-tls - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "repo-server-tls") | nindent 4 }} {{- with .Values.repoServer.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 9e25e376..9462be26 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-secret - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }} {{- with .Values.configs.secret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml index c612a62c..97116472 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-server-tls - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "server-tls") | nindent 4 }} {{- with .Values.server.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 845d219d..b0695ed3 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-ssh-known-hosts-cm - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} {{- with .Values.configs.ssh.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml index b98e40df..77421542 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-styles-cm - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index fa6e7433..db582e6d 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-tls-certs-cm - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} {{- with .Values.configs.tls.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml index 9bfcd983..c4166d1b 100644 --- a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.redis.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .Values.externalRedis.secretAnnotations }} diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml index cfdba38a..9a6fa7c5 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml @@ -12,5 +12,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-cd.notifications.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index eaf35623..4bdb24f6 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -9,7 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.notifications.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: @@ -65,7 +65,7 @@ spec: - --metrics-port={{ .Values.notifications.containerPorts.metrics }} - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} - - --namespace={{ .Release.Namespace }} + - --namespace={{ include "argo-cd.namespace" . }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - --secret-name={{ .Values.notifications.secret.name }} {{- range .Values.notifications.extraArgs }} diff --git a/charts/argo-cd/templates/argocd-notifications/metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml index b5ce611d..b7dcfe6a 100644 --- a/charts/argo-cd/templates/argocd-notifications/metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/metrics.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.notifications.fullname" . }}-metrics - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 4 }} {{- with .Values.notifications.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml index 011a7c33..b03c26ca 100644 --- a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml @@ -3,7 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ template "argo-cd.notifications.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-notifications/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/pdb.yaml index 71619547..4bdf211a 100644 --- a/charts/argo-cd/templates/argocd-notifications/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/pdb.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-notifications/role.yaml b/charts/argo-cd/templates/argocd-notifications/role.yaml index 22eaa473..800a937a 100644 --- a/charts/argo-cd/templates/argocd-notifications/role.yaml +++ b/charts/argo-cd/templates/argocd-notifications/role.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.notifications.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml index 32324190..e2259621 100644 --- a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "argo-cd.notifications.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} roleRef: @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-cd.notifications.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml index 8f58ff8d..3da8f27c 100644 --- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-cd.notifications.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} {{- with .Values.notifications.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 18849886..03599a6d 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -43,7 +43,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ include "argo-cd.namespace" . }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml index 8531520c..d8bd88aa 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -12,5 +12,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-cd.repoServer.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index dca27426..745150e7 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -8,7 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index ce6ed371..7615a412 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -3,7 +3,7 @@ apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: {{ include "argo-cd.repoServer.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml index 514595a2..6b82796c 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.repoServer.fullname" . }}-metrics - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-metrics" .Values.repoServer.name)) | nindent 4 }} {{- with .Values.repoServer.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml index 8d2b66b5..c11ab129 100644 --- a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} name: {{ template "argo-cd.repoServer.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml index 658a1fe3..f79af3d7 100644 --- a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.repoServer.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} {{- with .Values.repoServer.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-repo-server/role.yaml b/charts/argo-cd/templates/argocd-repo-server/role.yaml index 5f9324d5..596874d4 100644 --- a/charts/argo-cd/templates/argocd-repo-server/role.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/role.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.repoServer.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml index ea4baded..2bc88b66 100644 --- a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "argo-cd.repoServer.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-cd.repoServer.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/service.yaml b/charts/argo-cd/templates/argocd-repo-server/service.yaml index c2c43463..4412a8c9 100644 --- a/charts/argo-cd/templates/argocd-repo-server/service.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/service.yaml @@ -13,7 +13,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} spec: ports: - name: {{ .Values.repoServer.service.portName }} @@ -21,4 +21,4 @@ spec: port: {{ .Values.repoServer.service.port }} targetPort: repo-server selector: - {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 4 }} \ No newline at end of file + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml index 2facd9af..9b5777f1 100644 --- a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-cd.repoServer.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} {{- with .Values.repoServer.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 9ca16e74..38041de3 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -43,7 +43,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ include "argo-cd.namespace" . }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-metrics" .Values.repoServer.name)) | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml index ffe0b79b..46d24d3c 100644 --- a/charts/argo-cd/templates/argocd-server/aws/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/ingress.yaml @@ -5,7 +5,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index 376699e3..a98ddfa2 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -7,7 +7,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-grpc - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} spec: ports: - name: {{ .Values.server.service.servicePortHttpName }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 84a0e62c..629d0e95 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -9,7 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 1e5a98fa..ce4a4d70 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -12,5 +12,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-cd.server.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index dee9cf43..8c02805a 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -8,7 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml index cd040c90..515e6d74 100644 --- a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml @@ -3,7 +3,7 @@ apiVersion: cloud.google.com/v1 kind: BackendConfig metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingress.gke.backendConfig }} diff --git a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml index d8b3b1ea..ae460a38 100644 --- a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml @@ -3,7 +3,7 @@ apiVersion: networking.gke.io/v1beta1 kind: FrontendConfig metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingress.gke.frontendConfig }} diff --git a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml index 160308bd..b030435b 100644 --- a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml @@ -5,7 +5,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml index 63c089b8..2dd6f5e9 100644 --- a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml @@ -3,7 +3,7 @@ apiVersion: networking.gke.io/v1 kind: ManagedCertificate metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index a509e569..51fe559d 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -3,7 +3,7 @@ apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 2d15b9d7..3ad5a519 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -4,7 +4,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }}-grpc - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingressGrpc.labels }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index cfd0696d..84668373 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -5,7 +5,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-server/metrics.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml index 3844820e..f0797552 100644 --- a/charts/argo-cd/templates/argocd-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.server.fullname" . }}-metrics - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-metrics" .Values.server.name)) | nindent 4 }} {{- with .Values.server.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml index 443ff359..4621e24f 100644 --- a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} spec: ingress: - {} diff --git a/charts/argo-cd/templates/argocd-server/openshift/route.yaml b/charts/argo-cd/templates/argocd-server/openshift/route.yaml index 01cb6aed..b018f724 100644 --- a/charts/argo-cd/templates/argocd-server/openshift/route.yaml +++ b/charts/argo-cd/templates/argocd-server/openshift/route.yaml @@ -3,7 +3,7 @@ apiVersion: route.openshift.io/v1 kind: Route metadata: name: {{ template "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.route.annotations }} diff --git a/charts/argo-cd/templates/argocd-server/pdb.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml index adc47aec..6bc93305 100644 --- a/charts/argo-cd/templates/argocd-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-server/pdb.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 570d07fd..8d12e30d 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-server/rolebinding.yaml index 61276d60..4d635aa9 100644 --- a/charts/argo-cd/templates/argocd-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/rolebinding.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: @@ -12,4 +12,4 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-cd.server.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 61ad81d0..2b9872be 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.server.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.service.labels }} diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index a8efe1e5..9789e1d0 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.server.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-cd.server.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} {{- with .Values.server.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index e8820768..2f96ca0a 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -43,7 +43,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ include "argo-cd.namespace" . }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.server.name "name" (printf "%s-metrics" .Values.server.name)) | nindent 6 }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index b6c94f90..007e0ee1 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -9,7 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.dex.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/dex/networkpolicy.yaml b/charts/argo-cd/templates/dex/networkpolicy.yaml index cb0fcc55..6d0c9789 100644 --- a/charts/argo-cd/templates/dex/networkpolicy.yaml +++ b/charts/argo-cd/templates/dex/networkpolicy.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} name: {{ template "argo-cd.dex.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/dex/pdb.yaml b/charts/argo-cd/templates/dex/pdb.yaml index c0adc73f..12161024 100644 --- a/charts/argo-cd/templates/dex/pdb.yaml +++ b/charts/argo-cd/templates/dex/pdb.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.dex.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- with .Values.dex.pdb.labels }} diff --git a/charts/argo-cd/templates/dex/role.yaml b/charts/argo-cd/templates/dex/role.yaml index 49d40891..e79b3cf7 100644 --- a/charts/argo-cd/templates/dex/role.yaml +++ b/charts/argo-cd/templates/dex/role.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.dex.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} rules: @@ -16,4 +16,4 @@ rules: - get - list - watch -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/dex/rolebinding.yaml b/charts/argo-cd/templates/dex/rolebinding.yaml index 30b92c06..792a465a 100644 --- a/charts/argo-cd/templates/dex/rolebinding.yaml +++ b/charts/argo-cd/templates/dex/rolebinding.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "argo-cd.dex.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} roleRef: @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-cd.dex.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ include "argo-cd.namespace" . }} {{- end }} diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index 73c98483..8825a7ea 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.dex.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} {{- if .Values.dex.metrics.service.annotations }} annotations: {{- range $key, $value := .Values.dex.metrics.service.annotations }} diff --git a/charts/argo-cd/templates/dex/serviceaccount.yaml b/charts/argo-cd/templates/dex/serviceaccount.yaml index 66bf3076..aeff2441 100644 --- a/charts/argo-cd/templates/dex/serviceaccount.yaml +++ b/charts/argo-cd/templates/dex/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.dex.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-cd.dex.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} {{- with .Values.dex.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 00f2a238..3faa667a 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -40,7 +40,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ include "argo-cd.namespace" . }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 6 }} diff --git a/charts/argo-cd/templates/networkpolicy-default-deny.yaml b/charts/argo-cd/templates/networkpolicy-default-deny.yaml index b499ab03..06d1979a 100644 --- a/charts/argo-cd/templates/networkpolicy-default-deny.yaml +++ b/charts/argo-cd/templates/networkpolicy-default-deny.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} name: {{ template "argo-cd.fullname" . }}-default-deny - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} spec: podSelector: {} policyTypes: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 56ceae93..de9c29b1 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -10,7 +10,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.redis.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/redis/health-configmap.yaml b/charts/argo-cd/templates/redis/health-configmap.yaml index fd0ecff7..0d4005d6 100644 --- a/charts/argo-cd/templates/redis/health-configmap.yaml +++ b/charts/argo-cd/templates/redis/health-configmap.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "argo-cd.redis.fullname" . }}-health-configmap - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/redis/metrics.yaml b/charts/argo-cd/templates/redis/metrics.yaml index 67b4c3ac..040f5ebf 100644 --- a/charts/argo-cd/templates/redis/metrics.yaml +++ b/charts/argo-cd/templates/redis/metrics.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.redis.fullname" . }}-metrics - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.metrics.service.labels }} diff --git a/charts/argo-cd/templates/redis/networkpolicy.yaml b/charts/argo-cd/templates/redis/networkpolicy.yaml index cd8150e1..d602a931 100644 --- a/charts/argo-cd/templates/redis/networkpolicy.yaml +++ b/charts/argo-cd/templates/redis/networkpolicy.yaml @@ -6,7 +6,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} name: {{ template "argo-cd.redis.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 59423b47..c614144d 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -4,7 +4,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.redis.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.pdb.labels }} diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index 31f497d7..a4a94140 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.redis.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.service.labels }} diff --git a/charts/argo-cd/templates/redis/serviceaccount.yaml b/charts/argo-cd/templates/redis/serviceaccount.yaml index f45ece13..bc942e22 100644 --- a/charts/argo-cd/templates/redis/serviceaccount.yaml +++ b/charts/argo-cd/templates/redis/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-cd.redis.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . }} {{- with .Values.redis.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index 6f036a80..2126bafb 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -41,7 +41,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ include "argo-cd.namespace" . }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 6 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5df19e89..15171656 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -6,6 +6,9 @@ nameOverride: argocd # -- String to fully override `"argo-cd.fullname"` fullnameOverride: "" +# -- Override the namespace +# @default -- `.Release.Namespace` +namespaceOverride: "" # -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" # Override APIVersions From 39e1322df2b15446796356d9bf027250c5d75c35 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 16 May 2024 20:06:49 +0900 Subject: [PATCH 1004/1248] chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.13.0 (#2692) * chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.13.0 * feat(argocd-image-updater): update deployment as following upstream Signed-off-by: yu-croco * fix(argocd-image-updater): correct doc Signed-off-by: yu-croco * fix(argocd-image-updater): fix manifest Signed-off-by: yu-croco * chore(argocd-image-updater): bump version Signed-off-by: yu-croco --------- Signed-off-by: yu-croco Co-authored-by: renovate[bot] Co-authored-by: yu-croco --- charts/argocd-image-updater/Chart.yaml | 8 ++++---- charts/argocd-image-updater/README.md | 2 +- .../templates/deployment.yaml | 11 +++++------ charts/argocd-image-updater/values.yaml | 17 ++++++++++------- 4 files changed, 20 insertions(+), 18 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 7f299aef..d3143726 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.7 -appVersion: v0.12.2 +version: 0.10.0 +appVersion: v0.13.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Allow defining extraEnvFrom for the deployment + - kind: changed + description: Bump argocd-image-updater to v0.13.0 diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index a8d28699..ea57d402 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -114,7 +114,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | rbac.enabled | bool | `true` | Enable RBAC creation | | replicaCount | int | `1` | Replica count for the deployment. It is not advised to run more than one replica. | | resources | object | `{}` | Pod memory and cpu resource settings for the deployment | -| securityContext | object | `{}` | Security context settings for the deployment | +| securityContext | object | See [values.yaml] | Security context settings for the deployment | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | serviceAccount.labels | object | `{}` | Labels to add to the service account | diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index cfd87a47..b6aa13fe 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -34,8 +34,7 @@ spec: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} - command: - - /usr/local/bin/argocd-image-updater + args: - run {{- with .Values.extraArgs }} {{- toYaml . | nindent 12 }} @@ -136,12 +135,12 @@ spec: volumeMounts: - mountPath: /app/config name: image-updater-conf - - mountPath: /tmp - name: tmp-dir - mountPath: /app/config/ssh name: ssh-known-hosts - mountPath: /app/.ssh name: ssh-config + - mountPath: /tmp + name: tmp {{- if .Values.authScripts.enabled }} - mountPath: /scripts name: authscripts @@ -165,8 +164,6 @@ spec: name: argocd-image-updater-authscripts name: authscripts {{- end }} - - emptyDir: {} - name: tmp-dir - configMap: name: argocd-ssh-known-hosts-cm optional: true @@ -175,6 +172,8 @@ spec: name: argocd-image-updater-ssh-config optional: true name: ssh-config + - emptyDir: {} + name: tmp {{- with .Values.volumes }} {{- toYaml . | nindent 6}} {{- end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 0f2a4e33..2791890a 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -205,13 +205,16 @@ podSecurityContext: {} # fsGroup: 2000 # -- Security context settings for the deployment -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 +# @default -- See [values.yaml] +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault rbac: # -- Enable RBAC creation From 4ce5e9be2efe51d64754e3a3e1e9c2f49f0a258f Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 16 May 2024 23:27:52 +0200 Subject: [PATCH 1005/1248] chore(deps): update actions/checkout action to v4.1.6 (#2696) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 4aa9875a..c270cb2a 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -23,7 +23,7 @@ jobs: private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Self-hosted Renovate uses: renovatebot/github-action@063e0c946b9c1af35ef3450efc44114925d6e8e6 # v40.1.11 From 66c39a06d83da91713a98f912f4bf9f75184fce0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89tienne=20Kemp-Rousseau?= <36542216+etiennnr@users.noreply.github.com> Date: Fri, 17 May 2024 11:18:13 -0400 Subject: [PATCH 1006/1248] fix(argo-cd): Adding checksum for argocd-cm to dex pod (#2695) Adding checksum to argocd-cm to dex pod Signed-off-by: Etienne Kemp-Rousseau Co-authored-by: yuki.kitakata --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/dex/deployment.yaml | 3 +++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 83409042..f27ae34d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.9.2 +version: 6.9.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support ability to set .Values.namespaceOverride + - kind: fixed + description: Restarting dex pod when `argocd-cm` configmap changes diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 007e0ee1..bc9b4530 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -26,6 +26,9 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if (index .Values.configs.cm "dex.config") }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- if .Values.dex.certificateSecret.enabled }} checksum/dex-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-dex-server-tls-secret.yaml") . | sha256sum }} {{- end }} From 5d3e581b117e89b916231729510725cf8c046a81 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 18 May 2024 19:02:45 +0900 Subject: [PATCH 1007/1248] chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#2700) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.5 to 4.1.6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.5...a5ac7e51b41094c92402da3b24376905380afc29) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 50bb6a84..8335fc7c 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 2894d4fc..07dde599 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b81bf415..2d72cdb0 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: persist-credentials: false From b95e14aa021873a995822fa38f00e758678b25d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 18 May 2024 20:13:16 +0900 Subject: [PATCH 1008/1248] chore(deps): bump github/codeql-action from 2.13.4 to 3.25.5 (#2699) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.13.4 to 3.25.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/cdcdbb579706841c47f7063dda365e292e5cad7a...b7cec7526559c32f1616476ff32d17ba4c59b2d6) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: yuki.kitakata --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 2d72cdb0..0074ed3d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4 + uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5 with: sarif_file: results.sarif From 4611a164637f626b6d55ab9362d229dd9f05b523 Mon Sep 17 00:00:00 2001 From: "yuki.kitakata" Date: Sun, 19 May 2024 16:34:24 +0900 Subject: [PATCH 1009/1248] fix(argo-workflows): Correct sample of secondsAfterCompletion (#2702) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 942eeadf..2c6c24df 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.4 +version: 0.41.5 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added option to add service accounts to RoleBindings + - kind: fixed + description: Correct sample of secondsAfterCompletion diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 0c5e624d..15a42ec4 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -202,7 +202,7 @@ controller: workflowDefaults: {} # spec: # ttlStrategy: - # secondsAfterCompletion: 84600 + # secondsAfterCompletion: 86400 # # Ref: https://argo-workflows.readthedocs.io/en/stable/artifact-repository-ref/ # artifactRepositoryRef: # configMap: my-artifact-repository # default is "artifact-repositories" From f9eb0b394ca7856a42e69e9f3e58671646052c25 Mon Sep 17 00:00:00 2001 From: "yuki.kitakata" Date: Sun, 19 May 2024 19:22:17 +0900 Subject: [PATCH 1010/1248] fix(argo-workflows): Add missing serviceLabels to server service (#2698) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/server/server-service.yaml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 2c6c24df..e897eab6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.5 +version: 0.41.6 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Correct sample of secondsAfterCompletion + description: Add missing serviceLabels to server service diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 7f81bd39..7517d659 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -7,6 +7,9 @@ metadata: labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} + {{- with .Values.server.serviceLabels }} + {{ toYaml . | nindent 4 }} + {{- end }} {{- with .Values.server.serviceAnnotations }} annotations: {{- toYaml . | nindent 4 }} From fcee9a60460b3784b1f1656fd3cd3fb1f53eef6b Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Tue, 21 May 2024 18:36:32 +0200 Subject: [PATCH 1011/1248] fix(argo-cd): Enable Redis authentication in the default installation (#2705) --- charts/argo-cd/Chart.yaml | 10 +-- charts/argo-cd/README.md | 60 ++++++++++++++++ charts/argo-cd/README.md.gotmpl | 48 +++++++++++++ charts/argo-cd/templates/_helpers.tpl | 19 +++++ .../deployment.yaml | 8 ++- .../statefulset.yaml | 8 ++- .../argocd-configs/externalredis-secret.yaml | 2 +- .../argocd-repo-server/deployment.yaml | 8 ++- .../templates/argocd-server/deployment.yaml | 8 ++- .../templates/redis-secret-init/job.yaml | 54 +++++++++++++++ .../templates/redis-secret-init/role.yaml | 27 ++++++++ .../redis-secret-init/rolebinding.yaml | 19 +++++ .../redis-secret-init/serviceaccount.yaml | 16 +++++ .../argo-cd/templates/redis/deployment.yaml | 8 ++- .../templates/redis/health-configmap.yaml | 2 + charts/argo-cd/values.yaml | 69 +++++++++++++++++++ 16 files changed, 352 insertions(+), 14 deletions(-) create mode 100644 charts/argo-cd/templates/redis-secret-init/job.yaml create mode 100644 charts/argo-cd/templates/redis-secret-init/role.yaml create mode 100644 charts/argo-cd/templates/redis-secret-init/rolebinding.yaml create mode 100644 charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f27ae34d..eb512089 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.11.0 +appVersion: v2.11.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.9.3 +version: 6.10.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Restarting dex pod when `argocd-cm` configmap changes + - kind: security + description: Enable Redis authentication in the default installation (GHSA-9766-5277-j5hr) + - kind: changed + description: Bump argo-cd to v2.11.1 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3f196f82..4452d4ed 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -278,6 +278,39 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.10.0 + +This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr. + +#### How to rotate Redis secret? + +Upstream steps in the [FAQ] are not enough, since we chose a different approach. +(We use a Kubernetes Job with [Chart Hooks] to create the auth secret `argocd-redis`.) + +Steps to roteate the secret when using the helm chart (bold step is additional to upstream): +* Delete `argocd-redis` secret in the namespace where Argo CD is installed. + ```bash + kubectl delete secret argocd-redis -n + ``` +* **Perform a helm upgrade** + ```bash + helm upgrade argocd argo/argo-cd --reuse-values --wait + ``` +* If you are running Redis in HA mode, restart Redis in HA. + ```bash + kubectl rollout restart deployment argocd-redis-ha-haproxy + kubectl rollout restart statefulset argocd-redis-ha-server + ``` +* If you are running Redis in non-HA mode, restart Redis. + ```bash + kubectl rollout restart deployment argocd-redis + ``` +* Restart other components. + ```bash + kubectl rollout restart deployment argocd-server argocd-repo-server + kubectl rollout restart statefulset argocd-application-controller + ``` + ### 6.9.0 ApplicationSet controller is always created to follow [upstream's manifest](https://github.com/argoproj/argo-cd/blob/v2.11.0/manifests/core-install/kustomization.yaml#L9). @@ -1271,8 +1304,10 @@ The main options are listed here: |-----|------|---------|-------------| | redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | | redis-ha.affinity | string | `""` | Assign custom [affinity] rules to the Redis pods. | +| redis-ha.auth | bool | `true` | Configures redis-ha with AUTH | | redis-ha.containerSecurityContext | object | See [values.yaml] | Redis HA statefulset container-level security context | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | +| redis-ha.existingSecret | string | `"argocd-redis"` | Existing Secret to use for redis-ha authentication. By default the redis-secret-init Job is generating this Secret. | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.58.0"` | Tag to use for the redis-exporter | @@ -1316,6 +1351,29 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | externalRedis.secretAnnotations | object | `{}` | External Redis Secret annotations | | externalRedis.username | string | `""` | External Redis username | +### Redis secret-init + +The helm chart deploys a Job to setup a random password which is used to secure the Redis. The Redis password is stored in Kubernetes secret `argocd-redis` with key `auth` in the namespace where Argo CD is installed. +If you use an External Redis (See Option 3 above), this Job is not deployed. + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| redisSecretInit.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | +| redisSecretInit.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis secret-init Job | +| redisSecretInit.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Redis secret-init Job | +| redisSecretInit.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Redis secret-init Job | +| redisSecretInit.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | +| redisSecretInit.jobAnnotations | object | `{}` | Annotations to be added to the Redis secret-init Job | +| redisSecretInit.name | string | `"redis-secret-init"` | Redis secret-init name | +| redisSecretInit.podAnnotations | object | `{}` | Annotations to be added to the Redis secret-init Job | +| redisSecretInit.podLabels | object | `{}` | Labels to be added to the Redis secret-init Job | +| redisSecretInit.resources | object | `{}` | Resource limits and requests for Redis secret-init Job | +| redisSecretInit.securityContext | object | `{}` | Redis secret-init Job pod-level security context | +| redisSecretInit.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| redisSecretInit.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| redisSecretInit.serviceAccount.create | bool | `true` | Create a service account for the redis pod | +| redisSecretInit.serviceAccount.name | string | `""` | Service account name for redis pod | + ## ApplicationSet | Key | Type | Default | Description | @@ -1507,8 +1565,10 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog +[Chart Hooks]: https://helm.sh/docs/topics/charts_hooks/ [DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters +[FAQ]: https://argo-cd.readthedocs.io/en/stable/faq/ [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup [gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 97a967df..6ab46ffc 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -278,6 +278,39 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 6.10.0 + +This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr. + +#### How to rotate Redis secret? + +Upstream steps in the [FAQ] are not enough, since we chose a different approach. +(We use a Kubernetes Job with [Chart Hooks] to create the auth secret `argocd-redis`.) + +Steps to roteate the secret when using the helm chart (bold step is additional to upstream): +* Delete `argocd-redis` secret in the namespace where Argo CD is installed. + ```bash + kubectl delete secret argocd-redis -n + ``` +* **Perform a helm upgrade** + ```bash + helm upgrade argocd argo/argo-cd --reuse-values --wait + ``` +* If you are running Redis in HA mode, restart Redis in HA. + ```bash + kubectl rollout restart deployment argocd-redis-ha-haproxy + kubectl rollout restart statefulset argocd-redis-ha-server + ``` +* If you are running Redis in non-HA mode, restart Redis. + ```bash + kubectl rollout restart deployment argocd-redis + ``` +* Restart other components. + ```bash + kubectl rollout restart deployment argocd-server argocd-repo-server + kubectl rollout restart statefulset argocd-application-controller + ``` + ### 6.9.0 ApplicationSet controller is always created to follow [upstream's manifest](https://github.com/argoproj/argo-cd/blob/v2.11.0/manifests/core-install/kustomization.yaml#L9). @@ -722,6 +755,19 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide {{- end }} {{- end }} +### Redis secret-init + +The helm chart deploys a Job to setup a random password which is used to secure the Redis. The Redis password is stored in Kubernetes secret `argocd-redis` with key `auth` in the namespace where Argo CD is installed. +If you use an External Redis (See Option 3 above), this Job is not deployed. + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "redisSecretInit" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + ## ApplicationSet | Key | Type | Default | Description | @@ -750,8 +796,10 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog +[Chart Hooks]: https://helm.sh/docs/topics/charts_hooks/ [DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters +[FAQ]: https://argo-cd.readthedocs.io/en/stable/faq/ [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup [gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 67af632c..f0470be3 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -86,6 +86,25 @@ Create the name of the redis service account to use {{- end -}} {{- end -}} + +{{/* +Create Redis secret-init name +*/}} +{{- define "argo-cd.redisSecretInit.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.redisSecretInit.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the Redis secret-init service account to use +*/}} +{{- define "argo-cd.redisSecretInit.serviceAccountName" -}} +{{- if .Values.redisSecretInit.serviceAccount.create -}} + {{ default (include "argo-cd.redisSecretInit.fullname" .) .Values.redis.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.redisSecretInit.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create argocd server name and version as used by the chart label. */}} diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 23d2a7ad..7c4a2a6d 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -199,15 +199,19 @@ spec: - name: REDIS_USERNAME valueFrom: secretKeyRef: - name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} key: redis-username optional: true - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + {{- if .Values.externalRedis.host }} key: redis-password optional: true + {{- else }} + key: auth + {{- end }} - name: ARGOCD_DEFAULT_CACHE_EXPIRATION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 07191359..947307d7 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -198,15 +198,19 @@ spec: - name: REDIS_USERNAME valueFrom: secretKeyRef: - name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} key: redis-username optional: true - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + {{- if .Values.externalRedis.host }} key: redis-password optional: true + {{- else }} + key: auth + {{- end }} - name: ARGOCD_DEFAULT_CACHE_EXPIRATION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml index c4166d1b..2cfefde9 100644 --- a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "argo-cd.redis.fullname" . }} + name: argocd-redis namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 745150e7..3cacf124 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -175,15 +175,19 @@ spec: - name: REDIS_USERNAME valueFrom: secretKeyRef: - name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} key: redis-username optional: true - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + {{- if .Values.externalRedis.host }} key: redis-password optional: true + {{- else }} + key: auth + {{- end }} - name: ARGOCD_DEFAULT_CACHE_EXPIRATION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 8c02805a..125328a5 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -243,15 +243,19 @@ spec: - name: REDIS_USERNAME valueFrom: secretKeyRef: - name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} key: redis-username optional: true - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + {{- if .Values.externalRedis.host }} key: redis-password optional: true + {{- else }} + key: auth + {{- end }} - name: ARGOCD_DEFAULT_CACHE_EXPIRATION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/redis-secret-init/job.yaml b/charts/argo-cd/templates/redis-secret-init/job.yaml new file mode 100644 index 00000000..04536932 --- /dev/null +++ b/charts/argo-cd/templates/redis-secret-init/job.yaml @@ -0,0 +1,54 @@ +{{- if not .Values.externalRedis.host }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "argo-cd.redisSecretInit.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + {{- range $key, $value := .Values.redisSecretInit.jobAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }} +spec: + template: + metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 8 }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.redisSecretInit.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.redisSecretInit.podAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{ toYaml . | nindent 8 }} + {{- end }} + containers: + - command: + - argocd + - admin + - redis-initial-password + image: {{ default .Values.global.image.repository .Values.redisSecretInit.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.redisSecretInit.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redisSecretInit.image.imagePullPolicy }} + name: secret-init + resources: + {{- toYaml .Values.redisSecretInit.resources | nindent 10 }} + {{- with .Values.redisSecretInit.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.redisSecretInit.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + restartPolicy: OnFailure + serviceAccountName: {{ include "argo-cd.redisSecretInit.serviceAccountName" . }} +{{- end }} diff --git a/charts/argo-cd/templates/redis-secret-init/role.yaml b/charts/argo-cd/templates/redis-secret-init/role.yaml new file mode 100644 index 00000000..52bdf0a3 --- /dev/null +++ b/charts/argo-cd/templates/redis-secret-init/role.yaml @@ -0,0 +1,27 @@ +{{- if not .Values.externalRedis.host }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }} + name: {{ include "argo-cd.redisSecretInit.fullname" . }} + namespace: {{ .Release.Namespace | quote }} +rules: + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - argocd-redis + verbs: + - get + - apiGroups: + - "" + resources: + - secrets + verbs: + - create +{{- end }} diff --git a/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml b/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml new file mode 100644 index 00000000..536c847d --- /dev/null +++ b/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml @@ -0,0 +1,19 @@ +{{- if not .Values.externalRedis.host }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }} + name: {{ include "argo-cd.redisSecretInit.fullname" . }} + namespace: {{ .Release.Namespace | quote }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "argo-cd.redisSecretInit.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "argo-cd.redisSecretInit.serviceAccountName" . }} +{{- end }} diff --git a/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml b/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml new file mode 100644 index 00000000..0dc9979a --- /dev/null +++ b/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml @@ -0,0 +1,16 @@ +{{- if not .Values.externalRedis.host }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.redisSecretInit.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ include "argo-cd.redisSecretInit.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation + {{- range $key, $value := .Values.redisSecretInit.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index de9c29b1..9a8d1b91 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -65,8 +65,14 @@ spec: - "" - --appendonly - "no" - {{- with (concat .Values.global.env .Values.redis.env) }} + - --requirepass $(REDIS_PASSWORD) env: + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth + {{- with (concat .Values.global.env .Values.redis.env) }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.redis.envFrom }} diff --git a/charts/argo-cd/templates/redis/health-configmap.yaml b/charts/argo-cd/templates/redis/health-configmap.yaml index 0d4005d6..7443625f 100644 --- a/charts/argo-cd/templates/redis/health-configmap.yaml +++ b/charts/argo-cd/templates/redis/health-configmap.yaml @@ -11,6 +11,7 @@ data: redis_liveness.sh: | response=$( redis-cli \ + -a "${REDIS_PASSWORD}" --no-auth-warning \ -h localhost \ -p {{ .Values.redis.containerPorts.redis }} \ ping @@ -23,6 +24,7 @@ data: redis_readiness.sh: | response=$( redis-cli \ + -a "${REDIS_PASSWORD}" --no-auth-warning \ -h localhost \ -p {{ .Values.redis.containerPorts.redis }} \ ping diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 15171656..46635276 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1547,6 +1547,12 @@ redis-ha: containerSecurityContext: readOnlyRootFilesystem: true + # -- Configures redis-ha with AUTH + auth: true + # -- Existing Secret to use for redis-ha authentication. + # By default the redis-secret-init Job is generating this Secret. + existingSecret: argocd-redis + # -- Whether the Redis server pods should be forced to run on separate nodes. hardAntiAffinity: true @@ -1594,6 +1600,69 @@ externalRedis: # -- External Redis Secret annotations secretAnnotations: {} +redisSecretInit: + # -- Redis secret-init name + name: redis-secret-init + + image: + # -- Repository to use for the Redis secret-init Job + # @default -- `""` (defaults to global.image.repository) + repository: "" # defaults to global.image.repository + # -- Tag to use for the Redis secret-init Job + # @default -- `""` (defaults to global.image.tag) + tag: "" # defaults to global.image.tag + # -- Image pull policy for the Redis secret-init Job + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" # IfNotPresent + + # -- Secrets with credentials to pull images from a private registry + # @default -- `[]` (defaults to global.imagePullSecrets) + imagePullSecrets: [] + + # -- Annotations to be added to the Redis secret-init Job + jobAnnotations: {} + + # -- Annotations to be added to the Redis secret-init Job + podAnnotations: {} + + # -- Labels to be added to the Redis secret-init Job + podLabels: {} + + # -- Resource limits and requests for Redis secret-init Job + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + + # -- Application controller container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + + # -- Redis secret-init Job pod-level security context + securityContext: {} + + serviceAccount: + # -- Create a service account for the redis pod + create: true + # -- Service account name for redis pod + name: "" + # -- Annotations applied to created service account + annotations: {} + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true + + ## Server server: # -- Argo CD server name From f431e9b2bed6d812b86a0df2609fb85e56f90a1a Mon Sep 17 00:00:00 2001 From: Pavan Kumar <64532630+pavankumar-go@users.noreply.github.com> Date: Wed, 22 May 2024 12:47:05 +0530 Subject: [PATCH 1012/1248] chore(argo-cd): add nodeselector and tolerations to redis-secret-init job (#2708) chore(argo-cd): add nodeselector and tolerations to redis-secret-init-job Signed-off-by: Pavan Co-authored-by: Pavan --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/redis-secret-init/job.yaml | 8 ++++++++ charts/argo-cd/values.yaml | 7 +++++++ 4 files changed, 20 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index eb512089..ccbb3374 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.10.0 +version: 6.10.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: security - description: Enable Redis authentication in the default installation (GHSA-9766-5277-j5hr) - - kind: changed - description: Bump argo-cd to v2.11.1 + - kind: added + description: Added node selector and tolerations for the redis secret init job diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4452d4ed..55e1e0d1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1365,6 +1365,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | redisSecretInit.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redisSecretInit.jobAnnotations | object | `{}` | Annotations to be added to the Redis secret-init Job | | redisSecretInit.name | string | `"redis-secret-init"` | Redis secret-init name | +| redisSecretInit.nodeSelector | object | `{}` (defaults to global.nodeSelector) | Node selector to be added to the Redis secret-init Job | | redisSecretInit.podAnnotations | object | `{}` | Annotations to be added to the Redis secret-init Job | | redisSecretInit.podLabels | object | `{}` | Labels to be added to the Redis secret-init Job | | redisSecretInit.resources | object | `{}` | Resource limits and requests for Redis secret-init Job | @@ -1373,6 +1374,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | redisSecretInit.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | redisSecretInit.serviceAccount.create | bool | `true` | Create a service account for the redis pod | | redisSecretInit.serviceAccount.name | string | `""` | Service account name for redis pod | +| redisSecretInit.tolerations | list | `[]` (defaults to global.tolerations) | Tolerations to be added to the Redis secret-init Job | ## ApplicationSet diff --git a/charts/argo-cd/templates/redis-secret-init/job.yaml b/charts/argo-cd/templates/redis-secret-init/job.yaml index 04536932..96a81d99 100644 --- a/charts/argo-cd/templates/redis-secret-init/job.yaml +++ b/charts/argo-cd/templates/redis-secret-init/job.yaml @@ -50,5 +50,13 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} restartPolicy: OnFailure + {{- with .Values.redisSecretInit.nodeSelector | default .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.redisSecretInit.tolerations | default .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} serviceAccountName: {{ include "argo-cd.redisSecretInit.serviceAccountName" . }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 46635276..903a866f 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1662,6 +1662,13 @@ redisSecretInit: # -- Automount API credentials for the Service Account automountServiceAccountToken: true + # -- Node selector to be added to the Redis secret-init Job + # @default -- `{}` (defaults to global.nodeSelector) + nodeSelector: {} + + # -- Tolerations to be added to the Redis secret-init Job + # @default -- `[]` (defaults to global.tolerations) + tolerations: [] ## Server server: From 3174f52ffcfe3bb0d2ad6118411eacbaf20b0c7d Mon Sep 17 00:00:00 2001 From: tberreis <88875030+tberreis@users.noreply.github.com> Date: Wed, 22 May 2024 13:20:34 +0200 Subject: [PATCH 1013/1248] chore(argo-cd): add priorityClassName to redis-secret-init job (#2709) Signed-off-by: Thomas Berreis --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/redis-secret-init/job.yaml | 3 +++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ccbb3374..ccd8c0c4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.10.1 +version: 6.10.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added node selector and tolerations for the redis secret init job + description: Added priorityClassName for the redis secret init job diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 55e1e0d1..fcfcd27f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1368,6 +1368,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | redisSecretInit.nodeSelector | object | `{}` (defaults to global.nodeSelector) | Node selector to be added to the Redis secret-init Job | | redisSecretInit.podAnnotations | object | `{}` | Annotations to be added to the Redis secret-init Job | | redisSecretInit.podLabels | object | `{}` | Labels to be added to the Redis secret-init Job | +| redisSecretInit.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for Redis secret-init Job | | redisSecretInit.resources | object | `{}` | Resource limits and requests for Redis secret-init Job | | redisSecretInit.securityContext | object | `{}` | Redis secret-init Job pod-level security context | | redisSecretInit.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | diff --git a/charts/argo-cd/templates/redis-secret-init/job.yaml b/charts/argo-cd/templates/redis-secret-init/job.yaml index 96a81d99..0e3baf0a 100644 --- a/charts/argo-cd/templates/redis-secret-init/job.yaml +++ b/charts/argo-cd/templates/redis-secret-init/job.yaml @@ -49,6 +49,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.redisSecretInit.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} restartPolicy: OnFailure {{- with .Values.redisSecretInit.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 903a866f..6d193720 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1662,6 +1662,10 @@ redisSecretInit: # -- Automount API credentials for the Service Account automountServiceAccountToken: true + # -- Priority class for Redis secret-init Job + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- Node selector to be added to the Redis secret-init Job # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} From e6776415a40038b113368c88716eb3fd7660475e Mon Sep 17 00:00:00 2001 From: "yuki.kitakata" Date: Thu, 23 May 2024 16:29:52 +0900 Subject: [PATCH 1014/1248] feat(argo-rollouts): Support revisionHistoryLimit (#2712) * feat(argo-rollouts): Support revisionHistoryLimit Signed-off-by: yu-croco * chore(argo-rollouts): Align to argo-cd's configuration Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/controller/deployment.yaml | 1 + charts/argo-rollouts/templates/dashboard/deployment.yaml | 1 + charts/argo-rollouts/values.yaml | 2 ++ 5 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6a4645f9..ecb6f19b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.6 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.35.2 +version: 2.35.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added pod labels for the controller and the dashboard components + description: Support revisionHistoryLimit diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index d5d11c26..4647c419 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -51,6 +51,7 @@ For full list of changes please check ArtifactHub [changelog]. | fullnameOverride | string | `nil` | String to fully override "argo-rollouts.fullname" template | | global.deploymentAnnotations | object | `{}` | Annotations for all deployed Deployments | | global.deploymentLabels | object | `{}` | Labels for all deployed Deployments | +| global.revisionHistoryLimit | int | `10` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Registry secret names as an array. | | installCRDs | bool | `true` | Install and upgrade CRDs | | keepCRDs | bool | `true` | Keep CRD's on helm uninstall | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 0d4c5281..2bfdb912 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -23,6 +23,7 @@ spec: strategy: type: Recreate replicas: {{ .Values.controller.replicas }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} template: metadata: {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.controller.podAnnotations) }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index e2918f40..ec0114ba 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -24,6 +24,7 @@ spec: strategy: type: Recreate replicas: {{ .Values.dashboard.replicas }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} template: metadata: {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.dashboard.podAnnotations) }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f9ae582c..64181c99 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -43,6 +43,8 @@ global: deploymentAnnotations: {} # -- Labels for all deployed Deployments deploymentLabels: {} + # -- Number of old deployment ReplicaSets to retain. The rest will be garbage collected. + revisionHistoryLimit: 10 controller: # -- Value of label `app.kubernetes.io/component` From 728b6e732693dbaac4b46e1090578c655c557a5a Mon Sep 17 00:00:00 2001 From: Michael Vittrup Larsen Date: Thu, 23 May 2024 14:36:49 +0200 Subject: [PATCH 1015/1248] feat(argo-cd): Make redis secret initialization optional (#2713) * Make redis secret initialization optional Signed-off-by: michaelvl * Remove artifacthub.io/changes from previous change Signed-off-by: michaelvl --------- Signed-off-by: michaelvl --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/redis-secret-init/job.yaml | 2 +- charts/argo-cd/templates/redis-secret-init/role.yaml | 2 +- charts/argo-cd/templates/redis-secret-init/rolebinding.yaml | 2 +- .../argo-cd/templates/redis-secret-init/serviceaccount.yaml | 2 +- charts/argo-cd/values.yaml | 2 ++ 7 files changed, 9 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ccd8c0c4..9c085f53 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.10.2 +version: 6.11.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added priorityClassName for the redis secret init job + description: Made Redis secret initialization optional with default enabled diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index fcfcd27f..b390056f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1359,6 +1359,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | Key | Type | Default | Description | |-----|------|---------|-------------| | redisSecretInit.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | +| redisSecretInit.enabled | bool | `true` | Enable Redis secret initialization. If disabled, secret must be provisioned by alternative methods | | redisSecretInit.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis secret-init Job | | redisSecretInit.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Redis secret-init Job | | redisSecretInit.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Redis secret-init Job | diff --git a/charts/argo-cd/templates/redis-secret-init/job.yaml b/charts/argo-cd/templates/redis-secret-init/job.yaml index 0e3baf0a..27837465 100644 --- a/charts/argo-cd/templates/redis-secret-init/job.yaml +++ b/charts/argo-cd/templates/redis-secret-init/job.yaml @@ -1,4 +1,4 @@ -{{- if not .Values.externalRedis.host }} +{{- if and .Values.redisSecretInit.enabled (not .Values.externalRedis.host) }} apiVersion: batch/v1 kind: Job metadata: diff --git a/charts/argo-cd/templates/redis-secret-init/role.yaml b/charts/argo-cd/templates/redis-secret-init/role.yaml index 52bdf0a3..ac5fd313 100644 --- a/charts/argo-cd/templates/redis-secret-init/role.yaml +++ b/charts/argo-cd/templates/redis-secret-init/role.yaml @@ -1,4 +1,4 @@ -{{- if not .Values.externalRedis.host }} +{{- if and .Values.redisSecretInit.enabled (not .Values.externalRedis.host) }} apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: diff --git a/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml b/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml index 536c847d..7ea1de96 100644 --- a/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml +++ b/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml @@ -1,4 +1,4 @@ -{{- if not .Values.externalRedis.host }} +{{- if and .Values.redisSecretInit.enabled (not .Values.externalRedis.host) }} apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: diff --git a/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml b/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml index 0dc9979a..d6b95f13 100644 --- a/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml +++ b/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml @@ -1,4 +1,4 @@ -{{- if not .Values.externalRedis.host }} +{{- if and .Values.redisSecretInit.enabled (not .Values.externalRedis.host) }} apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.redisSecretInit.serviceAccount.automountServiceAccountToken }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6d193720..f9ee4674 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1601,6 +1601,8 @@ externalRedis: secretAnnotations: {} redisSecretInit: + # -- Enable Redis secret initialization. If disabled, secret must be provisioned by alternative methods + enabled: true # -- Redis secret-init name name: redis-secret-init From fa2fb1c5c15e8753a850865c2db86091a6fd8c87 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 23 May 2024 16:37:05 +0100 Subject: [PATCH 1016/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.11.2 (#2715) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9c085f53..350c8596 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.11.1 +appVersion: v2.11.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.11.0 +version: 6.11.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Made Redis secret initialization optional with default enabled + - kind: changed + description: Bump argo-cd to v2.11.2 From fb807031a28b136be3901601f7aca69e6cfa23fe Mon Sep 17 00:00:00 2001 From: Nicolas Lamirault Date: Fri, 24 May 2024 05:04:54 +0200 Subject: [PATCH 1017/1248] fix(argo-events): support for additional labels (#2714) Signed-off-by: Nicolas Lamirault Co-authored-by: yuki.kitakata Co-authored-by: Jason Meridth --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/templates/_helpers.tpl | 3 +++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index aed0dfdc..6a548402 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.9.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.4 +version: 2.4.5 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support ability to set .Values.namespaceOverride + - kind: fixed + description: Support additional labels diff --git a/charts/argo-events/templates/_helpers.tpl b/charts/argo-events/templates/_helpers.tpl index 93069ca3..79c7051d 100644 --- a/charts/argo-events/templates/_helpers.tpl +++ b/charts/argo-events/templates/_helpers.tpl @@ -104,6 +104,9 @@ helm.sh/chart: {{ include "argo-events.chart" .context }} {{ include "argo-events.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argo-events +{{- with .context.Values.global.additionalLabels }} +{{ toYaml . }} +{{- end }} {{- end }} {{/* From 165c6518d25f08d29601a73675799e7c9ec48253 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 May 2024 23:19:47 +0200 Subject: [PATCH 1018/1248] chore(deps): bump github/codeql-action from 3.25.5 to 3.25.6 (#2718) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0074ed3d..9c6c360b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5 + uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 with: sarif_file: results.sarif From 408500c5ccdb704ce4b731308f9697dee2559192 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 17:09:26 +0900 Subject: [PATCH 1019/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.7 (#2720) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index e897eab6..896f6606 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.6 +appVersion: v3.5.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.6 +version: 0.41.7 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add missing serviceLabels to server service + - kind: changed + description: Bump argo-workflows to v3.5.7 From 5652e66777047634c7fa7b9a9b01be5d79afdb64 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 07:32:32 +0200 Subject: [PATCH 1020/1248] chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.13.1 (#2722) --- charts/argocd-image-updater/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index d3143726..963db659 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.10.0 -appVersion: v0.13.0 +version: 0.10.1 +appVersion: v0.13.1 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argocd-image-updater to v0.13.0 + description: Bump argocd-image-updater to v0.13.1 From 2c05baf7416bfac007540a16713240624c3d0bce Mon Sep 17 00:00:00 2001 From: Nacho Barrientos Date: Tue, 28 May 2024 15:38:23 +0200 Subject: [PATCH 1021/1248] feat(argo-cd): represent cluster credentials as a map (#2648) So it can be merged with values coming from different sources. Closes #2592 Signed-off-by: Nacho Barrientos --- charts/argo-cd/Chart.yaml | 4 +-- charts/argo-cd/README.md | 2 +- .../argocd-configs/cluster-secrets.yaml | 26 +++++++++---------- charts/argo-cd/values.yaml | 10 +++---- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 350c8596..876e36f1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 6.11.1 +version: 7.0.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.11.2 + description: Represent cluster credentials as a map diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b390056f..7b94e90b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -695,7 +695,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | +| configs.clusterCredentials | object | `{}` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | | configs.cm."admin.enabled" | bool | `true` | Enable local admin user | | configs.cm."application.instanceLabelKey" | string | `"argocd.argoproj.io/instance"` | The name of tracking label used by Argo CD for resource pruning | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index 83b1c15d..2682e70e 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -1,17 +1,17 @@ -{{- range .Values.configs.clusterCredentials }} +{{- range $cluster_key, $cluster_value := .Values.configs.clusterCredentials }} --- apiVersion: v1 kind: Secret metadata: - name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} + name: {{ include "argo-cd.name" $ }}-cluster-{{ $cluster_key }} namespace: {{ $.Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} - {{- with .labels }} + {{- with $cluster_value.labels }} {{- toYaml . | nindent 4 }} {{- end }} argocd.argoproj.io/secret-type: cluster - {{- with .annotations }} + {{- with $cluster_value.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} @@ -19,17 +19,17 @@ metadata: {{- end }} type: Opaque stringData: - name: {{ required "A valid .Values.configs.clusterCredentials[].name entry is required!" .name }} - server: {{ required "A valid .Values.configs.clusterCredentials[].server entry is required!" .server }} - {{- if .namespaces }} - namespaces: {{ .namespaces }} - {{- if .clusterResources }} - clusterResources: {{ .clusterResources | quote }} + name: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.name entry is required!" $cluster_key }} + server: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.server entry is required!" $cluster_value.server }} + {{- if $cluster_value.namespaces }} + namespaces: {{ $cluster_value.namespaces }} + {{- if $cluster_value.clusterResources }} + clusterResources: {{ $cluster_value.clusterResources | quote }} {{- end }} {{- end }} - {{- if .project }} - project: {{ .project | quote }} + {{- if $cluster_value.project }} + project: {{ $cluster_value.project | quote }} {{- end }} config: | - {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toRawJson | nindent 4 }} + {{- required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.config entry is required!" $cluster_value.config | toRawJson | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f9ee4674..cf89fb1e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -418,13 +418,13 @@ configs: # command: [sh, -c, find . -name env.yaml] # -- Provide one or multiple [external cluster credentials] - # @default -- `[]` (See [values.yaml]) + # @default -- `{}` (See [values.yaml]) ## Ref: ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/security/#external-cluster-credentials ## - https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-scoped-repositories-and-clusters - clusterCredentials: [] - # - name: mycluster + clusterCredentials: {} + # mycluster: # server: https://mycluster.example.com # labels: {} # annotations: {} @@ -433,7 +433,7 @@ configs: # tlsClientConfig: # insecure: false # caData: "" - # - name: mycluster2 + # mycluster2: # server: https://mycluster2.example.com # labels: {} # annotations: {} @@ -444,7 +444,7 @@ configs: # tlsClientConfig: # insecure: false # caData: "" - # - name: mycluster3-project-scoped + # mycluster3-project-scoped: # server: https://mycluster3.example.com # labels: {} # annotations: {} From 0a97419aa9346feb1bee4d7d28361808e83ea3dd Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Fri, 31 May 2024 11:01:54 +0200 Subject: [PATCH 1022/1248] docs(github): Charts use Helm "Capabilities" (#2730) Signed-off-by: Marco Maurer --- README.md | 60 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/README.md b/README.md index 3d57db36..c4092e07 100644 --- a/README.md +++ b/README.md @@ -42,3 +42,63 @@ Please refer to [SECURITY.md](SECURITY.md) for details on how to report security ### Changelog Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). + +## Charts use Helm "Capabilities" + +Our charts make use of the Helm built-in object "Capabilities": +> This provides information about what capabilities the Kubernetes cluster supports. +> *Source: https://helm.sh/docs/chart_template_guide/builtin_objects/* + +Today we use: + +- `.Capabilities.APIVersions.Has` mostly to determine whether the CRDs for ServiceMonitors (from prometheus-operator) exists inside the cluster +- `.Capabilities.KubeVersion.Version` to handle correct apiVersion of a specific resource kind (eg. "policy/v1" vs. "policy/v1beta1") + +If you use the charts only to template the manifests, without installing (`helm install ..`), you need to make sure that Helm (or the Helm SDK) receives the available APIs from your Kubernetes cluster. + +For this you need to pass the `--api-versions` parameter to the `helm template` command: + +```bash +helm template argocd \ + oci://ghcr.io/argoproj/argo-helm/argo-cd \ + --api-versions monitoring.coreos.com/v1 \ + --values my-argocd-values.yaml +``` + +If you use other tools like [Kustomize](https://kubectl.docs.kubernetes.io/references/kustomize/builtins/) or [helmfile](https://helmfile.readthedocs.io/en/latest/#configuration) to render it, there are equivalent options. + +Example with Kustomize: + +```yaml +# kustomization.yaml +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +helmCharts: +- name: argo-cd + repo: oci://ghcr.io/argoproj/argo-helm + version: x.y.z + releaseName: argocd + apiVersions: + - monitoring.coreos.com/v1 + valuesFile: my-argocd-values.yaml +``` + +Example with helmfile: + +```yaml +# helmfile.yaml +repositories: + - name: argo + url: https://argoproj.github.io/argo-helm + +apiVersions: + - monitoring.coreos.com/v1 + +releases: + - name: argocd + namespace: argocd + chart: argo/argo-cd + values: + - my-argocd-values.yaml +``` From 45ff5666146afa95eaccad682f6960cf78607efc Mon Sep 17 00:00:00 2001 From: Ludovic Ortega Date: Fri, 31 May 2024 14:04:50 +0200 Subject: [PATCH 1023/1248] feat(argo-cd): add support for dual stack clusters (#2649) * feat(argo-cd): add support for dual stack clusters Signed-off-by: Ludovic Ortega * fix: add suggested change Signed-off-by: Ludovic Ortega * fix: metric template & add suggested change Signed-off-by: Ludovic Ortega * fix: remove changelog in README.md.gotmpl Signed-off-by: Ludovic Ortega * fix: applicationset metric template Signed-off-by: Ludovic Ortega * fix: add changelog as annotation Signed-off-by: Ludovic Ortega * feat: use a global setting to enable dual stack Signed-off-by: Ludovic Ortega --------- Signed-off-by: Ludovic Ortega Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Aikawa Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/_helpers.tpl | 12 ++++++++++++ .../argocd-application-controller/metrics.yaml | 1 + .../templates/argocd-applicationset/metrics.yaml | 1 + .../templates/argocd-applicationset/service.yaml | 1 + .../templates/argocd-notifications/metrics.yaml | 1 + .../templates/argocd-repo-server/metrics.yaml | 1 + .../templates/argocd-repo-server/service.yaml | 1 + .../argo-cd/templates/argocd-server/aws/service.yaml | 1 + charts/argo-cd/templates/argocd-server/metrics.yaml | 1 + charts/argo-cd/templates/argocd-server/service.yaml | 1 + charts/argo-cd/templates/dex/service.yaml | 1 + charts/argo-cd/templates/redis/service.yaml | 1 + charts/argo-cd/values.yaml | 7 +++++++ 15 files changed, 35 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 876e36f1..c3a5faab 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.0.0 +version: 7.1.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Represent cluster credentials as a map + - kind: added + description: Add support for IPv4/IPv6 dual-stack networking. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 7b94e90b..833fbe15 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -671,6 +671,8 @@ NAME: my-release | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | | global.domain | string | `"argocd.example.com"` | Default domain used by all components | +| global.dualStack.ipFamilies | list | `[]` | IP families that should be supported and the order in which they should be applied to ClusterIP as well. Can be IPv4 and/or IPv6. | +| global.dualStack.ipFamilyPolicy | string | `""` | IP family policy to configure dual-stack see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) | | global.env | list | `[]` | Environment variables to pass to all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index f0470be3..c609f19f 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -245,3 +245,15 @@ Allows overriding it for multi-namespace deployments in combined charts. {{- define "argo-cd.namespace" -}} {{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}} {{- end }} + +{{/* +Dual stack definition +*/}} +{{- define "argo-cd.dualStack" -}} +{{- with .Values.global.dualStack.ipFamilyPolicy }} +ipFamilyPolicy: {{ . }} +{{- end }} +{{- with .Values.global.dualStack.ipFamilies }} +ipFamilies: {{ toYaml . | nindent 4 }} +{{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml index c3ceb047..086dfe9b 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml @@ -24,6 +24,7 @@ spec: {{- if and .Values.controller.metrics.service.clusterIP (eq .Values.controller.metrics.service.type "ClusterIP") }} clusterIP: {{ .Values.controller.metrics.service.clusterIP }} {{- end }} + {{- include "argo-cd.dualStack" . | indent 2 }} ports: - name: {{ .Values.controller.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index 06253a81..de5638ad 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -24,6 +24,7 @@ spec: {{- if and .Values.applicationSet.metrics.service.clusterIP (eq .Values.applicationSet.metrics.service.type "ClusterIP") }} clusterIP: {{ .Values.applicationSet.metrics.service.clusterIP }} {{- end }} + {{- include "argo-cd.dualStack" . | indent 2 }} ports: - name: {{ .Values.applicationSet.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index 91c082aa..bf58c6b4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -16,6 +16,7 @@ metadata: {{- end }} spec: type: {{ .Values.applicationSet.service.type }} + {{- include "argo-cd.dualStack" . | indent 2 }} ports: - name: {{ .Values.applicationSet.service.portName }} port: {{ .Values.applicationSet.service.port }} diff --git a/charts/argo-cd/templates/argocd-notifications/metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml index b7dcfe6a..9dd18c8b 100644 --- a/charts/argo-cd/templates/argocd-notifications/metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/metrics.yaml @@ -24,6 +24,7 @@ spec: {{- if and .Values.notifications.metrics.service.clusterIP (eq .Values.notifications.metrics.service.type "ClusterIP") }} clusterIP: {{ .Values.notifications.metrics.service.clusterIP }} {{- end }} + {{- include "argo-cd.dualStack" . | indent 2 }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} ports: diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml index 6b82796c..6ede9ddb 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml @@ -24,6 +24,7 @@ spec: {{- if and .Values.repoServer.metrics.service.clusterIP (eq .Values.repoServer.metrics.service.type "ClusterIP") }} clusterIP: {{ .Values.repoServer.metrics.service.clusterIP }} {{- end }} + {{- include "argo-cd.dualStack" . | indent 2 }} ports: - name: {{ .Values.repoServer.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-repo-server/service.yaml b/charts/argo-cd/templates/argocd-repo-server/service.yaml index 4412a8c9..24ca10ef 100644 --- a/charts/argo-cd/templates/argocd-repo-server/service.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/service.yaml @@ -15,6 +15,7 @@ metadata: name: {{ template "argo-cd.repoServer.fullname" . }} namespace: {{ include "argo-cd.namespace" . }} spec: + {{- include "argo-cd.dualStack" . | indent 2 }} ports: - name: {{ .Values.repoServer.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index a98ddfa2..0e9de75a 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -9,6 +9,7 @@ metadata: name: {{ template "argo-cd.server.fullname" . }}-grpc namespace: {{ include "argo-cd.namespace" . }} spec: + {{- include "argo-cd.dualStack" . | indent 2 }} ports: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-server/metrics.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml index f0797552..d08dbae0 100644 --- a/charts/argo-cd/templates/argocd-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics.yaml @@ -24,6 +24,7 @@ spec: {{- if and .Values.server.metrics.service.clusterIP (eq .Values.server.metrics.service.type "ClusterIP") }} clusterIP: {{ .Values.server.metrics.service.clusterIP }} {{- end }} + {{- include "argo-cd.dualStack" . | indent 2 }} ports: - name: {{ .Values.server.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 2b9872be..71f46449 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -16,6 +16,7 @@ metadata: {{- end }} spec: type: {{ .Values.server.service.type }} + {{- include "argo-cd.dualStack" . | indent 2 }} {{- with .Values.server.service.externalIPs }} externalIPs: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index 8825a7ea..b52acfb1 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -16,6 +16,7 @@ metadata: {{- toYaml .Values.dex.metrics.service.labels | nindent 4 }} {{- end }} spec: + {{- include "argo-cd.dualStack" . | indent 2 }} ports: - name: {{ .Values.dex.servicePortHttpName }} protocol: TCP diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index a4a94140..a60cf77e 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -17,6 +17,7 @@ metadata: {{- end }} {{- end }} spec: + {{- include "argo-cd.dualStack" . | indent 2 }} ports: - name: redis port: {{ .Values.redis.servicePort }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cf89fb1e..6c446a2e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -98,6 +98,13 @@ global: # hostnames: # - git.myhostname + # Configure dual-stack used by all component services + dualStack: + # -- IP family policy to configure dual-stack see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) + ipFamilyPolicy: "" + # -- IP families that should be supported and the order in which they should be applied to ClusterIP as well. Can be IPv4 and/or IPv6. + ipFamilies: [] + # Default network policy rules used by all components networkPolicy: # -- Create NetworkPolicy objects for all components From 9607dee38e307d8c794e7c5da1a86a44d5705854 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 31 May 2024 23:25:40 -0500 Subject: [PATCH 1024/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v37.384.0 (#2733) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index c270cb2a..f82006c2 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 37.332.0 + renovate-version: 37.384.0 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From 760d1995e089efcf8c7a30b667de9527777b21d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Jun 2024 13:10:40 -0500 Subject: [PATCH 1025/1248] chore(deps): bump docker/login-action from 3.1.0 to 3.2.0 (#2734) --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 07dde599..84b51f79 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -66,7 +66,7 @@ jobs: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: Login to GHCR - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 + uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: registry: ghcr.io username: ${{ github.actor }} From 4f5020681380578390b9b5e8d787807e5a436d4f Mon Sep 17 00:00:00 2001 From: BenHesketh21 Date: Sun, 2 Jun 2024 00:44:56 +0100 Subject: [PATCH 1026/1248] fix(argo-cd): Fixed redis exporter NOAUTH error (#2736) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/redis/deployment.yaml | 5 +++++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c3a5faab..586d7895 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.1.0 +version: 7.1.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for IPv4/IPv6 dual-stack networking. + - kind: fixed + description: Fixed redis exporter NOAUTH error diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 9a8d1b91..76e1b00a 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -130,6 +130,11 @@ spec: value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: argocd-redis + key: auth {{- with (concat .Values.global.env .Values.redis.exporter.env) }} {{- toYaml . | nindent 8 }} {{- end }} From 0dae5da325b1f6635399fa2a23a7870d44a66907 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 2 Jun 2024 10:24:16 +0900 Subject: [PATCH 1027/1248] chore(deps): bump github/codeql-action from 3.25.6 to 3.25.7 (#2735) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.6 to 3.25.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/9fdb3e49720b44c48891d036bb502feb25684276...f079b8493333aace61c81488f8bd40919487bd9f) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 9c6c360b..35ddcf79 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 + uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 with: sarif_file: results.sarif From 98d8ea00e6cbe06acd65049456350b66c1256cc4 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 08:59:14 +0200 Subject: [PATCH 1028/1248] chore(deps): update actions/create-github-app-token action to v1.10.1 (#2739) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index f82006c2..d00ce019 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0 + uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 19ef184d8fe923fdc0ec42411c6272a91138db31 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 16:08:02 +0900 Subject: [PATCH 1029/1248] chore(deps): update renovatebot/github-action action to v40.1.12 (#2740) Co-authored-by: renovate[bot] Co-authored-by: Aikawa --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index d00ce019..65439348 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Self-hosted Renovate - uses: renovatebot/github-action@063e0c946b9c1af35ef3450efc44114925d6e8e6 # v40.1.11 + uses: renovatebot/github-action@21d88b0bf0183abcee15f990011cca090dfc47dd # v40.1.12 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 02499d9b31e6e763e3af8e143f7a89b1a84f2fc4 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 6 Jun 2024 11:51:33 +0100 Subject: [PATCH 1030/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.11.3 (#2748) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 586d7895..1e1fa2b5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.11.2 +appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.1.1 +version: 7.1.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixed redis exporter NOAUTH error + - kind: changed + description: Bump argo-cd to v2.11.3 From 3dd3e1a754514f418a0aa32ccdc0daceb6d4339d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 8 Jun 2024 07:42:46 -0500 Subject: [PATCH 1031/1248] chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 (#2752) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 35ddcf79..cd8d1548 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: results.sarif From 377332f8c7655525b9f69fd8ae9857a402c4db63 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 9 Jun 2024 14:22:44 +0900 Subject: [PATCH 1032/1248] fix(argo-cd): Add missing permission for Dynamic Cluster Distribution (#2754) --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/role.yaml | 14 ++++++++++++++ 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1e1fa2b5..15ab4a2e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.1.2 +version: 7.1.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.11.3 + - kind: fixed + description: Add missing permission for Dynamic Cluster Distribution diff --git a/charts/argo-cd/templates/argocd-application-controller/role.yaml b/charts/argo-cd/templates/argocd-application-controller/role.yaml index f2aa2cfd..27e3e956 100644 --- a/charts/argo-cd/templates/argocd-application-controller/role.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml @@ -43,3 +43,17 @@ rules: - get - list - watch +{{- if and (not .Values.createClusterRoles) .Values.controller.dynamicClusterDistribution }} +- apiGroups: + - "" + resources: + - configmaps + resourceNames: + - argocd-app-controller-shard-cm + verbs: + - get + - list + - watch + - create + - update +{{- end }} From 8b02b6d9b828902ba0d9ae1e6ddb4f060a5975ca Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sun, 9 Jun 2024 18:18:20 -0400 Subject: [PATCH 1033/1248] fix(argo-workflows): `BASE_HREF` -> `ARGO_BASE_HREF` for forward compat (#2756) --- charts/argo-workflows/Chart.yaml | 6 +++--- .../argo-workflows/templates/server/server-deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 896f6606..72634b14 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.7 +version: 0.41.8 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-workflows to v3.5.7 + - kind: fixed + description: changed BASE_HREF to ARGO_BASE_HREF for forward compat diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index a4b8df7b..95789b56 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -95,7 +95,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - - name: BASE_HREF + - name: ARGO_BASE_HREF value: {{ .Values.server.baseHref | quote }} {{- with .Values.server.extraEnv }} {{- toYaml . | nindent 12 }} From 4c29c31b9a26196e007a2a9045163b114cf29ce6 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 13 Jun 2024 08:14:29 +0900 Subject: [PATCH 1034/1248] chore(deps): update actions/checkout action to v4.1.7 (#2762) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 65439348..d69671c9 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -23,7 +23,7 @@ jobs: private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate uses: renovatebot/github-action@21d88b0bf0183abcee15f990011cca090dfc47dd # v40.1.12 From e088468e721d563263d7a8b43aae8bf07a2692ef Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 14 Jun 2024 06:08:49 +0100 Subject: [PATCH 1035/1248] chore(argo-events): Update dependency argoproj/argo-events to v1.9.2 (#2764) --- charts/argo-events/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 6a548402..394b150c 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.9.1 +appVersion: v1.9.2 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.5 +version: 2.4.6 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Support additional labels + - kind: changed + description: Bump argo-events to v1.9.2 From ea967df1e36733381c5b7483a1afc1c230164a81 Mon Sep 17 00:00:00 2001 From: Kaita Nakamura <94943154+z63d@users.noreply.github.com> Date: Fri, 14 Jun 2024 16:53:59 +0900 Subject: [PATCH 1036/1248] chore(argocd-image-updater): fix referenced URL to command line reference page (#2761) --- charts/argocd-image-updater/Chart.yaml | 6 +++--- charts/argocd-image-updater/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 963db659..cbf21e4c 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.10.1 +version: 0.10.2 appVersion: v0.13.1 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argocd-image-updater to v0.13.1 + - kind: fixed + description: Fixed a URL in values.yaml comments diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 2791890a..292f2c90 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -107,7 +107,7 @@ config: # -- API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`) applicationsAPIKind: "" - # Described in detail here https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags + # Described in detail here https://argocd-image-updater.readthedocs.io/en/stable/install/reference/#flags # Note: this is only relevant if config.applicationsAPIKind == 'argocd' argocd: # -- Use the gRPC-web protocol to connect to the Argo CD API From 43c626d31ed39037696392682e65fd82f79f1c9f Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 14 Jun 2024 18:00:28 +0900 Subject: [PATCH 1037/1248] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.7.0 (#2763) * chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.7.0 * feat(argo-rollouts): Update resources as following upstream Signed-off-by: yu-croco * fix(argo-rollouts): update doc Signed-off-by: yu-croco --------- Signed-off-by: yu-croco Co-authored-by: renovate[bot] Co-authored-by: yu-croco --- charts/argo-rollouts/Chart.yaml | 8 +- charts/argo-rollouts/README.md | 2 +- .../templates/controller/deployment.yaml | 2 +- .../templates/crds/analysis-run-crd.yaml | 239 +++++++++++++++++- .../templates/crds/analysis-template-crd.yaml | 235 ++++++++++++++++- .../crds/cluster-analysis-template-crd.yaml | 235 ++++++++++++++++- .../templates/crds/experiment-crd.yaml | 213 +++++++++++++++- .../templates/crds/rollout-crd.yaml | 227 ++++++++++++++++- charts/argo-rollouts/values.yaml | 15 +- 9 files changed, 1151 insertions(+), 25 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index ecb6f19b..3cb72cef 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.6 +appVersion: v1.7.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.35.3 +version: 2.36.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support revisionHistoryLimit + - kind: changed + description: Bump argo-rollouts to v1.7.0 diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 4647c419..4284942c 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -79,7 +79,7 @@ For full list of changes please check ArtifactHub [changelog]. | Key | Type | Default | Description | |-----|------|---------|-------------| -| containerSecurityContext | object | `{}` | Security Context to set on container level | +| containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"seccompProfile":{"type":"RuntimeDefault"}}` | Security Context to set on container level | | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | | controller.containerPorts.healthz | int | `8080` | Healthz container port | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 2bfdb912..851dec0b 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -21,7 +21,7 @@ spec: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} strategy: - type: Recreate + type: RollingUpdate replicas: {{ .Values.controller.replicas }} revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} template: diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 1dddfa7d..52c75d97 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.1 + controller-gen.kubebuilder.io/version: v0.13.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -188,6 +188,19 @@ spec: type: object datadog: properties: + aggregator: + default: last + enum: + - avg + - min + - max + - sum + - last + - percentile + - mean + - l2norm + - area + type: string apiVersion: default: v1 enum: @@ -241,6 +254,9 @@ spec: backoffLimit: format: int32 type: integer + backoffLimitPerIndex: + format: int32 + type: integer completionMode: type: string completions: @@ -248,6 +264,9 @@ spec: type: integer manualSelector: type: boolean + maxFailedIndexes: + format: int32 + type: integer parallelism: format: int32 type: integer @@ -289,13 +308,14 @@ spec: x-kubernetes-list-type: atomic required: - action - - onPodConditions type: object type: array x-kubernetes-list-type: atomic required: - rules type: object + podReplacementPolicy: + type: string selector: properties: matchExpressions: @@ -467,6 +487,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -535,6 +565,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -601,6 +641,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -669,6 +719,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -848,6 +908,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -898,6 +966,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1094,13 +1170,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -1453,6 +1556,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1503,6 +1614,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1699,13 +1818,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2065,6 +2211,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2115,6 +2269,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2311,13 +2473,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2543,12 +2732,43 @@ spec: - conditionType type: object type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map restartPolicy: type: string runtimeClassName: type: string schedulerName: type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map securityContext: properties: fsGroup: @@ -2945,11 +3165,26 @@ spec: type: array terminate: type: boolean + ttlStrategy: + properties: + secondsAfterCompletion: + format: int32 + type: integer + secondsAfterFailure: + format: int32 + type: integer + secondsAfterSuccess: + format: int32 + type: integer + type: object required: - metrics type: object status: properties: + completedAt: + format: date-time + type: string dryRunSummary: properties: count: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index d97a6ce9..794c7617 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.1 + controller-gen.kubebuilder.io/version: v0.13.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -184,6 +184,19 @@ spec: type: object datadog: properties: + aggregator: + default: last + enum: + - avg + - min + - max + - sum + - last + - percentile + - mean + - l2norm + - area + type: string apiVersion: default: v1 enum: @@ -237,6 +250,9 @@ spec: backoffLimit: format: int32 type: integer + backoffLimitPerIndex: + format: int32 + type: integer completionMode: type: string completions: @@ -244,6 +260,9 @@ spec: type: integer manualSelector: type: boolean + maxFailedIndexes: + format: int32 + type: integer parallelism: format: int32 type: integer @@ -285,13 +304,14 @@ spec: x-kubernetes-list-type: atomic required: - action - - onPodConditions type: object type: array x-kubernetes-list-type: atomic required: - rules type: object + podReplacementPolicy: + type: string selector: properties: matchExpressions: @@ -463,6 +483,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -531,6 +561,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -597,6 +637,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -665,6 +715,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -844,6 +904,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -894,6 +962,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1090,13 +1166,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -1449,6 +1552,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1499,6 +1610,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1695,13 +1814,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2061,6 +2207,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2111,6 +2265,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2307,13 +2469,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2539,12 +2728,43 @@ spec: - conditionType type: object type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map restartPolicy: type: string runtimeClassName: type: string schedulerName: type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map securityContext: properties: fsGroup: @@ -2939,8 +3159,15 @@ spec: - provider type: object type: array - required: - - metrics + templates: + items: + properties: + clusterScope: + type: boolean + templateName: + type: string + type: object + type: array type: object required: - spec diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 335f06a2..b6c9f6f0 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.1 + controller-gen.kubebuilder.io/version: v0.13.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -184,6 +184,19 @@ spec: type: object datadog: properties: + aggregator: + default: last + enum: + - avg + - min + - max + - sum + - last + - percentile + - mean + - l2norm + - area + type: string apiVersion: default: v1 enum: @@ -237,6 +250,9 @@ spec: backoffLimit: format: int32 type: integer + backoffLimitPerIndex: + format: int32 + type: integer completionMode: type: string completions: @@ -244,6 +260,9 @@ spec: type: integer manualSelector: type: boolean + maxFailedIndexes: + format: int32 + type: integer parallelism: format: int32 type: integer @@ -285,13 +304,14 @@ spec: x-kubernetes-list-type: atomic required: - action - - onPodConditions type: object type: array x-kubernetes-list-type: atomic required: - rules type: object + podReplacementPolicy: + type: string selector: properties: matchExpressions: @@ -463,6 +483,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -531,6 +561,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -597,6 +637,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -665,6 +715,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -844,6 +904,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -894,6 +962,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1090,13 +1166,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -1449,6 +1552,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1499,6 +1610,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1695,13 +1814,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2061,6 +2207,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2111,6 +2265,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2307,13 +2469,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2539,12 +2728,43 @@ spec: - conditionType type: object type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map restartPolicy: type: string runtimeClassName: type: string schedulerName: type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map securityContext: properties: fsGroup: @@ -2939,8 +3159,15 @@ spec: - provider type: object type: array - required: - - metrics + templates: + items: + properties: + clusterScope: + type: boolean + templateName: + type: string + type: object + type: array type: object required: - spec diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 2f60d415..2f2ea2dc 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.1 + controller-gen.kubebuilder.io/version: v0.13.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -94,6 +94,17 @@ spec: - templateName type: object type: array + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object dryRun: items: properties: @@ -309,6 +320,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -377,6 +398,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -443,6 +474,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -511,6 +552,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -690,6 +741,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -740,6 +799,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -936,13 +1003,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -1295,6 +1389,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1345,6 +1447,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1541,13 +1651,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -1907,6 +2044,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1957,6 +2102,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2153,13 +2306,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2385,12 +2565,43 @@ spec: - conditionType type: object type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map restartPolicy: type: string runtimeClassName: type: string schedulerName: type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map securityContext: properties: fsGroup: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 7faf3790..a22a9364 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.12.1 + controller-gen.kubebuilder.io/version: v0.13.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -581,6 +581,26 @@ spec: - templateName type: object type: array + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + dryRun: + items: + properties: + metricName: + type: string + required: + - metricName + type: object + type: array duration: type: string templates: @@ -913,6 +933,9 @@ spec: - name type: object type: array + maxTrafficWeight: + format: int32 + type: integer nginx: properties: additionalIngressAnnotations: @@ -1093,6 +1116,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -1161,6 +1194,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -1227,6 +1270,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -1295,6 +1348,16 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -1474,6 +1537,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1524,6 +1595,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -1720,13 +1799,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2079,6 +2185,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2129,6 +2243,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2325,13 +2447,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -2691,6 +2840,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2741,6 +2898,14 @@ spec: required: - port type: object + sleep: + properties: + seconds: + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: properties: host: @@ -2937,13 +3102,40 @@ spec: format: int32 type: integer type: object + resizePolicy: + items: + properties: + resourceName: + type: string + restartPolicy: + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic resources: properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map limits: x-kubernetes-preserve-unknown-fields: true requests: x-kubernetes-preserve-unknown-fields: true type: object + restartPolicy: + type: string securityContext: properties: allowPrivilegeEscalation: @@ -3169,12 +3361,43 @@ spec: - conditionType type: object type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map restartPolicy: type: string runtimeClassName: type: string schedulerName: type: string + schedulingGates: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map securityContext: properties: fsGroup: @@ -3340,6 +3563,8 @@ spec: type: string name: type: string + scaleDown: + type: string type: object type: object status: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 64181c99..98a78471 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -240,13 +240,14 @@ podSecurityContext: runAsNonRoot: true # -- Security Context to set on container level -containerSecurityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 +containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault # -- Annotations to be added to the Rollout service serviceAnnotations: {} From a07f981d4e72cb5b2efae6451d52e27a1d5f57f8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 15 Jun 2024 14:25:24 -0500 Subject: [PATCH 1038/1248] chore(deps): bump github/codeql-action from 3.25.8 to 3.25.10 (#2766) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index cd8d1548..c16802b5 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 + uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 with: sarif_file: results.sarif From 5fa92f5189e3e2e3226604c33813bf538b8a6316 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 16 Jun 2024 00:17:15 +0200 Subject: [PATCH 1039/1248] chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#2767) --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 8335fc7c..95a10226 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 84b51f79..7cdbac43 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index c16802b5..71c8da60 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false From b26191b776dd3edeb9b546e20ba523b437c50079 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 16 Jun 2024 01:28:34 -0500 Subject: [PATCH 1040/1248] chore(github): group dependabot updates for minor and patch (#2768) --- .github/dependabot.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0a4fd6ca..4d8e45c5 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -6,3 +6,11 @@ updates: schedule: interval: weekly day: "saturday" + commit-message: + prefix: "chore(deps)" + groups: + dependencies: + applies-to: version-updates + update-types: + - "minor" + - "patch" From fab2809c67243112d708ca309367500d388c81b4 Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Mon, 17 Jun 2024 14:59:29 -0400 Subject: [PATCH 1041/1248] fix(argo-workflows): revert `BASE_HREF` change (#2770) * fix(argo-workflows): revert `BASE_HREF` change This reverts commit 134cecde5812612514995205cd8fcc6a7f933373. Sorry, I screwed up this and caused a regression. Didn't read my own release notes (from 4 months ago to be fair) where `ARGO_BASE_HREF` would not work previously as it was inconsistently `ARGO_BASEHREF`. So there is no forward compatible change to be made here, so just revert this. Will have to reinstate this change for the 3.6 upgrade Signed-off-by: Anton Gilgur * changelog update Signed-off-by: Anton Gilgur --------- Signed-off-by: Anton Gilgur --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/server/server-deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 72634b14..70b3949a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.8 +version: 0.41.9 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: changed BASE_HREF to ARGO_BASE_HREF for forward compat + description: reverted the BASE_HREF change, will add back during 3.6 upgrade diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 95789b56..a4b8df7b 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -95,7 +95,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - - name: ARGO_BASE_HREF + - name: BASE_HREF value: {{ .Values.server.baseHref | quote }} {{- with .Values.server.extraEnv }} {{- toYaml . | nindent 12 }} From 6946696aaef570adc140fb74ac473b8aa0f0d2fc Mon Sep 17 00:00:00 2001 From: Gazal Date: Tue, 18 Jun 2024 11:13:21 +1000 Subject: [PATCH 1042/1248] feat(argo-cd): add loadBalancerClass field for Service resource (#2769) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-server/service.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 15ab4a2e..6d1a4041 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.1.3 +version: 7.1.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add missing permission for Dynamic Cluster Distribution + - kind: changed + description: add loadBalancerClass field for Service resources diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 833fbe15..f89a222c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1082,6 +1082,7 @@ NAME: my-release | server.service.externalIPs | list | `[]` | Server service external IPs | | server.service.externalTrafficPolicy | string | `"Cluster"` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints | | server.service.labels | object | `{}` | Server service labels | +| server.service.loadBalancerClass | string | `""` | The class of the load balancer implementation | | server.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | | server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | | server.service.nodePortHttp | int | `30080` | Server service http port for NodePort service type (only if `server.service.type` is set to "NodePort") | diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 71f46449..86f8abb0 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -24,6 +24,9 @@ spec: externalTrafficPolicy: {{ .Values.server.service.externalTrafficPolicy }} {{- end }} {{- if eq .Values.server.service.type "LoadBalancer" }} + {{- with .Values.server.service.loadBalancerClass }} + loadBalancerClass: {{ . }} + {{- end }} {{- with .Values.server.service.loadBalancerIP }} loadBalancerIP: {{ . }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6c446a2e..6d9923e6 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2067,6 +2067,8 @@ server: # -- Server service https port appProtocol ## Ref: https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol servicePortHttpsAppProtocol: "" + # -- The class of the load balancer implementation + loadBalancerClass: "" # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from From 3c127abe7b3aba8a80e9d01be3f4975c650535bf Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 08:46:47 +0100 Subject: [PATCH 1043/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.8 (#2773) Co-authored-by: renovate[bot] --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 70b3949a..d06694de 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.7 +appVersion: v3.5.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.9 +version: 0.41.10 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: reverted the BASE_HREF change, will add back during 3.6 upgrade + - kind: changed + description: Bump argo-workflows to v3.5.8 From 8130224b3b84de27c1bba7047688893bbc40ae17 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Wed, 19 Jun 2024 08:00:44 +0100 Subject: [PATCH 1044/1248] fix(argo-workflows): add `app:` label to components to match upstream (#2775) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/_helpers.tpl | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index d06694de..99d313f8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.10 +version: 0.41.11 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-workflows to v3.5.8 + - kind: fixed + description: Add `app:` label to components to match upstream diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index f46af22f..ebbba978 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -94,6 +94,7 @@ app.kubernetes.io/name: {{ include "argo-workflows.name" .context }}-{{ .name }} app.kubernetes.io/instance: {{ .context.Release.Name }} {{- if .component }} app.kubernetes.io/component: {{ .component }} +app: {{ .component }} {{- end }} {{- end }} From e34b45b3eabeb34fd116a676aafac5f2bff95bdf Mon Sep 17 00:00:00 2001 From: Julie Ims <44164757+julieims@users.noreply.github.com> Date: Wed, 19 Jun 2024 16:04:02 +0200 Subject: [PATCH 1045/1248] feat(argo-cd): Add secrettemplate to argo-cd server certificate (#2780) * Add secrettemplate to argo-cd server certificate Signed-off-by: Ims, Julie * refactor documentation Signed-off-by: Ims, Julie * added changelog Signed-off-by: Ims, Julie * remove empty line Signed-off-by: Ims, Julie * correct comment in values file Signed-off-by: Ims, Julie * move documentation comment according to test results Signed-off-by: Ims, Julie --------- Signed-off-by: Ims, Julie --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-server/certificate.yaml | 7 +++++++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6d1a4041..408a6989 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.1.4 +version: 7.1.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: add loadBalancerClass field for Service resources + - kind: added + description: Added secrettemplateAnnotation field for argocd server certificate diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f89a222c..6b7c2fdd 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -968,6 +968,7 @@ NAME: my-release | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | +| server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources | | server.certificate.usages | list | `[]` | Usages for the certificate | | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret | | server.certificateSecret.crt | string | `""` | Certificate data | diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 629d0e95..4376bd5c 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -13,6 +13,13 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: + secretTemplate: + {{- with .Values.server.certificate.secretTemplateAnnotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} secretName: {{ .Values.server.certificate.secretName }} commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }} dnsNames: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6d9923e6..33252305 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2029,6 +2029,8 @@ server: # -- Usages for the certificate ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage usages: [] + # -- Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources + secretTemplateAnnotations: {} # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server From b0d4648471aef30a1a849a82c84dcb37ed7b504d Mon Sep 17 00:00:00 2001 From: Erwan Vallienne <135604788+erwanval@users.noreply.github.com> Date: Thu, 20 Jun 2024 12:25:27 +0200 Subject: [PATCH 1046/1248] fix(argo-cd): remove secretName for server and applicationSet Certificates (#2741) * Remove Certificate's secretName because expected names by server and applicationset are static Signed-off-by: Erwan Vallienne * Apply suggestions from code review Signed-off-by: Marco Maurer (-Kilchhofer) * Fix lint Signed-off-by: Erwan Vallienne --------- Signed-off-by: Erwan Vallienne Signed-off-by: Marco Maurer (-Kilchhofer) Signed-off-by: Erwan Vallienne <135604788+erwanval@users.noreply.github.com> Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-cd/Chart.yaml | 8 +++++--- charts/argo-cd/README.md | 2 -- .../templates/argocd-applicationset/certificate.yaml | 2 +- charts/argo-cd/templates/argocd-server/certificate.yaml | 2 +- charts/argo-cd/values.yaml | 4 ---- 5 files changed, 7 insertions(+), 11 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 408a6989..1d1b03af 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.1.5 +version: 7.2.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added secrettemplateAnnotation field for argocd server certificate + - kind: removed + description: Remove `server.certificate.secretName`, as the expected secret name is static (argocd-server-tls) + - kind: removed + description: Remove `applicationSet.certificate.secretName`, as the expected secret name is static (argocd-applicationset-controller-tls) diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6b7c2fdd..8ef96974 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -967,7 +967,6 @@ NAME: my-release | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | -| server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources | | server.certificate.usages | list | `[]` | Usages for the certificate | | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret | @@ -1402,7 +1401,6 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | applicationSet.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | -| applicationSet.certificate.secretName | string | `"argocd-applicationset-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index c2d2b279..fce26bf5 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -13,7 +13,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: - secretName: {{ .Values.applicationSet.certificate.secretName }} + secretName: argocd-applicationset-controller-tls commonName: {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }} dnsNames: - {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 4376bd5c..803452f6 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -20,7 +20,7 @@ spec: {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} - secretName: {{ .Values.server.certificate.secretName }} + secretName: argocd-server-tls commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }} dnsNames: - {{ .Values.server.certificate.domain | default .Values.global.domain }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 33252305..001a3d97 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1990,8 +1990,6 @@ server: certificate: # -- Deploy a Certificate resource (requires cert-manager) enabled: false - # -- The name of the Secret that will be automatically created and managed by this Certificate resource - secretName: argocd-server-tls # -- Certificate primary domain (commonName) # @default -- `""` (defaults to global.domain) domain: "" @@ -2998,8 +2996,6 @@ applicationSet: certificate: # -- Deploy a Certificate resource (requires cert-manager) enabled: false - # -- The name of the Secret that will be automatically created and managed by this Certificate resource - secretName: argocd-applicationset-controller-tls # -- Certificate primary domain (commonName) # @default -- `""` (defaults to global.domain) domain: "" From 02949b14b108e42407831ddaa131161eb6210ed6 Mon Sep 17 00:00:00 2001 From: smcavallo Date: Fri, 21 Jun 2024 17:01:27 -0400 Subject: [PATCH 1047/1248] fix(argo-cd): Default repo-server init container resources to empty (#2786) --- charts/argo-cd/Chart.yaml | 8 +++----- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 4 +--- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1d1b03af..70bca9bb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.2.0 +version: 7.2.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: removed - description: Remove `server.certificate.secretName`, as the expected secret name is static (argocd-server-tls) - - kind: removed - description: Remove `applicationSet.certificate.secretName`, as the expected secret name is static (argocd-applicationset-controller-tls) + - kind: changed + description: Default argocd repo-server init container replicas to empty diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 3cacf124..7a29d147 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -359,10 +359,8 @@ spec: image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} name: copyutil - {{- with .Values.repoServer.resources }} resources: - {{- toYaml . | nindent 10 }} - {{- end }} + {{- toYaml .Values.repoServer.resources | nindent 10 }} {{- with .Values.repoServer.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} From 2ba2eb3daf34bf89b740518cd27cd8a165357f84 Mon Sep 17 00:00:00 2001 From: Mohamed Ragab <155462724+mohamedragab2024@users.noreply.github.com> Date: Sat, 22 Jun 2024 06:11:25 -0400 Subject: [PATCH 1048/1248] feat(argo-rollouts): add annotations for notifications secret (#2777) * feat(argo-rollouts): Most users of Argo-rollouts may store secrets on vault which allows to auto inject secrets directly to secrets object using annotations. Signed-off-by:Mohamed Ragab Signed-off-by: Mohamed Ragab * Fix indentation Signed-off-by: Mohamed Ragab --------- Signed-off-by: Mohamed Ragab Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + .../templates/controller/notifications-secret.yaml | 6 ++++++ charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 3cb72cef..1c8ccbc9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.36.0 +version: 2.36.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-rollouts to v1.7.0 + description: Add annotations for notifications secret diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 4284942c..b6d8160a 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -58,6 +58,7 @@ For full list of changes please check ArtifactHub [changelog]. | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | nameOverride | string | `nil` | String to partially override "argo-rollouts.fullname" template | | notifications.notifiers | object | `{}` | Configures notification services | +| notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret | | notifications.secret.create | bool | `false` | Whether to create notifications secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret | | notifications.templates | object | `{}` | Notification templates | diff --git a/charts/argo-rollouts/templates/controller/notifications-secret.yaml b/charts/argo-rollouts/templates/controller/notifications-secret.yaml index 52b393df..f48d895f 100644 --- a/charts/argo-rollouts/templates/controller/notifications-secret.yaml +++ b/charts/argo-rollouts/templates/controller/notifications-secret.yaml @@ -4,6 +4,12 @@ kind: Secret metadata: name: argo-rollouts-notification-secret namespace: {{ .Release.Namespace | quote }} + {{- with .Values.notifications.secret.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 98a78471..089d5547 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -454,6 +454,8 @@ notifications: # -- Generic key:value pairs to be inserted into the notifications secret items: {} # slack-token: + # -- Annotations to be added to the notifications secret + annotations: {} # -- Configures notification services notifiers: {} From ad8d48c590f24a4b6e2fa1cbe72d65a4d5ab487b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micka=C3=ABl=20Can=C3=A9vet?= Date: Tue, 25 Jun 2024 05:48:03 +0200 Subject: [PATCH 1049/1248] =?UTF-8?q?feat(argo-cd):=20make=20PrometheusRul?= =?UTF-8?q?e=20deployment=20conditional=20on=20CRD=20exis=E2=80=A6=20(#279?= =?UTF-8?q?1)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/prometheusrule.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 70bca9bb..196b482c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.2.1 +version: 7.3.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Default argocd repo-server init container replicas to empty + description: make PrometheusRule deployment conditional on CRD existence diff --git a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml index 86d66564..20d8eea8 100644 --- a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.rules.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.controller.metrics.enabled .Values.controller.metrics.rules.enabled }} apiVersion: monitoring.coreos.com/v1 kind: PrometheusRule metadata: From 7b30c3bcfa011d4cfeb83e2441bf5ff4d00728e9 Mon Sep 17 00:00:00 2001 From: Clement Chevalier <69809982+clemcvlcs@users.noreply.github.com> Date: Tue, 25 Jun 2024 14:25:46 +0200 Subject: [PATCH 1050/1248] chore(argo-cd): add shard option for clusterCredentials (#2779) feat(argocd): add shard option for clusterCredentials Signed-off-by: Clement Chevalier --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-configs/cluster-secrets.yaml | 3 +++ charts/argo-cd/values.yaml | 10 ++++++++++ 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 196b482c..906b8661 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.0 +version: 7.3.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: make PrometheusRule deployment conditional on CRD existence + description: add shard option for clusterCredentials diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index 2682e70e..d952f7c9 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -19,6 +19,9 @@ metadata: {{- end }} type: Opaque stringData: + {{- if $cluster_value.shard }} + shard: {{ $cluster_value.shard }} + {{- end }} name: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.name entry is required!" $cluster_key }} server: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.server entry is required!" $cluster_value.server }} {{- if $cluster_value.namespaces }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 001a3d97..a89a9f96 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -461,6 +461,16 @@ configs: # tlsClientConfig: # insecure: false # caData: "" + # mycluster4-sharded: + # shard: 1 + # server: https://mycluster4.example.com + # labels: {} + # annotations: {} + # config: + # bearerToken: "" + # tlsClientConfig: + # insecure: false + # caData: "" # -- Repository credentials to be used as Templates for other repos ## Creates a secret for each key/value specified below to create repository credentials From ee508fe7fc9780529d4f425de424b42d6b7c4105 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaime=20P=C3=A9rez=20Halc=C3=B3n?= Date: Tue, 25 Jun 2024 15:04:32 +0200 Subject: [PATCH 1051/1248] fix(argo-rollouts): Add subscriptions into notifcations-configmap (#2793) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(argo-rollouts): Add subscriptions into notifcations-configmap Signed-off-by: Jaime Pérez Halcón * fix(argo-rollouts): Set version Signed-off-by: Jaime Pérez Halcón * fix(argo-rollouts): Updated readme Signed-off-by: Jaime Pérez Halcón * fix(values.yaml): fixed trailing spaces Signed-off-by: Jaime Pérez Halcón --------- Signed-off-by: Jaime Pérez Halcón Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + .../templates/controller/notifcations-configmap.yaml | 4 ++++ charts/argo-rollouts/values.yaml | 8 ++++++++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 1c8ccbc9..c72282f6 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.36.1 +version: 2.36.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Add annotations for notifications secret + description: Add subscriptions into notifications-configmap diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index b6d8160a..1d7c59cd 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -61,6 +61,7 @@ For full list of changes please check ArtifactHub [changelog]. | notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret | | notifications.secret.create | bool | `false` | Whether to create notifications secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret | +| notifications.subscriptions | object | `{}` | The subscriptions define the subscriptions to the triggers in a general way for all rollouts | | notifications.templates | object | `{}` | Notification templates | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | | providerRBAC.additionalRules | list | `[]` | Additional RBAC rules for others providers | diff --git a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml index a370a600..8d4cd6b4 100644 --- a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml +++ b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml @@ -16,3 +16,7 @@ data: {{- with .Values.notifications.triggers }} {{- toYaml . | nindent 2 }} {{- end }} + {{- with .Values.notifications.subscriptions }} + subscriptions: + {{- toYaml . | nindent 4 }} + {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 089d5547..7e142c24 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -479,3 +479,11 @@ notifications: # trigger.on-purple: | # - send: [my-purple-template] # when: rollout.spec.template.spec.containers[0].image == 'argoproj/rollouts-demo:purple' + + # -- The subscriptions define the subscriptions to the triggers in a general way for all rollouts + subscriptions: {} + # subscriptions: + # recipients: + # - slack: + # triggers: + # - on-rollout-completed From db0f57b309ea6dec4b951e4340defff0c603ce21 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 26 Jun 2024 14:27:44 +0900 Subject: [PATCH 1052/1248] fix(argo-events): Update Jetstream versions as following upstream (#2790) --- charts/argo-events/Chart.yaml | 6 ++--- charts/argo-events/README.md | 46 +++++++++++++++++++++++++++++--- charts/argo-events/values.yaml | 48 +++++++++++++++++++++++++++++++--- 3 files changed, 90 insertions(+), 10 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 394b150c..aae23442 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.9.2 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.6 +version: 2.4.7 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-events to v1.9.2 + - kind: fixed + description: Update Jetstream versions as following upstream diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index c9cd5083..5d2c036b 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -65,11 +65,51 @@ done | configs.jetstream.streamConfig.maxBytes | string | `"1GB"` | | | configs.jetstream.streamConfig.maxMsgs | int | `1000000` | Maximum number of messages before expiring oldest message | | configs.jetstream.streamConfig.replicas | int | `3` | Number of replicas, defaults to 3 and requires minimal 3 | -| configs.jetstream.versions[0].configReloaderImage | string | `"natsio/nats-server-config-reloader:latest"` | | -| configs.jetstream.versions[0].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:latest"` | | -| configs.jetstream.versions[0].natsImage | string | `"nats:latest"` | | +| configs.jetstream.versions[0].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.14.0"` | | +| configs.jetstream.versions[0].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.14.0"` | | +| configs.jetstream.versions[0].natsImage | string | `"nats:2.10.10"` | | | configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | | | configs.jetstream.versions[0].version | string | `"latest"` | | +| configs.jetstream.versions[1].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.7.0"` | | +| configs.jetstream.versions[1].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.9.1"` | | +| configs.jetstream.versions[1].natsImage | string | `"nats:2.8.1"` | | +| configs.jetstream.versions[1].startCommand | string | `"/nats-server"` | | +| configs.jetstream.versions[1].version | string | `"2.8.1"` | | +| configs.jetstream.versions[2].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.7.0"` | | +| configs.jetstream.versions[2].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.9.1"` | | +| configs.jetstream.versions[2].natsImage | string | `"nats:2.8.1-alpine"` | | +| configs.jetstream.versions[2].startCommand | string | `"nats-server"` | | +| configs.jetstream.versions[2].version | string | `"2.8.1-alpine"` | | +| configs.jetstream.versions[3].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.7.0"` | | +| configs.jetstream.versions[3].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.9.1"` | | +| configs.jetstream.versions[3].natsImage | string | `"nats:2.8.2"` | | +| configs.jetstream.versions[3].startCommand | string | `"/nats-server"` | | +| configs.jetstream.versions[3].version | string | `"2.8.2"` | | +| configs.jetstream.versions[4].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.7.0"` | | +| configs.jetstream.versions[4].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.9.1"` | | +| configs.jetstream.versions[4].natsImage | string | `"nats:2.8.2-alpine"` | | +| configs.jetstream.versions[4].startCommand | string | `"nats-server"` | | +| configs.jetstream.versions[4].version | string | `"2.8.2-alpine"` | | +| configs.jetstream.versions[5].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.7.0"` | | +| configs.jetstream.versions[5].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.9.1"` | | +| configs.jetstream.versions[5].natsImage | string | `"nats:2.9.1"` | | +| configs.jetstream.versions[5].startCommand | string | `"/nats-server"` | | +| configs.jetstream.versions[5].version | string | `"2.9.1"` | | +| configs.jetstream.versions[6].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.7.0"` | | +| configs.jetstream.versions[6].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.9.1"` | | +| configs.jetstream.versions[6].natsImage | string | `"nats:2.9.12"` | | +| configs.jetstream.versions[6].startCommand | string | `"/nats-server"` | | +| configs.jetstream.versions[6].version | string | `"2.9.12"` | | +| configs.jetstream.versions[7].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.7.0"` | | +| configs.jetstream.versions[7].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.9.1"` | | +| configs.jetstream.versions[7].natsImage | string | `"nats:2.9.16"` | | +| configs.jetstream.versions[7].startCommand | string | `"/nats-server"` | | +| configs.jetstream.versions[7].version | string | `"2.9.16"` | | +| configs.jetstream.versions[8].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.14.0"` | | +| configs.jetstream.versions[8].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.14.0"` | | +| configs.jetstream.versions[8].natsImage | string | `"nats:2.10.10"` | | +| configs.jetstream.versions[8].startCommand | string | `"/nats-server"` | | +| configs.jetstream.versions[8].version | string | `"2.10.10"` | | | configs.nats.versions | list | See [values.yaml] | Supported versions of NATS event bus | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index b959e6cd..09a2d9ea 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -96,10 +96,50 @@ configs: duplicates: 300s # Supported versions of JetStream eventbus versions: - - version: "latest" - natsImage: nats:latest - metricsExporterImage: natsio/prometheus-nats-exporter:latest - configReloaderImage: natsio/nats-server-config-reloader:latest + - version: latest + natsImage: nats:2.10.10 + metricsExporterImage: natsio/prometheus-nats-exporter:0.14.0 + configReloaderImage: natsio/nats-server-config-reloader:0.14.0 + startCommand: /nats-server + - version: 2.8.1 + natsImage: nats:2.8.1 + metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + configReloaderImage: natsio/nats-server-config-reloader:0.7.0 + startCommand: /nats-server + - version: 2.8.1-alpine + natsImage: nats:2.8.1-alpine + metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + configReloaderImage: natsio/nats-server-config-reloader:0.7.0 + startCommand: nats-server + - version: 2.8.2 + natsImage: nats:2.8.2 + metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + configReloaderImage: natsio/nats-server-config-reloader:0.7.0 + startCommand: /nats-server + - version: 2.8.2-alpine + natsImage: nats:2.8.2-alpine + metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + configReloaderImage: natsio/nats-server-config-reloader:0.7.0 + startCommand: nats-server + - version: 2.9.1 + natsImage: nats:2.9.1 + metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + configReloaderImage: natsio/nats-server-config-reloader:0.7.0 + startCommand: /nats-server + - version: 2.9.12 + natsImage: nats:2.9.12 + metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + configReloaderImage: natsio/nats-server-config-reloader:0.7.0 + startCommand: /nats-server + - version: 2.9.16 + natsImage: nats:2.9.16 + metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 + configReloaderImage: natsio/nats-server-config-reloader:0.7.0 + startCommand: /nats-server + - version: 2.10.10 + natsImage: nats:2.10.10 + metricsExporterImage: natsio/prometheus-nats-exporter:0.14.0 + configReloaderImage: natsio/nats-server-config-reloader:0.14.0 startCommand: /nats-server # -- Array of extra K8s manifests to deploy From 889c3e95653a21f6b0aed6e6047e5a913452401f Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 26 Jun 2024 09:02:42 +0200 Subject: [PATCH 1053/1248] chore(deps): update actions/create-github-app-token action to v1.10.2 (#2798) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index d69671c9..f647beb0 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1 + uses: actions/create-github-app-token@ad38cffc07bac6e3857755914c4c88bfd2db4da4 # v1.10.2 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 3d98d04f431bad7362c2d8643dd840ddf4c6aced Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 26 Jun 2024 18:10:00 +0900 Subject: [PATCH 1054/1248] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.7.1 (#2794) * chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.7.1 * feat(argo-rollouts): update as following upstream Signed-off-by: yu-croco --------- Signed-off-by: yu-croco Co-authored-by: renovate[bot] Co-authored-by: yu-croco --- charts/argo-rollouts/Chart.yaml | 6 +++--- .../templates/controller/deployment.yaml | 12 ++++++++++-- .../templates/crds/analysis-run-crd.yaml | 1 - .../templates/crds/analysis-template-crd.yaml | 1 - .../crds/cluster-analysis-template-crd.yaml | 1 - charts/argo-rollouts/values.yaml | 1 + 6 files changed, 14 insertions(+), 8 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c72282f6..0aef8f18 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.0 +appVersion: v1.7.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.36.2 +version: 2.37.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Add subscriptions into notifications-configmap + description: Bump argo-rollouts to v1.7.1 diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 851dec0b..df5dc4db 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -80,8 +80,12 @@ spec: {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} - {{- with .Values.controller.volumeMounts }} volumeMounts: + - name: plugin-bin + mountPath: /home/argo-rollouts/plugin-bin + - name: tmp + mountPath: /tmp + {{- with .Values.controller.volumeMounts }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.controller.extraContainers }} @@ -120,7 +124,11 @@ spec: {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} - {{- with .Values.controller.volumes }} volumes: + - name: plugin-bin + emptyDir: {} + - name: tmp + emptyDir: {} + {{- with .Values.controller.volumes }} {{- toYaml . | nindent 6 }} {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 52c75d97..d79c3608 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -189,7 +189,6 @@ spec: datadog: properties: aggregator: - default: last enum: - avg - min diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 794c7617..3c46bbad 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -185,7 +185,6 @@ spec: datadog: properties: aggregator: - default: last enum: - avg - min diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index b6c9f6f0..b7b07c2e 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -185,7 +185,6 @@ spec: datadog: properties: aggregator: - default: last enum: - avg - min diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 7e142c24..f8bc359f 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -120,6 +120,7 @@ controller: # limits: # cpu: 100m # memory: 128Mi + # ephemeral-storage: 1Gi # requests: # cpu: 50m # memory: 64Mi From 425e98ecff7bbfa5ccc6f94980c6a9699daf4e99 Mon Sep 17 00:00:00 2001 From: ajax-bychenok-y <138507453+ajax-bychenok-y@users.noreply.github.com> Date: Wed, 26 Jun 2024 13:39:03 +0300 Subject: [PATCH 1055/1248] fix(argo-rollouts): Fix of global subscriptions for Argo Rollouts (#2797) * Fix of Argo Rollouts notifications subscription Signed-off-by: Yurii Bychenok * Fixed Argo Rollouts helm changelog Signed-off-by: Yurii Bychenok * Fixed Argo Rollouts helm default values.yaml Signed-off-by: Yurii Bychenok * Fixed Argo Rollouts doc after helm update Signed-off-by: Yurii Bychenok --------- Signed-off-by: Yurii Bychenok Signed-off-by: Aikawa Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 2 +- .../templates/controller/notifcations-configmap.yaml | 2 +- charts/argo-rollouts/values.yaml | 10 +++++----- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 0aef8f18..df878d7f 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.0 +version: 2.37.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-rollouts to v1.7.1 + - kind: fixed + description: Fix subscriptions into notifications-configmap diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 1d7c59cd..13a4f24b 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -61,7 +61,7 @@ For full list of changes please check ArtifactHub [changelog]. | notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret | | notifications.secret.create | bool | `false` | Whether to create notifications secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret | -| notifications.subscriptions | object | `{}` | The subscriptions define the subscriptions to the triggers in a general way for all rollouts | +| notifications.subscriptions | list | `[]` | The subscriptions define the subscriptions to the triggers in a general way for all rollouts | | notifications.templates | object | `{}` | Notification templates | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | | providerRBAC.additionalRules | list | `[]` | Additional RBAC rules for others providers | diff --git a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml index 8d4cd6b4..4748bfc1 100644 --- a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml +++ b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml @@ -17,6 +17,6 @@ data: {{- toYaml . | nindent 2 }} {{- end }} {{- with .Values.notifications.subscriptions }} - subscriptions: + subscriptions: | {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f8bc359f..2a3b7c15 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -482,9 +482,9 @@ notifications: # when: rollout.spec.template.spec.containers[0].image == 'argoproj/rollouts-demo:purple' # -- The subscriptions define the subscriptions to the triggers in a general way for all rollouts - subscriptions: {} - # subscriptions: - # recipients: - # - slack: + subscriptions: [] + # - recipients: + # - slack: # triggers: - # - on-rollout-completed + # - on-rollout-completed + # - on-rollout-aborted From 171177ab77f3e5b242566de5a3b8638c10a40928 Mon Sep 17 00:00:00 2001 From: shlomi tubul <33376277+shlomitubul@users.noreply.github.com> Date: Wed, 26 Jun 2024 14:28:42 +0300 Subject: [PATCH 1056/1248] feat(argo-cd): add support for passing redis - sentinel credentials (#2492) * feat: add support for passing redis - sentinel credentials Signed-off-by: ShlomiTubul * feat: add changelog annotations Signed-off-by: ShlomiTubul * Update Chart.yaml Signed-off-by: shlomi tubul <33376277+shlomitubul@users.noreply.github.com> * Update Chart.yaml Signed-off-by: shlomi tubul <33376277+shlomitubul@users.noreply.github.com> * Update Chart.yaml Signed-off-by: shlomi tubul <33376277+shlomitubul@users.noreply.github.com> --------- Signed-off-by: ShlomiTubul Signed-off-by: shlomi tubul <33376277+shlomitubul@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- .../argocd-application-controller/statefulset.yaml | 12 ++++++++++++ .../templates/argocd-repo-server/deployment.yaml | 12 ++++++++++++ .../argo-cd/templates/argocd-server/deployment.yaml | 12 ++++++++++++ charts/argo-cd/values.yaml | 2 +- 6 files changed, 41 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 906b8661..06d3d2f6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.1 +version: 7.3.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: add shard option for clusterCredentials + - kind: added + description: Add support for passing redis - sentinel credentials diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 8ef96974..3801650d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1347,7 +1347,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| externalRedis.existingSecret | string | `""` | The name of an existing secret with Redis credentials (must contain key `redis-password`). When it's set, the `externalRedis.password` parameter is ignored | +| externalRedis.existingSecret | string | `""` | The name of an existing secret with Redis (must contain key `redis-password`) and Sentinel credentials. When it's set, the `externalRedis.password` parameter is ignored | | externalRedis.host | string | `""` | External Redis server host | | externalRedis.password | string | `""` | External Redis password | | externalRedis.port | int | `6379` | External Redis server port | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 947307d7..4fb49bee 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -211,6 +211,18 @@ spec: {{- else }} key: auth {{- end }} + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-sentinel-password + optional: true - name: ARGOCD_DEFAULT_CACHE_EXPIRATION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 7a29d147..992d2369 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -188,6 +188,18 @@ spec: {{- else }} key: auth {{- end }} + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-sentinel-password + optional: true - name: ARGOCD_DEFAULT_CACHE_EXPIRATION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 125328a5..f20f2af0 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -256,6 +256,18 @@ spec: {{- else }} key: auth {{- end }} + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-sentinel-password + optional: true - name: ARGOCD_DEFAULT_CACHE_EXPIRATION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a89a9f96..0d42bf71 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1611,7 +1611,7 @@ externalRedis: password: "" # -- External Redis server port port: 6379 - # -- The name of an existing secret with Redis credentials (must contain key `redis-password`). + # -- The name of an existing secret with Redis (must contain key `redis-password`) and Sentinel credentials. # When it's set, the `externalRedis.password` parameter is ignored existingSecret: "" # -- External Redis Secret annotations From 9cefbb3dafab990bc7a5c1297bae01fefa3307f5 Mon Sep 17 00:00:00 2001 From: shlomi tubul <33376277+shlomitubul@users.noreply.github.com> Date: Sat, 29 Jun 2024 00:52:17 +0300 Subject: [PATCH 1057/1248] fix(argo-cd): Make REDIS_PASSWORD environment variables optional always (#2800) --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 06d3d2f6..b4a7c1af 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.2 +version: 7.3.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for passing redis - sentinel credentials + - kind: changed + description: make REDIS_PASSWORD environment variables optional always diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 4fb49bee..8231f311 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -205,9 +205,9 @@ spec: valueFrom: secretKeyRef: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + optional: true {{- if .Values.externalRedis.host }} key: redis-password - optional: true {{- else }} key: auth {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 992d2369..71e8c767 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -182,9 +182,9 @@ spec: valueFrom: secretKeyRef: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + optional: true {{- if .Values.externalRedis.host }} key: redis-password - optional: true {{- else }} key: auth {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index f20f2af0..00a62fd2 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -250,9 +250,9 @@ spec: valueFrom: secretKeyRef: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + optional: true {{- if .Values.externalRedis.host }} key: redis-password - optional: true {{- else }} key: auth {{- end }} From 80e6e6bebdf62fce7aacc5b973d46d6e7a10887d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 29 Jun 2024 07:43:46 -0500 Subject: [PATCH 1058/1248] chore(deps): bump the dependencies group with 2 updates (#2801) --- .github/workflows/pr-title.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 9828761b..170d908b 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@cfb60706e18bc85e8aec535e3c577abe8f70378e # v5.5.2 + - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 71c8da60..7ee9fec5 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: results.sarif From 24275df2aa87653e6c3f62a41b9cfc4d5310f4ce Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 02:18:40 -0500 Subject: [PATCH 1059/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v37.421.4 (#2802) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index f647beb0..056f4109 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 37.384.0 + renovate-version: 37.421.4 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From 475d7e724dfa7b6c0038b6504e1ddb8a4db6c873 Mon Sep 17 00:00:00 2001 From: Kaswob <44066982+Kaswob@users.noreply.github.com> Date: Mon, 1 Jul 2024 12:02:14 +0200 Subject: [PATCH 1060/1248] fix(argo-rollouts): Add traefik.io api group (#2703) Add traefik.io (which is the only supported apiGroup for traefik >3.0) to clusterrole and role of argo-rollouts chart Signed-off-by: Kamil Swoboda Signed-off-by: Kaswob <44066982+Kaswob@users.noreply.github.com> --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/templates/controller/clusterrole.yaml | 1 + charts/argo-rollouts/templates/controller/role.yaml | 1 + 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index df878d7f..53066aa5 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.1 +version: 2.37.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix subscriptions into notifications-configmap + - kind: added + description: Added traefik.io apiGroup to Role and ClusterRole diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index a80708b6..70c3bdf8 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -248,6 +248,7 @@ rules: # Traefik access needed when using the Traefik provider - apiGroups: - traefik.containo.us + - traefik.io resources: - traefikservices verbs: diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 584587b9..fdce087e 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -249,6 +249,7 @@ rules: # Traefik access needed when using the Traefik provider - apiGroups: - traefik.containo.us + - traefik.io resources: - traefikservices verbs: From 080e79078cae5d24a5bbc3712e5b9a23a6dc3716 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 23:21:48 +0200 Subject: [PATCH 1061/1248] chore(deps): update actions/create-github-app-token action to v1.10.3 (#2803) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 056f4109..d0ed6dbd 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@ad38cffc07bac6e3857755914c4c88bfd2db4da4 # v1.10.2 + uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1.10.3 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 5e862ea63bb487e1899588fb31e20f26ba833be6 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 2 Jul 2024 11:23:41 -0500 Subject: [PATCH 1062/1248] chore(deps): update renovatebot/github-action action to v40.2.0 (#2804) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index d0ed6dbd..54249d70 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@21d88b0bf0183abcee15f990011cca090dfc47dd # v40.1.12 + uses: renovatebot/github-action@259200be4d976a76196ec8985b0dddcaf1733b47 # v40.2.0 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From de281eca6e3e73bc8d96d29cd1c8cc637ab2752b Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 2 Jul 2024 21:43:28 +0100 Subject: [PATCH 1063/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.11.4 (#2805) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b4a7c1af..6dfce538 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.11.3 +appVersion: v2.11.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.3 +version: 7.3.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: make REDIS_PASSWORD environment variables optional always + description: Bump argo-cd to v2.11.4 From 50984954684e14bd6c43d19313d9487f78dd7237 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 7 Jul 2024 07:43:25 -0500 Subject: [PATCH 1064/1248] chore(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 in the dependencies group (#2808) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7ee9fec5..8de765b9 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: SARIF file path: results.sarif From f9b619dc6aac70ef9ce9f957db6478af5cf53435 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 8 Jul 2024 19:55:39 +0200 Subject: [PATCH 1065/1248] chore(deps): update renovatebot/github-action action to v40.2.1 (#2811) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 54249d70..ba7bedb0 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@259200be4d976a76196ec8985b0dddcaf1733b47 # v40.2.0 + uses: renovatebot/github-action@d4cde0ac34e53942ead1619a101748e3ab842937 # v40.2.1 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 6dab5492689e9f2d389515a7059564f9d0c9fb39 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 8 Jul 2024 19:31:47 -0500 Subject: [PATCH 1066/1248] chore(deps): update renovatebot/github-action action to v40.2.2 (#2815) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index ba7bedb0..5eced008 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@d4cde0ac34e53942ead1619a101748e3ab842937 # v40.2.1 + uses: renovatebot/github-action@042670e39b8d7335e992c3fa526ecbfbd52ef57b # v40.2.2 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From ea28da27d14035f9efa88750a45b1fdf21585ec0 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 9 Jul 2024 22:31:36 +0100 Subject: [PATCH 1067/1248] chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.14.0 (#2809) * chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.14.0 * feat(argocd-image-updater): upgrade as following upstream Signed-off-by: yu-croco * feat(argocd-image-updater): configure gitCommitSigningKey and gitCommitSignOff Signed-off-by: yu-croco * fix(argocd-image-updater): add missing attribute Signed-off-by: yu-croco --------- Signed-off-by: yu-croco Co-authored-by: renovate[bot] Co-authored-by: yu-croco --- charts/argocd-image-updater/Chart.yaml | 8 +++--- charts/argocd-image-updater/README.md | 3 +++ .../templates/configmap.yaml | 9 +++++++ .../templates/deployment.yaml | 26 +++++++++++++++++++ charts/argocd-image-updater/values.yaml | 9 +++++++ 5 files changed, 51 insertions(+), 4 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index cbf21e4c..c358515f 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.10.2 -appVersion: v0.13.1 +version: 0.11.0 +appVersion: v0.14.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixed a URL in values.yaml comments + - kind: changed + description: Bump argocd-image-updater to v0.14.0 diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index ea57d402..5e51a8cd 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -79,6 +79,9 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.argocd.token | string | `""` | If specified, the secret with Argo CD API key will be created. | | config.disableKubeEvents | bool | `false` | Disable kubernetes events | | config.gitCommitMail | string | `""` | E-Mail address to use for Git commits | +| config.gitCommitSignOff | bool | `false` | Enables sign off on commits | +| config.gitCommitSigningKey | string | `""` | Path to public SSH key mounted in container, or GPG key ID used to sign commits | +| config.gitCommitSigningMethod | string | `""` | Method used to sign Git commits. `openpgp` or `ssh` | | config.gitCommitTemplate | string | `""` | Changing the Git commit message | | config.gitCommitUser | string | `""` | Username to use for Git commits | | config.logLevel | string | `"info"` | Argo CD Image Update log level | diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml index 84eb6875..46ee3b80 100644 --- a/charts/argocd-image-updater/templates/configmap.yaml +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -31,6 +31,15 @@ data: git.commit-message-template: | {{- nindent 4 . }} {{- end }} + {{- with .Values.config.gitCommitSigningKey }} + git.commit-signing-key: {{ . | quote }} + {{- end }} + {{- with .Values.config.gitCommitSignOff }} + git.commit-sign-off: {{ . | quote }} + {{- end }} + {{- with .Values.config.gitCommitSigningMethod }} + git.commit-signing-method: {{ . | quote }} + {{- end }} kube.events: {{ .Values.config.disableKubeEvents | quote }} {{- with .Values.config.registries }} registries.conf: | diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index b6aa13fe..4aaa83b3 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -100,6 +100,24 @@ spec: key: kube.events name: argocd-image-updater-config optional: true + - name: GIT_COMMIT_SIGNING_KEY + valueFrom: + configMapKeyRef: + key: git.commit-signing-key + name: argocd-image-updater-config + optional: true + - name: GIT_COMMIT_SIGNING_METHOD + valueFrom: + configMapKeyRef: + key: git.commit-signing-method + name: argocd-image-updater-config + optional: true + - name: GIT_COMMIT_SIGN_OFF + valueFrom: + configMapKeyRef: + key: git.commit-sign-off + name: argocd-image-updater-config + optional: true {{- with .Values.extraEnv }} {{- toYaml . | nindent 10 }} {{- end }} @@ -141,6 +159,10 @@ spec: name: ssh-config - mountPath: /tmp name: tmp + - name: ssh-signing-key + mountPath: /app/ssh-keys/id_rsa + readOnly: true + subPath: sshPrivateKey {{- if .Values.authScripts.enabled }} - mountPath: /scripts name: authscripts @@ -172,6 +194,10 @@ spec: name: argocd-image-updater-ssh-config optional: true name: ssh-config + - name: ssh-signing-key + secret: + secretName: ssh-git-creds + optional: true - emptyDir: {} name: tmp {{- with .Values.volumes }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 292f2c90..19291de9 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -133,6 +133,15 @@ config: # -- Changing the Git commit message gitCommitTemplate: "" + # -- Path to public SSH key mounted in container, or GPG key ID used to sign commits + gitCommitSigningKey: "" + + # -- Enables sign off on commits + gitCommitSignOff: false + + # -- Method used to sign Git commits. `openpgp` or `ssh` + gitCommitSigningMethod: "" + # -- Argo CD Image Update log level logLevel: "info" From 79e32424d68e39a46f40db7f5377db7a2b473960 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Wed, 10 Jul 2024 23:01:05 +0200 Subject: [PATCH 1068/1248] fix(argo-cd): Address oversights of feature `namespaceOverride` (#2821) Signed-off-by: Marco Maurer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/NOTES.txt | 4 ++-- .../argocd-application-controller/prometheusrule.yaml | 2 +- .../argocd-application-controller/servicemonitor.yaml | 2 +- .../templates/argocd-applicationset/servicemonitor.yaml | 2 +- .../argo-cd/templates/argocd-configs/cluster-secrets.yaml | 2 +- .../argocd-configs/repository-credentials-secret.yaml | 2 +- .../argo-cd/templates/argocd-configs/repository-secret.yaml | 2 +- .../templates/argocd-notifications/servicemonitor.yaml | 2 +- .../templates/argocd-repo-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/dex/servicemonitor.yaml | 2 +- charts/argo-cd/templates/redis-secret-init/job.yaml | 2 +- charts/argo-cd/templates/redis-secret-init/role.yaml | 2 +- charts/argo-cd/templates/redis-secret-init/rolebinding.yaml | 2 +- .../argo-cd/templates/redis-secret-init/serviceaccount.yaml | 2 +- charts/argo-cd/templates/redis/servicemonitor.yaml | 2 +- 17 files changed, 20 insertions(+), 20 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6dfce538..1f3f92a3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.4 +version: 7.3.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.11.4 + - kind: fixed + description: Address oversights of feature `namespaceOverride` diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index f2dbdfab..8821ab75 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -1,6 +1,6 @@ In order to access the server UI you have the following options: -1. kubectl port-forward service/{{ include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443 +1. kubectl port-forward service/{{ include "argo-cd.fullname" . }}-server -n {{ include "argo-cd.namespace" . }} 8080:443 and then open the browser on http://localhost:8080 and accept the certificate @@ -12,7 +12,7 @@ In order to access the server UI you have the following options: {{ if eq (toString (index .Values.configs.cm "admin.enabled")) "true" -}} After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running: -kubectl -n {{ .Release.Namespace }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d +kubectl -n {{ include "argo-cd.namespace" . }} get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d (You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://argo-cd.readthedocs.io/en/stable/getting_started/#4-login-using-the-cli) {{ else if or (index .Values.configs.cm "dex.config") (index .Values.configs.cm "oidc.config") -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml index 20d8eea8..6ddc7f4c 100644 --- a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: PrometheusRule metadata: name: {{ template "argo-cd.controller.fullname" . }} - namespace: {{ default .Release.Namespace .Values.controller.metrics.rules.namespace | quote }} + namespace: {{ default (include "argo-cd.namespace" .) .Values.controller.metrics.rules.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- if .Values.controller.metrics.rules.selector }} diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 4a09daf3..a9edaf54 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.controller.fullname" . }} - namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} + namespace: {{ default (include "argo-cd.namespace" .) .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index 9c236c45..8fac6a8d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} - namespace: {{ default .Release.Namespace .Values.applicationSet.metrics.serviceMonitor.namespace | quote }} + namespace: {{ default (include "argo-cd.namespace" .) .Values.applicationSet.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index d952f7c9..0b4b1e11 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.name" $ }}-cluster-{{ $cluster_key }} - namespace: {{ $.Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" $ | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with $cluster_value.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index ed1d2fd7..e4d23f9a 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-creds-{{ $repo_cred_key }} - namespace: {{ $.Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" $ | quote }} labels: argocd.argoproj.io/secret-type: repo-creds {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index 4c028958..4a77cf1b 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-{{ $repo_key }} - namespace: {{ $.Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" $ | quote }} labels: argocd.argoproj.io/secret-type: repository {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 03599a6d..0d2c704f 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.notifications.fullname" . }} - namespace: {{ default .Release.Namespace .Values.notifications.metrics.serviceMonitor.namespace | quote }} + namespace: {{ default (include "argo-cd.namespace" .) .Values.notifications.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 38041de3..70995398 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.repoServer.fullname" . }} - namespace: {{ default .Release.Namespace .Values.repoServer.metrics.serviceMonitor.namespace | default }} + namespace: {{ default (include "argo-cd.namespace" .) .Values.repoServer.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} {{- with .Values.repoServer.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 2f96ca0a..74902ef0 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.server.fullname" . }} - namespace: {{ default .Release.Namespace .Values.server.metrics.serviceMonitor.namespace | quote }} + namespace: {{ default (include "argo-cd.namespace" .) .Values.server.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 3faa667a..2c03e597 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.dex.fullname" . }} - namespace: {{ default .Release.Namespace .Values.dex.metrics.serviceMonitor.namespace | quote }} + namespace: {{ default (include "argo-cd.namespace" .) .Values.dex.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- with .Values.dex.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/redis-secret-init/job.yaml b/charts/argo-cd/templates/redis-secret-init/job.yaml index 27837465..68086235 100644 --- a/charts/argo-cd/templates/redis-secret-init/job.yaml +++ b/charts/argo-cd/templates/redis-secret-init/job.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ include "argo-cd.redisSecretInit.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . | quote }} annotations: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-delete-policy": before-hook-creation diff --git a/charts/argo-cd/templates/redis-secret-init/role.yaml b/charts/argo-cd/templates/redis-secret-init/role.yaml index ac5fd313..9e8259f9 100644 --- a/charts/argo-cd/templates/redis-secret-init/role.yaml +++ b/charts/argo-cd/templates/redis-secret-init/role.yaml @@ -8,7 +8,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }} name: {{ include "argo-cd.redisSecretInit.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . | quote }} rules: - apiGroups: - "" diff --git a/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml b/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml index 7ea1de96..a199628a 100644 --- a/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml +++ b/charts/argo-cd/templates/redis-secret-init/rolebinding.yaml @@ -8,7 +8,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }} name: {{ include "argo-cd.redisSecretInit.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . | quote }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml b/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml index d6b95f13..a5352b72 100644 --- a/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml +++ b/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.redisSecretInit.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-cd.redisSecretInit.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "argo-cd.namespace" . | quote }} annotations: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-delete-policy": before-hook-creation diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index 2126bafb..4132c1ce 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -4,7 +4,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.redis.fullname" . }} - namespace: {{ default .Release.Namespace .Values.redis.metrics.serviceMonitor.namespace | quote }} + namespace: {{ default (include "argo-cd.namespace" .) .Values.redis.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.metrics.serviceMonitor.selector }} From 2653aef414ab6a5d8617af75f04190a8f7da28dc Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Fri, 12 Jul 2024 01:04:45 +0200 Subject: [PATCH 1069/1248] fix(argo-cd): Address inconsistent redis-secret-init SA handling (#2823) Signed-off-by: Marco Maurer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 2 +- .../argo-cd/templates/redis-secret-init/serviceaccount.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1f3f92a3..5ddb4c65 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.5 +version: 7.3.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Address oversights of feature `namespaceOverride` + description: Address inconsistent redis-secret-init ServiceAccount handling diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index c609f19f..eb3f7a2a 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -99,7 +99,7 @@ Create the name of the Redis secret-init service account to use */}} {{- define "argo-cd.redisSecretInit.serviceAccountName" -}} {{- if .Values.redisSecretInit.serviceAccount.create -}} - {{ default (include "argo-cd.redisSecretInit.fullname" .) .Values.redis.serviceAccount.name }} + {{ default (include "argo-cd.redisSecretInit.fullname" .) .Values.redisSecretInit.serviceAccount.name }} {{- else -}} {{ default "default" .Values.redisSecretInit.serviceAccount.name }} {{- end -}} diff --git a/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml b/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml index a5352b72..85540d26 100644 --- a/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml +++ b/charts/argo-cd/templates/redis-secret-init/serviceaccount.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.redisSecretInit.enabled (not .Values.externalRedis.host) }} +{{- if and .Values.redisSecretInit.enabled .Values.redisSecretInit.serviceAccount.create (not .Values.externalRedis.host) }} apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.redisSecretInit.serviceAccount.automountServiceAccountToken }} From 94b270ad1849b51a68c25eba0337836ace345877 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 Jul 2024 15:01:55 +0200 Subject: [PATCH 1070/1248] chore(deps): bump the dependencies group with 2 updates (#2829) --- .github/workflows/lint-and-test.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 95a10226..656e47d0 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version: 3.9 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8de765b9..832240c2 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 with: sarif_file: results.sarif From 2285578bba7f769a74ba2ca0494278393c1e80b7 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 16 Jul 2024 10:16:44 +0900 Subject: [PATCH 1071/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.11.5 (#2832) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5ddb4c65..f2b1c264 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.11.4 +appVersion: v2.11.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.6 +version: 7.3.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Address inconsistent redis-secret-init ServiceAccount handling + - kind: changed + description: Bump argo-cd to v2.11.5 From 809351a3fbee60102dec3ac3bf40de2d0559ea5e Mon Sep 17 00:00:00 2001 From: Filipe Date: Thu, 18 Jul 2024 11:52:38 +1200 Subject: [PATCH 1072/1248] fix(argo-cd): Missing Redis sentinel variables in app controller deployment (#2806) --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/deployment.yaml | 14 +++++++++++++- .../argocd-application-controller/statefulset.yaml | 2 +- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f2b1c264..b943f562 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.7 +version: 7.3.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.11.5 + - kind: fixed + description: Add Redis Sentinel variables to application controller deployment diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 7c4a2a6d..3938c25d 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -208,10 +208,22 @@ spec: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} {{- if .Values.externalRedis.host }} key: redis-password - optional: true {{- else }} key: auth {{- end }} + optional: true + - name: REDIS_SENTINEL_USERNAME + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-sentinel-username + optional: true + - name: REDIS_SENTINEL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-sentinel-password + optional: true - name: ARGOCD_DEFAULT_CACHE_EXPIRATION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 8231f311..3938a759 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -205,12 +205,12 @@ spec: valueFrom: secretKeyRef: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} - optional: true {{- if .Values.externalRedis.host }} key: redis-password {{- else }} key: auth {{- end }} + optional: true - name: REDIS_SENTINEL_USERNAME valueFrom: secretKeyRef: From be36117924528d94f33a2b256eeb70042cba6536 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 19 Jul 2024 19:22:48 +0900 Subject: [PATCH 1073/1248] docs(argo-cd): Add Changelog for v7.0.0 (#2835) chore(argo-cd): Add Changelog for v7.0.0 Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 25 +++++++++++++++++++++++++ charts/argo-cd/README.md.gotmpl | 25 +++++++++++++++++++++++++ 3 files changed, 53 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b943f562..8dc290ce 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.11.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.8 +version: 7.3.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add Redis Sentinel variables to application controller deployment + - kind: added + description: Add Changelog for v7.0.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3801650d..c55c5577 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -278,6 +278,31 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 7.0.0 + +We changed the type of `.Values.configs.clusterCredentials` from `list` to `object`. +If you used the value, please migrate like below. + +```yaml +# before +configs: + clusterCredentials: + - mycluster: + server: https://mycluster.example.com + labels: {} + annotations: {} + # ... + +# after +configs: + clusterCredentials: + mycluster: + server: https://mycluster.example.com + labels: {} + annotations: {} + # ... +``` + ### 6.10.0 This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr. diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 6ab46ffc..8ee73e93 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -278,6 +278,31 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 7.0.0 + +We changed the type of `.Values.configs.clusterCredentials` from `list` to `object`. +If you used the value, please migrate like below. + +```yaml +# before +configs: + clusterCredentials: + - mycluster: + server: https://mycluster.example.com + labels: {} + annotations: {} + # ... + +# after +configs: + clusterCredentials: + mycluster: + server: https://mycluster.example.com + labels: {} + annotations: {} + # ... +``` + ### 6.10.0 This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr. From 211bd44603726c352f7cba26c333865a1ac3f182 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 Jul 2024 22:03:46 +0200 Subject: [PATCH 1074/1248] chore(deps): bump github/codeql-action from 3.25.12 to 3.25.13 in the dependencies group (#2838) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 832240c2..0aa94eb3 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 + uses: github/codeql-action/upload-sarif@2d790406f505036ef40ecba973cc774a50395aac # v3.25.13 with: sarif_file: results.sarif From b4151e94bab875f1ed5480acc0e91a963440e27a Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 22 Jul 2024 13:33:43 +0200 Subject: [PATCH 1075/1248] chore(deps): update renovatebot/github-action action to v40.2.3 (#2842) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 5eced008..a04d69bf 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@042670e39b8d7335e992c3fa526ecbfbd52ef57b # v40.2.2 + uses: renovatebot/github-action@8ce0fe8066eb6b16e1bf499b21bc96e5ccd962a4 # v40.2.3 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From d32e6b537c20e0e541bbebc728e9eba08c4ce60a Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 22 Jul 2024 18:14:22 +0100 Subject: [PATCH 1076/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.11.6 (#2843) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8dc290ce..dbf4e113 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.11.5 +appVersion: v2.11.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.9 +version: 7.3.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add Changelog for v7.0.0 + - kind: changed + description: Bump argo-cd to v2.11.6 From 511d0d0adcedc61701f6abdbe5a6699b3d2d9e65 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 24 Jul 2024 12:44:35 +0100 Subject: [PATCH 1077/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.11.7 (#2845) Co-authored-by: renovate[bot] --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dbf4e113..d3de3e38 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.11.6 +appVersion: v2.11.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.10 +version: 7.3.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.11.6 + description: Bump argo-cd to v2.11.7 From 89bc396b55f19cd4cf20cb41802c9def2511642a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 Jul 2024 08:16:48 -0500 Subject: [PATCH 1078/1248] chore(deps): bump the dependencies group with 3 updates (#2850) --- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 7cdbac43..7dc62234 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -66,7 +66,7 @@ jobs: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: Login to GHCR - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0aa94eb3..0a5792f5 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@2d790406f505036ef40ecba973cc774a50395aac # v3.25.13 + uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 with: sarif_file: results.sarif From 87e6dd9b6330db2f47b97eaa5f8b110949f01ae3 Mon Sep 17 00:00:00 2001 From: Roland Kool Date: Mon, 29 Jul 2024 09:25:24 +0200 Subject: [PATCH 1079/1248] chore(argo-rollouts): add option to disable creation of notifications configmap (#2849) * chore(argo-rollouts): add option to disable creation of notifications configmap This allows for using the upstream notifications configmap from https://github.com/argoproj/argo-rollouts/blob/master/manifests/notifications-install.yaml Signed-off-by: Roland Kool * chore: update changelog Signed-off-by: Roland Kool * chore: fix chart version bump Signed-off-by: Roland Kool --------- Signed-off-by: Roland Kool Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + ...tifcations-configmap.yaml => notifications-configmap.yaml} | 2 ++ charts/argo-rollouts/values.yaml | 4 ++++ 4 files changed, 9 insertions(+), 2 deletions(-) rename charts/argo-rollouts/templates/controller/{notifcations-configmap.yaml => notifications-configmap.yaml} (91%) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 53066aa5..05d40de7 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.2 +version: 2.37.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added traefik.io apiGroup to Role and ClusterRole + description: Added setting to disable creation of the notifications ConfigMap diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 13a4f24b..b6a6f44d 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -57,6 +57,7 @@ For full list of changes please check ArtifactHub [changelog]. | keepCRDs | bool | `true` | Keep CRD's on helm uninstall | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | nameOverride | string | `nil` | String to partially override "argo-rollouts.fullname" template | +| notifications.configmap.create | bool | `true` | Whether to create notifications configmap | | notifications.notifiers | object | `{}` | Configures notification services | | notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret | | notifications.secret.create | bool | `false` | Whether to create notifications secret | diff --git a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml b/charts/argo-rollouts/templates/controller/notifications-configmap.yaml similarity index 91% rename from charts/argo-rollouts/templates/controller/notifcations-configmap.yaml rename to charts/argo-rollouts/templates/controller/notifications-configmap.yaml index 4748bfc1..680f468f 100644 --- a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml +++ b/charts/argo-rollouts/templates/controller/notifications-configmap.yaml @@ -1,3 +1,4 @@ +{{ if .Values.notifications.configmap.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -20,3 +21,4 @@ data: subscriptions: | {{- toYaml . | nindent 4 }} {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 2a3b7c15..a4d313e0 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -449,6 +449,10 @@ dashboard: volumeMounts: [] notifications: + configmap: + # -- Whether to create notifications configmap + create: true + secret: # -- Whether to create notifications secret create: false From 3ecc30aa158ff3f710acf01863f1307a90c19a54 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 30 Jul 2024 13:18:01 +0900 Subject: [PATCH 1080/1248] chore(deps): update renovatebot/github-action action to v40.2.4 (#2851) Co-authored-by: renovate[bot] --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index a04d69bf..177e527e 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@8ce0fe8066eb6b16e1bf499b21bc96e5ccd962a4 # v40.2.3 + uses: renovatebot/github-action@76d49712364696a06b60e8647df46b288fff0ddc # v40.2.4 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 3fb3397d961451a149c2fe7cf1ee4a51355ac9d0 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 30 Jul 2024 16:39:06 +0900 Subject: [PATCH 1081/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.9 (#2852) Co-authored-by: renovate[bot] --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 99d313f8..d024db62 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.8 +appVersion: v3.5.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.11 +version: 0.41.12 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add `app:` label to components to match upstream + - kind: changed + description: Bump argo-workflows to v3.5.9 From 67c720d23f1247726a4a4f63b3b8ef51808e2803 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 16:18:41 +0900 Subject: [PATCH 1082/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.10 (#2856) Co-authored-by: renovate[bot] --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index d024db62..c2d0d9e9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.9 +appVersion: v3.5.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.12 +version: 0.41.13 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-workflows to v3.5.9 + description: Bump argo-workflows to v3.5.10 From d89333a6b801fc67d83b30ce76ecd2d0e774185f Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 13:42:22 +0200 Subject: [PATCH 1083/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v38 (#2855) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 177e527e..1f793b2d 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 37.421.4 + renovate-version: 38.18.0 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From b5fcbe23c86e5a5fbfe51d976ac88876ee5704ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aljoscha=20P=C3=B6rtner?= Date: Fri, 2 Aug 2024 12:42:36 +0200 Subject: [PATCH 1084/1248] fix(argo-workflows): avoid empty namespace in role binding when singleNamespace is true (#2858) Signed-off-by: Aljoscha Poertner --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/controller/workflow-rb.yaml | 4 +++- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c2d0d9e9..1ed66b76 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.13 +version: 0.41.14 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-workflows to v3.5.10 + - kind: fixed + description: Avoid empty namespace in role binding when singleNamespace is true diff --git a/charts/argo-workflows/templates/controller/workflow-rb.yaml b/charts/argo-workflows/templates/controller/workflow-rb.yaml index ec5ac172..d1d0e329 100644 --- a/charts/argo-workflows/templates/controller/workflow-rb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-rb.yaml @@ -17,7 +17,9 @@ roleRef: subjects: - kind: ServiceAccount name: {{ $.Values.workflow.serviceAccount.name }} - namespace: {{ $namespace }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} {{- range $.Values.workflow.rbac.serviceAccounts }} - kind: ServiceAccount name: {{ .name }} From feff5aeea050ef21e1fc6d3e377108e1baff66cf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 3 Aug 2024 14:29:55 +0200 Subject: [PATCH 1085/1248] chore(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 in the dependencies group (#2860) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0a5792f5..1d8ccb97 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 with: name: SARIF file path: results.sarif From c2ba09055c1c95e851e6fad2fb07b3ca915bc688 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 5 Aug 2024 05:43:54 -0500 Subject: [PATCH 1086/1248] chore(deps): update renovatebot/github-action action to v40.2.5 (#2862) Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 1f793b2d..b1830e28 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@76d49712364696a06b60e8647df46b288fff0ddc # v40.2.4 + uses: renovatebot/github-action@0c94129d48b4e92addf23686b8a735b3057a0448 # v40.2.5 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 97a3db19cff7acb27d491a6818b9d6a4d9d0fc7a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 5 Aug 2024 17:21:48 +0200 Subject: [PATCH 1087/1248] feat(argo-cd): Upgrade to Argo CD 2.12.0 (#2820) --- charts/argo-cd/Chart.yaml | 8 +- charts/argo-cd/README.md | 2 +- .../templates/argocd-applicationset/role.yaml | 2 + .../argocd-repo-server/deployment.yaml | 6 + .../templates/crds/crd-application.yaml | 271 +++++++++--------- .../templates/crds/crd-applicationset.yaml | 45 +++ .../argo-cd/templates/crds/crd-project.yaml | 60 ++-- 7 files changed, 223 insertions(+), 171 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d3de3e38..514979df 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.11.7 -kubeVersion: ">=1.23.0-0" +appVersion: v2.12.0 +kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.3.11 +version: 7.4.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.11.7 + description: Bump argo-cd to v2.11.4 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c55c5577..e9922c73 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -647,7 +647,7 @@ server: ## Prerequisites -- Kubernetes: `>=1.23.0-0` +- Kubernetes: `>=1.25.0-0` - We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach. - Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info. - Helm v3.0.0+ diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index 69ebf7ee..d8cfed62 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -34,6 +34,8 @@ rules: - appprojects verbs: - get + - list + - watch - apiGroups: - "" resources: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 71e8c767..46a0bb95 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -290,6 +290,12 @@ spec: key: reposerver.revision.cache.lock.timeout name: argocd-cmd-params-cm optional: true + - name: ARGOCD_REPO_SERVER_INCLUDE_HIDDEN_DIRECTORIES + valueFrom: + configMapKeyRef: + key: reposerver.include.hidden.directories + name: argocd-cmd-params-cm + optional: true {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: HELM_CACHE_HOME value: /helm-working-dir diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 686626ba..1b75cebd 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -39,20 +39,29 @@ spec: name: Revision priority: 10 type: string + - jsonPath: .spec.project + name: Project + priority: 10 + type: string name: v1alpha1 schema: openAPIV3Schema: description: Application is a definition of Application resource. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -150,22 +159,21 @@ spec: type: object type: array revision: - description: Revision is the revision (Git) or chart version (Helm) - which to sync the application to If omitted, will use the revision - specified in app spec. + description: |- + Revision is the revision (Git) or chart version (Helm) which to sync the application to + If omitted, will use the revision specified in app spec. type: string revisions: - description: Revisions is the list of revision (Git) or chart - version (Helm) which to sync each source in sources field for - the application to If omitted, will use the revision specified - in app spec. + description: |- + Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to + If omitted, will use the revision specified in app spec. items: type: string type: array source: - description: Source overrides the source definition set in the - application. This is typically set in a Rollback operation and - is nil during a Sync operation + description: |- + Source overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation properties: chart: description: Chart is a Helm chart name, and must be specified @@ -486,18 +494,18 @@ spec: Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be - commit, tag, or branch. If omitted, will equal to HEAD. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL type: object sources: - description: Sources overrides the source definition set in the - application. This is typically set in a Rollback operation and - is nil during a Sync operation + description: |- + Sources overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation items: description: ApplicationSource contains all required information about the source of an application @@ -825,11 +833,10 @@ spec: Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -848,10 +855,10 @@ spec: the sync. properties: force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. type: boolean type: object hook: @@ -859,10 +866,10 @@ spec: perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. type: boolean type: object type: object @@ -883,9 +890,9 @@ spec: not set. type: string namespace: - description: Namespace specifies the target namespace for the - application's resources. The namespace will only be set for - namespace-scoped resources that have not set a value for .metadata.namespace + description: |- + Namespace specifies the target namespace for the application's resources. + The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace type: string server: description: Server specifies the URL of the target cluster's @@ -914,10 +921,9 @@ spec: kind: type: string managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted managers. - Fields mutated by those managers will take precedence over - the desired state defined in the SCM and won't be displayed - in diffs + description: |- + ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the + desired state defined in the SCM and won't be displayed in diffs items: type: string type: array @@ -944,18 +950,17 @@ spec: type: object type: array project: - description: Project is a reference to the project this application - belongs to. The empty string means that application belongs to the - 'default' project. + description: |- + Project is a reference to the project this application belongs to. + The empty string means that application belongs to the 'default' project. type: string revisionHistoryLimit: - description: RevisionHistoryLimit limits the number of items kept - in the application's revision history, which is used for informational - purposes as well as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. Setting to zero will - store no history. This will reduce storage used. Increasing will - increase the space used to store the history, so we do not recommend - increasing it. Default is 10. + description: |- + RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions. + This should only be changed in exceptional circumstances. + Setting to zero will store no history. This will reduce storage used. + Increasing will increase the space used to store the history, so we do not recommend increasing it. + Default is 10. format: int64 type: integer source: @@ -1274,10 +1279,10 @@ spec: that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be commit, - tag, or branch. If omitted, will equal to HEAD. In case of Helm, - this is a semver tag for the Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -1606,10 +1611,10 @@ spec: that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be commit, - tag, or branch. If omitted, will equal to HEAD. In case of - Helm, this is a semver tag for the Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -2102,11 +2107,10 @@ spec: Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -2448,11 +2452,10 @@ spec: or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -2464,9 +2467,9 @@ spec: type: object type: array observedAt: - description: 'ObservedAt indicates when the application state was - updated without querying latest git state Deprecated: controller - no longer updates ObservedAt field' + description: |- + ObservedAt indicates when the application state was updated without querying latest git state + Deprecated: controller no longer updates ObservedAt field format: date-time type: string operationState: @@ -2579,22 +2582,21 @@ spec: type: object type: array revision: - description: Revision is the revision (Git) or chart version - (Helm) which to sync the application to If omitted, - will use the revision specified in app spec. + description: |- + Revision is the revision (Git) or chart version (Helm) which to sync the application to + If omitted, will use the revision specified in app spec. type: string revisions: - description: Revisions is the list of revision (Git) or - chart version (Helm) which to sync each source in sources - field for the application to If omitted, will use the - revision specified in app spec. + description: |- + Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to + If omitted, will use the revision specified in app spec. items: type: string type: array source: - description: Source overrides the source definition set - in the application. This is typically set in a Rollback - operation and is nil during a Sync operation + description: |- + Source overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation properties: chart: description: Chart is a Helm chart name, and must @@ -2937,19 +2939,18 @@ spec: (Git or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of - the source to sync the application to. In case of - Git, this can be commit, tag, or branch. If omitted, - will equal to HEAD. In case of Helm, this is a semver - tag for the Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL type: object sources: - description: Sources overrides the source definition set - in the application. This is typically set in a Rollback - operation and is nil during a Sync operation + description: |- + Sources overrides the source definition set in the application. + This is typically set in a Rollback operation and is nil during a Sync operation items: description: ApplicationSource contains all required information about the source of an application @@ -3300,11 +3301,10 @@ spec: (Git or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision - of the source to sync the application to. In case - of Git, this can be commit, tag, or branch. If - omitted, will equal to HEAD. In case of Helm, - this is a semver tag for the Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -3325,11 +3325,10 @@ spec: to perform the sync. properties: force: - description: Force indicates whether or not to - supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, - when PATCH encounters conflict and has retried - for 5 times. + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. type: boolean type: object hook: @@ -3337,11 +3336,10 @@ spec: to perform the sync. This is the default strategy properties: force: - description: Force indicates whether or not to - supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, - when PATCH encounters conflict and has retried - for 5 times. + description: |- + Force indicates whether or not to supply the --force flag to `kubectl apply`. + The --force flag deletes and re-create the resource, when PATCH encounters conflict and has + retried for 5 times. type: boolean type: object type: object @@ -3385,9 +3383,9 @@ spec: description: Group specifies the API group of the resource type: string hookPhase: - description: HookPhase contains the state of any operation - associated with this resource OR hook This can also - contain values for non-hook resources. + description: |- + HookPhase contains the state of any operation associated with this resource OR hook + This can also contain values for non-hook resources. type: string hookType: description: HookType specifies the type of the hook. @@ -3772,11 +3770,10 @@ spec: or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -4127,11 +4124,10 @@ spec: or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of - the source to sync the application to. In case of - Git, this can be commit, tag, or branch. If omitted, - will equal to HEAD. In case of Helm, this is a semver - tag for the Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -4158,8 +4154,9 @@ spec: description: Resources is a list of Kubernetes resources managed by this application items: - description: 'ResourceStatus holds the current sync and health status - of a resource TODO: describe members of this type' + description: |- + ResourceStatus holds the current sync and health status of a resource + TODO: describe members of this type properties: group: type: string @@ -4242,10 +4239,9 @@ spec: if Server is not set. type: string namespace: - description: Namespace specifies the target namespace - for the application's resources. The namespace will - only be set for namespace-scoped resources that have - not set a value for .metadata.namespace + description: |- + Namespace specifies the target namespace for the application's resources. + The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace type: string server: description: Server specifies the URL of the target cluster's @@ -4274,10 +4270,9 @@ spec: kind: type: string managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted - managers. Fields mutated by those managers will take - precedence over the desired state defined in the SCM - and won't be displayed in diffs + description: |- + ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the + desired state defined in the SCM and won't be displayed in diffs items: type: string type: array @@ -4623,11 +4618,10 @@ spec: or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL @@ -4978,11 +4972,10 @@ spec: or Helm) that contains the application manifests type: string targetRevision: - description: TargetRevision defines the revision of - the source to sync the application to. In case of - Git, this can be commit, tag, or branch. If omitted, - will equal to HEAD. In case of Helm, this is a semver - tag for the Chart's version. + description: |- + TargetRevision defines the revision of the source to sync the application to. + In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. + In case of Helm, this is a semver tag for the Chart's version. type: string required: - repoURL diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 6414d832..899c5d09 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -72,6 +72,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic name: type: string requeueAfterSeconds: @@ -668,6 +669,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic template: properties: metadata: @@ -2430,6 +2432,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic name: type: string requeueAfterSeconds: @@ -3026,6 +3029,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic template: properties: metadata: @@ -6891,6 +6895,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic type: object type: array template: @@ -7487,6 +7492,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic name: type: string requeueAfterSeconds: @@ -8083,6 +8089,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic template: properties: metadata: @@ -11948,6 +11955,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic type: object type: array mergeKeys: @@ -14648,6 +14656,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic type: object type: array goTemplate: @@ -15306,11 +15315,16 @@ spec: type: string step: type: string + targetRevisions: + items: + type: string + type: array required: - application - message - status - step + - targetRevisions type: object type: array conditions: @@ -15334,6 +15348,37 @@ spec: - type type: object type: array + resources: + items: + properties: + group: + type: string + health: + properties: + message: + type: string + status: + type: string + type: object + hook: + type: boolean + kind: + type: string + name: + type: string + namespace: + type: string + requiresPruning: + type: boolean + status: + type: string + syncWave: + format: int64 + type: integer + version: + type: string + type: object + type: array type: object required: - metadata diff --git a/charts/argo-cd/templates/crds/crd-project.yaml b/charts/argo-cd/templates/crds/crd-project.yaml index 38801469..f9910152 100644 --- a/charts/argo-cd/templates/crds/crd-project.yaml +++ b/charts/argo-cd/templates/crds/crd-project.yaml @@ -31,22 +31,28 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: 'AppProject provides a logical grouping of applications, providing - controls for: * where the apps may deploy to (cluster whitelist) * what - may be deployed (repository whitelist, resource whitelist/blacklist) * who - can access these applications (roles, OIDC group claims bindings) * and - what they can do (RBAC policies) * automation access to these roles (JWT - tokens)' + description: |- + AppProject provides a logical grouping of applications, providing controls for: + * where the apps may deploy to (cluster whitelist) + * what may be deployed (repository whitelist, resource whitelist/blacklist) + * who can access these applications (roles, OIDC group claims bindings) + * and what they can do (RBAC policies) + * automation access to these roles (JWT tokens) properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -57,9 +63,9 @@ spec: description: ClusterResourceBlacklist contains list of blacklisted cluster level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types properties: group: type: string @@ -74,9 +80,9 @@ spec: description: ClusterResourceWhitelist contains list of whitelisted cluster level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types properties: group: type: string @@ -103,9 +109,9 @@ spec: not set. type: string namespace: - description: Namespace specifies the target namespace for the - application's resources. The namespace will only be set for - namespace-scoped resources that have not set a value for .metadata.namespace + description: |- + Namespace specifies the target namespace for the application's resources. + The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace type: string server: description: Server specifies the URL of the target cluster's @@ -118,9 +124,9 @@ spec: description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types properties: group: type: string @@ -135,9 +141,9 @@ spec: description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types + description: |- + GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying + concepts during lookup stages without having partially valid types properties: group: type: string From 2251079c2627ed54ef7a529e967f55a4dd82199a Mon Sep 17 00:00:00 2001 From: Johannes Kleinlercher Date: Tue, 6 Aug 2024 12:14:17 +0200 Subject: [PATCH 1088/1248] fix(argo-cd): Set TTL on redis-secret-init Job (#2861) * feat: set ttlsecondsafterfinished to prevent stuck during sync when managed by argocd Signed-off-by: Johannes Kleinlercher * fix: increased version and added changelig Signed-off-by: Johannes Kleinlercher * chore: Apply suggestions from code review Signed-off-by: Marco Maurer (-Kilchhofer) --------- Signed-off-by: Johannes Kleinlercher Signed-off-by: Johannes Kleinlercher Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/redis-secret-init/job.yaml | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 514979df..1084146a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.0 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.4.0 +version: 7.4.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.11.4 + - kind: fixed + description: added ttlsecondsafterfinished in redis-secret-init job to prevent a stuck in waiting for completion of hook batch/Job/argocd-redis-secret-init diff --git a/charts/argo-cd/templates/redis-secret-init/job.yaml b/charts/argo-cd/templates/redis-secret-init/job.yaml index 68086235..643dadc7 100644 --- a/charts/argo-cd/templates/redis-secret-init/job.yaml +++ b/charts/argo-cd/templates/redis-secret-init/job.yaml @@ -13,6 +13,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redisSecretInit.name "name" .Values.redisSecretInit.name) | nindent 4 }} spec: + ttlSecondsAfterFinished: 60 template: metadata: labels: From 817182bdb0bd6e3e1082fe392f3ad89712c25ea8 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 9 Aug 2024 00:02:08 +0900 Subject: [PATCH 1089/1248] fix(argo-cd): Fix Redis race condition due to optional REDIS_PASSWORD (#2839) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-application-controller/statefulset.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1084146a..f11fcf4e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.0 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.4.1 +version: 7.4.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: added ttlsecondsafterfinished in redis-secret-init job to prevent a stuck in waiting for completion of hook batch/Job/argocd-redis-secret-init + description: Fix Redis race condition due to optional REDIS_PASSWORD diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 3938a759..4fb49bee 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -207,10 +207,10 @@ spec: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} {{- if .Values.externalRedis.host }} key: redis-password + optional: true {{- else }} key: auth {{- end }} - optional: true - name: REDIS_SENTINEL_USERNAME valueFrom: secretKeyRef: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 46a0bb95..500b2e44 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -182,9 +182,9 @@ spec: valueFrom: secretKeyRef: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} - optional: true {{- if .Values.externalRedis.host }} key: redis-password + optional: true {{- else }} key: auth {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 00a62fd2..f20f2af0 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -250,9 +250,9 @@ spec: valueFrom: secretKeyRef: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} - optional: true {{- if .Values.externalRedis.host }} key: redis-password + optional: true {{- else }} key: auth {{- end }} From a7e5915b2163ba62e7763ed97dce8be496868fa4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Aug 2024 12:43:15 +0200 Subject: [PATCH 1090/1248] chore(deps): bump the dependencies group with 2 updates (#2871) --- .github/workflows/scorecard.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 1d8ccb97..0d99d22b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 with: sarif_file: results.sarif From 4f4fb956d372604e86abcfb03038eedc7c2578a0 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 12 Aug 2024 17:58:01 +0900 Subject: [PATCH 1091/1248] fix(argo-rollouts): Align permissions for controller's ClusterRole / Role (#2830) * fix(argo-rollouts): Align permissions for controller's ClusterRole / Role Signed-off-by: yu-croco * fix(argo-rollouts): correct typo Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-rollouts/Chart.yaml | 6 +- charts/argo-rollouts/templates/_helpers.tpl | 307 ++++++++++++++++++ .../templates/controller/clusterrole.yaml | 302 +---------------- .../templates/controller/role.yaml | 287 +--------------- 4 files changed, 312 insertions(+), 590 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 05d40de7..ddb90274 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.3 +version: 2.37.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added setting to disable creation of the notifications ConfigMap + - kind: fixed + description: Align permissions for controller's ClusterRole and Role diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 46ebaea5..4c23c54e 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -109,3 +109,310 @@ Return the appropriate apiVersion for pod disruption budget {{- print "policy/v1" -}} {{- end -}} {{- end -}} + +{{/* +Return the rules for controller's Role and ClusterRole +*/}} +{{- define "argo-rollouts.controller.roleRules" -}} +- apiGroups: + - argoproj.io + resources: + - rollouts + - rollouts/status + - rollouts/finalizers + verbs: + - get + - list + - watch + - update + - patch +- apiGroups: + - argoproj.io + resources: + - analysisruns + - analysisruns/finalizers + - experiments + - experiments/finalizers + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - argoproj.io + resources: + - analysistemplates + - clusteranalysistemplates + verbs: + - get + - list + - watch +# replicaset access needed for managing ReplicaSets +- apiGroups: + - apps + resources: + - replicasets + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +# deployments and podtemplates read access needed for workload reference support +- apiGroups: + - "" + - apps + resources: + - deployments + - podtemplates + verbs: + - get + - list + - watch +# services patch needed to update selector of canary/stable/active/preview services +# services create needed to create and delete services for experiments +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - patch + - create + - delete +# leases create/get/update needed for leader election +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update +# secret read access to run analysis templates which reference secrets +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch +{{- if .Values.providerRBAC.providers.gatewayAPI }} + - create + - update +{{- end }} +# pod list/update needed for updating ephemeral data +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - update + - watch +# pods eviction needed for restart +- apiGroups: + - "" + resources: + - pods/eviction + verbs: + - create +# event write needed for emitting events +- apiGroups: + - "" + resources: + - events + verbs: + - create + - update + - patch +# ingress patch needed for managing ingress annotations, create needed for nginx canary +- apiGroups: + - networking.k8s.io + - extensions + resources: + - ingresses + verbs: + - create + - get + - list + - watch + - update + - patch +# job access needed for analysis template job metrics +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +{{- if .Values.providerRBAC.enabled }} +{{- if .Values.providerRBAC.providers.istio }} +# virtualservice/destinationrule access needed for using the Istio provider +- apiGroups: + - networking.istio.io + resources: + - virtualservices + - destinationrules + verbs: + - watch + - get + - update + - patch + - list +{{- end }} +{{- if .Values.providerRBAC.providers.smi }} +# trafficsplit access needed for using the SMI provider +- apiGroups: + - split.smi-spec.io + resources: + - trafficsplits + verbs: + - create + - watch + - get + - update + - patch +{{- end }} +{{- if .Values.providerRBAC.providers.ambassador }} +# ambassador access needed for Ambassador provider +- apiGroups: + - getambassador.io + - x.getambassador.io + resources: + - mappings + - ambassadormappings + verbs: + - create + - watch + - get + - update + - list + - delete +{{- end }} +{{- if .Values.providerRBAC.providers.awsLoadBalancerController }} +# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get +- apiGroups: + - elbv2.k8s.aws + resources: + - targetgroupbindings + verbs: + - list + - get +{{- end }} +{{- if .Values.providerRBAC.providers.awsAppMesh }} +# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualservices + verbs: + - watch + - get + - list +# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualnodes + - virtualrouters + verbs: + - watch + - get + - list + - update + - patch +{{- end }} +{{- if .Values.providerRBAC.providers.traefik }} +# Traefik access needed when using the Traefik provider +- apiGroups: + - traefik.containo.us + - traefik.io + resources: + - traefikservices + verbs: + - watch + - get + - update +{{- end }} +{{- if .Values.providerRBAC.providers.apisix }} +# Access needed when using the Apisix provider +- apiGroups: + - apisix.apache.org + resources: + - apisixroutes + verbs: + - watch + - get + - update +{{- end }} +{{- if .Values.providerRBAC.providers.contour }} + # Access needed when using the Contour provider +- apiGroups: + - projectcontour.io + resources: + - httpproxies + verbs: + - get + - list + - watch + - update +{{- end }} +{{- if .Values.providerRBAC.providers.glooPlatform }} + # Access needed when using the Gloo Platform provider +- apiGroups: + - networking.gloo.solo.io + resources: + - routetables + verbs: + - '*' +{{- end }} +{{- if .Values.providerRBAC.providers.gatewayAPI }} + # Access needed when using the Gateway API provider +- apiGroups: + - gateway.networking.k8s.io + resources: + - httproutes + - tcproutes + - tlsroutes + - udproutes + - grpcroutes + verbs: + - get + - list + - watch + - update +{{- end }} +{{- with .Values.providerRBAC.additionalRules }} +{{ toYaml . }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 70c3bdf8..026f23d7 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -7,305 +7,5 @@ metadata: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} rules: -- apiGroups: - - argoproj.io - resources: - - rollouts - - rollouts/status - - rollouts/finalizers - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - argoproj.io - resources: - - analysisruns - - analysisruns/finalizers - - experiments - - experiments/finalizers - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - argoproj.io - resources: - - analysistemplates - - clusteranalysistemplates - verbs: - - get - - list - - watch -# replicaset access needed for managing ReplicaSets -- apiGroups: - - apps - resources: - - replicasets - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -# deployments and podtemplates read access needed for workload reference support -- apiGroups: - - "" - - apps - resources: - - deployments - - podtemplates - verbs: - - get - - list - - watch -# services patch needed to update selector of canary/stable/active/preview services -# services create needed to create and delete services for experiments -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch - - patch - - create - - delete -# leases create/get/update needed for leader election -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - update -# secret read access to run analysis templates which reference secrets -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch -{{- if .Values.providerRBAC.providers.gatewayAPI }} - - create - - update -{{- end }} -# pod list/update needed for updating ephemeral data -- apiGroups: - - "" - resources: - - pods - verbs: - - list - - update - - watch -# pods eviction needed for restart -- apiGroups: - - "" - resources: - - pods/eviction - verbs: - - create -# event write needed for emitting events -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - patch -# ingress patch needed for managing ingress annotations, create needed for nginx canary -- apiGroups: - - networking.k8s.io - - extensions - resources: - - ingresses - verbs: - - create - - get - - list - - watch - - update - - patch -# job access needed for analysis template job metrics -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -{{- if .Values.providerRBAC.enabled }} -{{- if .Values.providerRBAC.providers.istio }} -# virtualservice/destinationrule access needed for using the Istio provider -- apiGroups: - - networking.istio.io - resources: - - virtualservices - - destinationrules - verbs: - - watch - - get - - update - - patch - - list -{{- end }} -{{- if .Values.providerRBAC.providers.smi }} -# trafficsplit access needed for using the SMI provider -- apiGroups: - - split.smi-spec.io - resources: - - trafficsplits - verbs: - - create - - watch - - get - - update - - patch -{{- end }} -{{- if .Values.providerRBAC.providers.ambassador }} -# ambassador access needed for Ambassador provider -- apiGroups: - - getambassador.io - - x.getambassador.io - resources: - - mappings - - ambassadormappings - verbs: - - create - - watch - - get - - update - - list - - delete -{{- end }} -{{- if .Values.providerRBAC.providers.awsLoadBalancerController }} -# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller -- apiGroups: - - "" - resources: - - endpoints - verbs: - - get -- apiGroups: - - elbv2.k8s.aws - resources: - - targetgroupbindings - verbs: - - list - - get -{{- end }} -{{- if .Values.providerRBAC.providers.awsAppMesh }} -# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider -- apiGroups: - - appmesh.k8s.aws - resources: - - virtualservices - verbs: - - watch - - get - - list -# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider -- apiGroups: - - appmesh.k8s.aws - resources: - - virtualnodes - - virtualrouters - verbs: - - watch - - get - - list - - update - - patch -{{- end }} -{{- if .Values.providerRBAC.providers.traefik }} -# Traefik access needed when using the Traefik provider -- apiGroups: - - traefik.containo.us - - traefik.io - resources: - - traefikservices - verbs: - - watch - - get - - update -{{- end }} -{{- if .Values.providerRBAC.providers.apisix }} -# Access needed when using the Apisix provider -- apiGroups: - - apisix.apache.org - resources: - - apisixroutes - verbs: - - watch - - get - - update -{{- end }} -{{- if .Values.providerRBAC.providers.contour }} - # Access needed when using the Contour provider -- apiGroups: - - projectcontour.io - resources: - - httpproxies - verbs: - - get - - list - - watch - - update -{{- end }} -{{- if .Values.providerRBAC.providers.glooPlatform }} - # Access needed when using the Gloo Platform provider -- apiGroups: - - networking.gloo.solo.io - resources: - - routetables - verbs: - - '*' -{{- end }} -{{- if .Values.providerRBAC.providers.gatewayAPI }} - # Access needed when using the Gateway API provider -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - - tcproutes - - tlsroutes - - udproutes - - grpcroutes - verbs: - - get - - list - - watch - - update -{{- end }} -{{- with .Values.providerRBAC.additionalRules }} -{{ toYaml . }} -{{- end }} -{{- end }} + {{- include "argo-rollouts.controller.roleRules" . | nindent 2 }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index fdce087e..6ba0805a 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -8,290 +8,5 @@ metadata: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} rules: -- apiGroups: - - argoproj.io - resources: - - rollouts - - rollouts/status - - rollouts/finalizers - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - argoproj.io - resources: - - analysisruns - - analysisruns/finalizers - - experiments - - experiments/finalizers - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - argoproj.io - resources: - - analysistemplates - - clusteranalysistemplates - verbs: - - get - - list - - watch -# replicaset access needed for managing ReplicaSets -- apiGroups: - - apps - resources: - - replicasets - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -# deployments and podtemplates read access needed for workload reference support -- apiGroups: - - "" - - apps - resources: - - deployments - - podtemplates - verbs: - - get - - list - - watch -# services patch needed to update selector of canary/stable/active/preview services -# services create needed to create and delete services for experiments -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch - - patch - - create - - delete -# leases create/get/update needed for leader election -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - update -# secret read access to run analysis templates which reference secrets -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch -{{- if .Values.providerRBAC.providers.gatewayAPI }} - - create - - update -{{- end }} -# pod list/update needed for updating ephemeral data -- apiGroups: - - "" - resources: - - pods - verbs: - - list - - update - - watch -# pods eviction needed for restart -- apiGroups: - - "" - resources: - - pods/eviction - verbs: - - create -# event write needed for emitting events -- apiGroups: - - "" - resources: - - events - verbs: - - create - - update - - patch -# ingress patch needed for managing ingress annotations, create needed for nginx canary -- apiGroups: - - networking.k8s.io - - extensions - resources: - - ingresses - verbs: - - create - - get - - list - - watch - - update - - patch -# job access needed for analysis template job metrics -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -{{- if .Values.providerRBAC.enabled }} -{{- if .Values.providerRBAC.providers.istio }} -# virtualservice/destinationrule access needed for using the Istio provider -- apiGroups: - - networking.istio.io - resources: - - virtualservices - - destinationrules - verbs: - - watch - - get - - update - - patch - - list -{{- end }} -{{- if .Values.providerRBAC.providers.smi }} -# trafficsplit access needed for using the SMI provider -- apiGroups: - - split.smi-spec.io - resources: - - trafficsplits - verbs: - - create - - watch - - get - - update - - patch -{{- end }} -{{- if .Values.providerRBAC.providers.ambassador }} -# ambassador access needed for Ambassador provider -- apiGroups: - - getambassador.io - - x.getambassador.io - resources: - - mappings - - ambassadormappings - verbs: - - create - - watch - - get - - update - - list - - delete -{{- end }} -{{- if .Values.providerRBAC.providers.awsLoadBalancerController }} -# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller -- apiGroups: - - "" - resources: - - endpoints - verbs: - - get -- apiGroups: - - elbv2.k8s.aws - resources: - - targetgroupbindings - verbs: - - list - - get -{{- end }} -{{- if .Values.providerRBAC.providers.awsAppMesh }} -# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider -- apiGroups: - - appmesh.k8s.aws - resources: - - virtualservices - verbs: - - watch - - get - - list -# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider -- apiGroups: - - appmesh.k8s.aws - resources: - - virtualnodes - - virtualrouters - verbs: - - watch - - get - - list - - update - - patch -{{- end }} -{{- if .Values.providerRBAC.providers.traefik }} -# Traefik access needed when using the Traefik provider -- apiGroups: - - traefik.containo.us - - traefik.io - resources: - - traefikservices - verbs: - - watch - - get - - update -{{- end }} -{{- if .Values.providerRBAC.providers.apisix }} -# Access needed when using the Apisix provider -- apiGroups: - - apisix.apache.org - resources: - - apisixroutes - verbs: - - watch - - get - - update -{{- end }} -{{- if .Values.providerRBAC.providers.glooPlatform }} - # Access needed when using the Gloo Platform provider -- apiGroups: - - networking.gloo.solo.io - resources: - - routetables - verbs: - - '*' -{{- end }} -{{- if .Values.providerRBAC.providers.gatewayAPI }} - # Access needed when using the Gateway API provider -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - - tcproutes - - tlsroutes - - udproutes - - grpcroutes - verbs: - - get - - list - - watch - - update -{{- end }} -{{- end }} + {{- include "argo-rollouts.controller.roleRules" . | nindent 2 }} {{- end }} From 96320b6486b6ee781ba62223c08b3b2b33d8d042 Mon Sep 17 00:00:00 2001 From: 1102 <90682513+nueavv@users.noreply.github.com> Date: Tue, 13 Aug 2024 00:28:21 +0900 Subject: [PATCH 1092/1248] feat(argo-cd): Update Notification Liveness/Readiness Probes (#2872) --- charts/argo-cd/Chart.yaml | 6 ++-- charts/argo-cd/README.md | 12 ++++++++ .../argocd-notifications/deployment.yaml | 20 +++++++++++++ charts/argo-cd/values.yaml | 30 +++++++++++++++++++ 4 files changed, 65 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f11fcf4e..f2725dab 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.0 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.4.2 +version: 7.4.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix Redis race condition due to optional REDIS_PASSWORD + - kind: added + description: "Added liveness and readiness probes to the notification controller." diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e9922c73..39baf405 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1542,6 +1542,12 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod | +| notifications.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for notifications controller Pods | +| notifications.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| notifications.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| notifications.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| notifications.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| notifications.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` | | notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | @@ -1570,6 +1576,12 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | | notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods | +| notifications.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for notifications controller Pods | +| notifications.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| notifications.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| notifications.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| notifications.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| notifications.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | notifications.resources | object | `{}` | Resource limits and requests for the notifications controller | | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 4bdb24f6..0f6ad38b 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -107,6 +107,26 @@ spec: - name: metrics containerPort: {{ .Values.notifications.containerPorts.metrics }} protocol: TCP + {{- if .Values.notifications.livenessProbe.enabled }} + livenessProbe: + tcpSocket: + port: metrics + initialDelaySeconds: {{ .Values.notifications.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.notifications.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.notifications.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.notifications.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.notifications.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.notifications.readinessProbe.enabled }} + readinessProbe: + tcpSocket: + port: metrics + initialDelaySeconds: {{ .Values.notifications.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.notifications.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.notifications.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.notifications.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.notifications.readinessProbe.failureThreshold }} + {{- end }} resources: {{- toYaml .Values.notifications.resources | nindent 12 }} {{- with .Values.notifications.containerSecurityContext }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 0d42bf71..08a26b8b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -3307,6 +3307,36 @@ notifications: drop: - ALL + ## Probes for notifications controller Pods (optional) + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + readinessProbe: + # -- Enable Kubernetes liveness probe for notifications controller Pods + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + + livenessProbe: + # -- Enable Kubernetes liveness probe for notifications controller Pods + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + # -- terminationGracePeriodSeconds for container lifecycle hook terminationGracePeriodSeconds: 30 From f4101a794717207fe914946e8e23e2d779ffbd99 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 12 Aug 2024 11:03:09 -0500 Subject: [PATCH 1093/1248] chore(deps): update renovatebot/github-action action to v40.2.6 (#2876) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index b1830e28..a2bdbb74 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@0c94129d48b4e92addf23686b8a735b3057a0448 # v40.2.5 + uses: renovatebot/github-action@b266b24b144602ed4f512f0773009d026722f4cc # v40.2.6 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 51e1e5b7356676f93f2dcf688b83dc9b690775c0 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 14 Aug 2024 17:31:12 +0900 Subject: [PATCH 1094/1248] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.7.2 (#2880) --- charts/argo-rollouts/Chart.yaml | 8 ++++---- charts/argo-rollouts/templates/_helpers.tpl | 1 + 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index ddb90274..da2ffcb0 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.1 +appVersion: v1.7.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.4 +version: 2.37.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Align permissions for controller's ClusterRole and Role + - kind: changed + description: Bump argo-rollouts to v1.7.2 diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 4c23c54e..820996a8 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -174,6 +174,7 @@ Return the rules for controller's Role and ClusterRole - get - list - watch + - update # services patch needed to update selector of canary/stable/active/preview services # services create needed to create and delete services for experiments - apiGroups: From 243dc286a70aee1cc93c7f8c23cf17029d3d0764 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 16 Aug 2024 23:36:35 +0200 Subject: [PATCH 1095/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.12.1 (#2885) * chore(argo-cd): Update dependency argoproj/argo-cd to v2.12.1 * Add missing permissions Signed-off-by: Petr Drastil --------- Signed-off-by: Petr Drastil Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- .../templates/argocd-applicationset/clusterrole.yaml | 2 ++ 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f2725dab..88a73792 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.12.0 +appVersion: v2.12.1 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.4.3 +version: 7.4.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: "Added liveness and readiness probes to the notification controller." + - kind: changed + description: Bump argo-cd to v2.12.1 diff --git a/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml b/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml index 9c9b9193..7b1f1998 100644 --- a/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml @@ -35,6 +35,8 @@ rules: - appprojects verbs: - get + - list + - watch - apiGroups: - "" resources: From d1f5d50dcdd436329f5baa2cea94a969b4b087d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 17 Aug 2024 13:14:54 +0200 Subject: [PATCH 1096/1248] chore(deps): bump github/codeql-action from 3.26.0 to 3.26.2 in the dependencies group (#2886) chore(deps): bump github/codeql-action in the dependencies group Bumps the dependencies group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.26.0 to 3.26.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/eb055d739abdc2e8de2e5f4ba1a8b246daa779aa...429e1977040da7a23b6822b13c129cd1ba93dbb2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0d99d22b..76284816 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 with: sarif_file: results.sarif From 8c0b68689540eb276ac92d921b2326e706a7ba7f Mon Sep 17 00:00:00 2001 From: Brian Dunnigan Date: Tue, 20 Aug 2024 15:07:05 -0400 Subject: [PATCH 1097/1248] feat(argo-workflows): Added support for setting annotations on argo workflows controller configmap (#2889) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 4 ++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 1ed66b76..bb7251b2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.41.14 +version: 0.42.0 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Avoid empty namespace in role binding when singleNamespace is true + - kind: added + description: Added support for setting annotations on argo workflows controller configmap diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 662b63fd..9ab1c016 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -149,6 +149,7 @@ Fields to note: | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | | controller.clusterWorkflowTemplates.serviceAccounts | list | `[]` | Extra service accounts to be added to the ClusterRoleBinding | | controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | +| controller.configMap.annotations | object | `{}` | ConfigMap annotations | | controller.configMap.create | bool | `true` | Create a ConfigMap for the controller | | controller.configMap.name | string | `""` | ConfigMap name | | controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 1997d9d3..d93a910e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -6,6 +6,10 @@ metadata: namespace: {{ include "argo-workflows.namespace" . | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} + {{- with .Values.controller.configMap.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} data: config: | {{- if .Values.controller.instanceID.enabled }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 15a42ec4..9f140f1b 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -106,6 +106,8 @@ controller: create: true # -- ConfigMap name name: "" + # -- ConfigMap annotations + annotations: {} # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: From e49123cdf455c7f793718be823583f4747e0918e Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 23 Aug 2024 09:51:01 +0100 Subject: [PATCH 1098/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.12.2 (#2893) Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 88a73792..5ee92c2e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.12.1 +appVersion: v2.12.2 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.4.4 +version: 7.4.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.12.1 + description: Bump argo-cd to v2.12.2 From 0c27d8d946090f0bfc4d43c63ea85c9199e82ed1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 24 Aug 2024 17:15:27 -0500 Subject: [PATCH 1099/1248] chore(deps): bump github/codeql-action from 3.26.2 to 3.26.5 in the dependencies group (#2894) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 76284816..9d583235 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 with: sarif_file: results.sarif From 991579f32409483d2d96b79a97dbd72939d2b524 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sun, 25 Aug 2024 23:29:05 -0500 Subject: [PATCH 1100/1248] chore(deps): update renovatebot/github-action action to v40.2.7 (#2896) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index a2bdbb74..97943b77 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@b266b24b144602ed4f512f0773009d026722f4cc # v40.2.6 + uses: renovatebot/github-action@630a255a1f2f56c8d8ce160bed3e3ca577ca53e2 # v40.2.7 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 66615c347a9c86b31154e4787c95eaa8c2ad4024 Mon Sep 17 00:00:00 2001 From: Yuki Kitakata Date: Tue, 27 Aug 2024 17:48:42 +0900 Subject: [PATCH 1101/1248] chore(argo-cd): Support string type of "true" for `statusbadge.enabled` (#2895) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5ee92c2e..a231dea0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.2 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.4.5 +version: 7.4.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.12.2 + description: Support string type of "true" for `statusbadge.enabled` diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index eb3f7a2a..1ef054b1 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -183,7 +183,7 @@ Argo Configuration Preset Values (Influenced by Values configuration) {{- define "argo-cd.config.cm.presets" -}} {{- $presets := dict -}} {{- $_ := set $presets "url" (printf "https://%s" .Values.global.domain) -}} -{{- if index .Values.configs.cm "statusbadge.enabled" | eq true -}} +{{- if eq (toString (index .Values.configs.cm "statusbadge.enabled")) "true" -}} {{- $_ := set $presets "statusbadge.url" (printf "https://%s/" .Values.global.domain) -}} {{- end -}} {{- if .Values.configs.styles -}} From 466dd693558dd7d90d6120dcf2139100bed10b57 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 27 Aug 2024 14:30:18 +0100 Subject: [PATCH 1102/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.12.3 (#2897) Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a231dea0..c912b5c5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.12.2 +appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.4.6 +version: 7.4.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Support string type of "true" for `statusbadge.enabled` + description: Bump argo-cd to v2.12.3 From 777f5410c59b69f4f5fc718a71105e8d7c489742 Mon Sep 17 00:00:00 2001 From: Andreas Kappler Date: Wed, 28 Aug 2024 17:27:07 +0200 Subject: [PATCH 1103/1248] chore(argo-cd): bump redis-ha (#2900) Signed-off-by: a-hat --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index bc11a715..309790fc 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.26.1 -digest: sha256:d72c308ab0eef4233e25bfc3f8fc97cf9b02a9c5d0186ea89e2f8fb332cb9c41 -generated: "2024-02-18T19:42:53.135599+02:00" + version: 4.27.6 +digest: sha256:69c6b20682f0a2a8044b71731b7c656a57118088a7b3611f59217b537167af2e +generated: "2024-08-28T13:02:33.763307+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c912b5c5..6490b0bc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.4.7 +version: 7.5.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,7 +18,7 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.26.1 + version: 4.27.6 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.12.3 + description: bumped redis chart From 2df52cba0ec3b0e19293f02b009072ba62d92187 Mon Sep 17 00:00:00 2001 From: Gazal Date: Sat, 31 Aug 2024 20:12:52 +1000 Subject: [PATCH 1104/1248] feat(argo-rollouts): add loadBalancerClass field for Service resource (#2772) Most users of ArgoCD may use `Ingress` (and soon `HTTPRoute`), but for those who may want to use `Service` of type `LoadBalancer`, this would be useful. The `loadBalancerClass` field would allow for a `CloudProvider` agnostic way of offloading the reconciliation for Kubernetes Service resources of type `LoadBalancer` to an external controller. Signed-off-by: Gazal Gafoor Signed-off-by: Gazal Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/dashboard/service.yaml | 3 +++ charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index da2ffcb0..39dd385a 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.5 +version: 2.37.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-rollouts to v1.7.2 + description: add loadBalancerClass field for Service resources diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index b6a6f44d..724a6b82 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -182,6 +182,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.service.annotations | object | `{}` | Service annotations | | dashboard.service.externalIPs | list | `[]` | Dashboard service external IPs | | dashboard.service.labels | object | `{}` | Service labels | +| dashboard.service.loadBalancerClass | string | `""` | The class of the load balancer implementation | | dashboard.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | | dashboard.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | | dashboard.service.nodePort | int | `nil` | Service nodePort | diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml index 6a304b82..b7e553d7 100644 --- a/charts/argo-rollouts/templates/dashboard/service.yaml +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -22,6 +22,9 @@ spec: externalIPs: {{- toYaml . | nindent 4 }} {{- end }} {{- if eq .Values.dashboard.service.type "LoadBalancer" }} + {{- with .Values.dashboard.service.loadBalancerClass }} + loadBalancerClass: {{ . }} + {{- end }} {{- with .Values.dashboard.service.loadBalancerIP }} loadBalancerIP: {{ . | quote }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index a4d313e0..e78aa2bb 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -356,6 +356,8 @@ dashboard: service: # -- Sets the type of the Service type: ClusterIP + # -- The class of the load balancer implementation + loadBalancerClass: "" # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from From cd8245716a5818e3be530e6bc8caa02dc8cb4c6a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 31 Aug 2024 20:06:33 +0900 Subject: [PATCH 1105/1248] chore(deps): bump the dependencies group with 4 updates (#2905) Bumps the dependencies group with 4 updates: [actions/setup-python](https://github.com/actions/setup-python), [pascalgn/size-label-action](https://github.com/pascalgn/size-label-action), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/setup-python` from 5.1.1 to 5.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/39cd14951b08e74b54015e9e001cdefcf80e669f...f677139bbe7f9c59b41e40162b753c062f5d49a3) Updates `pascalgn/size-label-action` from 0.5.2 to 0.5.4 - [Release notes](https://github.com/pascalgn/size-label-action/releases) - [Commits](https://github.com/pascalgn/size-label-action/compare/bbbaa0d5ccce8e2e76254560df5c64b82dac2e12...be08a2d5f857dc99c5b9426cdb5a8ea1aa7f0399) Updates `actions/upload-artifact` from 4.3.6 to 4.4.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/834a144ee995460fba8ed112a2fc961b36a5ec5a...50769540e7f4bd5e21e526ee35c689e35e0d6874) Updates `github/codeql-action` from 3.26.5 to 3.26.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/2c779ab0d087cd7fe7b826087247c2c81f27bfa6...4dd16135b69a43b6c8efb853346f8437d92d3c93) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: pascalgn/size-label-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Maurer (-Kilchhofer) --- .github/workflows/lint-and-test.yml | 2 +- .github/workflows/pr-sizing.yml | 2 +- .github/workflows/scorecard.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 656e47d0..a6ad9274 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: 3.9 diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 04d2b6b4..660b9385 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -25,6 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - uses: pascalgn/size-label-action@bbbaa0d5ccce8e2e76254560df5c64b82dac2e12 # v0.5.2 + - uses: pascalgn/size-label-action@be08a2d5f857dc99c5b9426cdb5a8ea1aa7f0399 # v0.5.4 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 9d583235..8c948600 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 + uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 with: sarif_file: results.sarif From 2b25efdb3299f1e47a0a6168974c6cae0e195d3c Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 31 Aug 2024 21:39:56 -0500 Subject: [PATCH 1106/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v38.59.2 (#2906) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 97943b77..c5873a18 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 38.18.0 + renovate-version: 38.59.2 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From e709ba3b5a643f18bb435b00b9b4aab5e985b52b Mon Sep 17 00:00:00 2001 From: Gazal Date: Mon, 2 Sep 2024 01:05:42 +1000 Subject: [PATCH 1107/1248] feat(argo-workflows): add loadBalancerClass field for Service resources (#2771) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-service.yaml | 7 ++++++- .../templates/server/server-service.yaml | 11 ++++++++--- charts/argo-workflows/values.yaml | 4 ++++ 5 files changed, 23 insertions(+), 7 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index bb7251b2..8b242c4f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.42.0 +version: 0.42.1 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added support for setting annotations on argo workflows controller configmap + - kind: changed + description: add loadBalancerClass field for Service resources diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 9ab1c016..deec1649 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -168,6 +168,7 @@ Fields to note: | controller.kubeConfig | object | `{}` (See [values.yaml]) | Configure when workflow controller runs in a different k8s cluster with the workflow workloads, or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. | | controller.links | list | `[]` | Configure Argo Server to show custom [links] | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | +| controller.loadBalancerClass | string | `""` | The class of the load balancer implementation | | controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | | controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | | controller.logging.globallevel | string | `"0"` | Set the glog logging level | @@ -302,6 +303,7 @@ Fields to note: | server.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | | server.ingress.paths | list | `["/"]` | List of ingress paths | | server.ingress.tls | list | `[]` | Ingress TLS configuration | +| server.loadBalancerClass | string | `""` | The class of the load balancer implementation | | server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` | | server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | | server.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 0cd8a75b..4a1290ba 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -35,8 +35,13 @@ spec: {{- if and (eq .Values.controller.serviceType "ClusterIP") .Values.controller.metricsConfig.headlessService }} clusterIP: None {{- end }} - {{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }} + {{- if eq .Values.controller.serviceType "LoadBalancer" }} + {{- with .Values.controller.loadBalancerClass }} + loadBalancerClass: {{ . }} + {{- end }} + {{- if .Values.controller.loadBalancerSourceRanges }} loadBalancerSourceRanges: {{- toYaml .Values.controller.loadBalancerSourceRanges | nindent 4 }} {{- end }} + {{- end }} {{- end -}} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 7517d659..39c37792 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -28,11 +28,16 @@ spec: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None type: {{ .Values.server.serviceType }} - {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerIP }} - loadBalancerIP: {{ .Values.server.loadBalancerIP | quote }} + {{- if eq .Values.server.serviceType "LoadBalancer" }} + {{- with .Values.controller.loadBalancerClass }} + loadBalancerClass: {{ . }} {{- end }} - {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerSourceRanges }} + {{- with .Values.server.loadBalancerIP }} + loadBalancerIP: {{ . | quote }} + {{- end }} + {{- if .Values.server.loadBalancerSourceRanges }} loadBalancerSourceRanges: {{- toYaml .Values.server.loadBalancerSourceRanges | nindent 4 }} {{- end }} + {{- end }} {{- end -}} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 9f140f1b..5c2a674d 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -297,6 +297,8 @@ controller: serviceAnnotations: {} # -- Optional labels to add to the controller Service serviceLabels: {} + # -- The class of the load balancer implementation + loadBalancerClass: "" # -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer` loadBalancerSourceRanges: [] @@ -508,6 +510,8 @@ server: serviceAnnotations: {} # -- Optional labels to add to the UI Service serviceLabels: {} + # -- The class of the load balancer implementation + loadBalancerClass: "" # -- Static IP address to assign to loadBalancer service type `LoadBalancer` loadBalancerIP: "" # -- Source ranges to allow access to service from. Only applies to service type `LoadBalancer` From d144195ff44121c70167133f5021de747b1dc945 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 2 Sep 2024 17:58:56 +0900 Subject: [PATCH 1108/1248] chore(argo-cd): Fix typo on README (#2907) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/README.md.gotmpl | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6490b0bc..69b6ccd3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.5.0 +version: 7.5.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: bumped redis chart + - kind: fixed + description: Correct typo on README diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 39baf405..8b0cb174 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -315,7 +315,7 @@ Upstream steps in the [FAQ] are not enough, since we chose a different approach. Steps to roteate the secret when using the helm chart (bold step is additional to upstream): * Delete `argocd-redis` secret in the namespace where Argo CD is installed. ```bash - kubectl delete secret argocd-redis -n + kubectl delete secret argocd-redis -n ``` * **Perform a helm upgrade** ```bash diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 8ee73e93..ef75ddfe 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -315,7 +315,7 @@ Upstream steps in the [FAQ] are not enough, since we chose a different approach. Steps to roteate the secret when using the helm chart (bold step is additional to upstream): * Delete `argocd-redis` secret in the namespace where Argo CD is installed. ```bash - kubectl delete secret argocd-redis -n + kubectl delete secret argocd-redis -n ``` * **Perform a helm upgrade** ```bash From 3a1066cb5ab8fe3405a5667fafaa39e3e3ad8055 Mon Sep 17 00:00:00 2001 From: eddyfussel <28265760+eddyfussel@users.noreply.github.com> Date: Mon, 2 Sep 2024 17:33:07 +0200 Subject: [PATCH 1109/1248] fix(argo-cd): Fix certificate template secretTemplateAnnotations null (#2909) Signed-off-by: eddyfussel <28265760+eddyfussel@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/certificate.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 69b6ccd3..febb1e67 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.5.1 +version: 7.5.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Correct typo on README + description: Certificate template was wrong leading to null diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 803452f6..a9862139 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -13,13 +13,13 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: + {{- with .Values.server.certificate.secretTemplateAnnotations }} secretTemplate: - {{- with .Values.server.certificate.secretTemplateAnnotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} - {{- end }} + {{- end }} secretName: argocd-server-tls commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }} dnsNames: From a5dc0350b9c9834a3c691aa6ed5c6be408b72e5c Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 4 Sep 2024 00:55:57 -0500 Subject: [PATCH 1110/1248] chore(deps): update actions/create-github-app-token action to v1.10.4 (#2910) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index c5873a18..0bb3233e 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4 # v1.10.3 + uses: actions/create-github-app-token@3378cda945da322a8db4b193e19d46352ebe2de5 # v1.10.4 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 687392688fdbc28eb0813b083e3e63771d138c5a Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 9 Sep 2024 07:35:42 -0500 Subject: [PATCH 1111/1248] chore(deps): update renovatebot/github-action action to v40.2.8 (#2912) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 0bb3233e..f1250bcc 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@630a255a1f2f56c8d8ce160bed3e3ca577ca53e2 # v40.2.7 + uses: renovatebot/github-action@dd4d265eb8646cd04fc5f86ff8bc8d496d75a251 # v40.2.8 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From a344d64fbdb584b40fce03b8c1cf7e05034b866d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Reegn?= Date: Tue, 10 Sep 2024 23:55:38 +0200 Subject: [PATCH 1112/1248] fix(argocd-apps): don't render empty app description (#2911) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(argocd-apps): don't render empty app description Signed-off-by: Zoltán Reegn * chore: Apply suggestions from code review Signed-off-by: Marco Maurer (-Kilchhofer) --------- Signed-off-by: Zoltán Reegn Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argocd-apps/Chart.yaml | 6 +++--- charts/argocd-apps/templates/projects.yaml | 4 +++- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 397e9db6..f6cc3443 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 2.0.0 +version: 2.0.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: make the chart use maps instead of lists + - kind: fixed + description: not rendering empty app description diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml index 34a865ea..d6032636 100644 --- a/charts/argocd-apps/templates/projects.yaml +++ b/charts/argocd-apps/templates/projects.yaml @@ -25,7 +25,9 @@ spec: {{- with $projectData.permitOnlyProjectScopedClusters }} permitOnlyProjectScopedClusters: {{ . }} {{- end }} - description: {{ $projectData.description }} + {{- with $projectData.description }} + description: {{ . }} + {{- end }} {{- with $projectData.sourceRepos }} sourceRepos: {{- toYaml . | nindent 4 }} From 7c8bbd62e84c48c70368d9491493ed6b5018472c Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 12 Sep 2024 10:57:30 +0900 Subject: [PATCH 1113/1248] chore(deps): update actions/create-github-app-token action to v1.11.0 (#2918) Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index f1250bcc..5c90efbc 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@3378cda945da322a8db4b193e19d46352ebe2de5 # v1.10.4 + uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From e718e4665175c79ce5a50a6c8bd49b2bb9188ffe Mon Sep 17 00:00:00 2001 From: venegator Date: Fri, 13 Sep 2024 16:01:59 +0200 Subject: [PATCH 1114/1248] feat(argo-workflows): Add honorLabels parameter to Argo Workflows ServiceMonitor (#2920) * Update workflow-controller-servicemonitor.yaml Signed-off-by: venegator * Update values.yaml Signed-off-by: venegator * Update Chart.yaml Signed-off-by: venegator * Update README.md Signed-off-by: venegator * Update charts/argo-workflows/Chart.yaml Co-authored-by: kiblik <5609770+kiblik@users.noreply.github.com> Signed-off-by: venegator * Update workflow-controller-servicemonitor.yaml Signed-off-by: venegator --------- Signed-off-by: venegator Co-authored-by: kiblik <5609770+kiblik@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-servicemonitor.yaml | 2 ++ charts/argo-workflows/values.yaml | 3 +++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8b242c4f..30ff622d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.42.1 +version: 0.42.2 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: add loadBalancerClass field for Service resources + description: add honorLabels config for ServiceMonitor resource diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index deec1649..43e86677 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -175,6 +175,7 @@ Fields to note: | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | | controller.metricsConfig.headlessService | bool | `false` | Flag to enable headless service | +| controller.metricsConfig.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. | | controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. | | controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion | | controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index 1695f96d..01844a87 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -24,6 +24,7 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + honorLabels: {{ .Values.controller.metricsConfig.honorLabels }} {{- end }} {{- if .Values.controller.telemetryConfig.enabled }} - port: telemetry @@ -37,6 +38,7 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + honorLabels: {{ .Values.controller.metricsConfig.honorLabels }} {{- end }} {{- with .Values.controller.metricsConfig.targetLabels }} targetLabels: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 5c2a674d..aa6e86b1 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -143,6 +143,9 @@ controller: servicePortName: metrics # -- Flag to enable headless service headlessService: false + # -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#honorlabels + honorLabels: false # -- ServiceMonitor relabel configs to apply to samples before scraping ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig relabelings: [] From 97acfc9360155a7f5aea4a5c5e6ab6b7dabb20c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 14 Sep 2024 07:50:42 -0500 Subject: [PATCH 1115/1248] chore(deps): bump github/codeql-action from 3.26.6 to 3.26.7 in the dependencies group (#2921) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8c948600..b94e76ce 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: results.sarif From b33b3dbd3066a03c5aa8def211b4303f74de6477 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 19:02:55 +0900 Subject: [PATCH 1116/1248] chore(deps): update renovatebot/github-action action to v40.2.9 (#2924) Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 5c90efbc..526f897a 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@dd4d265eb8646cd04fc5f86ff8bc8d496d75a251 # v40.2.8 + uses: renovatebot/github-action@17973eff4f1b66dc88786ea5490d902aaa274cbf # v40.2.9 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 2e05c8b57b9e51bf27928cee723cf8116de38403 Mon Sep 17 00:00:00 2001 From: Mykola Stasiuk <93274808+st-myk@users.noreply.github.com> Date: Mon, 16 Sep 2024 15:37:59 +0200 Subject: [PATCH 1117/1248] docs(argo-rollouts): add more description for notification secret creation (#2922) * docs(argo-rollouts): add more description for secret creation Signed-off-by: st-myk <93274808+st-myk@users.noreply.github.com> * docs(argo-rollouts): bump chart version Signed-off-by: st-myk <93274808+st-myk@users.noreply.github.com> * docs(argo-rollouts): fix lint Signed-off-by: st-myk <93274808+st-myk@users.noreply.github.com> * docs(argo-rollouts): change reference to controller Signed-off-by: st-myk <93274808+st-myk@users.noreply.github.com> * docs(argo-rollouts): fix readme Signed-off-by: Mykola Stasiuk <93274808+st-myk@users.noreply.github.com> --------- Signed-off-by: st-myk <93274808+st-myk@users.noreply.github.com> Signed-off-by: Mykola Stasiuk <93274808+st-myk@users.noreply.github.com> Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 2 +- charts/argo-rollouts/values.yaml | 3 ++- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 39dd385a..44abcb53 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.6 +version: 2.37.7 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: add loadBalancerClass field for Service resources + - kind: added + description: add description for manual secret creation diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 724a6b82..126a1dcd 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -60,7 +60,7 @@ For full list of changes please check ArtifactHub [changelog]. | notifications.configmap.create | bool | `true` | Whether to create notifications configmap | | notifications.notifiers | object | `{}` | Configures notification services | | notifications.secret.annotations | object | `{}` | Annotations to be added to the notifications secret | -| notifications.secret.create | bool | `false` | Whether to create notifications secret | +| notifications.secret.create | bool | `false` | Whether to create notifications secret. | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret | | notifications.subscriptions | list | `[]` | The subscriptions define the subscriptions to the triggers in a general way for all rollouts | | notifications.templates | object | `{}` | Notification templates | diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e78aa2bb..b6b5821c 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -456,7 +456,8 @@ notifications: create: true secret: - # -- Whether to create notifications secret + # -- Whether to create notifications secret. + ## If you want to manually create secret, do not forget to add proper label to it: "app.kubernetes.io/component: {{ .Values.controller.component }}". create: false # -- Generic key:value pairs to be inserted into the notifications secret items: {} From 8096751c175f6a5250bda64dc86d4de1e56b2e50 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 17 Sep 2024 06:04:30 -0500 Subject: [PATCH 1118/1248] chore(deps): update renovatebot/github-action action to v40.2.10 (#2925) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 526f897a..077a96f4 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Self-hosted Renovate - uses: renovatebot/github-action@17973eff4f1b66dc88786ea5490d902aaa274cbf # v40.2.9 + uses: renovatebot/github-action@e1db501385ddcccbaae6fb9c06befae04f379f23 # v40.2.10 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 8adc2939a26ce3c0e0cdcaaaddcca91e71859d5d Mon Sep 17 00:00:00 2001 From: Neile Havens Date: Thu, 19 Sep 2024 19:09:54 -0500 Subject: [PATCH 1119/1248] fix(argo-events): Fix events-webhook Service using non-default port (#2929) Resolves #2926 Signed-off-by: Neile Havens --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/templates/argo-events-webhook/service.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index aae23442..dc6af9ac 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.9.2 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.7 +version: 2.4.8 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Update Jetstream versions as following upstream + description: events-webhook Service using non-default port diff --git a/charts/argo-events/templates/argo-events-webhook/service.yaml b/charts/argo-events/templates/argo-events-webhook/service.yaml index e1f2b2ee..797ceb43 100644 --- a/charts/argo-events/templates/argo-events-webhook/service.yaml +++ b/charts/argo-events/templates/argo-events-webhook/service.yaml @@ -8,7 +8,7 @@ metadata: {{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }} spec: ports: - - port: 443 + - port: {{ int .Values.webhook.port }} targetPort: webhook selector: {{- include "argo-events.selectorLabels" (dict "context" $ "name" $.Values.webhook.name) | nindent 4 }} From 133e70a9ea9c9db4e86df35621a6fcdc4847ad5a Mon Sep 17 00:00:00 2001 From: d3adb5 Date: Fri, 20 Sep 2024 00:59:01 -0700 Subject: [PATCH 1120/1248] feat(argo-cd): allow setting runtime class name (#2930) Allow chart users to set a runtime class name for all Argo CD components. Signed-off-by: d3adb5 --- charts/argo-cd/Chart.yaml | 6 ++-- charts/argo-cd/README.md | 8 +++++ .../deployment.yaml | 3 ++ .../statefulset.yaml | 3 ++ .../argocd-applicationset/deployment.yaml | 3 ++ .../argocd-notifications/deployment.yaml | 3 ++ .../argocd-repo-server/deployment.yaml | 3 ++ .../templates/argocd-server/deployment.yaml | 3 ++ charts/argo-cd/templates/dex/deployment.yaml | 3 ++ .../argo-cd/templates/redis/deployment.yaml | 3 ++ charts/argo-cd/values.yaml | 31 +++++++++++++++++++ 11 files changed, 66 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index febb1e67..210bbc7b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.5.2 +version: 7.6.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Certificate template was wrong leading to null + - kind: added + description: Ability to set runtime class for all components diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 8b0cb174..5ed80a40 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -713,6 +713,7 @@ NAME: my-release | global.podLabels | object | `{}` | Labels for the all deployed pods | | global.priorityClassName | string | `""` | Default priority class for all components | | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | +| global.runtimeClassName | string | `""` | Runtime class name for all components | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | | global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | | global.tolerations | list | `[]` | Default tolerations for all components | @@ -856,6 +857,7 @@ NAME: my-release | controller.replicas | int | `1` | The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. | | controller.resources | object | `{}` | Resource limits and requests for the application controller pods | | controller.revisionHistoryLimit | int | `5` | Maximum number of controller revisions that will be maintained in StatefulSet history | +| controller.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the application controller | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | controller.serviceAccount.create | bool | `true` | Create a service account for the application controller | @@ -950,6 +952,7 @@ NAME: my-release | repoServer.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | repoServer.replicas | int | `1` | The number of repo server pods to run | | repoServer.resources | object | `{}` | Resource limits and requests for the repo server pods | +| repoServer.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the repo server | | repoServer.service.annotations | object | `{}` | Repo server service annotations | | repoServer.service.labels | object | `{}` | Repo server service labels | | repoServer.service.port | int | `8081` | Repo server service port | @@ -1103,6 +1106,7 @@ NAME: my-release | server.route.hostname | string | `""` | Hostname of OpenShift Route | | server.route.termination_policy | string | `"None"` | Termination policy of Openshift Route | | server.route.termination_type | string | `"passthrough"` | Termination type of Openshift Route | +| server.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the Argo CD server | | server.service.annotations | object | `{}` | Server service annotations | | server.service.externalIPs | list | `[]` | Server service external IPs | | server.service.externalTrafficPolicy | string | `"Cluster"` | Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints | @@ -1210,6 +1214,7 @@ NAME: my-release | dex.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | dex.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | dex.resources | object | `{}` | Resource limits and requests for dex | +| dex.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for Dex | | dex.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | dex.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | dex.serviceAccount.create | bool | `true` | Create dex service account | @@ -1308,6 +1313,7 @@ NAME: my-release | redis.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | redis.readinessProbe.timeoutSeconds | int | `15` | Number of seconds after which the [probe] times out | | redis.resources | object | `{}` | Resource limits and requests for redis | +| redis.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for redis | | redis.securityContext | object | See [values.yaml] | Redis pod-level security context | | redis.service.annotations | object | `{}` | Redis service annotations | | redis.service.labels | object | `{}` | Additional redis service labels | @@ -1500,6 +1506,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.replicas | int | `1` | The number of ApplicationSet controller pods to run | | applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. | +| applicationSet.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the ApplicationSet controller | | applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations | | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | | applicationSet.service.port | int | `7000` | ApplicationSet service port | @@ -1583,6 +1590,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | notifications.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | notifications.resources | object | `{}` | Resource limits and requests for the notifications controller | +| notifications.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the notifications controller | | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 3938c25d..32205efd 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -36,6 +36,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.controller.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} {{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 4fb49bee..3c644c69 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -37,6 +37,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.controller.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} {{- with .Values.controller.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 060d20c5..9af597b2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -36,6 +36,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.applicationSet.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} {{- with .Values.applicationSet.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 0f6ad38b..85d58e2b 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -36,6 +36,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.notifications.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} {{- with .Values.notifications.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 500b2e44..9a15e596 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -47,6 +47,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.repoServer.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} {{- with .Values.repoServer.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index f20f2af0..f015c847 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -41,6 +41,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.server.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} {{- with .Values.server.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index bc9b4530..fa11aef6 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -43,6 +43,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.dex.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} {{- with .Values.dex.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 76e1b00a..65581665 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -33,6 +33,9 @@ spec: {{- end }} {{- end }} spec: + {{- with .Values.redis.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} {{- with .Values.redis.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 08a26b8b..8e1b8c39 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -44,6 +44,9 @@ global: ## Used for ingresses, certificates, SSO, notifications, etc. domain: argocd.example.com + # -- Runtime class name for all components + runtimeClassName: "" + # -- Common labels for the all resources additionalLabels: {} # app: argo-cd @@ -619,6 +622,10 @@ controller: ## like round-robin, then the shards will be well-balanced. dynamicClusterDistribution: false + # -- Runtime class name for the application controller + # @default -- `""` (defaults to global.runtimeClassName) + runtimeClassName: "" + # -- Application controller heartbeat time # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution/#working-of-dynamic-distribution heartbeatTime: 10 @@ -919,6 +926,10 @@ dex: # -- Additional command line arguments to pass to the Dex server extraArgs: [] + # -- Runtime class name for Dex + # @default -- `""` (defaults to global.runtimeClassName) + runtimeClassName: "" + metrics: # -- Deploy metrics service enabled: false @@ -1213,6 +1224,10 @@ redis: # -- Redis name name: redis + # -- Runtime class name for redis + # @default -- `""` (defaults to global.runtimeClassName) + runtimeClassName: "" + ## Redis Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ pdb: @@ -1701,6 +1716,10 @@ server: # -- The number of server pods to run replicas: 1 + # -- Runtime class name for the Argo CD server + # @default -- `""` (defaults to global.runtimeClassName) + runtimeClassName: "" + ## Argo CD server Horizontal Pod Autoscaler autoscaling: # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server @@ -2364,6 +2383,10 @@ repoServer: # -- The number of repo server pods to run replicas: 1 + # -- Runtime class name for the repo server + # @default -- `""` (defaults to global.runtimeClassName) + runtimeClassName: "" + ## Repo server Horizontal Pod Autoscaler autoscaling: # -- Enable Horizontal Pod Autoscaler ([HPA]) for the repo server @@ -2752,6 +2775,10 @@ applicationSet: # -- The number of ApplicationSet controller pods to run replicas: 1 + # -- Runtime class name for the ApplicationSet controller + # @default -- `""` (defaults to global.runtimeClassName) + runtimeClassName: "" + ## ApplicationSet controller Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ pdb: @@ -3119,6 +3146,10 @@ notifications: # @default -- `""` (defaults to https://`global.domain`) argocdUrl: "" + # -- Runtime class name for the notifications controller + # @default -- `""` (defaults to global.runtimeClassName) + runtimeClassName: "" + ## Notifications controller Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ pdb: From c5e6458cd6277c6f66816742e9e18256a6d8aaa9 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 20 Sep 2024 12:23:53 +0100 Subject: [PATCH 1121/1248] fix(argo-cd): Remove unwanted newline on redis-init-secret job's imagepullsecrets (#2931) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/redis-secret-init/job.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 210bbc7b..a3335e3b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.0 +version: 7.6.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Ability to set runtime class for all components + - kind: fixed + description: Remove unwanted newline on redis-init-secret job's imagepullsecrets diff --git a/charts/argo-cd/templates/redis-secret-init/job.yaml b/charts/argo-cd/templates/redis-secret-init/job.yaml index 643dadc7..15bed02d 100644 --- a/charts/argo-cd/templates/redis-secret-init/job.yaml +++ b/charts/argo-cd/templates/redis-secret-init/job.yaml @@ -30,7 +30,7 @@ spec: spec: {{- with .Values.global.imagePullSecrets }} imagePullSecrets: - {{ toYaml . | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} containers: - command: From fd70c609bd6e98e8b067c7c4915957c51acd786c Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 20 Sep 2024 16:08:21 +0100 Subject: [PATCH 1122/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.11 (#2932) Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 30ff622d..6071b4e8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.10 +appVersion: v3.5.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.42.2 +version: 0.42.3 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: add honorLabels config for ServiceMonitor resource + description: Bump argo-workflows to v3.5.11 From b50a0731e745e068bddda412081609810eeb54c8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 21 Sep 2024 19:35:15 +0900 Subject: [PATCH 1123/1248] chore(deps): bump github/codeql-action from 3.26.7 to 3.26.8 in the dependencies group (#2933) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b94e76ce..8cfa51f0 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 with: sarif_file: results.sarif From edd04f6ec8b9a96617651a8c32d00099f9732089 Mon Sep 17 00:00:00 2001 From: Jonny Langefeld Date: Mon, 23 Sep 2024 10:27:10 -0700 Subject: [PATCH 1124/1248] fix(argo-cd): Remove namespace from cluster scope resource (#2833) * Remove namespace from cluster scope resource A few resources I noticed had the namespace set for cluster scoped resources. Signed-off-by: Jonny Langefeld * Update clusterrole.yaml Signed-off-by: Jonny Langefeld * chore: Apply changes from code review Signed-off-by: Marco Maurer --------- Signed-off-by: Jonny Langefeld Signed-off-by: Marco Maurer Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/clusterrole.yaml | 1 - .../templates/argocd-applicationset/clusterrolebinding.yaml | 1 - 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a3335e3b..c57b7c0f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.1 +version: 7.6.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Remove unwanted newline on redis-init-secret job's imagepullsecrets + description: Remove namespace field from cluster scoped resources diff --git a/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml b/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml index 7b1f1998..2723e3d2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/clusterrole.yaml @@ -3,7 +3,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} - namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml index af6d5297..9dcae8d2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml @@ -3,7 +3,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} - namespace: {{ include "argo-cd.namespace" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} roleRef: From 0afd9e66bf361724870ebe239c7ee049af15e604 Mon Sep 17 00:00:00 2001 From: l2h Date: Thu, 26 Sep 2024 00:17:55 +0900 Subject: [PATCH 1125/1248] feat(argo-cd): add multi-namespace support for ApplicationSet controller RBAC (#2935) * feat(argo-cd): support multiple namespaces in applicationsetcontroller Signed-off-by: leehosu * fetch upstream Signed-off-by: leehosu * update README Signed-off-by: leehosu * change a values about namespace Signed-off-by: leehosu --------- Signed-off-by: leehosu --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + .../argocd-applicationset/clusterrolebinding.yaml | 8 ++++++++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 14 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c57b7c0f..128c408a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.2 +version: 7.6.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Remove namespace field from cluster scoped resources + - kind: added + description: Add conditional handling of multiple namespaces in ClusterRoleBinding for ApplicationSet controller. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5ed80a40..6d07f360 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -742,6 +742,7 @@ NAME: my-release | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | | configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] | | configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | +| configs.params."applicationsetcontroller.namespaces" | string | `""` | A list of glob patterns specifying where to look for ApplicationSet resources. (e.g. `"namespace1, namespace2"`) | | configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | | configs.params."controller.ignore.normalizer.jq.timeout" | string | `"1s"` | JQ Path expression timeout | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | diff --git a/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml index 9dcae8d2..c6c1beb7 100644 --- a/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml @@ -13,4 +13,12 @@ subjects: - kind: ServiceAccount name: {{ template "argo-cd.applicationSet.serviceAccountName" . }} namespace: {{ include "argo-cd.namespace" . }} +{{- $namespaces := index .Values.configs.params "applicationsetcontroller.namespaces" -}} +{{- range $namespace := (split "," $namespaces) }} + {{- if $namespace }} + - kind: ServiceAccount + name: {{ include "argo-cd.applicationSet.serviceAccountName" $ }} + namespace: {{ $namespace | trim | quote }} + {{- end }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8e1b8c39..832d4184 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -278,6 +278,8 @@ configs: applicationsetcontroller.policy: sync # -- Enables use of the Progressive Syncs capability applicationsetcontroller.enable.progressive.syncs: false + # -- A list of glob patterns specifying where to look for ApplicationSet resources. (e.g. `"namespace1, namespace2"`) + applicationsetcontroller.namespaces: "" # -- Enables [Applications in any namespace] ## List of additional namespaces where applications may be created in and reconciled from. From 1773b67d65142bbd46543912139d9a080eb93a00 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 25 Sep 2024 23:31:02 +0200 Subject: [PATCH 1126/1248] chore(deps): update actions/checkout action to v4.2.0 (#2937) Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 077a96f4..e4937114 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -23,7 +23,7 @@ jobs: private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Self-hosted Renovate uses: renovatebot/github-action@e1db501385ddcccbaae6fb9c06befae04f379f23 # v40.2.10 From 4b651b3474a0518cb01c0c3af35e4ea0c5b64a00 Mon Sep 17 00:00:00 2001 From: DoumLaberge <33817317+DoumLaberge@users.noreply.github.com> Date: Wed, 25 Sep 2024 18:04:50 -0400 Subject: [PATCH 1127/1248] fix(argo-cd): Align imagePullSecrets for redis-secret-init Job (#2928) * issue-2848 Correction of the imagepullsecret for redis * issue-2848 Bump chart version to 7.5.3 * chore: Add changelog entry Signed-off-by: Marco Maurer --------- Signed-off-by: Marco Maurer Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: dlaberge Co-authored-by: Marco Maurer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/redis-secret-init/job.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 128c408a..41132c7d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.3 +version: 7.6.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add conditional handling of multiple namespaces in ClusterRoleBinding for ApplicationSet controller. + - kind: fixed + description: Align imagePullSecrets for redis-secret-init Job with other manifests diff --git a/charts/argo-cd/templates/redis-secret-init/job.yaml b/charts/argo-cd/templates/redis-secret-init/job.yaml index 15bed02d..8a280e35 100644 --- a/charts/argo-cd/templates/redis-secret-init/job.yaml +++ b/charts/argo-cd/templates/redis-secret-init/job.yaml @@ -28,7 +28,7 @@ spec: {{- end }} {{- end }} spec: - {{- with .Values.global.imagePullSecrets }} + {{- with .Values.redisSecretInit.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} From d0341cc441a6efc456067f0facc4a6fe34ae54a3 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Thu, 26 Sep 2024 01:17:08 +0200 Subject: [PATCH 1128/1248] chore(github): Use correct email of the Renovate bot (#2938) Signed-off-by: Marco Maurer Co-authored-by: Aikawa --- .github/configs/renovate-config.js | 3 ++- renovate.json | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/configs/renovate-config.js b/.github/configs/renovate-config.js index 9118ffe9..f453f640 100644 --- a/.github/configs/renovate-config.js +++ b/.github/configs/renovate-config.js @@ -1,6 +1,7 @@ module.exports = { platform: 'github', - gitAuthor: 'renovate[bot] ', + // This ensures that the gitAuthor and gitSignOff fields match + gitAuthor: 'argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com>', autodiscover: false, allowPostUpgradeCommandTemplating: true, allowedPostUpgradeCommands: [".*"], diff --git a/renovate.json b/renovate.json index 4e068215..730f497e 100644 --- a/renovate.json +++ b/renovate.json @@ -5,7 +5,8 @@ }, "extends": [ "config:recommended", - "docker:enableMajor" + "docker:enableMajor", + ":gitSignOff" ], "labels": ["renovate"], "includePaths": [ From e94dc2ea10172909f55c477bbddab2c0e6bd504e Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 26 Sep 2024 16:37:59 +0900 Subject: [PATCH 1129/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.12.4 (#2940) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 41132c7d..b260b1c9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.12.3 +appVersion: v2.12.4 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.4 +version: 7.6.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Align imagePullSecrets for redis-secret-init Job with other manifests + - kind: changed + description: Bump argo-cd to v2.12.4 From 388c5aea6604f4a7bfe8d6cfd089a4a047632017 Mon Sep 17 00:00:00 2001 From: KrisF-Midnight <166425225+KrisF-Midnight@users.noreply.github.com> Date: Fri, 27 Sep 2024 11:56:55 +0200 Subject: [PATCH 1130/1248] feat(argo-workflows): add configurable scrape interval for metrics and telemetry (#2942) feat: add configurable scrape interval for metrics and telemetry Signed-off-by: KrisF-Midnight --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-servicemonitor.yaml | 4 ++-- charts/argo-workflows/values.yaml | 4 ++++ 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6071b4e8..29130932 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.42.3 +version: 0.42.4 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-workflows to v3.5.11 + description: Scrape interval for metrics and telemetry data can now be set diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 43e86677..7c6774ca 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -177,6 +177,7 @@ Fields to note: | controller.metricsConfig.headlessService | bool | `false` | Flag to enable headless service | | controller.metricsConfig.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. | | controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. | +| controller.metricsConfig.interval | string | `"30s"` | Frequency at which prometheus scrapes metrics | | controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion | | controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory | | controller.metricsConfig.path | string | `"/metrics"` | Path is the path where metrics are emitted. Must start with a "/". | @@ -224,6 +225,7 @@ Fields to note: | controller.serviceType | string | `"ClusterIP"` | Service type of the controller Service | | controller.telemetryConfig.enabled | bool | `false` | Enables prometheus telemetry server | | controller.telemetryConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. | +| controller.telemetryConfig.interval | string | `"30s"` | Frequency at which prometheus scrapes telemetry data | | controller.telemetryConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory | | controller.telemetryConfig.path | string | `"/telemetry"` | telemetry path | | controller.telemetryConfig.port | int | `8081` | telemetry container port | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index 01844a87..46fd18dd 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -15,7 +15,7 @@ spec: {{- if .Values.controller.metricsConfig.enabled }} - port: {{ .Values.controller.metricsConfig.servicePortName }} path: {{ .Values.controller.metricsConfig.path }} - interval: 30s + interval: {{ .Values.controller.metricsConfig.interval }} {{- with .Values.controller.metricsConfig.relabelings }} relabelings: {{- toYaml . | nindent 8 }} @@ -29,7 +29,7 @@ spec: {{- if .Values.controller.telemetryConfig.enabled }} - port: telemetry path: {{ .Values.controller.telemetryConfig.path }} - interval: 30s + interval: {{ .Values.controller.telemetryConfig.interval }} {{- with .Values.controller.metricsConfig.relabelings }} relabelings: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index aa6e86b1..646ffc39 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -127,6 +127,8 @@ controller: enabled: false # -- Path is the path where metrics are emitted. Must start with a "/". path: /metrics + # -- Frequency at which prometheus scrapes metrics + interval: 30s # -- Port is the port where metrics are emitted port: 9090 # -- How often custom metrics are cleared from memory @@ -234,6 +236,8 @@ controller: enabled: false # -- telemetry path path: /telemetry + # -- Frequency at which prometheus scrapes telemetry data + interval: 30s # -- telemetry container port port: 8081 # -- How often custom metrics are cleared from memory From ebb2d15f1e370e6023770713596aa480c71b8914 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Sep 2024 07:05:21 -0500 Subject: [PATCH 1131/1248] chore(deps): bump the dependencies group with 2 updates (#2943) --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index a6ad9274..32bd1677 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 7dc62234..3da3a390 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8cfa51f0..84395b6a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: persist-credentials: false @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: results.sarif From c8948d20963f945f611c74462cc775fafdc37bd5 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 30 Sep 2024 12:59:02 +0200 Subject: [PATCH 1132/1248] chore(deps): update renovatebot/github-action action to v40.2.11 (#2946) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index e4937114..8918c54a 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Self-hosted Renovate - uses: renovatebot/github-action@e1db501385ddcccbaae6fb9c06befae04f379f23 # v40.2.10 + uses: renovatebot/github-action@718692a6e1205fb03bed8a101596ef5755b5f35d # v40.2.11 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 6b3f648f39b552f70785aa119e7ae8523534c8cc Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 30 Sep 2024 20:23:55 +0900 Subject: [PATCH 1133/1248] chore(deps): update renovatebot/github-action action to v40.3.0 (#2947) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 8918c54a..0bc7ca25 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Self-hosted Renovate - uses: renovatebot/github-action@718692a6e1205fb03bed8a101596ef5755b5f35d # v40.2.11 + uses: renovatebot/github-action@180db1547505e30c02d41959fe65ada1523ee207 # v40.3.0 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 32a3541b7fdc4426323039492c39d75d5b781042 Mon Sep 17 00:00:00 2001 From: charlychiu Date: Mon, 30 Sep 2024 20:24:51 +0800 Subject: [PATCH 1134/1248] chore(argo-cd): Add Proxy Extensions config (#2944) * chore(argo-cd): Add Proxy Extensions config Signed-off-by: charlychiu * chore(argo-cd): Update docs Signed-off-by: charlychiu --------- Signed-off-by: charlychiu Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/values.yaml | 21 +++++++++++++++++++++ 3 files changed, 25 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b260b1c9..eff7d03e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.4 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.5 +version: 7.6.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.12.4 + - kind: added + description: Value configs.params."server.enable.proxy.extension" was added diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6d07f360..108c9673 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -754,6 +754,7 @@ NAME: my-release | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.disable.auth" | bool | `false` | Disable Argo CD RBAC for user authentication | | configs.params."server.enable.gzip" | bool | `true` | Enable GZIP compression | +| configs.params."server.enable.proxy.extension" | bool | `false` | Enable proxy extension feature. (proxy extension is in Alpha phase) | | configs.params."server.insecure" | bool | `false` | Run server without TLS | | configs.params."server.rootpath" | string | `""` | Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 832d4184..e6479acb 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -228,6 +228,25 @@ configs: # - profile # - email + # Extension Configuration + ## Ref: https://argo-cd.readthedocs.io/en/latest/developer-guide/extensions/proxy-extensions/ + # extension.config: | + # extensions: + # - name: httpbin + # backend: + # connectionTimeout: 2s + # keepAlive: 15s + # idleConnectionTimeout: 60s + # maxIdleConnections: 30 + # services: + # - url: http://httpbin.org + # headers: + # - name: some-header + # value: '$some.argocd.secret.key' + # cluster: + # name: some-cluster + # server: https://some-cluster + # Argo CD configuration parameters ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cmd-params-cm.yaml params: @@ -266,6 +285,8 @@ configs: server.disable.auth: false # -- Enable GZIP compression server.enable.gzip: true + # -- Enable proxy extension feature. (proxy extension is in Alpha phase) + server.enable.proxy.extension: false # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "". server.x.frame.options: sameorigin From 687bedb94658acd2b990303e28536df5403d7b20 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 1 Oct 2024 03:24:31 +0900 Subject: [PATCH 1135/1248] fix(argo-cd): Arrange for ApplicationSet in any namespace (#2945) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- .../argocd-applicationset/clusterrolebinding.yaml | 8 -------- charts/argo-cd/values.yaml | 4 +++- 4 files changed, 7 insertions(+), 13 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index eff7d03e..16b11ae6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.4 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.6 +version: 7.6.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Value configs.params."server.enable.proxy.extension" was added + - kind: fixed + description: Arrange for ApplicationSet in any namespace. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 108c9673..b44bb431 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -742,7 +742,7 @@ NAME: my-release | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | | configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] | | configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | -| configs.params."applicationsetcontroller.namespaces" | string | `""` | A list of glob patterns specifying where to look for ApplicationSet resources. (e.g. `"namespace1, namespace2"`) | +| configs.params."applicationsetcontroller.namespaces" | string | `""` (default is only the ns where the controller is installed) | A list of glob patterns specifying where to look for ApplicationSet resources. (e.g. `"argocd,argocd-appsets-*"`) | | configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | | configs.params."controller.ignore.normalizer.jq.timeout" | string | `"1s"` | JQ Path expression timeout | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | diff --git a/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml index c6c1beb7..9dcae8d2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/clusterrolebinding.yaml @@ -13,12 +13,4 @@ subjects: - kind: ServiceAccount name: {{ template "argo-cd.applicationSet.serviceAccountName" . }} namespace: {{ include "argo-cd.namespace" . }} -{{- $namespaces := index .Values.configs.params "applicationsetcontroller.namespaces" -}} -{{- range $namespace := (split "," $namespaces) }} - {{- if $namespace }} - - kind: ServiceAccount - name: {{ include "argo-cd.applicationSet.serviceAccountName" $ }} - namespace: {{ $namespace | trim | quote }} - {{- end }} -{{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e6479acb..70dfb347 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -299,7 +299,9 @@ configs: applicationsetcontroller.policy: sync # -- Enables use of the Progressive Syncs capability applicationsetcontroller.enable.progressive.syncs: false - # -- A list of glob patterns specifying where to look for ApplicationSet resources. (e.g. `"namespace1, namespace2"`) + # -- A list of glob patterns specifying where to look for ApplicationSet resources. (e.g. `"argocd,argocd-appsets-*"`) + # @default -- `""` (default is only the ns where the controller is installed) + ## For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Appset-Any-Namespace/ applicationsetcontroller.namespaces: "" # -- Enables [Applications in any namespace] From c38d299f01aef4a0fa76bf9daae675b89facb72e Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 30 Sep 2024 22:03:14 +0200 Subject: [PATCH 1136/1248] chore(deps): update renovatebot/github-action action to v40.3.1 (#2950) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 0bc7ca25..c77544f0 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Self-hosted Renovate - uses: renovatebot/github-action@180db1547505e30c02d41959fe65ada1523ee207 # v40.3.0 + uses: renovatebot/github-action@a1ed1d0adddfdf138192d1fbe3150a80094dee6a # v40.3.1 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 994838a2ef355feb82a5517ec51ef21154b5dd76 Mon Sep 17 00:00:00 2001 From: Maneesh Singh Date: Mon, 30 Sep 2024 23:03:26 -0700 Subject: [PATCH 1137/1248] feat(argocd-apps): finalizers for applicationset (#2952) --- charts/argocd-apps/Chart.yaml | 6 +++--- charts/argocd-apps/ci/applicationsets-values.yaml | 2 ++ charts/argocd-apps/templates/applicationsets.yaml | 4 ++++ charts/argocd-apps/values.yaml | 2 ++ 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index f6cc3443..c4433fa4 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 2.0.1 +version: 2.0.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: not rendering empty app description + - kind: added + description: allow setting applicationset finalizers diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index ed84c5fb..394e2c88 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -4,6 +4,8 @@ applicationsets: applicationset: additionalLabels: {} additionalAnnotations: {} + finalizers: + - resources-finalizer.argocd.argoproj.io # See PR #10026 (ArgoCD v2.5 or later) # goTemplate: false generators: diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index e8ae2134..606d6078 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -17,6 +17,10 @@ metadata: {{- with $appSetData.namespace }} namespace: {{ . }} {{- end }} + {{- with $appSetData.finalizers }} + finalizers: + {{- toYaml . | nindent 4 }} + {{- end }} spec: {{- if hasKey $appSetData "goTemplate" }} goTemplate: {{ $appSetData.goTemplate }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 1fad3941..127dc6a9 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -97,6 +97,8 @@ applicationsets: {} # namespace: argocd # additionalLabels: {} # additionalAnnotations: {} +# finalizers: +# - resources-finalizer.argocd.argoproj.io # # See PR #10026 (ArgoCD v2.5 or later) # # goTemplate: false # generators: From d61432be3c1e460e7037462b6b5d5f8f1bdcc6d7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 2 Oct 2024 09:46:40 +0900 Subject: [PATCH 1138/1248] fix(argo-workflows): Avoid to create ClusterRole for cluster template when singleNamespace (#2955) --- charts/argo-workflows/Chart.yaml | 6 +++--- .../controller/workflow-controller-cluster-roles.yaml | 2 +- .../templates/server/server-cluster-roles.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 29130932..20246486 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.42.4 +version: 0.42.5 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Scrape interval for metrics and telemetry data can now be set + - kind: fixed + description: Avoid to create ClusterRole for cluster template when singleNamespace diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 1b01b117..1e8f764c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -198,7 +198,7 @@ rules: - watch {{- end }} -{{- if .Values.controller.clusterWorkflowTemplates.enabled }} +{{- if and .Values.controller.clusterWorkflowTemplates.enabled (not .Values.singleNamespace) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index dbb5ff9f..f0953099 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -118,7 +118,7 @@ rules: - patch - delete -{{- if .Values.server.clusterWorkflowTemplates.enabled }} +{{- if and .Values.server.clusterWorkflowTemplates.enabled (not .Values.singleNamespace) }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole From bbb38b310dc80ddb51e1094765a68fc714c08204 Mon Sep 17 00:00:00 2001 From: killianmuldoon <47175296+killianmuldoon@users.noreply.github.com> Date: Thu, 3 Oct 2024 14:53:05 +0100 Subject: [PATCH 1139/1248] feat(argo-cd): Add affinity to redisSecretInit Job (#2962) feat: Add affinity to redisSecretInit Job Signed-off-by: killianmuldoon --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/redis-secret-init/job.yaml | 4 ++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 16b11ae6..4a70abc4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.4 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.7 +version: 7.6.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Arrange for ApplicationSet in any namespace. + - kind: added + description: Set affinity in redis secret-init job. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b44bb431..f0d146b1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1394,6 +1394,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | Key | Type | Default | Description | |-----|------|---------|-------------| +| redisSecretInit.affinity | object | `{}` | Assign custom [affinity] rules to the Redis secret-init Job | | redisSecretInit.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | | redisSecretInit.enabled | bool | `true` | Enable Redis secret initialization. If disabled, secret must be provisioned by alternative methods | | redisSecretInit.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis secret-init Job | diff --git a/charts/argo-cd/templates/redis-secret-init/job.yaml b/charts/argo-cd/templates/redis-secret-init/job.yaml index 8a280e35..5fd41f64 100644 --- a/charts/argo-cd/templates/redis-secret-init/job.yaml +++ b/charts/argo-cd/templates/redis-secret-init/job.yaml @@ -54,6 +54,10 @@ spec: priorityClassName: {{ . }} {{- end }} restartPolicy: OnFailure + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.redisSecretInit) }} + affinity: + {{- trim . | nindent 8 }} + {{- end }} {{- with .Values.redisSecretInit.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 70dfb347..be3cec78 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1725,6 +1725,9 @@ redisSecretInit: # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" + # -- Assign custom [affinity] rules to the Redis secret-init Job + affinity: {} + # -- Node selector to be added to the Redis secret-init Job # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} From 7a831569e9165564d0eb67d4416146c11ed6c7d7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 6 Oct 2024 10:19:07 +0200 Subject: [PATCH 1140/1248] chore(deps): bump github/codeql-action from 3.26.9 to 3.26.11 in the dependencies group (#2966) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 84395b6a..5ede643e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 + uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11 with: sarif_file: results.sarif From 566e009934a82b33bf86bf3c59de1b775d1bc1d2 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 7 Oct 2024 21:04:37 +0200 Subject: [PATCH 1141/1248] chore(deps): update actions/checkout action to v4.2.1 (#2969) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index c77544f0..d6b7833c 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -23,7 +23,7 @@ jobs: private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Self-hosted Renovate uses: renovatebot/github-action@a1ed1d0adddfdf138192d1fbe3150a80094dee6a # v40.3.1 From f6556f6ef03040a16068ddb9cd619717c958bfb9 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 9 Oct 2024 20:50:15 -0500 Subject: [PATCH 1142/1248] chore(deps): update renovatebot/github-action action to v40.3.2 (#2971) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index d6b7833c..569cbe9c 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Self-hosted Renovate - uses: renovatebot/github-action@a1ed1d0adddfdf138192d1fbe3150a80094dee6a # v40.3.1 + uses: renovatebot/github-action@b9486682a19fe4ea2dd1263c11b4e0c1fe1838fe # v40.3.2 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From cad02d827ac9472d3cc42206d97d87a76d5dfb46 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 12 Oct 2024 13:20:12 +0900 Subject: [PATCH 1143/1248] chore(deps): update renovatebot/github-action action to v40.3.3 (#2976) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 569cbe9c..95a0c045 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Self-hosted Renovate - uses: renovatebot/github-action@b9486682a19fe4ea2dd1263c11b4e0c1fe1838fe # v40.3.2 + uses: renovatebot/github-action@7743ec9e19ceeb61a3862c5d4131e6710195af11 # v40.3.3 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 3ec746187befd1ccfa6f0960800ac7c5080ee2fb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 12 Oct 2024 19:02:37 +0900 Subject: [PATCH 1144/1248] chore(deps): bump the dependencies group with 3 updates (#2977) --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 32bd1677..9ed46c41 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 3da3a390..34fcd94a 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 5ede643e..fde89921 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: persist-credentials: false @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11 + uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 with: sarif_file: results.sarif From 3ba89c1adde5c6846c88f913dcd13a988a0b3aef Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Tue, 15 Oct 2024 16:15:51 -0400 Subject: [PATCH 1145/1248] fix(argo-cd): add missing event permissions for run actions (#2980) Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/clusterrole.yaml | 2 -- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4a70abc4..cb2bed53 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.4 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.8 +version: 7.6.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Set affinity in redis secret-init job. + - kind: fixed + description: added missing events create for run actions diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index c1439b0c..db54cf35 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -23,9 +23,7 @@ rules: - events verbs: - list - {{- if (index .Values.configs.params "application.namespaces") }} - create - {{- end }} - apiGroups: - "" resources: From 3c24fa1bfd4ebea347b0df8224cb5159f075e6cc Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 07:40:33 +0200 Subject: [PATCH 1146/1248] chore(deps): update renovatebot/github-action action to v40.3.4 (#2981) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 95a0c045..96ead3ff 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Self-hosted Renovate - uses: renovatebot/github-action@7743ec9e19ceeb61a3862c5d4131e6710195af11 # v40.3.3 + uses: renovatebot/github-action@80eaf969abf68ad62aa94d9ab392421b31621634 # v40.3.4 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From f0c5ccc32a4282c55d1dc33bf7cdb4f6d18fea2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Gaci=C4=85g?= <9296199+adisong@users.noreply.github.com> Date: Wed, 16 Oct 2024 14:00:22 +0200 Subject: [PATCH 1147/1248] fix(argo-cd): fixed shard value in clusterCredentials Secret (#2982) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Adrian Gaciąg <9296199+adisong@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cb2bed53..5b5f5119 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.12.4 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.9 +version: 7.6.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: added missing events create for run actions + description: fixed shard value in cluster credentials Secret to be string diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index 0b4b1e11..d317eac2 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -20,7 +20,7 @@ metadata: type: Opaque stringData: {{- if $cluster_value.shard }} - shard: {{ $cluster_value.shard }} + shard: {{ $cluster_value.shard | quote }} {{- end }} name: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.name entry is required!" $cluster_key }} server: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.server entry is required!" $cluster_value.server }} From 168350f803585847fe6f14c94e914114e4c71993 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 18 Oct 2024 08:16:15 +0100 Subject: [PATCH 1148/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.12.5 (#2983) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5b5f5119..740ccf1d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.12.4 +appVersion: v2.12.5 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.10 +version: 7.6.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: fixed shard value in cluster credentials Secret to be string + - kind: changed + description: Bump argo-cd to v2.12.5 From b311cd20f0ce082660b7b688f2a2edb20e3a3760 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 18 Oct 2024 20:27:03 +0100 Subject: [PATCH 1149/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.12.6 (#2984) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 740ccf1d..41d1b3b8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.12.5 +appVersion: v2.12.6 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.11 +version: 7.6.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.12.5 + description: Bump argo-cd to v2.12.6 From 0d2e23fe5d7ac59dd1eb89ce6effa1cfef597656 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 19 Oct 2024 07:57:50 -0500 Subject: [PATCH 1150/1248] chore(deps): bump github/codeql-action from 3.26.12 to 3.26.13 in the dependencies group (#2985) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index fde89921..08f648f3 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 + uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 with: sarif_file: results.sarif From 85121e84515910947759fd91fa7c0ae6bec1df58 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 23 Oct 2024 12:32:29 -0500 Subject: [PATCH 1151/1248] chore(deps): update actions/checkout action to v4.2.2 (#2990) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 96ead3ff..80ead27d 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -23,7 +23,7 @@ jobs: private-key: ${{ secrets.RENOVATE_APP_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate uses: renovatebot/github-action@80eaf969abf68ad62aa94d9ab392421b31621634 # v40.3.4 From 909ece4d5937c25ee663dc0befad9811ef6e9ebe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 26 Oct 2024 05:11:41 -0500 Subject: [PATCH 1152/1248] chore(deps): bump the dependencies group with 4 updates (#2995) --- .github/workflows/lint-and-test.yml | 6 +++--- .github/workflows/pr-sizing.yml | 2 +- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 9ed46c41..188f37be 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: 3.9 diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 660b9385..9bde9db4 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -25,6 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - uses: pascalgn/size-label-action@be08a2d5f857dc99c5b9426cdb5a8ea1aa7f0399 # v0.5.4 + - uses: pascalgn/size-label-action@f8edde36b3be04b4f65dcfead05dc8691b374348 # v0.5.5 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 34fcd94a..2e74eab1 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 08f648f3..13a9b58c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 with: sarif_file: results.sarif From ba2b0493994a4cd67f64686dfe405a65a55cd1a1 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 30 Oct 2024 19:40:18 +0900 Subject: [PATCH 1153/1248] feat(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.15.0 (#2992) * chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.15.0 Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> * feat(argocd-image-updater): update as following upstream Signed-off-by: yu-croco * fix(argocd-image-updater): add permission when createClusterRoles is false Signed-off-by: yu-croco --------- Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Signed-off-by: yu-croco Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argocd-image-updater/Chart.yaml | 6 +-- charts/argocd-image-updater/README.md | 1 + .../argocd-image-updater/templates/rbac.yaml | 53 +++++++++++++++---- charts/argocd-image-updater/values.yaml | 5 ++ 4 files changed, 53 insertions(+), 12 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index c358515f..df988cd0 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.11.0 -appVersion: v0.14.0 +version: 0.11.1 +appVersion: v0.15.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argocd-image-updater to v0.14.0 + description: Bump argocd-image-updater to v0.15.0 diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 5e51a8cd..7a35b881 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -87,6 +87,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.logLevel | string | `"info"` | Argo CD Image Update log level | | config.registries | list | `[]` | Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | | config.sshConfig | object | `{}` | Argo CD Image Updater ssh client parameter configuration. | +| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | | extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | | extraEnvFrom | list | `[]` | Extra envFrom to pass to argocd-image-updater | diff --git a/charts/argocd-image-updater/templates/rbac.yaml b/charts/argocd-image-updater/templates/rbac.yaml index 50d75876..0f631108 100644 --- a/charts/argocd-image-updater/templates/rbac.yaml +++ b/charts/argocd-image-updater/templates/rbac.yaml @@ -17,21 +17,14 @@ rules: - get - list - watch - - apiGroups: - - argoproj.io - resources: - - applications - verbs: - - get - - list - - update - - patch + {{- if not .Values.createClusterRoles }} - apiGroups: - "" resources: - events verbs: - create + {{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -49,3 +42,45 @@ subjects: name: {{ include "argocd-image-updater.serviceAccountName" . }} namespace: {{ include "argocd-image-updater.namespace" . | quote }} {{- end }} +--- +{{- if and .Values.rbac.enabled .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + name: {{ include "argocd-image-updater.fullname" . }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} +rules: + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - argoproj.io + resources: + - applications + verbs: + - get + - list + - update + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + {{- include "argocd-image-updater.labels" . | nindent 4 }} + name: {{ include "argocd-image-updater.fullname" . }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "argocd-image-updater.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "argocd-image-updater.serviceAccountName" . }} + namespace: {{ include "argocd-image-updater.namespace" . | quote }} +{{- end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 19291de9..4825833e 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -20,6 +20,11 @@ fullnameOverride: "" # -- Global namespace (argocd-image-updater.namespace in _helpers.tpl) override namespaceOverride: "" +# -- Create cluster roles for cluster-wide installation. +## Used when you manage applications in the same cluster where Argo CD Image Updater runs. +## If you want to use this, please set `.Values.rbac.enabled` true as well. +createClusterRoles: true + # -- Extra arguments for argocd-image-updater not defined in `config.argocd`. # If a flag contains both key and value, they need to be split to a new entry extraArgs: [] From d5438bf6b3a99044a515315dd52401c68ca86417 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 30 Oct 2024 06:55:05 -0500 Subject: [PATCH 1154/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v38.135.2 (#3001) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 80ead27d..8d1d7a7b 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 38.59.2 + renovate-version: 38.135.2 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From d17587e34710b8b724dce2f0248b49d86260be1e Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 30 Oct 2024 22:24:35 +0900 Subject: [PATCH 1155/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.12 (#3002) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 20246486..152d3403 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.11 +appVersion: v3.5.12 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.42.5 +version: 0.42.6 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Avoid to create ClusterRole for cluster template when singleNamespace + - kind: changed + description: Bump argo-workflows to v3.5.12 From ec2f23a3045e35a3787a875391b38148b1a69f12 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 1 Nov 2024 00:13:52 -0500 Subject: [PATCH 1156/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v38.141.1 (#3005) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 8d1d7a7b..b4ad67dc 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 38.135.2 + renovate-version: 38.141.1 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From 5a57de40a8e0a3f22ab084ee18224cf4e9e0e667 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 2 Nov 2024 08:23:44 +0900 Subject: [PATCH 1157/1248] feat(argo-workflows): Support lifecycle and terminationGracePeriodSeconds for server (#2997) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ .../argo-workflows/templates/server/server-deployment.yaml | 7 +++++++ charts/argo-workflows/values.yaml | 6 ++++++ 4 files changed, 18 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 152d3403..cf7daa93 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.12 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.42.6 +version: 0.42.7 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-workflows to v3.5.12 + - kind: added + description: Support lifecycle and terminationGracePeriodSeconds for server diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 7c6774ca..965656af 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -306,6 +306,7 @@ Fields to note: | server.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | | server.ingress.paths | list | `["/"]` | List of ingress paths | | server.ingress.tls | list | `[]` | Ingress TLS configuration | +| server.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for server container | | server.loadBalancerClass | string | `""` | The class of the load balancer implementation | | server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` | | server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | @@ -351,6 +352,7 @@ Fields to note: | server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | | server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | | server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | +| server.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | server.tmpVolume | object | `{"emptyDir":{}}` | Volume to be mounted in Pods for temporary files. | | server.tolerations | list | `[]` | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the argo server | diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index a4b8df7b..ce0efa78 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -108,9 +108,16 @@ spec: {{- with .Values.server.volumeMounts }} {{- toYaml . | nindent 10}} {{- end }} + {{- with .Values.server.lifecycle }} + lifecycle: + {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.server.extraContainers }} {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ . }} + {{- end }} {{- with .Values.images.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 646ffc39..75135854 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -760,6 +760,12 @@ server: # -- Enables init containers to be added to the server deployment extraInitContainers: [] + # -- Specify postStart and preStop lifecycle hooks for server container + lifecycle: {} + + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Array of extra K8s manifests to deploy extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 From baef862c36c131d3cfb3764abbe2482317463518 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 16:30:47 +0900 Subject: [PATCH 1158/1248] chore(deps): update renovatebot/github-action action to v40.3.5 (#3008) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index b4ad67dc..ee154574 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@80eaf969abf68ad62aa94d9ab392421b31621634 # v40.3.4 + uses: renovatebot/github-action@28bcd5c4900a4353b5c9af9e1bd61dd6377f0f0d # v40.3.5 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 69f3eddca8c049ff0a7bae351d44fb7ea8900c6a Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Tue, 5 Nov 2024 00:59:47 +0100 Subject: [PATCH 1159/1248] feat(argo-cd): Update to Argo CD 2.13 (#2999) --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 2 +- .../deployment.yaml | 27 + .../statefulset.yaml | 27 + .../argocd-applicationset/deployment.yaml | 6 + .../argocd-notifications/deployment.yaml | 6 + .../templates/argocd-server/clusterrole.yaml | 11 +- .../templates/argocd-server/deployment.yaml | 39 + .../templates/crds/crd-application.yaml | 347 +++++++ .../templates/crds/crd-applicationset.yaml | 912 ++++++++++++++++++ .../argo-cd/templates/crds/crd-project.yaml | 26 + charts/argo-cd/templates/dex/deployment.yaml | 12 + charts/argo-cd/values.yaml | 2 +- 13 files changed, 1413 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 41d1b3b8..f93ef2d9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.12.6 +appVersion: v2.13.0 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.6.12 +version: 7.7.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.12.6 + description: Bump argo-cd to v2.13.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f0d146b1..c14be77a 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1164,7 +1164,7 @@ NAME: my-release | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.38.0"` | Dex image tag | +| dex.image.tag | string | `"v2.41.1"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 32205efd..e61a8525 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -157,6 +157,24 @@ spec: name: argocd-cmd-params-cm key: controller.self.heal.timeout.seconds optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_FACTOR + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.factor + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_CAP_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.cap.seconds + optional: true - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT valueFrom: configMapKeyRef: @@ -325,6 +343,8 @@ spec: name: argocd-repo-server-tls - mountPath: /home/argocd name: argocd-home + - name: argocd-cmd-params-cm + mountPath: /home/argocd/params {{- with .Values.controller.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} @@ -378,6 +398,13 @@ spec: path: tls.key - key: ca.crt path: ca.crt + - name: argocd-cmd-params-cm + configMap: + optional: true + name: argocd-cmd-params-cm + items: + - key: controller.profile.enabled + path: profiler.enabled {{- if .Values.controller.hostNetwork }} hostNetwork: {{ .Values.controller.hostNetwork }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 3c644c69..70620df6 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -156,6 +156,24 @@ spec: name: argocd-cmd-params-cm key: controller.self.heal.timeout.seconds optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.timeout.seconds + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_FACTOR + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.factor + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_CAP_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.cap.seconds + optional: true - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT valueFrom: configMapKeyRef: @@ -324,6 +342,8 @@ spec: name: argocd-repo-server-tls - mountPath: /home/argocd name: argocd-home + - name: argocd-cmd-params-cm + mountPath: /home/argocd/params {{- with .Values.controller.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} @@ -376,6 +396,13 @@ spec: path: tls.key - key: ca.crt path: ca.crt + - name: argocd-cmd-params-cm + configMap: + optional: true + name: argocd-cmd-params-cm + items: + - key: controller.profile.enabled + path: profiler.enabled {{- if .Values.controller.hostNetwork }} hostNetwork: {{ .Values.controller.hostNetwork }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 9af597b2..303106b5 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -205,6 +205,12 @@ spec: name: argocd-cmd-params-cm key: applicationsetcontroller.enable.scm.providers optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_WEBHOOK_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.webhook.parallelism.limit + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 85d58e2b..cee627d5 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -102,6 +102,12 @@ spec: key: notificationscontroller.selfservice.enabled name: argocd-cmd-params-cm optional: true + - name: ARGOCD_NOTIFICATION_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + key: notificationscontroller.repo.server.plaintext + name: argocd-cmd-params-cm + optional: true {{- with .Values.notifications.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index db54cf35..b6c5f81f 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -14,15 +14,16 @@ rules: resources: - '*' verbs: - - delete - - get - - patch + - delete # supports deletion a live object in UI + - get # supports viewing live object manifest in UI + - patch # supports `argocd app patch` + - list # supports `argocd appset generate` with cluster generator - apiGroups: - "" resources: - events verbs: - - list + - list # supports listing events in UI - create - apiGroups: - "" @@ -30,7 +31,7 @@ rules: - pods - pods/log verbs: - - get + - get # supports viewing pod logs from UI {{- if eq (toString (index .Values.configs.cm "exec.enabled")) "true" }} - apiGroups: - "" diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index f015c847..b0cecd6c 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -343,6 +343,36 @@ spec: name: argocd-cmd-params-cm key: server.api.content.types optional: true + - name: ARGOCD_SERVER_WEBHOOK_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.webhook.parallelism.limit + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.new.git.file.globbing + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.scm.root.ca.path + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.allowed.scm.providers + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.enable.scm.providers + optional: true {{- with .Values.server.envFrom }} envFrom: {{- toYaml . | nindent 10 }} @@ -365,6 +395,8 @@ spec: name: styles - mountPath: /tmp name: tmp + - name: argocd-cmd-params-cm + mountPath: /home/argocd/params {{- if .Values.server.extensions.enabled }} - mountPath: /tmp/extensions name: extensions @@ -513,6 +545,13 @@ spec: path: tls.crt - key: ca.crt path: ca.crt + - name: argocd-cmd-params-cm + configMap: + optional: true + name: argocd-cmd-params-cm + items: + - key: server.profile.enabled + path: profiler.enabled {{- if .Values.server.hostNetwork }} hostNetwork: {{ .Values.server.hostNetwork }} {{- end }} diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 1b75cebd..2874d885 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -244,6 +244,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -265,6 +272,16 @@ spec: from failing when valueFiles do not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination + namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest @@ -322,6 +339,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -361,6 +385,11 @@ spec: definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or not @@ -580,6 +609,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -601,6 +637,16 @@ spec: from failing when valueFiles do not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination + namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -659,6 +705,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -700,6 +753,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or not @@ -1035,6 +1093,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -1056,6 +1121,15 @@ spec: from failing when valueFiles do not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation @@ -1112,6 +1186,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -1150,6 +1231,11 @@ spec: definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or not @@ -1362,6 +1448,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -1383,6 +1476,16 @@ spec: from failing when valueFiles do not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination + namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest @@ -1440,6 +1543,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -1479,6 +1589,11 @@ spec: definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or not @@ -1854,6 +1969,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -1875,6 +1997,16 @@ spec: from failing when valueFiles do not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template + with. If left empty, defaults to the app's destination + namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -1933,6 +2065,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -1974,6 +2113,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or not @@ -2192,6 +2336,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -2214,6 +2365,16 @@ spec: template from failing when valueFiles do not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to + template with. If left empty, defaults to the app's + destination namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -2274,6 +2435,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -2315,6 +2483,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or @@ -2673,6 +2846,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -2697,6 +2877,16 @@ spec: not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace + to template with. If left empty, defaults to + the app's destination namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command @@ -2759,6 +2949,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -2801,6 +2998,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors @@ -3030,6 +3232,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -3054,6 +3263,16 @@ spec: do not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace + to template with. If left empty, defaults + to the app's destination namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command @@ -3118,6 +3337,13 @@ spec: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -3161,6 +3387,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource @@ -3510,6 +3741,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -3532,6 +3770,16 @@ spec: template from failing when valueFiles do not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to + template with. If left empty, defaults to the app's + destination namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -3592,6 +3840,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -3633,6 +3888,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or @@ -3858,6 +4118,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -3882,6 +4149,16 @@ spec: locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace + to template with. If left empty, defaults to the + app's destination namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command @@ -3944,6 +4221,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -3986,6 +4270,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or @@ -4358,6 +4647,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -4380,6 +4676,16 @@ spec: template from failing when valueFiles do not exist locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to + template with. If left empty, defaults to the app's + destination namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -4440,6 +4746,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -4481,6 +4794,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or @@ -4706,6 +5024,13 @@ spec: helm: description: Helm holds helm specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array fileParameters: description: FileParameters are file parameters to the helm template @@ -4730,6 +5055,16 @@ spec: locally by not appending them to helm template --values type: boolean + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace + to template with. If left empty, defaults to the + app's destination namespace. + type: string parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command @@ -4792,6 +5127,13 @@ spec: kustomize: description: Kustomize holds kustomize specific options properties: + apiVersions: + description: |- + APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, + Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -4834,6 +5176,11 @@ spec: image definition in the format [old_image_name=]: type: string type: array + kubeVersion: + description: |- + KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD + uses the Kubernetes version of the target cluster. + type: string labelWithoutSelector: description: LabelWithoutSelector specifies whether to apply common labels to resource selectors or diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 899c5d09..6cf09222 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -62,11 +62,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -204,6 +206,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -215,6 +221,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -246,6 +256,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -268,6 +282,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -420,6 +436,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -431,6 +451,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -462,6 +486,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -484,6 +512,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -659,11 +689,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -796,6 +828,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -807,6 +843,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -838,6 +878,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -860,6 +904,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -1012,6 +1058,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -1023,6 +1073,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -1054,6 +1108,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -1076,6 +1134,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -1391,6 +1451,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -1402,6 +1466,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -1433,6 +1501,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -1455,6 +1527,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -1607,6 +1681,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -1618,6 +1696,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -1649,6 +1731,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -1671,6 +1757,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -1966,6 +2054,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -1977,6 +2069,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -2008,6 +2104,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -2030,6 +2130,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -2182,6 +2284,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -2193,6 +2299,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -2224,6 +2334,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -2246,6 +2360,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -2422,11 +2538,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2564,6 +2682,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -2575,6 +2697,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -2606,6 +2732,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -2628,6 +2758,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -2780,6 +2912,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -2791,6 +2927,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -2822,6 +2962,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -2844,6 +2988,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -3019,11 +3165,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -3156,6 +3304,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -3167,6 +3319,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -3198,6 +3354,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -3220,6 +3380,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -3372,6 +3534,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -3383,6 +3549,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -3414,6 +3584,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -3436,6 +3610,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -3751,6 +3927,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -3762,6 +3942,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -3793,6 +3977,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -3815,6 +4003,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -3967,6 +4157,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -3978,6 +4172,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -4009,6 +4207,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -4031,6 +4233,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -4326,6 +4530,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -4337,6 +4545,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -4368,6 +4580,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -4390,6 +4606,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -4542,6 +4760,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -4553,6 +4775,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -4584,6 +4810,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -4606,6 +4836,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -4909,6 +5141,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -4920,6 +5156,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -4951,6 +5191,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -4973,6 +5217,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -5125,6 +5371,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -5136,6 +5386,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -5167,6 +5421,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -5189,6 +5447,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -5447,6 +5707,33 @@ spec: - passwordRef - username type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean project: type: string repo: @@ -5522,6 +5809,16 @@ spec: properties: api: type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object insecure: type: boolean labels: @@ -5674,6 +5971,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -5685,6 +5986,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -5716,6 +6021,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -5738,6 +6047,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -5890,6 +6201,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -5901,6 +6216,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -5932,6 +6251,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -5954,6 +6277,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -6202,6 +6527,33 @@ spec: - passwordRef - username type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean project: type: string required: @@ -6282,6 +6634,16 @@ spec: type: boolean api: type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object group: type: string includeSharedProjects: @@ -6434,6 +6796,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -6445,6 +6811,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -6476,6 +6846,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -6498,6 +6872,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -6650,6 +7026,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -6661,6 +7041,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -6692,6 +7076,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -6714,6 +7102,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -6885,11 +7275,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -7024,6 +7416,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -7035,6 +7431,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -7066,6 +7466,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -7088,6 +7492,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -7240,6 +7646,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -7251,6 +7661,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -7282,6 +7696,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -7304,6 +7722,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -7482,11 +7902,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -7624,6 +8046,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -7635,6 +8061,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -7666,6 +8096,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -7688,6 +8122,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -7840,6 +8276,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -7851,6 +8291,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -7882,6 +8326,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -7904,6 +8352,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -8079,11 +8529,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -8216,6 +8668,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -8227,6 +8683,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -8258,6 +8718,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -8280,6 +8744,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -8432,6 +8898,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -8443,6 +8913,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -8474,6 +8948,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -8496,6 +8974,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -8811,6 +9291,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -8822,6 +9306,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -8853,6 +9341,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -8875,6 +9367,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -9027,6 +9521,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -9038,6 +9536,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -9069,6 +9571,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -9091,6 +9597,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -9386,6 +9894,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -9397,6 +9909,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -9428,6 +9944,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -9450,6 +9970,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -9602,6 +10124,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -9613,6 +10139,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -9644,6 +10174,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -9666,6 +10200,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -9969,6 +10505,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -9980,6 +10520,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -10011,6 +10555,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -10033,6 +10581,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -10185,6 +10735,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -10196,6 +10750,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -10227,6 +10785,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -10249,6 +10811,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -10507,6 +11071,33 @@ spec: - passwordRef - username type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean project: type: string repo: @@ -10582,6 +11173,16 @@ spec: properties: api: type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object insecure: type: boolean labels: @@ -10734,6 +11335,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -10745,6 +11350,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -10776,6 +11385,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -10798,6 +11411,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -10950,6 +11565,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -10961,6 +11580,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -10992,6 +11615,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -11014,6 +11641,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -11262,6 +11891,33 @@ spec: - passwordRef - username type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean project: type: string required: @@ -11342,6 +11998,16 @@ spec: type: boolean api: type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object group: type: string includeSharedProjects: @@ -11494,6 +12160,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -11505,6 +12175,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -11536,6 +12210,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -11558,6 +12236,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -11710,6 +12390,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -11721,6 +12405,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -11752,6 +12440,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -11774,6 +12466,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -11945,11 +12639,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -12088,6 +12784,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -12099,6 +12799,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -12130,6 +12834,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -12152,6 +12860,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -12304,6 +13014,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -12315,6 +13029,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -12346,6 +13064,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -12368,6 +13090,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -12670,6 +13394,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -12681,6 +13409,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -12712,6 +13444,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -12734,6 +13470,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -12886,6 +13624,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -12897,6 +13639,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -12928,6 +13674,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -12950,6 +13700,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -13208,6 +13960,33 @@ spec: - passwordRef - username type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean project: type: string repo: @@ -13283,6 +14062,16 @@ spec: properties: api: type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object insecure: type: boolean labels: @@ -13435,6 +14224,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -13446,6 +14239,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -13477,6 +14274,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -13499,6 +14300,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -13651,6 +14454,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -13662,6 +14469,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -13693,6 +14504,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -13715,6 +14530,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -13963,6 +14780,33 @@ spec: - passwordRef - username type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object + insecure: + type: boolean project: type: string required: @@ -14043,6 +14887,16 @@ spec: type: boolean api: type: string + caRef: + properties: + configMapName: + type: string + key: + type: string + required: + - configMapName + - key + type: object group: type: string includeSharedProjects: @@ -14195,6 +15049,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -14206,6 +15064,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -14237,6 +15099,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -14259,6 +15125,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -14411,6 +15279,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -14422,6 +15294,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -14453,6 +15329,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -14475,6 +15355,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -14646,11 +15528,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -14860,6 +15744,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -14871,6 +15759,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -14902,6 +15794,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -14924,6 +15820,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: @@ -15076,6 +15974,10 @@ spec: type: object helm: properties: + apiVersions: + items: + type: string + type: array fileParameters: items: properties: @@ -15087,6 +15989,10 @@ spec: type: array ignoreMissingValueFiles: type: boolean + kubeVersion: + type: string + namespace: + type: string parameters: items: properties: @@ -15118,6 +16024,10 @@ spec: type: object kustomize: properties: + apiVersions: + items: + type: string + type: array commonAnnotations: additionalProperties: type: string @@ -15140,6 +16050,8 @@ spec: items: type: string type: array + kubeVersion: + type: string labelWithoutSelector: type: boolean namePrefix: diff --git a/charts/argo-cd/templates/crds/crd-project.yaml b/charts/argo-cd/templates/crds/crd-project.yaml index f9910152..1865aa2d 100644 --- a/charts/argo-cd/templates/crds/crd-project.yaml +++ b/charts/argo-cd/templates/crds/crd-project.yaml @@ -96,6 +96,32 @@ spec: description: description: Description contains optional project description type: string + destinationServiceAccounts: + description: DestinationServiceAccounts holds information about the + service accounts to be impersonated for the application sync operation + for each destination. + items: + description: ApplicationDestinationServiceAccount holds information + about the service account to be impersonated for the application + sync operation. + properties: + defaultServiceAccount: + description: DefaultServiceAccount to be used for impersonation + during the sync operation + type: string + namespace: + description: Namespace specifies the target namespace for the + application's resources. + type: string + server: + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. + type: string + required: + - defaultServiceAccount + - server + type: object + type: array destinations: description: Destinations contains list of destinations available for deployment diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index fa11aef6..4c6209ad 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -83,6 +83,18 @@ spec: {{- with (concat .Values.global.env .Values.dex.env) }} {{- toYaml . | nindent 10 }} {{- end }} + - name: ARGOCD_DEX_SERVER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: dexserver.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_DEX_SERVER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: dexserver.log.level + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_DEX_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index be3cec78..97cc2a1e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1010,7 +1010,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.38.0 + tag: v2.41.1 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 1c95f37c68340326bd7fe1264d23fc1f35774a18 Mon Sep 17 00:00:00 2001 From: Robert Macaulay Date: Thu, 7 Nov 2024 17:17:27 -0600 Subject: [PATCH 1160/1248] fix(argo-rollouts): plugin block rendering was incorrect (#3014) * Fix the plugin block rendering Signed-off-by: Robert Macaulay * fixed chart.yaml Signed-off-by: Robert Macaulay * Update charts/argo-rollouts/Chart.yaml Co-authored-by: Marco Maurer (-Kilchhofer) Signed-off-by: Robert Macaulay --------- Signed-off-by: Robert Macaulay Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/templates/controller/configmap.yaml | 6 ++++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 44abcb53..bd4cf96c 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.7 +version: 2.37.8 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add description for manual secret creation + - kind: fixed + description: Fixed rendering of plugins in the ConfigMap diff --git a/charts/argo-rollouts/templates/controller/configmap.yaml b/charts/argo-rollouts/templates/controller/configmap.yaml index 1978b2b6..a1971ab9 100644 --- a/charts/argo-rollouts/templates/controller/configmap.yaml +++ b/charts/argo-rollouts/templates/controller/configmap.yaml @@ -8,8 +8,10 @@ metadata: {{- include "argo-rollouts.labels" . | nindent 4 }} data: {{- with .Values.controller.metricProviderPlugins }} - {{- toYaml . | nindent 2 }} + metricProviderPlugins: |- + {{- toYaml . | nindent 4 }} {{- end }} {{- with .Values.controller.trafficRouterPlugins }} - {{- toYaml . | nindent 2 }} + trafficRouterPlugins: |- + {{- toYaml . | nindent 4 }} {{- end }} From 09b5c1a75451d5cb3b5edf8d28b35c82e67764ed Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 8 Nov 2024 15:28:58 +0100 Subject: [PATCH 1161/1248] chore(deps): update renovatebot/github-action action to v40.3.6 (#3016) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index ee154574..c8410dc7 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@28bcd5c4900a4353b5c9af9e1bd61dd6377f0f0d # v40.3.5 + uses: renovatebot/github-action@0984fb80fc633b17e57f3e8b6c007fe0dc3e0d62 # v40.3.6 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From c19cba01f8b014aece37f326b732afc66c634525 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 8 Nov 2024 21:43:53 -0600 Subject: [PATCH 1162/1248] chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.15.1 (#3019) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argocd-image-updater/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index df988cd0..f74772f9 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.11.1 -appVersion: v0.15.0 +version: 0.11.2 +appVersion: v0.15.1 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argocd-image-updater to v0.15.0 + description: Bump argocd-image-updater to v0.15.1 From 2aea9e4cab11af366bd2ba3b11ba082a01636ca2 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 9 Nov 2024 18:39:46 +0900 Subject: [PATCH 1163/1248] chore(deps): update renovatebot/github-action action to v41 (#3017) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index c8410dc7..1cc60f28 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@0984fb80fc633b17e57f3e8b6c007fe0dc3e0d62 # v40.3.6 + uses: renovatebot/github-action@67a664fc9b4481b33a3eff6ee9edfb7a7b9dfa1e # v41.0.2 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 0f79d5af86d63dca501d2ae1f9ad327e2384b6e3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Nov 2024 23:38:59 +0100 Subject: [PATCH 1164/1248] chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1 in the dependencies group (#3020) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 13a9b58c..e2766c9c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 + uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1 with: sarif_file: results.sarif From 0061e14563571f1cd0447fcac0e90407a600bbc4 Mon Sep 17 00:00:00 2001 From: Etienne Divet <87660346+enneitex@users.noreply.github.com> Date: Sun, 10 Nov 2024 02:42:00 +0100 Subject: [PATCH 1165/1248] feat(argo-cd): Add honorLabels config for ServiceMonitor resources (#3018) add honorLabels config for ServiceMonitor resources Signed-off-by: DIVET Etienne Co-authored-by: DIVET Etienne Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 7 +++++++ .../servicemonitor.yaml | 1 + .../argocd-applicationset/servicemonitor.yaml | 1 + .../argocd-notifications/servicemonitor.yaml | 1 + .../argocd-repo-server/servicemonitor.yaml | 1 + .../templates/argocd-server/servicemonitor.yaml | 1 + charts/argo-cd/templates/dex/servicemonitor.yaml | 1 + charts/argo-cd/templates/redis/servicemonitor.yaml | 1 + charts/argo-cd/values.yaml | 14 ++++++++++++++ 10 files changed, 30 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f93ef2d9..f98e502c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.0 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.0 +version: 7.7.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.13.0 + description: add honorLabels config for ServiceMonitor resources diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index c14be77a..db52b9da 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -834,6 +834,7 @@ NAME: my-release | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | controller.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.metrics.serviceMonitor.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. | | controller.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | controller.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | @@ -928,6 +929,7 @@ NAME: my-release | repoServer.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | repoServer.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | repoServer.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| repoServer.metrics.serviceMonitor.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. | | repoServer.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | repoServer.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | repoServer.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | @@ -1078,6 +1080,7 @@ NAME: my-release | server.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | server.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | server.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| server.metrics.serviceMonitor.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. | | server.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | server.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | server.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | @@ -1189,6 +1192,7 @@ NAME: my-release | dex.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | dex.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | dex.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| dex.metrics.serviceMonitor.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. | | dex.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | dex.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | dex.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | @@ -1291,6 +1295,7 @@ NAME: my-release | redis.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | redis.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | redis.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| redis.metrics.serviceMonitor.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. | | redis.metrics.serviceMonitor.interval | string | `"30s"` | Interval at which metrics should be scraped | | redis.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | redis.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | @@ -1483,6 +1488,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| applicationSet.metrics.serviceMonitor.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. | | applicationSet.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | | applicationSet.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | applicationSet.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | @@ -1570,6 +1576,7 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| notifications.metrics.serviceMonitor.honorLabels | bool | `false` | When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. | | notifications.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | | notifications.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | | notifications.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index a9edaf54..d1912470 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -34,6 +34,7 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + honorLabels: {{ .Values.controller.metrics.serviceMonitor.honorLabels }} {{- with .Values.controller.metrics.serviceMonitor.scheme }} scheme: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index 8fac6a8d..52d70700 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -34,6 +34,7 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + honorLabels: {{ .Values.applicationSet.metrics.serviceMonitor.honorLabels }} {{- with .Values.applicationSet.metrics.serviceMonitor.scheme }} scheme: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 0d2c704f..22b882a6 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -41,6 +41,7 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + honorLabels: {{ .Values.notifications.metrics.serviceMonitor.honorLabels }} namespaceSelector: matchNames: - {{ include "argo-cd.namespace" . }} diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 70995398..b02ba7a4 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -35,6 +35,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.repoServer.metrics.serviceMonitor.scheme }} + honorLabels: {{ .Values.repoServer.metrics.serviceMonitor.honorLabels }} scheme: {{ . }} {{- end }} {{- with .Values.repoServer.metrics.serviceMonitor.tlsConfig }} diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 74902ef0..49c24138 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -34,6 +34,7 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + honorLabels: {{ .Values.server.metrics.serviceMonitor.honorLabels }} {{- with .Values.server.metrics.serviceMonitor.scheme }} scheme: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 2c03e597..93c9fa32 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -31,6 +31,7 @@ spec: metricRelabelings: {{- toYaml . |nindent 8 }} {{- end }} + honorLabels: {{ .Values.dex.metrics.serviceMonitor.honorLabels }} {{- with .Values.dex.metrics.serviceMonitor.scheme }} scheme: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index 4132c1ce..4710d286 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -32,6 +32,7 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} + honorLabels: {{ .Values.redis.metrics.serviceMonitor.honorLabels }} {{- with .Values.redis.metrics.serviceMonitor.scheme }} scheme: {{ . }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 97cc2a1e..1694cc5a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -874,6 +874,8 @@ controller: enabled: false # -- Prometheus ServiceMonitor interval interval: 30s + # -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. + honorLabels: false # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion @@ -970,6 +972,8 @@ dex: enabled: false # -- Prometheus ServiceMonitor interval interval: 30s + # -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. + honorLabels: false # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion @@ -1529,6 +1533,8 @@ redis: enabled: false # -- Interval at which metrics should be scraped interval: 30s + # -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. + honorLabels: false # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion @@ -2164,6 +2170,8 @@ server: interval: 30s # -- Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. scrapeTimeout: "" + # -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. + honorLabels: false # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion @@ -2739,6 +2747,8 @@ repoServer: interval: 30s # -- Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. scrapeTimeout: "" + # -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. + honorLabels: false # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion @@ -2900,6 +2910,8 @@ applicationSet: interval: 30s # -- Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target's scrape interval value in which the latter is used. scrapeTimeout: "" + # -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. + honorLabels: false # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion @@ -3314,6 +3326,8 @@ notifications: scheme: "" # -- Prometheus ServiceMonitor tlsConfig tlsConfig: {} + # -- When true, honorLabels preserves the metric’s labels when they collide with the target’s labels. + honorLabels: false # -- Prometheus [RelabelConfigs] to apply to samples before scraping relabelings: [] # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion From 7a8cdf08430cab7d57e02d0a9024e7d79bc7bedf Mon Sep 17 00:00:00 2001 From: Frans Guelinckx Date: Tue, 12 Nov 2024 17:28:33 +0100 Subject: [PATCH 1166/1248] chore(argo-cd): Update Redis image to 7.4.1 (#3023) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f98e502c..1e50e313 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.0 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.1 +version: 7.7.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: add honorLabels config for ServiceMonitor resources + description: Updated Redis image tag to 7.4.1 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index db52b9da..8d8eb50d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1276,7 +1276,7 @@ NAME: my-release | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.2.4-alpine"` | Redis tag | +| redis.image.tag | string | `"7.4.1-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis server | @@ -1362,7 +1362,7 @@ The main options are listed here: | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | | redis-ha.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis-ha.image.tag | string | `"7.2.4-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.4.1-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1694cc5a..fd390237 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1278,7 +1278,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.2.4-alpine + tag: 7.4.1-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1564,7 +1564,7 @@ redis-ha: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.2.4-alpine + tag: 7.4.1-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar From 936101865d3090183fc4979546685ece7f78ac23 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 13 Nov 2024 19:57:10 +0900 Subject: [PATCH 1167/1248] chore(argo-cd): Upgrade redis-ha (#3026) Signed-off-by: yu-croco --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 309790fc..36656a14 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.27.6 -digest: sha256:69c6b20682f0a2a8044b71731b7c656a57118088a7b3611f59217b537167af2e -generated: "2024-08-28T13:02:33.763307+02:00" + version: 4.29.4 +digest: sha256:1257baf1c5e0db036af659d44095223e28ac0c9ec1ed8300a02d5def2281c9c7 +generated: "2024-11-13T09:07:36.494128+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1e50e313..a77f020a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.0 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.2 +version: 7.7.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,7 +18,7 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.27.6 + version: 4.29.4 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Updated Redis image tag to 7.4.1 + description: Upgrade redis-ha From 5869c1d2bb85205e761ee93ee6e1f6157aa139ea Mon Sep 17 00:00:00 2001 From: Emmanuel Ferdman Date: Fri, 15 Nov 2024 11:04:53 +0200 Subject: [PATCH 1168/1248] docs(argo-rollouts): update security policy for Argo Rollouts in SECURITY.md (#3034) docs(SECURITY.md): update security policy for Argo Rollouts Signed-off-by: Emmanuel Ferdman --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index f4fb6002..a066f67f 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,7 +6,7 @@ Each helm chart currently supports the designated application version in the Cha * [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md) * [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md) -* [Security Policy for Argo Rollouts](https://github.com/argoproj/argo-rollouts/blob/master/docs/security.md) +* [Security Policy for Argo Rollouts](https://github.com/argoproj/argo-rollouts/blob/master/docs/security/security.md) * [Security Policy for Argo CD](https://github.com/argoproj/argo-cd/blob/master/SECURITY.md) * [Security Policy for Argo CD Image Updater](https://github.com/argoproj-labs/argocd-image-updater/blob/master/SECURITY.md) From 84329170e0707106274db4814c4a67ec5c043786 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 Nov 2024 09:28:29 -0700 Subject: [PATCH 1169/1248] chore(deps): bump github/codeql-action from 3.27.1 to 3.27.4 in the dependencies group (#3039) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e2766c9c..19c09e4c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1 + uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 with: sarif_file: results.sarif From 37b52a569393abe9d6fa30ef277a117cda8c34d8 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 16 Nov 2024 21:36:19 -0800 Subject: [PATCH 1170/1248] chore(deps): update renovatebot/github-action action to v41.0.3 (#3040) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 1cc60f28..00e1b401 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@67a664fc9b4481b33a3eff6ee9edfb7a7b9dfa1e # v41.0.2 + uses: renovatebot/github-action@e02bf7b1c996027e55e910400653576a8293246c # v41.0.3 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 5ab558e91768ef2fd9c5917f7196b261d86a4f85 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 20 Nov 2024 14:47:50 -0600 Subject: [PATCH 1171/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.13.1 (#3043) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a77f020a..6f17b1c2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.13.0 +appVersion: v2.13.1 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.3 +version: 7.7.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade redis-ha + description: Bump argo-cd to v2.13.1 From 7e397f75f3beca8aaa51695ecd63d8d99b66a10d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 21 Nov 2024 17:27:05 +0900 Subject: [PATCH 1172/1248] chore(argo-workflows): Upgrade Argo Workflows to v3.6.0 (#3037) * chore(argo-workflows): Upgrade Argo Workflows to v3.6.0 Signed-off-by: yu-croco * fix: clean up cache to pass CI Signed-off-by: yu-croco * test: rm cache clear. Try latest version of ct test Signed-off-by: Tim Collins * just trying all the things. sorry Signed-off-by: Tim Collins * add debug output Signed-off-by: Tim Collins * additional debug Signed-off-by: Tim Collins * MOAR debug Signed-off-by: Tim Collins * typo Signed-off-by: Tim Collins * specifically find files Signed-off-by: Tim Collins * use minimal crds Signed-off-by: Tim Collins * rm debug step Signed-off-by: Tim Collins --------- Signed-off-by: yu-croco Signed-off-by: Tim Collins Co-authored-by: Tim Collins Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 3 +- charts/argo-workflows/Chart.yaml | 8 +- .../argoproj.io_workflowartifactgctasks.yaml | 1150 ++++++++++++++++- .../argoproj.io_workfloweventbindings.yaml | 650 +++++++++- .../crds/argoproj.io_workflowtaskresults.yaml | 65 + 5 files changed, 1841 insertions(+), 35 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 188f37be..c8188a35 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -41,7 +41,7 @@ jobs: uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 with: # Note: Also update in scripts/lint.sh - version: v3.10.0 + version: v3.11.0 - name: List changed charts id: list-changed @@ -74,7 +74,6 @@ jobs: if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml - - name: Deploy latest ArgoCD CRDs when testing ArgoCD extensions if: | contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') || diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index cf7daa93..fb008aa6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.12 +appVersion: v3.6.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.42.7 +version: 0.43.0 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support lifecycle and terminationGracePeriodSeconds for server + - kind: changed + description: Upgrade Argo Workflows to v3.6.0 diff --git a/charts/argo-workflows/templates/crds/argoproj.io_workflowartifactgctasks.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflowartifactgctasks.yaml index dcebddb2..6a474715 100644 --- a/charts/argo-workflows/templates/crds/argoproj.io_workflowartifactgctasks.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflowartifactgctasks.yaml @@ -17,34 +17,1130 @@ spec: listKind: WorkflowArtifactGCTaskList plural: workflowartifactgctasks shortNames: - - wfat + - wfat singular: workflowartifactgctask scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + artifactsByNode: + additionalProperties: + properties: + archiveLocation: + properties: + archiveLogs: + type: boolean + artifactory: + properties: + passwordSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + url: + type: string + usernameSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - url + type: object + azure: + properties: + accountKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + blob: + type: string + container: + type: string + endpoint: + type: string + useSDKCreds: + type: boolean + required: + - blob + - container + - endpoint + type: object + gcs: + properties: + bucket: + type: string + key: + type: string + serviceAccountKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - key + type: object + git: + properties: + branch: + type: string + depth: + format: int64 + type: integer + disableSubmodules: + type: boolean + fetch: + items: + type: string + type: array + insecureIgnoreHostKey: + type: boolean + insecureSkipTLS: + type: boolean + passwordSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + repo: + type: string + revision: + type: string + singleBranch: + type: boolean + sshPrivateKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + usernameSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - repo + type: object + hdfs: + properties: + addresses: + items: + type: string + type: array + dataTransferProtection: + type: string + force: + type: boolean + hdfsUser: + type: string + krbCCacheSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + krbConfigConfigMap: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + krbKeytabSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + krbRealm: + type: string + krbServicePrincipalName: + type: string + krbUsername: + type: string + path: + type: string + required: + - path + type: object + http: + properties: + auth: + properties: + basicAuth: + properties: + passwordSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + usernameSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientCert: + properties: + clientCertSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + clientKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + oauth2: + properties: + clientIDSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + clientSecretSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + scopes: + items: + type: string + type: array + tokenURLSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + headers: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + url: + type: string + required: + - url + type: object + oss: + properties: + accessKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bucket: + type: string + createBucketIfNotPresent: + type: boolean + endpoint: + type: string + key: + type: string + lifecycleRule: + properties: + markDeletionAfterDays: + format: int32 + type: integer + markInfrequentAccessAfterDays: + format: int32 + type: integer + type: object + secretKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + securityToken: + type: string + useSDKCreds: + type: boolean + required: + - key + type: object + raw: + properties: + data: + type: string + required: + - data + type: object + s3: + properties: + accessKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bucket: + type: string + caSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + createBucketIfNotPresent: + properties: + objectLocking: + type: boolean + type: object + encryptionOptions: + properties: + enableEncryption: + type: boolean + kmsEncryptionContext: + type: string + kmsKeyId: + type: string + serverSideCustomerKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + endpoint: + type: string + insecure: + type: boolean + key: + type: string + region: + type: string + roleARN: + type: string + secretKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + sessionTokenSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + useSDKCreds: + type: boolean + type: object + type: object + artifacts: + additionalProperties: + properties: + archive: + properties: + none: + type: object + tar: + properties: + compressionLevel: + format: int32 + type: integer + type: object + zip: + type: object + type: object + archiveLogs: + type: boolean + artifactGC: + properties: + podMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + serviceAccountName: + type: string + strategy: + enum: + - "" + - OnWorkflowCompletion + - OnWorkflowDeletion + - Never + type: string + type: object + artifactory: + properties: + passwordSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + url: + type: string + usernameSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - url + type: object + azure: + properties: + accountKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + blob: + type: string + container: + type: string + endpoint: + type: string + useSDKCreds: + type: boolean + required: + - blob + - container + - endpoint + type: object + deleted: + type: boolean + from: + type: string + fromExpression: + type: string + gcs: + properties: + bucket: + type: string + key: + type: string + serviceAccountKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - key + type: object + git: + properties: + branch: + type: string + depth: + format: int64 + type: integer + disableSubmodules: + type: boolean + fetch: + items: + type: string + type: array + insecureIgnoreHostKey: + type: boolean + insecureSkipTLS: + type: boolean + passwordSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + repo: + type: string + revision: + type: string + singleBranch: + type: boolean + sshPrivateKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + usernameSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - repo + type: object + globalName: + type: string + hdfs: + properties: + addresses: + items: + type: string + type: array + dataTransferProtection: + type: string + force: + type: boolean + hdfsUser: + type: string + krbCCacheSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + krbConfigConfigMap: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + krbKeytabSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + krbRealm: + type: string + krbServicePrincipalName: + type: string + krbUsername: + type: string + path: + type: string + required: + - path + type: object + http: + properties: + auth: + properties: + basicAuth: + properties: + passwordSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + usernameSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientCert: + properties: + clientCertSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + clientKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + oauth2: + properties: + clientIDSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + clientSecretSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + scopes: + items: + type: string + type: array + tokenURLSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + headers: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + url: + type: string + required: + - url + type: object + mode: + format: int32 + type: integer + name: + type: string + optional: + type: boolean + oss: + properties: + accessKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bucket: + type: string + createBucketIfNotPresent: + type: boolean + endpoint: + type: string + key: + type: string + lifecycleRule: + properties: + markDeletionAfterDays: + format: int32 + type: integer + markInfrequentAccessAfterDays: + format: int32 + type: integer + type: object + secretKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + securityToken: + type: string + useSDKCreds: + type: boolean + required: + - key + type: object + path: + type: string + raw: + properties: + data: + type: string + required: + - data + type: object + recurseMode: + type: boolean + s3: + properties: + accessKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bucket: + type: string + caSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + createBucketIfNotPresent: + properties: + objectLocking: + type: boolean + type: object + encryptionOptions: + properties: + enableEncryption: + type: boolean + kmsEncryptionContext: + type: string + kmsKeyId: + type: string + serverSideCustomerKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + endpoint: + type: string + insecure: + type: boolean + key: + type: string + region: + type: string + roleARN: + type: string + secretKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + sessionTokenSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + useSDKCreds: + type: boolean + type: object + subPath: + type: string + required: + - name + type: object + type: object + type: object + type: object + type: object + status: + properties: + artifactResultsByNode: + additionalProperties: + properties: + artifactResults: + additionalProperties: + properties: + error: + type: string + name: + type: string + success: + type: boolean + required: + - name + type: object + type: object + type: object + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: + status: {} {{- end }} diff --git a/charts/argo-workflows/templates/crds/argoproj.io_workfloweventbindings.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workfloweventbindings.yaml index 097fa5cd..f11df956 100644 --- a/charts/argo-workflows/templates/crds/argoproj.io_workfloweventbindings.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workfloweventbindings.yaml @@ -32,9 +32,655 @@ spec: metadata: type: object spec: + properties: + event: + properties: + selector: + type: string + required: + - selector + type: object + submit: + properties: + arguments: + properties: + artifacts: + items: + properties: + archive: + properties: + none: + type: object + tar: + properties: + compressionLevel: + format: int32 + type: integer + type: object + zip: + type: object + type: object + archiveLogs: + type: boolean + artifactGC: + properties: + podMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + serviceAccountName: + type: string + strategy: + enum: + - "" + - OnWorkflowCompletion + - OnWorkflowDeletion + - Never + type: string + type: object + artifactory: + properties: + passwordSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + url: + type: string + usernameSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - url + type: object + azure: + properties: + accountKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + blob: + type: string + container: + type: string + endpoint: + type: string + useSDKCreds: + type: boolean + required: + - blob + - container + - endpoint + type: object + deleted: + type: boolean + from: + type: string + fromExpression: + type: string + gcs: + properties: + bucket: + type: string + key: + type: string + serviceAccountKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - key + type: object + git: + properties: + branch: + type: string + depth: + format: int64 + type: integer + disableSubmodules: + type: boolean + fetch: + items: + type: string + type: array + insecureIgnoreHostKey: + type: boolean + insecureSkipTLS: + type: boolean + passwordSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + repo: + type: string + revision: + type: string + singleBranch: + type: boolean + sshPrivateKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + usernameSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + required: + - repo + type: object + globalName: + type: string + hdfs: + properties: + addresses: + items: + type: string + type: array + dataTransferProtection: + type: string + force: + type: boolean + hdfsUser: + type: string + krbCCacheSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + krbConfigConfigMap: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + krbKeytabSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + krbRealm: + type: string + krbServicePrincipalName: + type: string + krbUsername: + type: string + path: + type: string + required: + - path + type: object + http: + properties: + auth: + properties: + basicAuth: + properties: + passwordSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + usernameSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientCert: + properties: + clientCertSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + clientKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + oauth2: + properties: + clientIDSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + clientSecretSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + scopes: + items: + type: string + type: array + tokenURLSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + headers: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + url: + type: string + required: + - url + type: object + mode: + format: int32 + type: integer + name: + type: string + optional: + type: boolean + oss: + properties: + accessKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bucket: + type: string + createBucketIfNotPresent: + type: boolean + endpoint: + type: string + key: + type: string + lifecycleRule: + properties: + markDeletionAfterDays: + format: int32 + type: integer + markInfrequentAccessAfterDays: + format: int32 + type: integer + type: object + secretKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + securityToken: + type: string + useSDKCreds: + type: boolean + required: + - key + type: object + path: + type: string + raw: + properties: + data: + type: string + required: + - data + type: object + recurseMode: + type: boolean + s3: + properties: + accessKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bucket: + type: string + caSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + createBucketIfNotPresent: + properties: + objectLocking: + type: boolean + type: object + encryptionOptions: + properties: + enableEncryption: + type: boolean + kmsEncryptionContext: + type: string + kmsKeyId: + type: string + serverSideCustomerKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + endpoint: + type: string + insecure: + type: boolean + key: + type: string + region: + type: string + roleARN: + type: string + secretKeySecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + sessionTokenSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + useSDKCreds: + type: boolean + type: object + subPath: + type: string + required: + - name + type: object + type: array + parameters: + items: + properties: + default: + type: string + description: + type: string + enum: + items: + type: string + type: array + globalName: + type: string + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + default: + type: string + event: + type: string + expression: + type: string + jqFilter: + type: string + jsonPath: + type: string + parameter: + type: string + path: + type: string + supplied: + type: object + type: object + required: + - name + type: object + type: array + type: object + metadata: + type: object + workflowTemplateRef: + properties: + clusterScope: + type: boolean + name: + type: string + type: object + required: + - workflowTemplateRef + type: object + required: + - event type: object - x-kubernetes-map-type: atomic - x-kubernetes-preserve-unknown-fields: true required: - metadata - spec diff --git a/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml index 861f1df8..02f3f08b 100644 --- a/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml @@ -81,12 +81,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic url: type: string usernameSecret: @@ -94,12 +96,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic required: - url type: object @@ -110,12 +114,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic blob: type: string container: @@ -146,12 +152,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic required: - key type: object @@ -170,17 +178,21 @@ spec: type: array insecureIgnoreHostKey: type: boolean + insecureSkipTLS: + type: boolean passwordSecret: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic repo: type: string revision: @@ -192,23 +204,27 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic usernameSecret: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic required: - repo type: object @@ -220,6 +236,8 @@ spec: items: type: string type: array + dataTransferProtection: + type: string force: type: boolean hdfsUser: @@ -229,34 +247,40 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic krbConfigConfigMap: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic krbKeytabSecret: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic krbRealm: type: string krbServicePrincipalName: @@ -279,23 +303,27 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic usernameSecret: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object clientCert: properties: @@ -304,23 +332,27 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic clientKeySecret: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object oauth2: properties: @@ -329,23 +361,27 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic clientSecretSecret: properties: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic endpointParams: items: properties: @@ -366,12 +402,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object type: object headers: @@ -405,12 +443,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic bucket: type: string createBucketIfNotPresent: @@ -433,12 +473,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic securityToken: type: string useSDKCreds: @@ -464,12 +506,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic bucket: type: string caSecret: @@ -477,12 +521,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic createBucketIfNotPresent: properties: objectLocking: @@ -501,12 +547,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic type: object endpoint: type: string @@ -523,12 +571,27 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic + sessionTokenSecret: + properties: + key: + type: string + name: + default: "" + type: string + optional: + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic useSDKCreds: type: boolean type: object @@ -564,12 +627,14 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean required: - key type: object + x-kubernetes-map-type: atomic default: type: string event: From 81dc44c4a5ccd42c799469a78eb96a68048a4987 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Thu, 21 Nov 2024 01:58:52 -0700 Subject: [PATCH 1173/1248] fix(argo-workflows): Remove excessive wf controller RBAC permissions (#3044) Signed-off-by: Tim Collins --- charts/argo-workflows/Chart.yaml | 6 +++--- .../templates/controller/workflow-role.yaml | 21 ------------------- 2 files changed, 3 insertions(+), 24 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index fb008aa6..f8ced494 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.6.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.43.0 +version: 0.44.0 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.6.0 + - kind: fixed + description: Remove excessive RBAC privileges from workflow-role. diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 14265372..e99369a2 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -11,27 +11,6 @@ metadata: namespace: {{ . }} {{- end }} rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - watch - - patch - - apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - watch - - apiGroups: - - "" - resources: - - pods/exec - verbs: - - create - apiGroups: - argoproj.io resources: From 8a1d39610c9aebf1f32e79a736dbbfa577b035a5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 21 Nov 2024 21:36:55 +0900 Subject: [PATCH 1174/1248] fix(argo-cd): Update application CRD (#3047) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/crds/crd-application.yaml | 11 +++++++++++ 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6f17b1c2..9f7925d2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.1 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.4 +version: 7.7.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.13.1 + - kind: fixed + description: Update application CRD diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 2874d885..7e3afda6 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -125,6 +125,11 @@ spec: sync: description: Sync contains parameters for the operation properties: + autoHealAttemptsCount: + description: SelfHealAttemptsCount contains the number of auto-heal + attempts + format: int64 + type: integer dryRun: description: DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync @@ -2720,6 +2725,11 @@ spec: sync: description: Sync contains parameters for the operation properties: + autoHealAttemptsCount: + description: SelfHealAttemptsCount contains the number + of auto-heal attempts + format: int64 + type: integer dryRun: description: DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync @@ -5356,3 +5366,4 @@ spec: storage: true subresources: {} {{- end }} + From ccfa0651cba45454d7462dcb153d4222ef1feb72 Mon Sep 17 00:00:00 2001 From: Robert Macaulay Date: Thu, 21 Nov 2024 07:02:51 -0600 Subject: [PATCH 1175/1248] fix(argo-rollouts): Change type of trafficRouterPlugins and trafficRouterPlugins as list (#3036) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 4 ++-- charts/argo-rollouts/values.yaml | 14 ++++++-------- 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index bd4cf96c..1eb766af 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.37.8 +version: 2.38.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fixed rendering of plugins in the ConfigMap + description: Updated plugin values.yaml example and it's implementation to not need to include the stringification or the plugins block that it used to diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 126a1dcd..927a2098 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -102,7 +102,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | | controller.logging.kloglevel | string | `"0"` | Set the klog logging level | | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | -| controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | +| controller.metricProviderPlugins | list | `[]` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.service.annotations | object | `{}` | Service annotations | | controller.metrics.service.port | int | `8090` | Metrics service port | @@ -127,7 +127,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | -| controller.trafficRouterPlugins | object | `{}` | Configures 3rd party traffic router plugins for controller | +| controller.trafficRouterPlugins | list | `[]` | Configures 3rd party traffic router plugins for controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to add to the controller container | | controller.volumes | list | `[]` | Additional volumes to add to the controller pod | | podAnnotations | object | `{}` | Annotations for the all deployed pods | diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index b6b5821c..fdc58a44 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -209,17 +209,15 @@ controller: # -- Configures 3rd party metric providers for controller ## Ref: https://argo-rollouts.readthedocs.io/en/stable/analysis/plugins/ - metricProviderPlugins: {} - # metricProviderPlugins: |- - # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration - # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + metricProviderPlugins: [] + # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration + # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// # -- Configures 3rd party traffic router plugins for controller ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/traffic-management/plugins/ - trafficRouterPlugins: {} - # trafficRouterPlugins: |- - # - name: "argoproj-labs/sample-nginx" # name of the plugin, it must match the name required by the plugin so it can find it's configuration - # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + trafficRouterPlugins: [] + # - name: "argoproj-labs/sample-nginx" # name of the plugin, it must match the name required by the plugin so it can find it's configuration + # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// serviceAccount: # -- Specifies whether a service account should be created From e888b374c99149f4991afca8614e6e7b59e3d993 Mon Sep 17 00:00:00 2001 From: Scott Melhop <31436287+scottmelhop@users.noreply.github.com> Date: Fri, 22 Nov 2024 12:40:29 +0100 Subject: [PATCH 1176/1248] fix(argo-workflows): Updated chart to reflect change to ARGO_BASE_HREF env (#3049) * Updated chart to reflect change to ARGO_BASE_HREF env Signed-off-by: Scott Melhop * Update changelog Signed-off-by: Scott Melhop * remove ide formatting Signed-off-by: Scott Melhop --------- Signed-off-by: Scott Melhop --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/server/server-deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f8ced494..25a548e1 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.6.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.44.0 +version: 0.44.1 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Remove excessive RBAC privileges from workflow-role. + description: Change BASE_HREF to ARGO_BASE_HREF. diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index ce0efa78..b9a2541b 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -95,7 +95,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - - name: BASE_HREF + - name: ARGO_BASE_HREF value: {{ .Values.server.baseHref | quote }} {{- with .Values.server.extraEnv }} {{- toYaml . | nindent 12 }} From 90eef9ef1f8c5e58e6fdb0459047363d62a2e328 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 22 Nov 2024 15:19:46 +0000 Subject: [PATCH 1177/1248] fix(argo-workflows): Make Argo Agent and Artifact GC permissions optional for workflows SA (#3048) --- charts/argo-workflows/Chart.yaml | 4 +-- charts/argo-workflows/README.md | 2 ++ .../templates/controller/agent-rb.yaml | 29 +++++++++++++++++++ .../templates/controller/agent-role.yaml | 29 +++++++++++++++++++ .../templates/controller/artifact-gc-rb.yaml | 29 +++++++++++++++++++ .../controller/artifact-gc-role.yaml | 29 +++++++++++++++++++ .../templates/controller/workflow-role.yaml | 15 ---------- charts/argo-workflows/values.yaml | 4 +++ 8 files changed, 124 insertions(+), 17 deletions(-) create mode 100644 charts/argo-workflows/templates/controller/agent-rb.yaml create mode 100644 charts/argo-workflows/templates/controller/agent-role.yaml create mode 100644 charts/argo-workflows/templates/controller/artifact-gc-rb.yaml create mode 100644 charts/argo-workflows/templates/controller/artifact-gc-role.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 25a548e1..4b7e834e 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.6.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.44.1 +version: 0.45.0 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Change BASE_HREF to ARGO_BASE_HREF. + description: Make Argo Agent and Artifact GC permissions optional for workflows SA diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 965656af..6a82eb5f 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -133,6 +133,8 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | workflow.namespace | string | `nil` | Deprecated; use controller.workflowNamespaces instead. | +| workflow.rbac.agentPermissions | bool | `false` | Allows permissions for the Argo Agent. Only required if using http/plugin templates | +| workflow.rbac.artifactGC | bool | `false` | Allows permissions for the Argo Artifact GC pod. Only required if using artifact gc | | workflow.rbac.create | bool | `true` | Adds Role and RoleBinding for the above specified service account to be able to run workflows. A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) | | workflow.rbac.serviceAccounts | list | `[]` | Extra service accounts to be added to the RoleBinding | | workflow.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | diff --git a/charts/argo-workflows/templates/controller/agent-rb.yaml b/charts/argo-workflows/templates/controller/agent-rb.yaml new file mode 100644 index 00000000..67e49955 --- /dev/null +++ b/charts/argo-workflows/templates/controller/agent-rb.yaml @@ -0,0 +1,29 @@ +{{- if .Values.workflow.rbac.agentPermissions -}} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-workflows.fullname" $ }}-workflow-agent + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "argo-workflows.fullname" $ }}-workflow-agent +subjects: + - kind: ServiceAccount + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} + {{- range $.Values.workflow.rbac.serviceAccounts }} + - kind: ServiceAccount + name: {{ .name }} + namespace: {{ .namespace | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/agent-role.yaml b/charts/argo-workflows/templates/controller/agent-role.yaml new file mode 100644 index 00000000..577567b2 --- /dev/null +++ b/charts/argo-workflows/templates/controller/agent-role.yaml @@ -0,0 +1,29 @@ +{{- if .Values.workflow.rbac.agentPermissions -}} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "argo-workflows.fullname" $ }}-workflow-agent + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} +rules: + - apiGroups: + - argoproj.io + resources: + - workflowtasksets + verbs: + - list + - watch + - apiGroups: + - argoproj.io + resources: + - workflowtasksets/status + verbs: + - patch + {{- end }} + +{{- end }} diff --git a/charts/argo-workflows/templates/controller/artifact-gc-rb.yaml b/charts/argo-workflows/templates/controller/artifact-gc-rb.yaml new file mode 100644 index 00000000..279b2c50 --- /dev/null +++ b/charts/argo-workflows/templates/controller/artifact-gc-rb.yaml @@ -0,0 +1,29 @@ +{{- if .Values.workflow.rbac.artifactGC -}} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-workflows.fullname" $ }}-wf-artifactgc + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "argo-workflows.fullname" $ }}-wf-artifactgc +subjects: + - kind: ServiceAccount + name: {{ $.Values.workflow.serviceAccount.name }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} + {{- range $.Values.workflow.rbac.serviceAccounts }} + - kind: ServiceAccount + name: {{ .name }} + namespace: {{ .namespace | quote }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/artifact-gc-role.yaml b/charts/argo-workflows/templates/controller/artifact-gc-role.yaml new file mode 100644 index 00000000..48218b83 --- /dev/null +++ b/charts/argo-workflows/templates/controller/artifact-gc-role.yaml @@ -0,0 +1,29 @@ +{{- if .Values.workflow.rbac.artifactGC -}} + {{- range $namespace := or .Values.singleNamespace false | ternary (list "") (append .Values.controller.workflowNamespaces (coalesce .Values.workflow.namespace (include "argo-workflows.namespace" .)) | uniq) }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "argo-workflows.fullname" $ }}-wf-artifactgc + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} + {{- with $namespace }} + namespace: {{ . }} + {{- end }} +rules: + - apiGroups: + - argoproj.io + resources: + - workflowartifactgctasks + verbs: + - list + - watch + - apiGroups: + - argoproj.io + resources: + - workflowartifactgctasks/status + verbs: + - patch + {{- end }} + +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index e99369a2..81c20048 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -18,21 +18,6 @@ rules: verbs: - create - patch - - apiGroups: - - argoproj.io - resources: - - workflowtasksets - - workflowartifactgctasks - verbs: - - list - - watch - - apiGroups: - - argoproj.io - resources: - - workflowtasksets/status - - workflowartifactgctasks/status - verbs: - - patch {{- end }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 75135854..8101898b 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -69,6 +69,10 @@ workflow: # -- Adds Role and RoleBinding for the above specified service account to be able to run workflows. # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) create: true + # -- Allows permissions for the Argo Agent. Only required if using http/plugin templates + agentPermissions: false + # -- Allows permissions for the Argo Artifact GC pod. Only required if using artifact gc + artifactGC: false # -- Extra service accounts to be added to the RoleBinding serviceAccounts: [] # - name: my-service-account From 4909b4287091fa75e22d6b25117e445366261df5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 Nov 2024 05:57:50 -0600 Subject: [PATCH 1178/1248] chore(deps): bump github/codeql-action from 3.27.4 to 3.27.5 in the dependencies group (#3050) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 19c09e4c..7442ff0b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: results.sarif From 3e1b02da23a7398f5be6401bd763c7a0c5e41859 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 19:53:13 +0900 Subject: [PATCH 1179/1248] chore(deps): update renovatebot/github-action action to v41.0.4 (#3051) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 00e1b401..94d21965 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@e02bf7b1c996027e55e910400653576a8293246c # v41.0.3 + uses: renovatebot/github-action@757597d1bb6993c6406e207997a85f2b20ff39be # v41.0.4 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From d0b5926c0bf61e09a7ecbb0f705c33f5e1034c26 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 28 Nov 2024 05:43:45 +0900 Subject: [PATCH 1180/1248] feat(argo-events): Upgrade Argo Events to v1.9.3 (#3055) --- charts/argo-events/Chart.yaml | 8 ++++---- charts/argo-events/README.md | 2 ++ .../templates/argo-events-controller/config.yaml | 2 ++ charts/argo-events/values.yaml | 4 ++++ 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index dc6af9ac..519ebe66 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.9.2 +appVersion: v1.9.3 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.8 +version: 2.4.9 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: events-webhook Service using non-default port + - kind: changed + description: Bump argo-events to v1.9.3 diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 5d2c036b..10b26972 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -60,11 +60,13 @@ done |-----|------|---------|-------------| | configs.jetstream.settings.maxFileStore | int | `-1` | Maximum size of the file storage (e.g. 20G) | | configs.jetstream.settings.maxMemoryStore | int | `-1` | Maximum size of the memory storage (e.g. 1G) | +| configs.jetstream.streamConfig.discard | int | `0` | 0: DiscardOld, 1: DiscardNew | | configs.jetstream.streamConfig.duplicates | string | `"300s"` | Not documented at the moment | | configs.jetstream.streamConfig.maxAge | string | `"72h"` | Maximum age of existing messages, i.e. “72h”, “4h35m” | | configs.jetstream.streamConfig.maxBytes | string | `"1GB"` | | | configs.jetstream.streamConfig.maxMsgs | int | `1000000` | Maximum number of messages before expiring oldest message | | configs.jetstream.streamConfig.replicas | int | `3` | Number of replicas, defaults to 3 and requires minimal 3 | +| configs.jetstream.streamConfig.retention | int | `0` | 0: Limits, 1: Interest, 2: WorkQueue | | configs.jetstream.versions[0].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.14.0"` | | | configs.jetstream.versions[0].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.14.0"` | | | configs.jetstream.versions[0].natsImage | string | `"nats:2.10.10"` | | diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml index 119c10f5..e3047de7 100644 --- a/charts/argo-events/templates/argo-events-controller/config.yaml +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -32,6 +32,8 @@ data: maxBytes: {{ .Values.configs.jetstream.streamConfig.maxBytes }} replicas: {{ .Values.configs.jetstream.streamConfig.replicas }} duplicates: {{ .Values.configs.jetstream.streamConfig.duplicates }} + retention: {{ .Values.configs.jetstream.streamConfig.retention }} + discard: {{ .Values.configs.jetstream.streamConfig.discard }} versions: {{- range .Values.configs.jetstream.versions }} - version: {{ .version }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 09a2d9ea..5c2206d6 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -94,6 +94,10 @@ configs: replicas: 3 # -- Not documented at the moment duplicates: 300s + # -- 0: Limits, 1: Interest, 2: WorkQueue + retention: 0 + # -- 0: DiscardOld, 1: DiscardNew + discard: 0 # Supported versions of JetStream eventbus versions: - version: latest From 07c5b5df98b3f0ba47024de38d42ac8222aef813 Mon Sep 17 00:00:00 2001 From: Bhavin Kotak Date: Wed, 27 Nov 2024 18:41:56 -0600 Subject: [PATCH 1181/1248] fix(argo-cd): Fix REDIS_PASSWORD optional flag (#3058) * fix(argo-cd): Fix REDIS_PASSWORD optional flag Signed-off-by: Bhavin Kotak * update charge version Signed-off-by: Bhavin Kotak --------- Signed-off-by: Bhavin Kotak --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-application-controller/statefulset.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9f7925d2..31552637 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.1 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.5 +version: 7.7.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Update application CRD + description: REDIS_PASSWORD optional flag change diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 70620df6..a907ac76 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -228,10 +228,10 @@ spec: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} {{- if .Values.externalRedis.host }} key: redis-password - optional: true {{- else }} key: auth {{- end }} + optional: true - name: REDIS_SENTINEL_USERNAME valueFrom: secretKeyRef: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 9a15e596..2617251d 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -187,10 +187,10 @@ spec: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} {{- if .Values.externalRedis.host }} key: redis-password - optional: true {{- else }} key: auth {{- end }} + optional: true - name: REDIS_SENTINEL_USERNAME valueFrom: secretKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index b0cecd6c..cc5f7bfe 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -255,10 +255,10 @@ spec: name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} {{- if .Values.externalRedis.host }} key: redis-password - optional: true {{- else }} key: auth {{- end }} + optional: true - name: REDIS_SENTINEL_USERNAME valueFrom: secretKeyRef: From b1333d849113a0c6c9356a068f328ea3c613a6b8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 30 Nov 2024 19:54:13 +0900 Subject: [PATCH 1182/1248] chore(deps): bump renovatebot/github-action from 41.0.4 to 41.0.5 in the dependencies group (#3061) chore(deps): bump renovatebot/github-action in the dependencies group Bumps the dependencies group with 1 update: [renovatebot/github-action](https://github.com/renovatebot/github-action). Updates `renovatebot/github-action` from 41.0.4 to 41.0.5 - [Release notes](https://github.com/renovatebot/github-action/releases) - [Changelog](https://github.com/renovatebot/github-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/renovatebot/github-action/compare/757597d1bb6993c6406e207997a85f2b20ff39be...936628dfbff213ab2eb95033c5e123cfcaf09ebb) --- updated-dependencies: - dependency-name: renovatebot/github-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 94d21965..35f688c3 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@757597d1bb6993c6406e207997a85f2b20ff39be # v41.0.4 + uses: renovatebot/github-action@936628dfbff213ab2eb95033c5e123cfcaf09ebb # v41.0.5 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 344fcae2a1aaacd189b03690b6b3f8c9348cfb7f Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sun, 1 Dec 2024 10:12:10 +0100 Subject: [PATCH 1183/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v38.142.7 (#3062) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 35f688c3..896c46f0 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 38.141.1 + renovate-version: 38.142.7 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From 3767e5b8aea8272bb70987c25185df25e8373b31 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 2 Dec 2024 10:17:06 +0000 Subject: [PATCH 1184/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v39 (#3063) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 896c46f0..361ea06c 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 38.142.7 + renovate-version: 39.43.0 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From 0195a3581e94e33bac23b7a2b2edd3abb0c0671e Mon Sep 17 00:00:00 2001 From: Garry O'Donnell Date: Mon, 2 Dec 2024 14:19:44 +0000 Subject: [PATCH 1185/1248] feat(argo-cd): Template server ingress extraTls arguments (#3056) Signed-off-by: Garry O'Donnell --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 31552637..446c4b57 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.1 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.6 +version: 7.7.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: REDIS_PASSWORD optional flag change + - kind: added + description: Allowed the use of templates in the server.ingress.extraTls field diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 84668373..31f72ed6 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -63,7 +63,7 @@ spec: secretName: argocd-server-tls {{- end }} {{- with .Values.server.ingress.extraTls }} - {{- toYaml . | nindent 4 }} + {{- tpl (toYaml .) $ | nindent 4 }} {{- end }} {{- end }} {{- end }} From 168bc63bd6b65586720ebbcea197dbce123c03f5 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 2 Dec 2024 09:39:27 -0800 Subject: [PATCH 1186/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.6.1 (#3064) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 4b7e834e..77ca7d7d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.6.0 +appVersion: v3.6.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.0 +version: 0.45.1 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Make Argo Agent and Artifact GC permissions optional for workflows SA + - kind: changed + description: Bump argo-workflows to v3.6.2 From 9bf8f97811c3d52696faa3be0c0a362b68039eab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 7 Dec 2024 04:13:07 -0600 Subject: [PATCH 1187/1248] chore(deps): bump github/codeql-action from 3.27.5 to 3.27.6 in the dependencies group (#3069) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7442ff0b..a52762aa 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 with: sarif_file: results.sarif From cf8b6950f194c88296f8f1d5a029fc2421c7719f Mon Sep 17 00:00:00 2001 From: Takumi Sue <23391543+mikutas@users.noreply.github.com> Date: Mon, 9 Dec 2024 18:17:14 +0900 Subject: [PATCH 1188/1248] feat(argo-cd): Bump argocd-extension-installer to 0.0.8 (#3070) Bump argocd-extension-installer to 0.0.8 Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 446c4b57..8f971efe 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.1 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.7 +version: 7.7.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Allowed the use of templates in the server.ingress.extraTls field + - kind: changed + description: Bump argocd-extension-installer to v0.0.8 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 8d8eb50d..8cea8341 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1023,7 +1023,7 @@ NAME: my-release | server.extensions.extensionList | list | `[]` (See [values.yaml]) | Extensions for Argo CD | | server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"quay.io/argoprojlabs/argocd-extension-installer"` | Repository to use for extension installer image | -| server.extensions.image.tag | string | `"v0.0.5"` | Tag to use for extension installer image | +| server.extensions.image.tag | string | `"v0.0.8"` | Tag to use for extension installer image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fd390237..f2ca736a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1847,7 +1847,7 @@ server: # -- Repository to use for extension installer image repository: "quay.io/argoprojlabs/argocd-extension-installer" # -- Tag to use for extension installer image - tag: "v0.0.5" + tag: "v0.0.8" # -- Image pull policy for extensions # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From eb53a916b8664de33532842e0a110919ebed1c1d Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 9 Dec 2024 08:36:00 -0600 Subject: [PATCH 1189/1248] chore(deps): update renovatebot/github-action action to v41.0.6 (#3071) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 361ea06c..e267fcc8 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@936628dfbff213ab2eb95033c5e123cfcaf09ebb # v41.0.5 + uses: renovatebot/github-action@e3a862510f27d57a380efb11f0b52ad7e8dbf213 # v41.0.6 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From e72297ca734f3505cd86e195745eb32398627941 Mon Sep 17 00:00:00 2001 From: Symeon Meichanetzoglou Date: Wed, 11 Dec 2024 16:36:09 +0100 Subject: [PATCH 1190/1248] fix(argo-cd): Fix repo-server honorLabels config template (#3075) * FIX: move honorLabels config out of condition Signed-off-by: symaras * update changelog Signed-off-by: symaras * bump chart version Signed-off-by: symaras * adjust changelog Signed-off-by: symaras --------- Signed-off-by: symaras --- charts/argo-cd/Chart.yaml | 6 +++--- .../templates/argocd-repo-server/servicemonitor.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8f971efe..110f1bc2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.1 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.8 +version: 7.7.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argocd-extension-installer to v0.0.8 + - kind: fixed + description: Fix honorLabels config template diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index b02ba7a4..3d7cc497 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -34,8 +34,8 @@ spec: metricRelabelings: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.metrics.serviceMonitor.scheme }} honorLabels: {{ .Values.repoServer.metrics.serviceMonitor.honorLabels }} + {{- with .Values.repoServer.metrics.serviceMonitor.scheme }} scheme: {{ . }} {{- end }} {{- with .Values.repoServer.metrics.serviceMonitor.tlsConfig }} From 5e8ac12acdedb969e20c9fc0d2714a3aa90baf91 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 05:33:06 +0000 Subject: [PATCH 1191/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.13.2 (#3076) --- charts/argo-cd/Chart.yaml | 8 ++++---- charts/argo-cd/templates/argocd-server/clusterrole.yaml | 1 - 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 110f1bc2..6f399bbb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.13.1 +appVersion: v2.13.2 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.9 +version: 7.7.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix honorLabels config template + - kind: changed + description: Bump argo-cd to v2.13.2 diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index b6c5f81f..1bc9aed5 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -17,7 +17,6 @@ rules: - delete # supports deletion a live object in UI - get # supports viewing live object manifest in UI - patch # supports `argocd app patch` - - list # supports `argocd appset generate` with cluster generator - apiGroups: - "" resources: From 21d9d3e18a50a08882a445be8f089a44258994ce Mon Sep 17 00:00:00 2001 From: Frederic M <43849398+fad3t@users.noreply.github.com> Date: Fri, 13 Dec 2024 12:27:26 +0100 Subject: [PATCH 1192/1248] fix(argocd-image-updater): update RBAC namespaced role (#3073) Signed-off-by: Frederic Mereu Co-authored-by: Aikawa --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/templates/rbac.yaml | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index f74772f9..4cbb96e5 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.11.2 +version: 0.11.3 appVersion: v0.15.1 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argocd-image-updater to v0.15.1 + description: Update permissions for namespaced Role diff --git a/charts/argocd-image-updater/templates/rbac.yaml b/charts/argocd-image-updater/templates/rbac.yaml index 0f631108..867d5b59 100644 --- a/charts/argocd-image-updater/templates/rbac.yaml +++ b/charts/argocd-image-updater/templates/rbac.yaml @@ -24,6 +24,15 @@ rules: - events verbs: - create + - apiGroups: + - argoproj.io + resources: + - applications + verbs: + - get + - list + - update + - patch {{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 From c6e5aba59081dd3cf08e5d8f2e8932e67302f20e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 14 Dec 2024 12:35:51 -0600 Subject: [PATCH 1193/1248] chore(deps): bump github/codeql-action from 3.27.6 to 3.27.9 in the dependencies group (#3078) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index a52762aa..efed22af 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6 + uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: sarif_file: results.sarif From f9856eb58376062f8f3697d79c0579c19aad14ac Mon Sep 17 00:00:00 2001 From: Kazuma Inamura <8310973+inamuu@users.noreply.github.com> Date: Tue, 17 Dec 2024 06:31:09 +0900 Subject: [PATCH 1194/1248] fix(argo-workflows): a link in values.yaml for Kubernetes Ingress docs (#3079) Signed-off-by: inamuu <8310973+inamuu@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 77ca7d7d..86f35660 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.6.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.1 +version: 0.45.2 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-workflows to v3.6.2 + - kind: fixed + description: Reference to ingress link was fixed diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8101898b..3de0ad8d 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -625,7 +625,7 @@ server: volumes: [] ## Ingress configuration. - # ref: https://kubernetes.io/docs/user-guide/ingress/ + # ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ ingress: # -- Enable an ingress resource enabled: false From 46b76061b58f7ae71777708479ab622927dca923 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 21 Dec 2024 08:52:31 +0900 Subject: [PATCH 1195/1248] chore(deps): update actions/create-github-app-token action to v1.11.1 (#3085) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index e267fcc8..86872311 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 + uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 06af22458fe106226be98830664e7a421afadbce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 21 Dec 2024 05:13:42 -0600 Subject: [PATCH 1196/1248] chore(deps): bump the dependencies group with 3 updates (#3086) --- .github/workflows/lint-and-test.yml | 2 +- .github/workflows/scorecard.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c8188a35..cf03b150 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 + uses: helm/kind-action@ae94020eaf628e9b9b9f341a10cc0cdcf5c018fb # v1.11.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index efed22af..0205ce8c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: results.sarif From ca63415d8ac840e2fb855404e5bf22642f5f38f8 Mon Sep 17 00:00:00 2001 From: Davor Gajic <47570664+gajicdev@users.noreply.github.com> Date: Sat, 21 Dec 2024 13:05:37 +0100 Subject: [PATCH 1197/1248] fix(argo-cd): add functionality to en/disable argocd-ssh-known-hosts-cm (#3083) Signed-off-by: Davor Gajic Co-authored-by: Davor Gajic Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + .../templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml | 2 ++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6f399bbb..ac2842e4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.2 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.10 +version: 7.7.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.13.2 + - kind: added + description: Added functionality to en/disable argocd-ssh-known-hosts-cm diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 8cea8341..226c37a9 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -783,6 +783,7 @@ NAME: my-release | configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events | | configs.secret.labels | object | `{}` | Labels to be added to argocd-secret | | configs.ssh.annotations | object | `{}` | Annotations to be added to argocd-ssh-known-hosts-cm configmap | +| configs.ssh.create | bool | `true` | Specifies if the argocd-ssh-known-hosts-cm configmap should be created by Helm. | | configs.ssh.extraHosts | string | `""` | Additional known hosts for private repositories | | configs.ssh.knownHosts | string | See [values.yaml] | Known hosts to be added to the known host list by default. | | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index b0695ed3..0218d40b 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -1,3 +1,4 @@ +{{- if .Values.configs.ssh.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -17,3 +18,4 @@ data: {{- with .Values.configs.ssh.extraHosts }} {{- . | nindent 4 }} {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f2ca736a..66522279 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -371,6 +371,9 @@ configs: # SSH known hosts for Git repositories ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#ssh-known-host-public-keys ssh: + # -- Specifies if the argocd-ssh-known-hosts-cm configmap should be created by Helm. + create: true + # -- Annotations to be added to argocd-ssh-known-hosts-cm configmap annotations: {} From ef90ecc84466b2d78adf479dd1f162e8760a037c Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 14:47:18 +0900 Subject: [PATCH 1198/1248] chore(deps): update renovatebot/github-action action to v41.0.7 (#3087) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 86872311..b7e3508d 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@e3a862510f27d57a380efb11f0b52ad7e8dbf213 # v41.0.6 + uses: renovatebot/github-action@2be773c4be8361d8182cc1b750e75bbc75af71b0 # v41.0.7 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 74376f6cab408d9c78c645dd61dffc5c4b138e15 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Dec 2024 11:52:27 -0600 Subject: [PATCH 1199/1248] chore(deps): bump helm/kind-action from 1.11.0 to 1.12.0 in the dependencies group (#3091) --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index cf03b150..4c4db950 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@ae94020eaf628e9b9b9f341a10cc0cdcf5c018fb # v1.11.0 + uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 0877c58e19cd2ffd96e613520938a4a744b424b7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 31 Dec 2024 02:19:17 +0900 Subject: [PATCH 1200/1248] fix(argo-rollouts): Correct outdated URL for ingress (#3093) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 1eb766af..33d77781 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.38.0 +version: 2.38.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Updated plugin values.yaml example and it's implementation to not need to include the stringification or the plugins block that it used to + description: Correct outdated URL for ingress diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index fdc58a44..c95f88bf 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -397,7 +397,7 @@ dashboard: maxUnavailable: # 0 ## Ingress configuration. - ## ref: https://kubernetes.io/docs/user-guide/ingress/ + ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ ## ingress: # -- Enable dashboard ingress support From 9bd03f64b225a77d7ebbf86ba2b3a887aeefeff4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 31 Dec 2024 21:17:39 +0900 Subject: [PATCH 1201/1248] docs(argo-events): Correct outdated URL for doc (#3096) --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/README.md | 8 ++++---- charts/argo-events/README.md.gotmpl | 8 ++++---- charts/argo-events/values.yaml | 8 ++++---- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 519ebe66..fdd4233f 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.9.3 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.9 +version: 2.4.10 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-events to v1.9.3 + - kind: fixed + description: Correct outdated URL for doc diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 10b26972..7e9f6e37 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -234,9 +234,9 @@ done ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[affinity]: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ +[Node selector]: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes -[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ +[Tolerations]: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ [values.yaml]: values.yaml diff --git a/charts/argo-events/README.md.gotmpl b/charts/argo-events/README.md.gotmpl index c25a3e97..505217ba 100644 --- a/charts/argo-events/README.md.gotmpl +++ b/charts/argo-events/README.md.gotmpl @@ -89,9 +89,9 @@ done ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[affinity]: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ +[Node selector]: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes -[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ +[Tolerations]: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ [values.yaml]: values.yaml diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 5c2206d6..fb9878c9 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -243,7 +243,7 @@ controller: # runAsNonRoot: true ## Readiness and liveness probes for default backend - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -281,7 +281,7 @@ controller: affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the events controller - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 @@ -409,7 +409,7 @@ webhook: # runAsNonRoot: true ## Readiness and liveness probes for default backend - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -447,7 +447,7 @@ webhook: affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the event controller - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 From 279930e1333880ba0fc176fdae7dafbc0435ca8e Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 1 Jan 2025 15:17:29 +0900 Subject: [PATCH 1202/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v39.86.4 (#3099) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index b7e3508d..932f2a8f 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 39.43.0 + renovate-version: 39.86.4 token: '${{ steps.get_token.outputs.token }}' env: LOG_LEVEL: 'debug' From 2436051d5c67a7ef6497742b667eabcdd60b1920 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 2 Jan 2025 15:18:00 +0900 Subject: [PATCH 1203/1248] docs(argo-cd): Correct outdated URL for doc (#3097) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 12 ++++++------ charts/argo-cd/README.md.gotmpl | 12 ++++++------ charts/argo-cd/values.yaml | 33 +++++++++++++++++---------------- 4 files changed, 32 insertions(+), 31 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac2842e4..d0c28f55 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.2 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.11 +version: 7.7.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added functionality to en/disable argocd-ssh-known-hosts-cm + - kind: fixed + description: Correct outdated URL for doc diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 226c37a9..3b2b999a 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1623,26 +1623,26 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) [Argo CD RBAC policy]: https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/ -[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[affinity]: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog [Chart Hooks]: https://helm.sh/docs/topics/charts_hooks/ [DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FAQ]: https://argo-cd.readthedocs.io/en/stable/faq/ -[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup [gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ [GnuPG]: https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs -[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[Node selector]: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector [PodDisruptionBudget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config -[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ +[Tolerations]: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index ef75ddfe..bd63c755 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -817,26 +817,26 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) [Argo CD RBAC policy]: https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/ -[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[affinity]: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog [Chart Hooks]: https://helm.sh/docs/topics/charts_hooks/ [DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FAQ]: https://argo-cd.readthedocs.io/en/stable/faq/ -[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup [gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ [GnuPG]: https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs -[Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ +[Node selector]: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector [PodDisruptionBudget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config -[Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ +[Tolerations]: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 66522279..d5056840 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -141,7 +141,7 @@ global: # - antarctica-west1 # -- Default [TopologySpreadConstraints] rules for all components - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector of the component topologySpreadConstraints: [] # - maxSkew: 1 @@ -792,7 +792,7 @@ controller: - ALL # Readiness probe for application controller - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -826,7 +826,7 @@ controller: # -- Assign custom [TopologySpreadConstraints] rules to the application controller # @default -- `[]` (defaults to global.topologySpreadConstraints) - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 @@ -1228,7 +1228,7 @@ dex: # -- Assign custom [TopologySpreadConstraints] rules to dex # @default -- `[]` (defaults to global.topologySpreadConstraints) - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 @@ -1315,7 +1315,7 @@ redis: - ALL ## Probes for Redis exporter (optional) - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: # -- Enable Kubernetes liveness probe for Redis exporter (optional) enabled: false @@ -1373,7 +1373,7 @@ redis: # name: secret-name ## Probes for Redis server (optional) - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: # -- Enable Kubernetes liveness probe for Redis server enabled: false @@ -1483,7 +1483,7 @@ redis: # -- Assign custom [TopologySpreadConstraints] rules to redis # @default -- `[]` (defaults to global.topologySpreadConstraints) - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 @@ -1632,7 +1632,7 @@ redis-ha: tolerations: [] # -- Assign custom [TopologySpreadConstraints] rules to the Redis pods. - ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ topologySpreadConstraints: # -- Enable Redis HA topology spread constraints enabled: false @@ -1991,7 +1991,7 @@ server: - ALL ## Readiness and liveness probes for default backend - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -2037,7 +2037,7 @@ server: # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server # @default -- `[]` (defaults to global.topologySpreadConstraints) - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 @@ -2138,7 +2138,8 @@ server: # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from - ## Ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## EKS Ref: https://repost.aws/knowledge-center/eks-cidr-ip-address-loadbalancer + ## GKE Ref: https://cloud.google.com/kubernetes-engine/docs/concepts/network-overview#limit-connectivity-ext-lb loadBalancerSourceRanges: [] # -- Server service external IPs externalIPs: [] @@ -2638,7 +2639,7 @@ repoServer: - ALL ## Readiness and liveness probes for default backend - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -2680,7 +2681,7 @@ repoServer: # -- Assign custom [TopologySpreadConstraints] rules to the repo server # @default -- `[]` (defaults to global.topologySpreadConstraints) - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 @@ -3007,7 +3008,7 @@ applicationSet: - ALL ## Probes for ApplicationSet controller (optional) - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: # -- Enable Kubernetes liveness probe for ApplicationSet controller enabled: false @@ -3384,7 +3385,7 @@ notifications: - ALL ## Probes for notifications controller Pods (optional) - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: # -- Enable Kubernetes liveness probe for notifications controller Pods enabled: false @@ -3430,7 +3431,7 @@ notifications: # -- Assign custom [TopologySpreadConstraints] rules to the application controller # @default -- `[]` (defaults to global.topologySpreadConstraints) - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] # - maxSkew: 1 From 91ad82947c65cbfa2216e42a9681383bc36a48a8 Mon Sep 17 00:00:00 2001 From: AviorSchreiber <80765239+AviorSchreiber@users.noreply.github.com> Date: Fri, 3 Jan 2025 16:07:27 +0200 Subject: [PATCH 1204/1248] feat(argo-rollouts): Add lifecyle and terminationGracePeriodSeconds settings for controller (#3100) * feat(argo-rollouts): Add lifecyle and terminationGracePeriodSeconds settings for controller Signed-off-by: AviorSchreiber <80765239+AviorSchreiber@users.noreply.github.com> * Update charts/argo-rollouts/templates/controller/deployment.yaml Co-authored-by: Aikawa Signed-off-by: AviorSchreiber <80765239+AviorSchreiber@users.noreply.github.com> * Update charts/argo-rollouts/templates/controller/deployment.yaml Co-authored-by: JM (Jason Meridth) Signed-off-by: AviorSchreiber <80765239+AviorSchreiber@users.noreply.github.com> --------- Signed-off-by: AviorSchreiber <80765239+AviorSchreiber@users.noreply.github.com> Co-authored-by: Aikawa Co-authored-by: JM (Jason Meridth) --- charts/argo-rollouts/Chart.yaml | 8 +++++--- charts/argo-rollouts/README.md | 2 ++ charts/argo-rollouts/templates/controller/deployment.yaml | 6 ++++++ charts/argo-rollouts/values.yaml | 4 ++++ 4 files changed, 17 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 33d77781..757a6329 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.38.1 +version: 2.38.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Correct outdated URL for ingress + - kind: added + description: Add lifecycle settings for controller + - kind: added + description: Add terminationGracePeriodSeconds for controller diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 927a2098..aa09ca14 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -98,6 +98,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.image.repository | string | `"argoproj/argo-rollouts"` | Repository to use | | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | controller.initContainers | list | `[]` | Init containers to add to the rollouts controller pod | +| controller.lifecycle | object | `{}` | Specify lifecycle hooks for the controller | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | | controller.logging.kloglevel | string | `"0"` | Set the klog logging level | @@ -125,6 +126,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | +| controller.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | | controller.trafficRouterPlugins | list | `[]` | Configures 3rd party traffic router plugins for controller | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index df5dc4db..7aea72a4 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -78,6 +78,9 @@ spec: {{- toYaml .Values.controller.readinessProbe | nindent 10 }} securityContext: {{- toYaml .Values.containerSecurityContext | nindent 10 }} + {{- with .Values.controller.lifecycle }} + lifecycle: {{ toYaml . | nindent 10 }} + {{- end }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} volumeMounts: @@ -101,6 +104,9 @@ spec: {{- end }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- with .Values.controller.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ . }} + {{- end }} {{- if .Values.controller.tolerations }} tolerations: {{- toYaml .Values.controller.tolerations | nindent 8 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index c95f88bf..26633455 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -79,6 +79,10 @@ controller: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Specify lifecycle hooks for the controller + lifecycle: {} # -- [priorityClassName] for the controller priorityClassName: "" # -- The number of controller pods to run From 844afb6611224b0a1b1d11abb61eef1970ed76b6 Mon Sep 17 00:00:00 2001 From: Bart Versteeg <8367621+bmjhversteeg@users.noreply.github.com> Date: Fri, 3 Jan 2025 16:15:59 +0100 Subject: [PATCH 1205/1248] feat(argo-workflows): Support ephemeral credentials for s3 (#3101) feat(argo-workflows) Support ephemeral credentials for s3 Signed-off-by: Bart Versteeg <8367621+bmjhversteeg@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +++--- .../controller/workflow-controller-config-map.yaml | 5 +++++ charts/argo-workflows/values.yaml | 3 +++ 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 86f35660..658d613f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.6.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.2 +version: 0.45.3 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Reference to ingress link was fixed + - kind: added + description: Support ephemeral credentials for s3 artifact repository diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d93a910e..a269f6e5 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -83,6 +83,11 @@ data: secretKeySecret: key: {{ tpl .Values.artifactRepository.s3.secretKeySecret.key . }} name: {{ tpl .Values.artifactRepository.s3.secretKeySecret.name . }} + {{- if .Values.artifactRepository.s3.sessionTokenSecret }} + sessionTokenSecret: + key: {{ tpl .Values.artifactRepository.s3.sessionTokenSecret.key . }} + name: {{ tpl .Values.artifactRepository.s3.sessionTokenSecret.name . }} + {{- end }} {{- end }} bucket: {{ tpl (.Values.artifactRepository.s3.bucket | default "") . }} endpoint: {{ tpl (.Values.artifactRepository.s3.endpoint | default "") . }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 3de0ad8d..035945d2 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -812,6 +812,9 @@ artifactRepository: # secretKeySecret: # name: "{{ .Release.Name }}-minio" # key: secretkey + # sessionTokenSecret: + # name: "{{ .Release.Name }}-minio" + # key: sessionToken # # insecure will disable TLS. Primarily used for minio installs not configured with TLS # insecure: false # caSecret: From a0831126ccaab5d8bcb12b1a4834232b28e6c11d Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 4 Jan 2025 09:07:39 +0900 Subject: [PATCH 1206/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.13.3 (#3103) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d0c28f55..51f0efb6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.13.2 +appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.12 +version: 7.7.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Correct outdated URL for doc + - kind: changed + description: Bump argo-cd to v2.13.3 From 02db043ff11d6ac18d67beef2d84e2a32828a675 Mon Sep 17 00:00:00 2001 From: Takumi Sue <23391543+mikutas@users.noreply.github.com> Date: Sat, 4 Jan 2025 18:07:48 +0900 Subject: [PATCH 1207/1248] chore(github): add includePath to renovate.json (#3072) --- renovate.json | 1 + 1 file changed, 1 insertion(+) diff --git a/renovate.json b/renovate.json index 730f497e..f4b35531 100644 --- a/renovate.json +++ b/renovate.json @@ -12,6 +12,7 @@ "includePaths": [ "**/charts/argo-workflows/Chart.yaml", "**/charts/argo-cd/Chart.yaml", + "**/charts/argo-cd/values.yaml", "**/charts/argo-events/Chart.yaml", "**/charts/argo-rollouts/Chart.yaml", "**/charts/argocd-image-updater/Chart.yaml", From b594e6bd2047dd45c22425df9d32cd307943769d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 4 Jan 2025 23:02:01 +0900 Subject: [PATCH 1208/1248] fix(argo-events): Support initContainers to controller (#3098) Signed-off-by: yu-croco --- charts/argo-events/Chart.yaml | 4 ++-- .../templates/argo-events-controller/deployment.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index fdd4233f..76d675a3 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.9.3 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.10 +version: 2.4.11 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Correct outdated URL for doc + description: Support initContainers to controller diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 75d0cdb2..17bf0a6a 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -108,6 +108,10 @@ spec: {{- with .Values.controller.extraContainers }} {{- toYaml . | nindent 6 }} {{- end -}} + {{- with .Values.controller.initContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} From 89f40fd00117c90f16e14caa64133d9ba8403e43 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 5 Jan 2025 13:56:16 +0900 Subject: [PATCH 1209/1248] chore(github): Support redis-exporter to Renovate (#3105) --- renovate.json | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/renovate.json b/renovate.json index f4b35531..dcf91249 100644 --- a/renovate.json +++ b/renovate.json @@ -101,6 +101,13 @@ "matchPackagePatterns": ["redis-ha"], "enabled": false }, + { + "matchPackagePatterns": ["public.ecr.aws/bitnami/redis-exporter"], + "commitMessagePrefix": "chore({{{replace 'public.ecr.aws/' '' depName}}}):", + "postUpgradeTasks": { + "commands": ["./scripts/renovate-bump-version.sh {{depName}}"] + } + }, { "matchPackageNames": ["ghcr.io/renovatebot/renovate"], "extends": ["schedule:monthly"] From 3b2d2767d95a4b6df74fcfc04a62525067b07942 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 16:29:18 +0900 Subject: [PATCH 1210/1248] chore(deps): update renovatebot/github-action action to v41.0.8 (#3107) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 932f2a8f..eeea7755 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@2be773c4be8361d8182cc1b750e75bbc75af71b0 # v41.0.7 + uses: renovatebot/github-action@f24426972367551f3391720e34317783a92fd32b # v41.0.8 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 796f6c8dc3595afa6a3b7153a7ce283eb2f74677 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 7 Jan 2025 08:04:10 +0100 Subject: [PATCH 1211/1248] chore(argocd-image-updater): Update dependency argoproj-labs/argocd-image-updater to v0.15.2 (#3109) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argocd-image-updater/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 4cbb96e5..f3880ec5 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.11.3 -appVersion: v0.15.1 +version: 0.11.4 +appVersion: v0.15.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update permissions for namespaced Role + description: Bump argocd-image-updater to v0.15.2 From 9946d3dfeeb75d4106fa89edb0c610ccc01de12f Mon Sep 17 00:00:00 2001 From: gyajangi1 Date: Tue, 7 Jan 2025 17:32:31 +0530 Subject: [PATCH 1212/1248] feat(argo-cd): Add DRY support for Ingress (#3081) * Updated tpl function Signed-off-by: gyajangi1 * Update ingress.yaml Signed-off-by: gyajangi1 * reverted changes Signed-off-by: gyajangi1 * Updated ingress.yaml Signed-off-by: gyajangi1 * Update charts/argo-cd/templates/argocd-server/ingress.yaml Co-authored-by: Marco Maurer (-Kilchhofer) Signed-off-by: gyajangi1 * Update charts/argo-cd/templates/argocd-server/ingress.yaml Co-authored-by: Marco Maurer (-Kilchhofer) Signed-off-by: gyajangi1 * update changelog for tpl function in ingress Signed-off-by: gyajangi1 * update changelog for tpl function in ingress Signed-off-by: gyajangi1 * Update chart version 7.7.14 Signed-off-by: gyajangi1 * Update charts/argo-cd/Chart.yaml Co-authored-by: Marco Maurer (-Kilchhofer) Signed-off-by: gyajangi1 * fix: Drop trailing spaces Signed-off-by: Marco Maurer (-Kilchhofer) --------- Signed-off-by: gyajangi1 Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-server/ingress.yaml | 14 +++++++------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 51f0efb6..1e799493 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.13 +version: 7.7.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.13.3 + - kind: added + description: Added `tpl` function support for `server.ingress`. diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 31f72ed6..88c2f99a 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -9,20 +9,20 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingress.labels }} - {{- toYaml . | nindent 4 }} + {{- tpl (toYaml .) $ | nindent 4 }} {{- end }} {{- with .Values.server.ingress.annotations }} annotations: {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} + {{ $key }}: {{ tpl $value $ | quote }} {{- end }} {{- end }} spec: {{- with .Values.server.ingress.ingressClassName }} - ingressClassName: {{ . }} + ingressClassName: {{ tpl . $ }} {{- end }} rules: - - host: {{ .Values.server.ingress.hostname | default .Values.global.domain }} + - host: {{ tpl (.Values.server.ingress.hostname) $ | default .Values.global.domain }} http: paths: {{- with .Values.server.ingress.extraPaths }} @@ -36,7 +36,7 @@ spec: port: number: {{ $servicePort }} {{- range .Values.server.ingress.extraHosts }} - - host: {{ .name | quote }} + - host: {{ tpl .name $ | quote }} http: paths: - path: {{ default $.Values.server.ingress.path .path }} @@ -54,10 +54,10 @@ spec: tls: {{- if .Values.server.ingress.tls }} - hosts: - - {{ .Values.server.ingress.hostname | default .Values.global.domain }} + - {{ tpl (.Values.server.ingress.hostname) $ | default .Values.global.domain }} {{- range .Values.server.ingress.extraHosts }} {{- if .name }} - - {{ .name }} + - {{ tpl .name $ }} {{- end }} {{- end }} secretName: argocd-server-tls From d963962c569150d9138a6751f3b75a95154c873b Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 8 Jan 2025 17:36:39 +0900 Subject: [PATCH 1213/1248] chore(argo-events): Update dependency argoproj/argo-events to v1.9.4 (#3112) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-events/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 76d675a3..55a7bd51 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.9.3 +appVersion: v1.9.4 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.11 +version: 2.4.12 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Support initContainers to controller + - kind: changed + description: Bump argo-events to v1.9.4 From 6c5e25c74332ece7b1d30115b3f4e800cbb2ea00 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 10 Jan 2025 16:17:52 +0900 Subject: [PATCH 1214/1248] fix(argo-cd): Correct ingress listen-ports example on README (#3120) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/README.md.gotmpl | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1e799493..ce7bac6b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.14 +version: 7.7.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added `tpl` function support for `server.ingress`. + - kind: fixed + description: Correct ingress listen-ports example diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3b2b999a..afc0e9bb 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -191,7 +191,7 @@ server: alb.ingress.kubernetes.io/scheme: internal alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/backend-protocol: HTTP - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' + alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]' alb.ingress.kubernetes.io/ssl-redirect: '443' aws: serviceType: ClusterIP # <- Used with target-type: ip diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index bd63c755..0520c40f 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -190,7 +190,7 @@ server: alb.ingress.kubernetes.io/scheme: internal alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/backend-protocol: HTTP - alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' + alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]' alb.ingress.kubernetes.io/ssl-redirect: '443' aws: serviceType: ClusterIP # <- Used with target-type: ip From 23b484de9c0a21de761b542c50a5b44fa1e63b69 Mon Sep 17 00:00:00 2001 From: Cristhian Roa Date: Fri, 10 Jan 2025 11:23:36 +0100 Subject: [PATCH 1215/1248] feat(argo-workflows): Support workflowEvent configuration to Argo Workflow Controller (#3115) Support workflowEvent configuration to Argo Workflow Controller Signed-off-by: Cristhian Roa Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 2 ++ charts/argo-workflows/values.yaml | 6 ++++++ 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 658d613f..be8df0c6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.6.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.3 +version: 0.45.4 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Support ephemeral credentials for s3 artifact repository + description: Support configuring workflow events in the controller diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 6a82eb5f..323524c2 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -239,6 +239,7 @@ Fields to note: | controller.volumeMounts | list | `[]` | Additional volume mounts to the controller main container | | controller.volumes | list | `[]` | Additional volumes to the controller pod | | controller.workflowDefaults | object | `{}` | Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. Only valid for 2.7+ | +| controller.workflowEvents.enabled | bool | `true` | Enable to emit events on workflow status changes. | | controller.workflowNamespaces | list | `["default"]` | Specify all namespaces where this workflow controller instance will manage workflows. This controls where the service account and RBAC resources will be created. Only valid when singleNamespace is false. | | controller.workflowRestrictions | object | `{}` | Restricts the Workflows that the controller will process. Only valid for 2.9+ | | controller.workflowTTLWorkers | string | `nil` | Number of workflow TTL workers | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index a269f6e5..49616768 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -200,6 +200,8 @@ data: {{- end }} nodeEvents: enabled: {{ .Values.controller.nodeEvents.enabled }} + workflowEvents: + enabled: {{ .Values.controller.workflowEvents.enabled }} {{- with .Values.controller.kubeConfig }} kubeConfig: {{- toYaml . | nindent 6 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 035945d2..cf9b08d8 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -402,6 +402,12 @@ controller: ## "Unable to create audit event: etcdserver: mvcc: database space exceeded" enabled: true + workflowEvents: + # -- Enable to emit events on workflow status changes. + ## This can take up a lot of space in k8s (typically etcd), resulting in errors when trying to create new events: + ## "Unable to create audit event: etcdserver: mvcc: database space exceeded" + enabled: true + # -- Configure when workflow controller runs in a different k8s cluster with the workflow workloads, # or needs to communicate with the k8s apiserver using an out-of-cluster kubeconfig secret. # @default -- `{}` (See [values.yaml]) From b10de0302629918c2ad22223e19f7b3974c1c74c Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 11 Jan 2025 04:22:29 -0600 Subject: [PATCH 1216/1248] chore(argo-events): Update dependency argoproj/argo-events to v1.9.5 (#3121) --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 55a7bd51..a184cb91 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.9.4 +appVersion: v1.9.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.12 +version: 2.4.13 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-events to v1.9.4 + description: Bump argo-events to v1.9.5 From 191e7688ab34afa504451813e1dd9169d1f3b967 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 11 Jan 2025 10:24:22 +0000 Subject: [PATCH 1217/1248] chore(deps): bump the dependencies group with 2 updates (#3122) --- .github/workflows/scorecard.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0205ce8c..231f25c1 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 + uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1 with: sarif_file: results.sarif From b0578c400163e9c65f90b3918a7b97ac50e3ac46 Mon Sep 17 00:00:00 2001 From: nhershman Date: Tue, 14 Jan 2025 02:17:29 -0800 Subject: [PATCH 1218/1248] fix(argo-cd): Adding conditionals around argocd-tls-cert-cm.yaml helm creation (#3124) * chore(argo-events): Update dependency argoproj/argo-events to v1.9.5 (#3121) Signed-off-by: nhershman * chore(deps): bump the dependencies group with 2 updates (#3122) Signed-off-by: nhershman * adding conditional for argocd-tls-certs-cm.yaml to be created by Helm Signed-off-by: nhershman * adding changelog Signed-off-by: nhershman --------- Signed-off-by: nhershman Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nicole Hershman --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + .../templates/argocd-configs/argocd-tls-certs-cm.yaml | 2 ++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ce7bac6b..2eb5a0cf 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.15 +version: 7.7.16 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Correct ingress listen-ports example + - kind: added + description: Added conditional around argocd-tls-certs-cm.yaml helm creation diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index afc0e9bb..2b223a6f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -789,6 +789,7 @@ NAME: my-release | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | | configs.tls.annotations | object | `{}` | Annotations to be added to argocd-tls-certs-cm configmap | | configs.tls.certificates | object | `{}` (See [values.yaml]) | TLS certificates for Git repositories | +| configs.tls.create | bool | `true` | Specifies if the argocd-tls-certs-cm configmap should be created by Helm. | ## Argo CD Controller diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index db582e6d..3aad4011 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -1,3 +1,4 @@ +{{- if .Values.configs.tls.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -15,3 +16,4 @@ metadata: data: {{- toYaml . | nindent 2 }} {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d5056840..c5dcf150 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -412,6 +412,9 @@ configs: # ... # -----END CERTIFICATE----- + # -- Specifies if the argocd-tls-certs-cm configmap should be created by Helm. + create: true + # ConfigMap for Config Management Plugins # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/ cmp: From 8ba5f22bdf71467113d30055a0e143e1ce0eadd1 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 18 Jan 2025 19:22:42 -0600 Subject: [PATCH 1219/1248] chore(deps): update renovatebot/github-action action to v41.0.9 (#3125) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index eeea7755..ebc1adf8 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@f24426972367551f3391720e34317783a92fd32b # v41.0.8 + uses: renovatebot/github-action@531c6786d6cf05ef148c4cfe251745c2c6de442c # v41.0.9 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 27ef4ecd7dd30dbccea61180ff529d3102b9c30e Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 20 Jan 2025 17:18:21 +0900 Subject: [PATCH 1220/1248] chore(deps): update renovatebot/github-action action to v41.0.10 (#3128) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index ebc1adf8..de804f3f 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@531c6786d6cf05ef148c4cfe251745c2c6de442c # v41.0.9 + uses: renovatebot/github-action@3f10d7a25cf0aa7b37519aa771ed9143fcbb5da5 # v41.0.10 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From bf9830c670970904b8dad642e997d2107b14fb18 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Fri, 24 Jan 2025 14:04:22 +0100 Subject: [PATCH 1221/1248] fix(argo-cd): Address ingress regression of PR #3081 (#3137) Signed-off-by: Marco Maurer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2eb5a0cf..05c614ff 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.16 +version: 7.7.17 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added conditional around argocd-tls-certs-cm.yaml helm creation + - kind: fixed + description: Address ingress regression of PR #3081, use toString before tpl function diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 88c2f99a..8724baa7 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -14,7 +14,7 @@ metadata: {{- with .Values.server.ingress.annotations }} annotations: {{- range $key, $value := . }} - {{ $key }}: {{ tpl $value $ | quote }} + {{ $key }}: {{ tpl (toString $value) $ | quote }} {{- end }} {{- end }} spec: From 79ec8fdb942aaffaeba5cd1cdf7e0184cd7a16f0 Mon Sep 17 00:00:00 2001 From: AvivGuiser Date: Sat, 25 Jan 2025 15:31:37 +0200 Subject: [PATCH 1222/1248] feat(argocd-image-updater): Make cm and secret names configurable (#2998) * feat: made argocd image updater cm and secret name templated Signed-off-by: AvivGuiser * fix indention Signed-off-by: AvivGuiser * update Chart.yaml Signed-off-by: AvivGuiser * chore: Apply changes from code review Signed-off-by: Marco Maurer * chore: Reflect changes from review inside changelog Signed-off-by: Marco Maurer (-Kilchhofer) --------- Signed-off-by: AvivGuiser Signed-off-by: Marco Maurer Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Marco Maurer --- charts/argocd-image-updater/Chart.yaml | 4 +-- charts/argocd-image-updater/README.md | 6 +++- .../templates/configmap-authscripts.yaml | 2 +- .../templates/configmap-sshconfig.yaml | 10 ++++-- .../templates/configmap.yaml | 2 +- .../templates/deployment.yaml | 32 +++++++++---------- .../templates/secret.yaml | 2 +- charts/argocd-image-updater/values.yaml | 12 +++++-- 8 files changed, 44 insertions(+), 26 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index f3880ec5..02438363 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.11.4 +version: 0.12.0 appVersion: v0.15.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argocd-image-updater to v0.15.2 + description: ConfigMap and Secret names are now configurable diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 7a35b881..d77ee710 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -70,6 +70,7 @@ The `config.registries` value can be used exactly as it looks in the documentati |-----|------|---------|-------------| | affinity | object | `{}` | Kubernetes affinity settings for the deployment | | authScripts.enabled | bool | `false` | Whether to mount the defined scripts that can be used to authenticate with a registry, the scripts will be mounted at `/scripts` | +| authScripts.name | string | `"argocd-image-updater-authscripts"` | Name of the authentication scripts ConfigMap | | authScripts.scripts | object | `{}` | Map of key-value pairs where the key consists of the name of the script and the value the contents | | config.applicationsAPIKind | string | `""` | API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`) | | config.argocd.grpcWeb | bool | `true` | Use the gRPC-web protocol to connect to the Argo CD API | @@ -77,6 +78,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the Argo CD API instead of TLS. | | config.argocd.serverAddress | string | `""` | Connect to the Argo CD API server at server address | | config.argocd.token | string | `""` | If specified, the secret with Argo CD API key will be created. | +| config.argocd.tokenSecretName | string | `"argocd-image-updater-secret"` | Name of the Secret containing the token | | config.disableKubeEvents | bool | `false` | Disable kubernetes events | | config.gitCommitMail | string | `""` | E-Mail address to use for Git commits | | config.gitCommitSignOff | bool | `false` | Enables sign off on commits | @@ -85,8 +87,10 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.gitCommitTemplate | string | `""` | Changing the Git commit message | | config.gitCommitUser | string | `""` | Username to use for Git commits | | config.logLevel | string | `"info"` | Argo CD Image Update log level | +| config.name | string | `"argocd-image-updater-config"` | Name of the ConfigMap | | config.registries | list | `[]` | Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | -| config.sshConfig | object | `{}` | Argo CD Image Updater ssh client parameter configuration. | +| config.sshConfig.config | string | `""` | Argo CD Image Updater ssh client parameter configuration. | +| config.sshConfig.name | string | `"argocd-image-updater-ssh-config"` | Name of the sshConfig ConfigMap | | createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | | extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | diff --git a/charts/argocd-image-updater/templates/configmap-authscripts.yaml b/charts/argocd-image-updater/templates/configmap-authscripts.yaml index fbb345e3..259054f6 100644 --- a/charts/argocd-image-updater/templates/configmap-authscripts.yaml +++ b/charts/argocd-image-updater/templates/configmap-authscripts.yaml @@ -4,7 +4,7 @@ kind: ConfigMap metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} - name: argocd-image-updater-authscripts + name: {{ .Values.authScripts.name }} namespace: {{ include "argocd-image-updater.namespace" . | quote }} data: {{- toYaml .Values.authScripts.scripts | nindent 2}} diff --git a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml index 9fd83d92..9ff9ba61 100644 --- a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml +++ b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml @@ -1,11 +1,17 @@ +{{- $sshConfig := omit .Values.config.sshConfig "name" }} +{{- range $key, $val := $sshConfig }} + {{- if not $val }} + {{ $_ := unset $sshConfig $key }} + {{- end }} +{{- end }} apiVersion: v1 kind: ConfigMap metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} - name: argocd-image-updater-ssh-config + name: {{ .Values.config.sshConfig.name }} namespace: {{ include "argocd-image-updater.namespace" . | quote }} -{{- with .Values.config.sshConfig }} +{{- with $sshConfig }} data: {{- toYaml . | nindent 2 }} {{- end }} diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml index 46ee3b80..8eb0e704 100644 --- a/charts/argocd-image-updater/templates/configmap.yaml +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -4,7 +4,7 @@ kind: ConfigMap metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} - name: argocd-image-updater-config + name: {{ .Values.config.name }} namespace: {{ include "argocd-image-updater.namespace" . | quote }} data: {{- with .Values.config.applicationsAPIKind }} diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 4aaa83b3..87f1fbf4 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -44,79 +44,79 @@ spec: valueFrom: configMapKeyRef: key: applications_api - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: ARGOCD_GRPC_WEB valueFrom: configMapKeyRef: key: argocd.grpc_web - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: ARGOCD_SERVER valueFrom: configMapKeyRef: key: argocd.server_addr - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: ARGOCD_INSECURE valueFrom: configMapKeyRef: key: argocd.insecure - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: ARGOCD_PLAINTEXT valueFrom: configMapKeyRef: key: argocd.plaintext - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: ARGOCD_TOKEN valueFrom: secretKeyRef: key: argocd.token - name: argocd-image-updater-secret + name: {{ .Values.config.argocd.tokenSecretName }} optional: true - name: IMAGE_UPDATER_LOGLEVEL valueFrom: configMapKeyRef: key: log.level - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: GIT_COMMIT_USER valueFrom: configMapKeyRef: key: git.user - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: GIT_COMMIT_EMAIL valueFrom: configMapKeyRef: key: git.email - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: IMAGE_UPDATER_KUBE_EVENTS valueFrom: configMapKeyRef: key: kube.events - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: GIT_COMMIT_SIGNING_KEY valueFrom: configMapKeyRef: key: git.commit-signing-key - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: GIT_COMMIT_SIGNING_METHOD valueFrom: configMapKeyRef: key: git.commit-signing-method - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true - name: GIT_COMMIT_SIGN_OFF valueFrom: configMapKeyRef: key: git.commit-sign-off - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true {{- with .Values.extraEnv }} {{- toYaml . | nindent 10 }} @@ -177,13 +177,13 @@ spec: path: registries.conf - key: git.commit-message-template path: commit.template - name: argocd-image-updater-config + name: {{ .Values.config.name }} optional: true name: image-updater-conf {{- if .Values.authScripts.enabled }} - configMap: defaultMode: 0777 - name: argocd-image-updater-authscripts + name: {{ .Values.authScripts.name }} name: authscripts {{- end }} - configMap: @@ -191,7 +191,7 @@ spec: optional: true name: ssh-known-hosts - configMap: - name: argocd-image-updater-ssh-config + name: {{ .Values.config.sshConfig.name }} optional: true name: ssh-config - name: ssh-signing-key diff --git a/charts/argocd-image-updater/templates/secret.yaml b/charts/argocd-image-updater/templates/secret.yaml index 08955095..171add82 100644 --- a/charts/argocd-image-updater/templates/secret.yaml +++ b/charts/argocd-image-updater/templates/secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: argocd-image-updater-secret + name: {{ .Values.config.argocd.tokenSecretName }} namespace: {{ include "argocd-image-updater.namespace" . | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 4825833e..15832520 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -109,6 +109,8 @@ volumes: [] # emptyDir: {} config: + # -- Name of the ConfigMap + name: argocd-image-updater-config # -- API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`) applicationsAPIKind: "" @@ -125,6 +127,8 @@ config: plaintext: false # -- If specified, the secret with Argo CD API key will be created. token: "" + # -- Name of the Secret containing the token + tokenSecretName: "argocd-image-updater-secret" # -- Disable kubernetes events disableKubeEvents: false @@ -175,9 +179,11 @@ config: # credentials: ext:/scripts/auth1.sh # credsexpire: 10h - # -- Argo CD Image Updater ssh client parameter configuration. sshConfig: - {} + # -- Name of the sshConfig ConfigMap + name: argocd-image-updater-ssh-config + # -- Argo CD Image Updater ssh client parameter configuration. + config: "" # config: | # Host * # PubkeyAcceptedAlgorithms +ssh-rsa @@ -188,6 +194,8 @@ config: authScripts: # -- Whether to mount the defined scripts that can be used to authenticate with a registry, the scripts will be mounted at `/scripts` enabled: false + # -- Name of the authentication scripts ConfigMap + name: argocd-image-updater-authscripts # -- Map of key-value pairs where the key consists of the name of the script and the value the contents scripts: {} # auth1.sh: | From 296362871281cc4b4b7b2389a83ec8d190430aaf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 Jan 2025 18:30:41 +0000 Subject: [PATCH 1223/1248] chore(deps): bump the dependencies group with 4 updates (#3141) --- .github/workflows/lint-and-test.yml | 2 +- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/stale.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 4c4db950..f8f9fe02 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,7 +38,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 + uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0 with: # Note: Also update in scripts/lint.sh version: v3.11.0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 2e74eab1..f6dcec99 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -59,7 +59,7 @@ jobs: PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}" - name: Run chart-releaser - uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0 + uses: helm/chart-releaser-action@cae68fefc6b5f367a0275617c9f83181ba54714f # v1.7.0 with: config: "./.github/configs/cr.yaml" env: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 231f25c1..e9a10387 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1 + uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5 with: sarif_file: results.sarif diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index d0813423..159a0e8e 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0 + - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From eed462224dfc1ee7541de28d5f4868eaecbd0911 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 27 Jan 2025 08:57:29 +0100 Subject: [PATCH 1224/1248] chore(deps): update renovatebot/github-action action to v41.0.11 (#3142) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index de804f3f..aa66cad0 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@3f10d7a25cf0aa7b37519aa771ed9143fcbb5da5 # v41.0.10 + uses: renovatebot/github-action@d385c88822a237acaead89c462fa0aef7502748f # v41.0.11 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From c2f3d9967d2f8b626ec48fe60784477a3477eaf4 Mon Sep 17 00:00:00 2001 From: Nick Heijmink <75807895+Nheijmink19@users.noreply.github.com> Date: Mon, 27 Jan 2025 16:31:51 +0100 Subject: [PATCH 1225/1248] feat(argo-cd): Add an extra feature toggle to the argocd configmap that allows sync impersonation (#3138) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/values.yaml | 4 ++++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 05c614ff..d7c85587 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.17 +version: 7.7.18 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Address ingress regression of PR #3081, use toString before tpl function + - kind: added + description: Add feature toggle to ArgoCD configmap allowing sync impersonation diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2b223a6f..04d8f1ad 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -726,6 +726,7 @@ NAME: my-release | configs.clusterCredentials | object | `{}` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | | configs.cm."admin.enabled" | bool | `true` | Enable local admin user | | configs.cm."application.instanceLabelKey" | string | `"argocd.argoproj.io/instance"` | The name of tracking label used by Argo CD for resource pruning | +| configs.cm."application.sync.impersonation.enabled" | bool | `false` | Enable control of the service account used for the sync operation (alpha) | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | | configs.cm."statusbadge.enabled" | bool | `false` | Enable Status Badge | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c5dcf150..b802d1ea 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -175,6 +175,10 @@ configs: # -- The name of tracking label used by Argo CD for resource pruning application.instanceLabelKey: argocd.argoproj.io/instance + # -- Enable control of the service account used for the sync operation (alpha) + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-sync-using-impersonation/ + application.sync.impersonation.enabled: false + # -- Enable logs RBAC enforcement ## Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement server.rbac.log.enforce.enable: false From 692bd040cedfb1db6126d1dee99e00c452315f87 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Tue, 28 Jan 2025 06:51:33 +0100 Subject: [PATCH 1226/1248] feat(github): Support redis and extension-installer in Renovate - alternative (#3143) --- .github/workflows/renovate.yaml | 1 + renovate.json | 27 ++++++++------------ scripts/renovate-bump-version.sh | 42 ++++++++++++++++++++------------ 3 files changed, 37 insertions(+), 33 deletions(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index aa66cad0..087e124d 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -32,6 +32,7 @@ jobs: # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate renovate-version: 39.86.4 token: '${{ steps.get_token.outputs.token }}' + mount-docker-socket: true env: LOG_LEVEL: 'debug' RENOVATE_REPOSITORIES: '${{ github.repository }}' diff --git a/renovate.json b/renovate.json index dcf91249..1ee051f5 100644 --- a/renovate.json +++ b/renovate.json @@ -83,31 +83,24 @@ "argoproj/argo-workflows", "argoproj/argo-cd", "argoproj/argo-events", - "argoproj/argo-rollouts" + "argoproj/argo-rollouts", + "argoproj-labs/argocd-image-updater", + "argoprojlabs/argocd-extension-installer", + "public.ecr.aws/bitnami/redis-exporter", + "public.ecr.aws/docker/library/redis" ], - "commitMessagePrefix": "chore({{{replace 'argoproj/' '' depName}}}):", + "commitMessagePrefix": "chore({{parentDir}}):", "postUpgradeTasks": { - "commands": ["./scripts/renovate-bump-version.sh {{depName}}"] - } - }, - { - "matchPackagePatterns": ["argoproj-labs/argocd-image-updater"], - "commitMessagePrefix": "chore({{{replace 'argoproj-labs/' '' depName}}}):", - "postUpgradeTasks": { - "commands": ["./scripts/renovate-bump-version.sh {{depName}}"] + "commands": [ + "./scripts/renovate-bump-version.sh -c {{parentDir}} -d {{depName}} -v {{newVersion}}", + "./scripts/helm-docs.sh" + ] } }, { "matchPackagePatterns": ["redis-ha"], "enabled": false }, - { - "matchPackagePatterns": ["public.ecr.aws/bitnami/redis-exporter"], - "commitMessagePrefix": "chore({{{replace 'public.ecr.aws/' '' depName}}}):", - "postUpgradeTasks": { - "commands": ["./scripts/renovate-bump-version.sh {{depName}}"] - } - }, { "matchPackageNames": ["ghcr.io/renovatebot/renovate"], "extends": ["schedule:monthly"] diff --git a/scripts/renovate-bump-version.sh b/scripts/renovate-bump-version.sh index 1ec6e125..80f1ae11 100755 --- a/scripts/renovate-bump-version.sh +++ b/scripts/renovate-bump-version.sh @@ -1,31 +1,41 @@ #!/bin/bash -depName="${1}" -if [ -z "${depName}" ]; then - echo "Missing argument 'depName'" >&2 - echo "Example usage: $0 argoproj/argo-cd" >&2 +while getopts c:d:v: opt; do + case ${opt} in + c) chart=${OPTARG} ;; + d) dependency_name=${OPTARG} ;; + v) dependency_version=${OPTARG} ;; + *) + echo 'Usage:' >&2 + echo '-c: chart Related Helm chart name' >&2 + echo '-d dependency Name of the updated dependency' >&2 + echo '-v version New version of the updated dependency' >&2 + exit 1 + esac +done + +if [ -z "${dependency_name}" ] || [ -z "${dependency_version}" ] || [ -z "${chart}" ] ; then + echo 'Missing relevant CLI flag(s).' >&2 exit 1 fi -chartName=$(echo "$depName" | sed -e "s+^argoproj/++" -e "s+^argoproj-labs/++") -echo "Changed chart name is: $chartName" -echo "----------------------------------------" - -parentDir="charts/${chartName}" +chart_yaml_path="charts/${chart}/Chart.yaml" +# Split dependency by '/' and only use last element +# This way we can drop prefixes like "argoproj/..." , "argoproj-labs/..." , "quay.io/foo/..." +dependency_name="${dependency_name##*/}" # Bump the chart version by one patch version -version=$(grep '^version:' "${parentDir}/Chart.yaml" | awk '{print $2}') +version=$(grep '^version:' "${chart_yaml_path}" | awk '{print $2}') major=$(echo "${version}" | cut -d. -f1) minor=$(echo "${version}" | cut -d. -f2) patch=$(echo "${version}" | cut -d. -f3) patch=$((patch + 1)) -sed -i "s/^version:.*/version: ${major}.${minor}.${patch}/g" "${parentDir}/Chart.yaml" +sed -i "s/^version:.*/version: ${major}.${minor}.${patch}/g" "${chart_yaml_path}" # Add a changelog entry -appVersion=$(grep '^appVersion:' "${parentDir}/Chart.yaml" | awk '{print $2}') -sed -i -e '/^ artifacthub.io\/changes: |/,$ d' "${parentDir}/Chart.yaml" +sed -i -e '/^ artifacthub.io\/changes: |/,$ d' "${chart_yaml_path}" { echo " artifacthub.io/changes: |" echo " - kind: changed" - echo " description: Bump ${chartName} to ${appVersion}" -} >> "${parentDir}/Chart.yaml" -cat "${parentDir}/Chart.yaml" + echo " description: Bump ${dependency_name} to ${dependency_version}" +} >> "${chart_yaml_path}" +cat "${chart_yaml_path}" From d81ca4b23baabb985714a632d33c406050a38c7b Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 28 Jan 2025 09:00:07 +0100 Subject: [PATCH 1227/1248] chore(argo-cd): Update public.ecr.aws/docker/library/redis Docker tag to v7.4.2 (#3108) * chore(argo-cd): Update public.ecr.aws/docker/library/redis Docker tag to v7.4.2 Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> * fix version Signed-off-by: yu-croco Signed-off-by: Aikawa --------- Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Signed-off-by: Aikawa Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d7c85587..385e942d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.18 +version: 7.7.19 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add feature toggle to ArgoCD configmap allowing sync impersonation + - kind: changed + description: Bump redis to 7.4.2 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 04d8f1ad..5023edc7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1279,7 +1279,7 @@ NAME: my-release | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.4.1-alpine"` | Redis tag | +| redis.image.tag | string | `"7.4.2-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis server | @@ -1365,7 +1365,7 @@ The main options are listed here: | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | | redis-ha.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis-ha.image.tag | string | `"7.4.1-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.4.2-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b802d1ea..ede8459a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1288,7 +1288,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.4.1-alpine + tag: 7.4.2-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1574,7 +1574,7 @@ redis-ha: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.4.1-alpine + tag: 7.4.2-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar From d75b9d35a3ec11ea9c290a0dac450c2f32f232b1 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 28 Jan 2025 17:14:07 +0900 Subject: [PATCH 1228/1248] chore(argo-cd): Update public.ecr.aws/bitnami/redis-exporter Docker tag to v1.67.0 (#3104) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: Marco Maurer (-Kilchhofer) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 385e942d..3aac908c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.19 +version: 7.7.20 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump redis to 7.4.2 + description: Bump redis-exporter to 1.67.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5023edc7..3a4a2560 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1261,7 +1261,7 @@ NAME: my-release | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"1.58.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.67.0"` | Tag to use for the redis-exporter | | redis.exporter.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis exporter | | redis.exporter.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | redis.exporter.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ede8459a..4c069086 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1304,7 +1304,7 @@ redis: # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.58.0 + tag: 1.67.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 2685b861d2b2af4f5797522ec3cef8140c3d6049 Mon Sep 17 00:00:00 2001 From: atgane <52873067+atgane@users.noreply.github.com> Date: Tue, 28 Jan 2025 18:57:48 +0900 Subject: [PATCH 1229/1248] fix(argo-cd): Fix required cluster credentials name (#3136) * fix required cluster credential name Signed-off-by: atgane * fix Signed-off-by: atgane * update changelog & docs Signed-off-by: atgane * chore: Drop unnecessary docs inside README.md and README.md.gotmpl Signed-off-by: Marco Maurer --------- Signed-off-by: atgane Signed-off-by: Marco Maurer Co-authored-by: Marco Maurer --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-configs/cluster-secrets.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3aac908c..e29eb6fb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.20 +version: 7.7.21 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump redis-exporter to 1.67.0 + - kind: fixed + description: remove required function in $cluster_key from clusterCredentials diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index d317eac2..956bbf54 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -22,7 +22,7 @@ stringData: {{- if $cluster_value.shard }} shard: {{ $cluster_value.shard | quote }} {{- end }} - name: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.name entry is required!" $cluster_key }} + name: {{ $cluster_key }} server: {{ required "A valid .Values.configs.clusterCredentials.CLUSTERNAME.server entry is required!" $cluster_value.server }} {{- if $cluster_value.namespaces }} namespaces: {{ $cluster_value.namespaces }} From 56c5a31c9e4367f643f8458fe8d8c18674c50f0f Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Wed, 29 Jan 2025 13:43:03 +0000 Subject: [PATCH 1230/1248] feat(github): Analyse past release times (#3135) * feat(github): Analyse past release times Signed-off-by: Tim Collins * typo Signed-off-by: Tim Collins * add megalinter config. Fix my rubbish code to appease the linter Signed-off-by: Tim Collins --------- Signed-off-by: Tim Collins Co-authored-by: Aikawa --- scripts/release-analysis/.mega-linter.yaml | 21 + scripts/release-analysis/Dockerfile | 8 + scripts/release-analysis/README.md | 27 + .../release-analysis/argo_helm_releases.csv | 1019 +++++++++++++++++ scripts/release-analysis/argo_releases.csv | 877 ++++++++++++++ .../release-analysis/fetch_helmet_releases.py | 90 ++ scripts/release-analysis/fetch_releases.py | 57 + scripts/release-analysis/main.py | 31 + scripts/release-analysis/merge_csvs.py | 108 ++ scripts/release-analysis/merged_releases.csv | 195 ++++ scripts/release-analysis/plot_graph.py | 58 + scripts/release-analysis/requirements.txt | 2 + .../time_difference_plot_argo-cd.png | Bin 0 -> 84009 bytes .../time_difference_plot_argo-events.png | Bin 0 -> 68592 bytes .../time_difference_plot_argo-rollouts.png | Bin 0 -> 75003 bytes .../time_difference_plot_argo-workflows.png | Bin 0 -> 70676 bytes 16 files changed, 2493 insertions(+) create mode 100644 scripts/release-analysis/.mega-linter.yaml create mode 100644 scripts/release-analysis/Dockerfile create mode 100644 scripts/release-analysis/README.md create mode 100644 scripts/release-analysis/argo_helm_releases.csv create mode 100644 scripts/release-analysis/argo_releases.csv create mode 100644 scripts/release-analysis/fetch_helmet_releases.py create mode 100644 scripts/release-analysis/fetch_releases.py create mode 100644 scripts/release-analysis/main.py create mode 100644 scripts/release-analysis/merge_csvs.py create mode 100644 scripts/release-analysis/merged_releases.csv create mode 100644 scripts/release-analysis/plot_graph.py create mode 100644 scripts/release-analysis/requirements.txt create mode 100644 scripts/release-analysis/time_difference_plot_argo-cd.png create mode 100644 scripts/release-analysis/time_difference_plot_argo-events.png create mode 100644 scripts/release-analysis/time_difference_plot_argo-rollouts.png create mode 100644 scripts/release-analysis/time_difference_plot_argo-workflows.png diff --git a/scripts/release-analysis/.mega-linter.yaml b/scripts/release-analysis/.mega-linter.yaml new file mode 100644 index 00000000..024abb2b --- /dev/null +++ b/scripts/release-analysis/.mega-linter.yaml @@ -0,0 +1,21 @@ +# Configuration file for MegaLinter +# Run megalinter locally with: `docker run --rm -v /var/run/docker.sock:/var/run/docker.sock:rw -v $(pwd):/tmp/lint:rw oxsecurity/megalinter:v8` +ENABLE: + - DOCKERFILE + - PYTHON + +DISABLE_LINTERS: + - PYTHON_FLAKE8 + - PYTHON_PYRIGHT + - PYTHON_RUFF + - PYTHON_BANDIT + +CLEAR_REPORT_FOLDER: true +PYTHON_PYLINT_PRE_COMMANDS: + - command: pip install -r /tmp/lint/requirements.txt + venv: pylint +REPORT_OUTPUT_FOLDER: none + + +# You might want to enable this locally to fix some stuff without guessing what you need to change. Check before committing to git. +#APPLY_FIXES: all diff --git a/scripts/release-analysis/Dockerfile b/scripts/release-analysis/Dockerfile new file mode 100644 index 00000000..17674252 --- /dev/null +++ b/scripts/release-analysis/Dockerfile @@ -0,0 +1,8 @@ +FROM python:3.13-slim +WORKDIR /app +COPY requirements.txt ./ +RUN pip install --no-cache-dir -r requirements.txt + +COPY main.py fetch_releases.py fetch_helmet_releases.py merge_csvs.py plot_graph.py ./ +RUN chmod +x main.py fetch_releases.py fetch_helmet_releases.py merge_csvs.py plot_graph.py +CMD [ "python", "-u", "./main.py" ] diff --git a/scripts/release-analysis/README.md b/scripts/release-analysis/README.md new file mode 100644 index 00000000..ab746cee --- /dev/null +++ b/scripts/release-analysis/README.md @@ -0,0 +1,27 @@ +# argo-helm release analysis + +Compare the time of the upstream release to the time of the equivalent Helm Chart release to determine the time it takes for a new release to be available in argo-helm. + + +## How to run +This is quite github-api-intensive, so you'll need a github PAT + +```bash +# Build the container +docker build . -t team-helm-analysis + +# Delete any existing data +rm -f argo_helm_releases.csv argo_releases.csv merged_releases.csv time_difference_plot_argo*.png + +# Run the container +GITHUB_TOKEN=your_token_here +docker run --rm -e GITHUB_TOKEN=$GITHUB_TOKEN -v ${PWD}:/app team-helm-analysis +``` + +You should get 3 csvs and 4 graphs once this completes. It takes around 5 mins to run. + + +## Linting +I ran megalinter against this just to give some confidence that it's not completely broken. It's not perfect, but it's something. + +Run megalinter locally against this directory with: `docker run --rm -v /var/run/docker.sock:/var/run/docker.sock:rw -v $(pwd):/tmp/lint:rw oxsecurity/megalinter:v8` diff --git a/scripts/release-analysis/argo_helm_releases.csv b/scripts/release-analysis/argo_helm_releases.csv new file mode 100644 index 00000000..58046fc1 --- /dev/null +++ b/scripts/release-analysis/argo_helm_releases.csv @@ -0,0 +1,1019 @@ +Release Name,Release Date,Release Time,App Version +argo-cd-7.7.16,2025-01-14,10:17:50,v2.13.3 +argo-events-2.4.13,2025-01-11,10:22:47,v1.9.5 +argo-workflows-0.45.4,2025-01-10,10:23:52,v3.6.2 +argo-cd-7.7.15,2025-01-10,07:18:13,v2.13.3 +argo-events-2.4.12,2025-01-08,08:37:01,v1.9.4 +argocd-image-updater-0.11.4,2025-01-07,07:04:30,v0.15.2 +argo-cd-7.7.14,2025-01-07,12:02:49,v2.13.3 +argo-events-2.4.11,2025-01-04,14:02:19,v1.9.3 +argo-cd-7.7.13,2025-01-04,00:07:55,v2.13.3 +argo-workflows-0.45.3,2025-01-03,15:16:16,v3.6.2 +argo-rollouts-2.38.2,2025-01-03,14:07:45,v1.7.2 +argo-cd-7.7.12,2025-01-02,06:18:17,v2.13.2 +argo-events-2.4.10,2024-12-31,12:18:02,v1.9.3 +argo-rollouts-2.38.1,2024-12-30,17:19:34,v1.7.2 +argo-cd-7.7.11,2024-12-21,12:06:50,v2.13.2 +argo-workflows-0.45.2,2024-12-16,21:31:29,v3.6.2 +argocd-image-updater-0.11.3,2024-12-13,11:27:43,v0.15.1 +argo-cd-7.7.10,2024-12-12,05:33:28,v2.13.2 +argo-cd-7.7.9,2024-12-11,15:36:30,v2.13.1 +argo-cd-7.7.8,2024-12-09,09:17:31,v2.13.1 +argo-workflows-0.45.1,2024-12-02,17:39:46,v3.6.2 +argo-cd-7.7.7,2024-12-02,14:20:02,v2.13.1 +argo-cd-7.7.6,2024-11-28,00:42:14,v2.13.1 +argo-events-2.4.9,2024-11-27,20:44:06,v1.9.3 +argo-workflows-0.45.0,2024-11-22,15:20:08,v3.6.0 +argo-workflows-0.44.1,2024-11-22,11:40:45,v3.6.0 +argo-workflows-0.44.0,2024-11-21,08:59:15,v3.6.0 +argo-workflows-0.43.0,2024-11-21,08:27:21,v3.6.0 +argo-rollouts-2.38.0,2024-11-21,13:03:08,v1.7.2 +argo-cd-7.7.5,2024-11-21,12:43:12,v2.13.1 +argo-cd-7.7.4,2024-11-20,20:48:11,v2.13.1 +argo-cd-7.7.3,2024-11-13,10:57:32,v2.13.0 +argo-cd-7.7.2,2024-11-12,16:28:52,v2.13.0 +argo-cd-7.7.1,2024-11-10,01:42:21,v2.13.0 +argocd-image-updater-0.11.2,2024-11-09,03:44:12,v0.15.1 +argo-rollouts-2.37.8,2024-11-07,23:17:48,v1.7.2 +argo-cd-7.7.0,2024-11-05,00:00:06,v2.13.0 +argo-workflows-0.42.7,2024-11-01,23:24:01,v3.5.12 +argocd-image-updater-0.11.1,2024-10-30,10:40:35,v0.15.0 +argo-workflows-0.42.6,2024-10-30,13:24:53,v3.5.12 +argo-cd-7.6.12,2024-10-18,19:27:20,v2.12.6 +argo-cd-7.6.11,2024-10-18,07:16:30,v2.12.5 +argo-cd-7.6.10,2024-10-16,12:00:46,v2.12.4 +argo-cd-7.6.9,2024-10-15,20:16:09,v2.12.4 +argo-cd-7.6.8,2024-10-03,13:53:23,v2.12.4 +argo-workflows-0.42.5,2024-10-02,00:47:02,v3.5.11 +argocd-apps-2.0.2,2024-10-01,06:03:45, +argo-cd-7.6.7,2024-09-30,18:24:52,v2.12.4 +argo-cd-7.6.6,2024-09-30,12:25:12,v2.12.4 +argo-workflows-0.42.4,2024-09-27,09:57:14,v3.5.11 +argo-cd-7.6.5,2024-09-26,07:42:42,v2.12.4 +argo-cd-7.6.4,2024-09-25,22:05:12,v2.12.3 +argo-cd-7.6.3,2024-09-25,15:18:12,v2.12.3 +argo-cd-7.6.2,2024-09-23,17:27:28,v2.12.3 +argo-workflows-0.42.3,2024-09-20,15:08:40,v3.5.11 +argo-events-2.4.8,2024-09-20,00:10:14,v1.9.2 +argo-cd-7.6.1,2024-09-20,11:24:11,v2.12.3 +argo-cd-7.6.0,2024-09-20,07:59:20,v2.12.3 +argo-rollouts-2.37.7,2024-09-16,13:38:21,v1.7.2 +argo-workflows-0.42.2,2024-09-13,14:02:16,v3.5.10 +argocd-apps-2.0.1,2024-09-10,21:55:59, +argo-cd-7.5.2,2024-09-02,15:33:28,v2.12.3 +argo-cd-7.5.1,2024-09-02,08:59:12,v2.12.3 +argo-workflows-0.42.1,2024-09-01,15:06:01,v3.5.10 +argo-rollouts-2.37.6,2024-08-31,10:13:12,v1.7.2 +argo-cd-7.5.0,2024-08-28,15:27:35,v2.12.3 +argo-cd-7.4.7,2024-08-27,13:30:34,v2.12.3 +argo-cd-7.4.6,2024-08-27,08:49:06,v2.12.2 +argo-cd-7.4.5,2024-08-23,08:51:19,v2.12.2 +argo-workflows-0.42.0,2024-08-20,19:07:24,v3.5.10 +argo-cd-7.4.4,2024-08-16,21:36:53,v2.12.1 +argo-rollouts-2.37.5,2024-08-14,08:31:31,v1.7.2 +argo-rollouts-2.37.4,2024-08-12,09:08:55,v1.7.1 +argo-cd-7.4.3,2024-08-12,15:29:49,v2.12.0 +argo-cd-7.4.2,2024-08-08,15:02:24,v2.12.0 +argo-cd-7.4.1,2024-08-06,10:14:35,v2.12.0 +argo-cd-7.4.0,2024-08-05,15:22:06,v2.12.0 +argo-workflows-0.41.14,2024-08-02,10:42:56,v3.5.10 +argo-workflows-0.41.13,2024-08-01,07:19:01,v3.5.10 +argo-workflows-0.41.12,2024-07-30,07:39:23,v3.5.9 +argo-rollouts-2.37.3,2024-07-29,07:25:40,v1.7.1 +argo-cd-7.3.11,2024-07-24,11:44:52,v2.11.7 +argo-cd-7.3.10,2024-07-22,17:14:41,v2.11.6 +argo-cd-7.3.9,2024-07-19,10:23:10,v2.11.5 +argo-cd-7.3.8,2024-07-17,23:52:54,v2.11.5 +argo-cd-7.3.7,2024-07-16,01:17:05,v2.11.5 +argo-cd-7.3.6,2024-07-11,23:05:06,v2.11.4 +argo-cd-7.3.5,2024-07-10,21:01:22,v2.11.4 +argocd-image-updater-0.11.0,2024-07-09,21:31:56,v0.14.0 +argo-cd-7.3.4,2024-07-02,20:43:46,v2.11.4 +argo-rollouts-2.37.2,2024-07-01,10:02:31,v1.7.1 +argo-cd-7.3.3,2024-06-28,21:52:33,v2.11.3 +argo-rollouts-2.37.1,2024-06-26,10:39:20,v1.7.1 +argo-rollouts-2.37.0,2024-06-26,09:10:19,v1.7.1 +argo-events-2.4.7,2024-06-26,05:28:07,v1.9.2 +argo-cd-7.3.2,2024-06-26,11:29:01,v2.11.3 +argo-rollouts-2.36.2,2024-06-25,13:04:55,v1.7.0 +argo-cd-7.3.1,2024-06-25,12:26:06,v2.11.3 +argo-cd-7.3.0,2024-06-25,03:48:21,v2.11.3 +argo-rollouts-2.36.1,2024-06-22,10:11:43,v1.7.0 +argo-cd-7.2.1,2024-06-21,21:01:50,v2.11.3 +argo-cd-7.2.0,2024-06-20,10:25:45,v2.11.3 +argo-workflows-0.41.11,2024-06-19,07:01:05,v3.5.8 +argo-cd-7.1.5,2024-06-19,14:04:21,v2.11.3 +argo-workflows-0.41.10,2024-06-18,07:47:04,v3.5.8 +argo-cd-7.1.4,2024-06-18,01:13:46,v2.11.3 +argo-workflows-0.41.9,2024-06-17,18:59:46,v3.5.7 +argocd-image-updater-0.10.2,2024-06-14,07:54:15,v0.13.1 +argo-rollouts-2.36.0,2024-06-14,09:00:46,v1.7.0 +argo-events-2.4.6,2024-06-14,05:09:08,v1.9.2 +argo-workflows-0.41.8,2024-06-09,22:18:37,v3.5.7 +argo-cd-7.1.3,2024-06-09,05:23:01,v2.11.3 +argo-cd-7.1.2,2024-06-06,10:51:51,v2.11.3 +argo-cd-7.1.1,2024-06-01,23:45:19,v2.11.2 +argo-cd-7.1.0,2024-05-31,12:05:08,v2.11.2 +argocd-image-updater-0.10.1,2024-05-28,05:32:50,v0.13.1 +argo-cd-7.0.0,2024-05-28,13:38:40,v2.11.2 +argo-workflows-0.41.7,2024-05-27,08:09:42,v3.5.7 +argo-events-2.4.5,2024-05-24,03:05:11,v1.9.1 +argo-rollouts-2.35.3,2024-05-23,07:30:12,v1.6.6 +argo-cd-6.11.1,2024-05-23,15:37:21,v2.11.2 +argo-cd-6.11.0,2024-05-23,12:37:05,v2.11.1 +argo-cd-6.10.2,2024-05-22,11:21:15,v2.11.1 +argo-cd-6.10.1,2024-05-22,07:17:23,v2.11.1 +argo-cd-6.10.0,2024-05-21,16:36:49,v2.11.1 +argo-workflows-0.41.6,2024-05-19,10:22:36,v3.5.6 +argo-workflows-0.41.5,2024-05-19,07:34:43,v3.5.6 +argo-cd-6.9.3,2024-05-17,15:18:31,v2.11.0 +argocd-image-updater-0.10.0,2024-05-16,11:07:10,v0.13.0 +argo-cd-6.9.2,2024-05-14,15:17:50,v2.11.0 +argo-cd-6.9.1,2024-05-13,22:59:29,v2.11.0 +argo-cd-6.9.0,2024-05-13,04:32:05,v2.11.0 +argo-cd-6.8.1,2024-05-10,08:32:52,v2.11.0 +argo-cd-6.8.0,2024-05-08,06:21:31,v2.11.0 +argo-rollouts-2.35.2,2024-05-06,00:24:30,v1.6.6 +argo-workflows-0.41.4,2024-05-01,13:37:43,v3.5.6 +argo-cd-6.7.18,2024-04-30,17:14:22,v2.10.9 +argo-workflows-0.41.3,2024-04-29,20:30:08,v3.5.6 +argo-cd-6.7.17,2024-04-26,19:36:10,v2.10.8 +argo-cd-6.7.16,2024-04-26,14:21:35,v2.10.8 +argo-cd-6.7.15,2024-04-24,07:08:13,v2.10.7 +argo-cd-6.7.14,2024-04-21,20:54:29,v2.10.7 +argo-workflows-0.41.2,2024-04-20,04:55:21,v3.5.6 +argo-cd-6.7.13,2024-04-19,14:07:44,v2.10.7 +argocd-image-updater-0.9.7,2024-04-18,21:41:42,v0.12.2 +argo-cd-6.7.12,2024-04-15,10:43:13,v2.10.7 +argo-cd-6.7.11,2024-04-10,20:06:04,v2.10.6 +argo-cd-6.7.10,2024-04-05,05:00:08,v2.10.6 +argo-cd-6.7.9,2024-04-04,18:47:39,v2.10.5 +argo-workflows-0.41.1,2024-04-02,17:26:26,v3.5.5 +argo-cd-6.7.8,2024-04-02,13:36:54,v2.10.5 +argo-cd-6.7.7,2024-04-02,05:03:54,v2.10.5 +argo-cd-6.7.6,2024-03-29,16:13:47,v2.10.5 +argo-cd-6.7.5,2024-03-29,08:13:55,v2.10.5 +argo-cd-6.7.4,2024-03-28,17:30:11,v2.10.5 +argo-rollouts-2.35.1,2024-03-26,08:36:07,v1.6.6 +argo-workflows-0.41.0,2024-03-24,20:27:11,v3.5.5 +argocd-apps-2.0.0,2024-03-23,15:39:16, +argo-rollouts-2.35.0,2024-03-23,20:47:25,v1.6.6 +argo-events-2.4.4,2024-03-23,11:07:16,v1.9.1 +argo-rollouts-2.34.4,2024-03-22,16:10:10,v1.6.6 +argocd-image-updater-0.9.6,2024-03-20,23:53:18,v0.12.2 +argo-cd-6.7.3,2024-03-18,09:36:58,v2.10.4 +argo-cd-6.7.2,2024-03-13,20:46:14,v2.10.3 +argo-cd-6.7.1,2024-03-11,23:08:40,v2.10.2 +argo-cd-6.7.0,2024-03-11,18:26:24,v2.10.2 +argo-workflows-0.40.14,2024-03-03,19:13:02,v3.5.5 +argo-cd-6.6.0,2024-03-02,11:20:32,v2.10.2 +argocd-image-updater-0.9.5,2024-03-01,08:41:39,v0.12.2 +argo-workflows-0.40.13,2024-03-01,17:17:28,v3.5.5 +argo-workflows-0.40.12,2024-03-01,00:03:01,v3.5.5 +argo-cd-6.5.1,2024-03-01,22:33:17,v2.10.2 +argo-cd-6.5.0,2024-02-29,19:46:25,v2.10.1 +argo-cd-6.4.1,2024-02-28,06:28:55,v2.10.1 +argocd-apps-1.6.2,2024-02-25,13:11:58, +argo-cd-6.4.0,2024-02-25,12:47:16,v2.10.1 +argo-cd-6.3.1,2024-02-23,18:05:37,v2.10.1 +argo-cd-6.3.0,2024-02-23,14:18:18,v2.10.1 +argo-cd-6.2.5,2024-02-23,13:58:38,v2.10.1 +argo-cd-6.2.4,2024-02-23,12:16:07,v2.10.1 +argo-cd-6.2.3,2024-02-20,12:05:21,v2.10.1 +argo-cd-6.2.2,2024-02-20,11:41:51,v2.10.1 +argo-cd-6.2.1,2024-02-19,08:37:59,v2.10.1 +argocd-image-updater-0.9.4,2024-02-18,18:44:43,v0.12.2 +argo-cd-6.2.0,2024-02-18,22:06:45,v2.10.1 +argo-workflows-0.40.11,2024-02-17,09:14:52,v3.5.4 +argo-cd-6.1.0,2024-02-16,14:45:12,v2.10.1 +argo-rollouts-2.34.3,2024-02-14,08:50:21,v1.6.6 +argo-events-2.4.3,2024-02-14,08:53:00,v1.9.1 +argo-cd-6.0.14,2024-02-14,21:04:43,v2.10.1 +argo-cd-6.0.13,2024-02-14,10:52:49,v2.10.0 +argo-cd-6.0.9,2024-02-13,11:14:02,v2.10.0 +argo-cd-6.0.8,2024-02-13,08:23:55,v2.10.0 +argo-cd-6.0.12,2024-02-13,15:26:57,v2.10.0 +argo-cd-6.0.11,2024-02-13,11:42:46,v2.10.0 +argo-cd-6.0.10,2024-02-13,11:27:29,v2.10.0 +argo-cd-6.0.7,2024-02-12,18:36:55,v2.10.0 +argo-cd-6.0.6,2024-02-11,14:52:39,v2.10.0 +argo-cd-6.0.5,2024-02-09,12:14:21,v2.10.0 +argo-cd-6.0.4,2024-02-09,11:46:10,v2.10.0 +argo-cd-6.0.3,2024-02-08,17:47:08,v2.10.0 +argo-cd-6.0.2,2024-02-08,14:26:38,v2.10.0 +argo-cd-6.0.1,2024-02-08,10:59:10,v2.10.0 +argo-cd-6.0.0,2024-02-07,21:40:22,v2.10.0 +argo-cd-5.55.0,2024-02-07,07:10:30,v2.10.0 +argo-cd-5.54.0,2024-02-06,13:11:44,v2.9.6 +argo-cd-5.53.14,2024-02-05,06:25:59,v2.9.6 +argo-workflows-0.40.10,2024-02-03,00:45:13,v3.5.4 +argocd-apps-1.6.1,2024-02-02,09:37:44, +argo-cd-5.53.13,2024-02-02,22:50:34,v2.9.6 +argocd-apps-1.6.0,2024-01-30,00:34:21, +argo-cd-5.53.12,2024-01-30,16:58:22,v2.9.5 +argo-cd-5.53.11,2024-01-30,10:46:50,v2.9.5 +argo-cd-5.53.10,2024-01-29,13:58:51,v2.9.5 +argo-workflows-0.40.9,2024-01-26,21:35:38,v3.5.4 +argo-rollouts-2.34.2,2024-01-26,06:31:27,v1.6.5 +argo-cd-5.53.9,2024-01-26,07:36:02,v2.9.5 +argocd-apps-1.5.0,2024-01-25,07:07:46, +argo-workflows-0.40.8,2024-01-24,23:58:13,v3.5.4 +argo-cd-5.53.8,2024-01-23,01:07:46,v2.9.5 +argo-cd-5.53.7,2024-01-22,23:55:07,v2.9.5 +argo-cd-5.53.6,2024-01-22,13:09:31,v2.9.5 +argo-cd-5.53.5,2024-01-22,10:14:54,v2.9.5 +argo-cd-5.53.4,2024-01-21,13:36:02,v2.9.5 +argo-cd-5.53.3,2024-01-20,12:21:38,v2.9.5 +argo-cd-5.53.2,2024-01-19,20:20:14,v2.9.5 +argo-cd-5.53.1,2024-01-19,05:48:47,v2.9.4 +argocd-image-updater-0.9.3,2024-01-18,06:21:59,v0.12.2 +argo-cd-5.53.0,2024-01-18,13:56:51,v2.9.3 +argo-workflows-0.40.7,2024-01-17,07:56:36,v3.5.4 +argo-cd-5.52.2,2024-01-15,09:13:02,v2.9.3 +argo-workflows-0.40.6,2024-01-14,08:11:19,v3.5.4 +argo-workflows-0.40.5,2024-01-11,07:20:47,v3.5.3 +argo-events-2.4.2,2024-01-09,10:14:30,v1.9.0 +argo-rollouts-2.34.1,2024-01-07,04:31:05,v1.6.4 +argo-workflows-0.40.4,2024-01-06,04:17:52,v3.5.2 +argocd-image-updater-0.9.2,2024-01-05,15:29:00,v0.12.2 +argo-cd-5.52.1,2024-01-05,12:57:15,v2.9.3 +argo-cd-5.52.0,2023-12-30,17:02:29,v2.9.3 +argo-workflows-0.40.3,2023-12-24,06:14:14,v3.5.2 +argo-workflows-0.40.2,2023-12-24,00:29:03,v3.5.2 +argo-rollouts-2.34.0,2023-12-22,12:07:26,v1.6.4 +argo-workflows-0.40.1,2023-12-15,07:45:38,v3.5.2 +argo-workflows-0.40.0,2023-12-14,07:56:49,v3.5.2 +argo-rollouts-2.33.0,2023-12-14,08:39:41,v1.6.4 +argo-rollouts-2.32.8,2023-12-13,06:59:39,v1.6.4 +argo-workflows-0.39.9,2023-12-12,06:27:57,v3.5.2 +argo-workflows-0.39.8,2023-12-08,22:45:23,v3.5.2 +argo-rollouts-2.32.7,2023-12-08,15:06:58,v1.6.3 +argo-workflows-0.39.7,2023-12-07,07:23:32,v3.5.2 +argo-rollouts-2.32.6,2023-12-07,17:50:17,v1.6.2 +argo-workflows-0.39.6,2023-12-05,05:55:41,v3.5.2 +argo-cd-5.51.6,2023-12-02,11:03:49,v2.9.3 +argo-rollouts-2.32.5,2023-11-29,13:34:59,v1.6.2 +argo-cd-5.51.5,2023-11-29,18:40:17,v2.9.2 +argo-workflows-0.39.5,2023-11-27,21:13:09,v3.5.2 +argo-workflows-0.39.4,2023-11-27,17:45:21,v3.5.1 +argo-cd-5.51.4,2023-11-20,18:50:04,v2.9.2 +argo-cd-5.51.3,2023-11-19,22:19:14,v2.9.1 +argo-workflows-0.39.3,2023-11-16,12:32:11,v3.5.1 +argo-workflows-0.39.2,2023-11-15,13:33:12,v3.5.1 +argo-workflows-0.39.1,2023-11-15,13:17:27,v3.5.1 +argo-rollouts-2.32.4,2023-11-15,13:09:53,v1.6.2 +argo-rollouts-2.32.3,2023-11-15,10:00:45,v1.6.1 +argo-cd-5.51.2,2023-11-15,05:59:33,v2.9.1 +argo-cd-5.51.1,2023-11-10,12:41:27,v2.9.0 +argo-workflows-0.39.0,2023-11-08,16:05:21,v3.5.1 +argo-cd-5.51.0,2023-11-06,12:54:52,v2.9.0 +argo-workflows-0.38.0,2023-11-04,05:58:06,v3.5.1 +argo-workflows-0.37.1,2023-11-03,20:39:25,v3.5.0 +argo-cd-5.50.1,2023-11-02,09:44:09,v2.8.6 +argo-cd-5.50.0,2023-10-31,18:12:30,v2.8.6 +argo-rollouts-2.32.2,2023-10-30,17:43:02,v1.6.0 +argo-cd-5.49.0,2023-10-30,14:42:51,v2.8.5 +argo-cd-5.48.1,2023-10-30,08:52:14,v2.8.5 +argo-cd-5.48.0,2023-10-28,07:29:05,v2.8.5 +argo-cd-5.47.0,2023-10-27,09:44:15,v2.8.4 +argo-workflows-0.37.0,2023-10-24,12:35:14,v3.5.0 +argo-workflows-0.36.2,2023-10-24,10:06:53,v3.5.0 +argo-rollouts-2.32.1,2023-10-24,12:40:04,v1.6.0 +argo-workflows-0.36.1,2023-10-17,23:53:35,v3.5.0 +argo-workflows-0.36.0,2023-10-17,15:41:00,v3.5.0 +argo-workflows-0.35.0,2023-10-13,22:07:38,v3.5.0 +argo-workflows-0.34.0,2023-10-12,14:15:08,v3.4.11 +argo-cd-5.46.8,2023-10-12,09:51:17,v2.8.4 +argo-cd-5.46.7,2023-09-22,15:50:57,v2.8.4 +argo-cd-5.46.6,2023-09-19,09:02:08,v2.8.4 +argo-cd-5.46.5,2023-09-18,13:26:16,v2.8.4 +argo-cd-5.46.4,2023-09-15,10:48:20,v2.8.4 +argo-cd-5.46.3,2023-09-14,04:56:22,v2.8.4 +argo-cd-5.46.2,2023-09-11,23:33:17,v2.8.3 +argo-cd-5.46.1,2023-09-11,13:24:46,v2.8.3 +argo-workflows-0.33.3,2023-09-10,01:57:47,v3.4.11 +argo-cd-5.46.0,2023-09-09,08:59:25,v2.8.3 +argo-workflows-0.33.2,2023-09-08,04:20:30,v3.4.11 +argo-cd-5.45.5,2023-09-08,14:58:30,v2.8.3 +argo-cd-5.45.4,2023-09-08,14:02:48,v2.8.3 +argo-cd-5.45.3,2023-09-08,00:13:52,v2.8.3 +argo-rollouts-2.32.0,2023-09-07,12:23:50,v1.6.0 +argo-cd-5.45.2,2023-09-07,14:01:34,v2.8.2 +argo-events-2.4.1,2023-09-04,01:15:35,v1.8.1 +argo-cd-5.45.1,2023-09-04,11:01:56,v2.8.2 +argo-cd-5.45.0,2023-08-28,08:12:52,v2.8.2 +argo-cd-5.44.0,2023-08-27,19:07:41,v2.8.2 +argo-cd-5.43.8,2023-08-27,02:21:03,v2.8.2 +argo-cd-5.43.7,2023-08-25,10:52:23,v2.8.2 +argo-cd-5.43.6,2023-08-25,08:46:11,v2.8.2 +argo-cd-5.43.5,2023-08-23,03:57:35,v2.8.1 +argo-workflows-0.33.1,2023-08-19,06:00:08,v3.4.10 +argo-workflows-0.33.0,2023-08-17,12:08:23,v3.4.10 +argo-workflows-0.32.3,2023-08-16,11:00:55,v3.4.10 +argo-rollouts-2.31.6,2023-08-16,07:02:05,v1.5.1 +argo-cd-5.43.4,2023-08-15,08:58:54,v2.8.0 +argo-workflows-0.32.2,2023-08-11,01:15:12,v3.4.9 +argo-rollouts-2.31.5,2023-08-09,00:04:20,v1.5.1 +argo-cd-5.43.3,2023-08-09,22:18:57,v2.8.0 +argo-cd-5.43.2,2023-08-09,08:36:10,v2.8.0 +argo-cd-5.43.1,2023-08-09,08:20:17,v2.8.0 +argo-cd-5.43.0,2023-08-08,14:36:04,v2.8.0 +argo-cd-5.42.3,2023-08-08,06:11:54,v2.7.11 +argo-rollouts-2.31.4,2023-08-05,10:27:42,v1.5.1 +argo-cd-5.42.2,2023-08-05,10:18:36,v2.7.10 +argo-rollouts-2.31.3,2023-08-01,09:07:36,v1.5.1 +argo-cd-5.42.1,2023-08-01,05:57:37,v2.7.10 +argo-workflows-0.32.1,2023-07-27,13:58:12,v3.4.9 +argo-cd-5.42.0,2023-07-27,22:05:30,v2.7.9 +argo-rollouts-2.31.2,2023-07-25,00:23:11,v1.5.1 +argo-cd-5.41.2,2023-07-25,02:10:03,v2.7.9 +argocd-apps-1.4.1,2023-07-23,04:26:08, +argocd-apps-1.4.0,2023-07-22,13:46:54, +argo-workflows-0.32.0,2023-07-20,23:20:17,v3.4.9 +argo-rollouts-2.31.1,2023-07-20,17:26:45,v1.5.1 +argo-cd-5.41.1,2023-07-19,22:26:30,v2.7.8 +argo-cd-5.41.0,2023-07-18,06:51:38,v2.7.7 +argo-cd-5.40.0,2023-07-17,12:21:05,v2.7.7 +argo-cd-5.39.1,2023-07-17,09:56:36,v2.7.7 +argo-cd-5.39.0,2023-07-13,14:07:28,v2.7.7 +argocd-apps-1.3.0,2023-07-11,16:16:56, +argo-workflows-0.31.0,2023-07-11,12:07:29,v3.4.8 +argo-cd-5.38.1,2023-07-11,13:01:22,v2.7.7 +argo-cd-5.38.0,2023-07-10,08:14:40,v2.7.7 +argo-cd-5.37.1,2023-07-06,08:26:09,v2.7.7 +argo-cd-5.37.0,2023-07-04,14:07:24,v2.7.6 +argo-cd-5.36.15,2023-07-04,09:22:40,v2.7.6 +argo-cd-5.36.14,2023-07-03,17:55:22,v2.7.6 +argo-cd-5.36.13,2023-07-02,08:07:38,v2.7.6 +argo-cd-5.36.12,2023-07-02,03:16:49,v2.7.6 +argo-cd-5.36.11,2023-06-29,16:02:41,v2.7.6 +argo-cd-5.36.9,2023-06-26,14:41:11,v2.7.6 +argo-cd-5.36.10,2023-06-26,14:55:27,v2.7.6 +argo-workflows-0.30.0,2023-06-24,22:29:03,v3.4.8 +argo-workflows-0.29.3,2023-06-23,16:35:23,v3.4.8 +argo-cd-5.36.7,2023-06-23,13:59:34,v2.7.6 +argo-events-2.4.0,2023-06-21,12:41:55,v1.8.0 +argo-cd-5.36.6,2023-06-21,14:54:37,v2.7.6 +argo-cd-5.36.5,2023-06-21,04:27:57,v2.7.6 +argo-cd-5.36.4,2023-06-20,13:07:45,v2.7.5 +argo-cd-5.36.3,2023-06-20,00:05:45,v2.7.5 +argo-cd-5.36.2,2023-06-17,04:55:38,v2.7.5 +argo-workflows-0.29.2,2023-06-08,03:48:28,v3.4.8 +argo-cd-5.36.1,2023-06-08,22:52:40,v2.7.4 +argo-cd-5.36.0,2023-06-07,08:52:24,v2.7.4 +argo-cd-5.35.1,2023-06-06,04:53:38,v2.7.4 +argo-workflows-0.29.1,2023-06-05,14:15:25,v3.4.8 +argo-cd-5.35.0,2023-06-05,14:31:31,v2.7.3 +argo-rollouts-2.31.0,2023-06-04,11:08:02,v1.5.0 +argo-workflows-0.29.0,2023-06-03,14:41:13,v3.4.8 +argo-cd-5.34.6,2023-05-29,04:32:37,v2.7.3 +argo-rollouts-2.30.1,2023-05-27,14:52:04,v1.5.0 +argo-workflows-0.28.2,2023-05-26,04:19:27,v3.4.8 +argo-workflows-0.28.1,2023-05-25,12:31:09,v3.4.7 +argo-cd-5.34.5,2023-05-24,23:23:36,v2.7.3 +argo-rollouts-2.30.0,2023-05-23,07:07:55,v1.5.0 +argo-cd-5.34.4,2023-05-23,20:29:47,v2.7.2 +argo-cd-5.34.3,2023-05-23,02:47:12,v2.7.2 +argo-cd-5.34.2,2023-05-22,17:07:33,v2.7.2 +argocd-apps-1.2.0,2023-05-21,07:19:50, +argo-rollouts-2.29.0,2023-05-20,15:39:35,v1.5.0 +argocd-apps-1.1.0,2023-05-19,09:35:18, +argo-workflows-0.28.0,2023-05-19,10:35:50,v3.4.7 +argo-cd-5.34.1,2023-05-17,14:25:05,v2.7.2 +argo-cd-5.34.0,2023-05-17,13:40:41,v2.7.2 +argo-cd-5.33.4,2023-05-16,09:24:22,v2.7.2 +argo-cd-5.33.3,2023-05-13,11:01:42,v2.7.2 +argo-cd-5.33.2,2023-05-12,15:19:23,v2.7.2 +argo-workflows-0.27.0,2023-05-11,06:39:40,v3.4.7 +argo-workflows-0.26.6,2023-05-11,00:09:56,v3.4.7 +argo-cd-5.33.1,2023-05-11,14:07:07,v2.7.1 +argo-cd-5.33.0,2023-05-11,00:40:17,v2.7.1 +argocd-image-updater-0.9.1,2023-05-10,16:46:54,v0.12.2 +argocd-apps-1.0.1,2023-05-10,16:59:38, +argo-workflows-0.26.5,2023-05-10,14:21:35,v3.4.7 +argo-workflows-0.26.4,2023-05-10,10:16:35,v3.4.7 +argo-rollouts-2.28.0,2023-05-10,15:37:42,v1.5.0 +argo-events-2.3.3,2023-05-10,15:49:04,v1.7.6 +argo-cd-5.32.2,2023-05-10,13:50:04,v2.7.1 +argo-workflows-0.26.3,2023-05-09,03:42:14,v3.4.7 +argo-events-2.3.2,2023-05-09,00:38:41,v1.7.6 +argo-workflows-0.26.2,2023-05-08,20:03:24,v3.4.7 +argo-cd-5.32.1,2023-05-08,11:23:13,v2.7.1 +argo-events-2.3.1,2023-05-07,14:18:59,v1.7.6 +argo-workflows-0.26.1,2023-05-06,16:20:35,v3.4.7 +argo-rollouts-2.27.0,2023-05-06,11:32:12,v1.4.1 +argo-events-2.3.0,2023-05-06,11:18:40,v1.7.6 +argo-workflows-0.26.0,2023-05-05,14:31:11,v3.4.7 +argo-workflows-0.25.2,2023-05-05,14:14:01,v3.4.7 +argo-cd-5.32.0,2023-05-05,20:19:39,v2.7.1 +argo-cd-5.31.1,2023-05-03,09:48:25,v2.7.1 +argo-cd-5.31.0,2023-05-02,12:29:53,v2.7.0 +argo-cd-5.30.1,2023-05-02,10:28:37,v2.7.0 +argo-cd-5.30.0,2023-05-02,07:29:11,v2.7.0 +argo-rollouts-2.26.1,2023-04-28,07:54:50,v1.4.1 +argocd-apps-1.0.0,2023-04-27,12:49:28, +argo-workflows-0.25.1,2023-04-24,16:57:53,v3.4.7 +argo-workflows-0.25.0,2023-04-24,05:47:37,v3.4.7 +argo-rollouts-2.26.0,2023-04-24,14:41:03,v1.4.1 +argocd-image-updater-0.9.0,2023-04-16,08:13:22,v0.12.2 +argo-workflows-0.24.1,2023-04-14,13:55:07,v3.4.7 +argo-workflows-0.24.0,2023-04-13,09:25:33,v3.4.7 +argo-rollouts-2.25.0,2023-04-13,23:59:09,v1.4.1 +argo-rollouts-2.24.0,2023-04-13,18:16:41,v1.4.1 +argo-events-2.2.0,2023-04-13,18:38:28,v1.7.6 +argo-cd-5.29.1,2023-04-13,23:44:42,v2.6.7 +argo-cd-5.29.0,2023-04-13,14:09:40,v2.6.7 +argo-workflows-0.23.2,2023-04-12,04:52:48,v3.4.7 +argo-workflows-0.23.1,2023-04-11,13:50:51,v3.4.6 +argo-cd-5.28.2,2023-04-11,13:34:12,v2.6.7 +argo-events-2.1.6,2023-04-07,12:46:03,v1.7.6 +argocd-image-updater-0.8.5,2023-04-06,13:52:44,v0.12.2 +argo-workflows-0.23.0,2023-04-06,23:43:19,v3.4.6 +argo-cd-5.28.1,2023-04-06,16:17:02,v2.6.7 +argo-workflows-0.22.16,2023-04-04,11:10:35,v3.4.6 +argo-cd-5.28.0,2023-04-03,09:59:17,v2.6.7 +argo-events-2.1.5,2023-04-01,20:40:27,v1.7.6 +argo-cd-5.27.5,2023-03-30,16:33:34,v2.6.7 +argo-rollouts-2.23.0,2023-03-29,09:16:56,v1.4.1 +argo-cd-5.27.4,2023-03-28,13:49:13,v2.6.7 +argo-cd-5.27.3,2023-03-24,09:57:20,v2.6.7 +argo-cd-5.27.2,2023-03-24,00:09:05,v2.6.7 +argo-workflows-0.22.15,2023-03-23,07:09:27,v3.4.5 +argo-cd-5.27.1,2023-03-17,08:25:05,v2.6.6 +argo-workflows-0.22.14,2023-03-16,11:05:16,v3.4.5 +argo-cd-5.27.0,2023-03-16,00:09:12,v2.6.5 +argo-events-2.1.4,2023-03-15,17:34:46,v1.7.6 +argo-cd-5.26.3,2023-03-15,19:28:01,v2.6.5 +argo-cd-5.26.2,2023-03-15,14:00:41,v2.6.5 +argo-cd-5.26.1,2023-03-14,18:42:39,v2.6.5 +argo-cd-5.26.0,2023-03-12,14:00:47,v2.6.4 +argo-cd-5.25.0,2023-03-09,12:05:22,v2.6.4 +argo-cd-5.24.4,2023-03-09,10:48:48,v2.6.4 +argo-cd-5.24.3,2023-03-08,07:46:54,v2.6.4 +argo-cd-5.24.2,2023-03-08,07:13:22,v2.6.4 +argo-cd-5.24.1,2023-03-03,17:53:36,v2.6.3 +argocd-apps-0.0.9,2023-03-02,14:59:22, +argo-rollouts-2.22.3,2023-03-02,15:08:16,v1.4.1 +argo-cd-5.24.0,2023-03-02,14:29:29,v2.6.3 +argo-cd-5.23.5,2023-02-28,23:30:25,v2.6.3 +argo-cd-5.23.4,2023-02-28,21:53:42,v2.6.3 +argo-cd-5.23.3,2023-02-28,08:32:15,v2.6.3 +argo-cd-5.23.2,2023-02-26,16:34:21,v2.6.2 +argo-workflows-0.22.13,2023-02-24,21:57:04,v3.4.5 +argo-workflows-0.22.12,2023-02-23,17:44:23,v3.4.5 +argo-cd-5.23.1,2023-02-23,18:12:14,v2.6.2 +argo-cd-5.23.0,2023-02-23,16:57:40,v2.6.2 +argo-events-2.1.3,2023-02-21,01:14:54,v1.7.6 +argo-cd-5.22.1,2023-02-19,12:38:23,v2.6.2 +argo-cd-5.22.0,2023-02-17,16:38:41,v2.6.2 +argo-cd-5.21.1,2023-02-17,08:23:54,v2.6.2 +argo-cd-5.21.0,2023-02-15,00:11:41,v2.6.1 +argo-cd-5.20.5,2023-02-14,12:21:52,v2.6.1 +argo-cd-5.20.4,2023-02-13,11:22:38,v2.6.1 +argo-workflows-0.22.11,2023-02-10,05:32:10,v3.4.5 +argocd-apps-0.0.8,2023-02-09,22:44:40, +argo-cd-5.20.3,2023-02-08,20:15:43,v2.6.1 +argo-cd-5.20.2,2023-02-08,16:42:35,v2.6.0 +argo-cd-5.20.1,2023-02-08,01:10:02,v2.6.0 +argo-workflows-0.22.10,2023-02-07,15:11:29,v3.4.5 +argo-cd-5.20.0,2023-02-07,15:02:47,v2.6.0 +argo-cd-5.19.15,2023-02-06,04:40:38,v2.5.10 +argo-cd-5.19.14,2023-02-02,21:56:38,v2.5.10 +argo-cd-5.19.13,2023-02-02,04:11:31,v2.5.9 +argocd-image-updater-0.8.4,2023-02-01,21:07:41,v0.12.2 +argocd-image-updater-0.8.3,2023-01-29,18:59:51,v0.12.0 +argocd-apps-0.0.7,2023-01-29,19:17:57, +argo-workflows-0.22.9,2023-01-29,18:48:45,v3.4.4 +argo-rollouts-2.22.2,2023-01-29,19:14:29,v1.4.0 +argo-events-2.1.2,2023-01-29,19:07:55,v1.7.5 +argo-events-2.1.1,2023-01-29,12:16:37,v1.7.5 +argo-cd-5.19.12,2023-01-29,15:23:26,v2.5.9 +argo-cd-5.19.11,2023-01-28,13:41:15,v2.5.9 +argo-cd-5.19.9,2023-01-27,14:47:36,v2.5.8 +argo-cd-5.19.10,2023-01-27,23:20:39,v2.5.8 +argo-cd-5.19.8,2023-01-26,12:06:45,v2.5.8 +argo-cd-5.19.7,2023-01-26,08:23:02,v2.5.8 +argo-events-2.1.0,2023-01-25,21:46:36,v1.7.4 +argo-cd-5.19.6,2023-01-24,00:18:44,v2.5.7 +argo-cd-5.19.5,2023-01-22,19:22:59,v2.5.7 +argo-cd-5.19.4,2023-01-22,17:20:54,v2.5.7 +argocd-image-updater-0.8.2,2023-01-21,11:38:12,v0.12.0 +argo-cd-5.19.3,2023-01-21,19:11:20,v2.5.7 +argo-cd-5.19.2,2023-01-21,12:19:10,v2.5.7 +argo-cd-5.19.1,2023-01-21,12:08:16,v2.5.7 +argo-cd-5.19.0,2023-01-21,09:25:14,v2.5.7 +argo-rollouts-2.22.1,2023-01-20,16:42:17,v1.4.0 +argo-cd-5.18.1,2023-01-20,14:34:15,v2.5.7 +argo-rollouts-2.22.0,2023-01-19,21:14:27,v1.4.0 +argo-rollouts-2.21.3,2023-01-19,10:37:43,v1.3.1 +argo-cd-5.18.0,2023-01-19,22:15:14,v2.5.7 +argo-rollouts-2.21.2,2023-01-18,02:39:11,v1.3.1 +argo-cd-5.17.4,2023-01-18,13:01:18,v2.5.7 +argo-cd-5.17.2,2023-01-18,06:44:45,v2.5.7 +argo-cd-5.17.1,2023-01-11,06:33:59,v2.5.6 +argo-workflows-0.22.8,2023-01-10,00:03:48,v3.4.4 +argo-cd-5.17.0,2023-01-10,12:32:17,v2.5.5 +argo-cd-5.16.15,2023-01-10,08:59:08,v2.5.5 +argo-cd-5.16.14,2023-01-04,09:49:57,v2.5.5 +argo-workflows-0.22.7,2023-01-03,01:46:24,v3.4.4 +argo-workflows-0.22.6,2022-12-30,05:21:07,v3.4.4 +argo-workflows-0.22.5,2022-12-29,16:31:57,v3.4.4 +argo-events-2.0.11,2022-12-29,17:55:54,v1.7.4 +argo-cd-5.16.13,2022-12-29,16:26:56,v2.5.5 +argo-cd-5.16.12,2022-12-29,15:47:53,v2.5.5 +argo-cd-5.16.11,2022-12-29,11:49:31,v2.5.5 +argo-cd-5.16.10,2022-12-27,12:12:26,v2.5.5 +argocd-apps-0.0.6,2022-12-25,13:56:50, +argo-events-2.0.10,2022-12-24,19:41:24,v1.7.4 +argo-workflows-0.22.4,2022-12-22,13:00:59,v3.4.4 +argo-cd-5.16.9,2022-12-20,13:18:36,v2.5.5 +argo-cd-5.16.8,2022-12-20,11:54:14,v2.5.5 +argo-workflows-0.22.3,2022-12-19,09:08:04,v3.4.4 +argo-workflows-0.22.2,2022-12-18,23:42:17,v3.4.4 +argo-events-2.0.9,2022-12-17,00:45:45,v1.7.3 +argo-cd-5.16.7,2022-12-17,11:36:17,v2.5.5 +argo-events-2.0.8,2022-12-15,08:33:57,v1.7.3 +argo-cd-5.16.6,2022-12-15,06:03:36,v2.5.4 +argo-cd-5.16.5,2022-12-14,21:13:18,v2.5.4 +argo-cd-5.16.4,2022-12-13,21:31:30,v2.5.4 +argo-cd-5.16.3,2022-12-13,06:19:38,v2.5.4 +argocd-apps-0.0.5,2022-12-10,14:50:54, +argo-workflows-0.22.1,2022-12-09,06:50:29,v3.4.4 +argo-events-2.0.7,2022-12-09,13:08:09,v1.7.3 +argo-cd-5.16.2,2022-12-07,07:41:56,v2.5.4 +argocd-apps-0.0.4,2022-12-02,13:26:38, +argo-workflows-0.22.0,2022-12-02,13:51:34,v3.4.4 +argo-workflows-0.21.0,2022-12-02,10:29:52,v3.4.4 +argo-cd-5.16.1,2022-12-02,14:48:40,v2.5.3 +argo-workflows-0.20.12,2022-11-30,15:26:09,v3.4.4 +argo-cd-5.16.0,2022-11-30,23:28:36,v2.5.3 +argo-cd-5.15.2,2022-11-30,21:58:12,v2.5.3 +argo-cd-5.15.1,2022-11-30,21:38:35,v2.5.3 +argo-cd-5.15.0,2022-11-29,21:15:00,v2.5.3 +argo-cd-5.14.3,2022-11-28,22:10:18,v2.5.3 +argo-workflows-0.20.11,2022-11-26,01:08:34,v3.4.3 +argo-workflows-0.20.10,2022-11-25,00:36:01,v3.4.3 +argo-cd-5.14.2,2022-11-25,17:40:10,v2.5.2 +argo-workflows-0.20.9,2022-11-23,07:18:21,v3.4.3 +argo-cd-5.14.1,2022-11-21,10:39:57,v2.5.2 +argo-cd-5.14.0,2022-11-20,13:30:05,v2.5.2 +argo-cd-5.13.9,2022-11-17,15:26:43,v2.5.2 +argo-workflows-0.20.8,2022-11-14,11:20:39,v3.4.3 +argo-cd-5.13.8,2022-11-11,02:11:52,v2.5.2 +argo-workflows-0.20.7,2022-11-10,00:36:36,v3.4.3 +argo-cd-5.13.7,2022-11-10,01:56:07,v2.5.2 +argo-cd-5.13.6,2022-11-08,16:04:52,v2.5.2 +argo-cd-5.13.5,2022-11-07,21:55:16,v2.5.1 +argo-cd-5.13.4,2022-11-06,21:13:41,v2.5.1 +argo-cd-5.13.3,2022-11-06,04:19:47,v2.5.1 +argo-cd-5.13.2,2022-11-03,08:37:01,v2.5.1 +argo-cd-5.13.1,2022-11-02,07:31:33,v2.5.1 +argo-workflows-0.20.6,2022-11-01,09:26:43,v3.4.3 +argo-cd-5.13.0,2022-11-01,19:27:19,v2.5.0 +argo-cd-5.12.3,2022-11-01,14:57:44,v2.5.0 +argo-cd-5.12.2,2022-10-31,17:38:56,v2.5.0 +argo-cd-5.9.1,2022-10-30,17:48:16,v2.5.0 +argo-cd-5.9.0,2022-10-30,15:38:31,v2.5.0 +argo-cd-5.12.1,2022-10-30,23:48:29,v2.5.0 +argo-cd-5.12.0,2022-10-30,22:03:51,v2.5.0 +argo-cd-5.11.0,2022-10-30,20:44:31,v2.5.0 +argo-cd-5.10.0,2022-10-30,19:13:05,v2.5.0 +argo-cd-5.8.7,2022-10-29,19:08:37,v2.5.0 +argo-cd-5.8.6,2022-10-29,09:24:01,v2.5.0 +argo-cd-5.8.5,2022-10-28,10:18:33,v2.5.0 +argo-cd-5.8.4,2022-10-28,08:50:11,v2.5.0 +argo-workflows-0.20.5,2022-10-27,01:05:01,v3.4.2 +argo-cd-5.8.3,2022-10-27,12:18:27,v2.5.0 +argo-cd-5.8.2,2022-10-26,13:19:29,v2.5.0 +argo-cd-5.8.1,2022-10-26,11:11:40,v2.5.0 +argo-workflows-0.20.4,2022-10-25,06:19:19,v3.4.2 +argo-cd-5.8.0,2022-10-25,21:22:42,v2.5.0 +argo-cd-5.7.0,2022-10-25,17:05:58,v2.4.15 +argo-cd-5.6.8,2022-10-25,14:09:11,v2.4.15 +argo-cd-5.6.7,2022-10-25,13:30:20,v2.4.15 +argo-cd-5.6.6,2022-10-25,06:42:17,v2.4.15 +argo-workflows-0.20.3,2022-10-24,05:53:54,v3.4.2 +argo-cd-5.6.5,2022-10-24,21:48:21,v2.4.15 +argo-cd-5.6.4,2022-10-24,17:06:09,v2.4.15 +argo-workflows-0.20.2,2022-10-22,07:37:48,v3.4.1 +argo-cd-5.6.3,2022-10-22,12:59:43,v2.4.15 +argo-cd-5.6.2,2022-10-21,08:11:20,v2.4.15 +argo-cd-5.6.1,2022-10-20,11:23:48,v2.4.15 +argocd-apps-0.0.3,2022-10-13,22:07:34, +argo-cd-5.6.0,2022-10-13,22:30:23,v2.4.14 +argo-cd-5.5.25,2022-10-13,16:17:41,v2.4.14 +argocd-apps-0.0.2,2022-10-12,08:34:02, +argo-cd-5.5.24,2022-10-12,12:55:54,v2.4.14 +argo-cd-5.5.23,2022-10-12,11:46:40,v2.4.14 +argo-cd-5.5.22,2022-10-12,08:04:42,v2.4.14 +argocd-image-updater-0.8.1,2022-10-11,22:21:29,v0.12.0 +argo-cd-5.5.21,2022-10-11,14:12:05,v2.4.14 +argo-cd-5.5.20,2022-10-11,14:00:11,v2.4.14 +argo-cd-5.5.19,2022-10-11,12:29:07,v2.4.14 +argo-cd-5.5.18,2022-10-10,20:46:29,v2.4.14 +argo-cd-5.5.17,2022-10-10,19:09:27,v2.4.14 +argo-cd-5.5.16,2022-10-09,13:23:27,v2.4.14 +argo-cd-5.5.15,2022-10-09,08:34:22,v2.4.14 +argo-cd-5.5.14,2022-10-08,22:23:13,v2.4.14 +argo-cd-5.5.13,2022-10-08,11:28:42,v2.4.14 +argo-cd-5.5.12,2022-10-07,10:52:38,v2.4.14 +argo-cd-5.5.9,2022-10-06,14:32:23,v2.4.13 +argo-cd-5.5.11,2022-10-06,22:23:50,v2.4.14 +argo-cd-5.5.10,2022-10-06,21:05:05,v2.4.14 +argo-cd-5.5.8,2022-10-04,00:58:31,v2.4.13 +argo-workflows-0.20.1,2022-10-02,09:28:15,v3.4.1 +argo-rollouts-2.21.1,2022-09-30,22:29:28,v1.3.1 +argo-cd-5.5.7,2022-09-30,13:26:36,v2.4.12 +argo-rollouts-2.21.0,2022-09-29,06:43:50,v1.3.0 +argo-events-2.0.6,2022-09-29,15:55:01,v1.7.3 +argo-workflows-0.20.0,2022-09-28,13:51:07,v3.4.0 +argo-cd-5.5.6,2022-09-28,11:06:18,v2.4.12 +argo-workflows-0.19.6,2022-09-27,12:44:09,v3.4.0 +argo-workflows-0.19.5,2022-09-27,09:53:23,v3.4.0 +argo-workflows-0.19.4,2022-09-26,04:11:17,v3.4.0 +argo-workflows-0.19.3,2022-09-26,01:49:55,v3.4.0 +argo-cd-5.5.5,2022-09-25,17:03:01,v2.4.12 +argo-workflows-0.19.2,2022-09-24,00:03:59,v3.4.0 +argo-cd-5.5.4,2022-09-22,17:20:47,v2.4.12 +argo-cd-5.5.3,2022-09-22,08:53:07,v2.4.12 +argo-workflows-0.19.1,2022-09-21,12:51:22,v3.4.0 +argo-workflows-0.19.0,2022-09-21,10:35:00,v3.4.0 +argo-cd-5.5.2,2022-09-21,19:06:26,v2.4.12 +argo-cd-5.5.1,2022-09-21,18:21:31,v2.4.12 +argo-cd-5.5.0,2022-09-21,11:48:56,v2.4.12 +argo-cd-5.4.8,2022-09-21,07:32:29,v2.4.12 +argo-events-2.0.5,2022-09-20,11:55:01,v1.7.2 +argo-workflows-0.18.0,2022-09-19,16:10:42,v3.4.0 +argo-cd-5.4.7,2022-09-19,21:37:54,v2.4.12 +argo-cd-5.4.6,2022-09-19,12:57:09,v2.4.12 +argo-cd-5.4.5,2022-09-19,11:44:57,v2.4.12 +argo-cd-5.4.4,2022-09-16,08:58:43,v2.4.12 +argo-cd-5.4.3,2022-09-08,17:00:01,v2.4.11 +argo-cd-5.4.2,2022-09-06,10:13:54,v2.4.11 +argo-cd-5.4.1,2022-09-04,08:48:29,v2.4.11 +argo-cd-5.4.0,2022-08-30,15:30:53,v2.4.11 +argo-workflows-0.17.1,2022-08-26,09:03:18,v3.3.9 +argo-rollouts-2.20.0,2022-08-26,16:40:20,v1.2.2 +argo-rollouts-2.19.2,2022-08-26,09:03:17,v1.2.2 +argo-events-2.0.4,2022-08-26,09:03:16,v1.7.1 +argo-cd-5.3.6,2022-08-26,16:15:52,v2.4.11 +argo-cd-5.3.5,2022-08-26,13:38:01,v2.4.11 +argo-cd-5.3.4,2022-08-26,09:03:15,v2.4.11 +argo-cd-5.3.3,2022-08-25,22:09:36,v2.4.11 +argo-cd-5.3.2,2022-08-25,21:39:21,v2.4.11 +argo-cd-5.3.1,2022-08-25,11:35:35,v2.4.11 +argo-cd-5.3.0,2022-08-25,10:42:01,v2.4.11 +argo-cd-5.2.2,2022-08-25,10:13:10,v2.4.11 +argo-cd-5.2.1,2022-08-25,09:08:04,v2.4.11 +argo-cd-5.2.0,2022-08-25,08:43:06,v2.4.11 +argo-cd-5.1.0,2022-08-25,06:41:11,v2.4.11 +argo-cd-5.0.0,2022-08-24,15:12:21,v2.4.11 +argo-rollouts-2.19.0,2022-08-23,02:43:29,v1.2.0 +argocd-apps-0.0.1,2022-08-22,12:32:28, +argo-cd-4.10.9,2022-08-22,14:04:30,v2.4.11 +argo-cd-4.10.8,2022-08-19,19:37:44,v2.4.10 +argo-cd-4.10.7,2022-08-18,00:28:21,v2.4.10 +argo-workflows-0.17.0,2022-08-17,00:07:26,v3.3.9 +argo-cd-4.10.6,2022-08-11,20:43:51,v2.4.9 +argo-workflows-0.16.9,2022-08-10,11:43:41,v3.3.9 +argo-cd-4.10.5,2022-08-02,10:02:11,v2.4.8 +argo-cd-4.10.4,2022-08-01,13:49:17,v2.4.8 +argo-cd-4.10.3,2022-07-31,12:20:12,v2.4.7 +argo-cd-4.10.2,2022-07-29,18:15:36,v2.4.7 +argo-cd-4.10.1,2022-07-29,14:40:58,v2.4.7 +argo-workflows-0.16.8,2022-07-27,00:51:07,v3.3.8 +argo-cd-4.10.0,2022-07-21,09:53:44,v2.4.7 +argo-cd-4.9.16,2022-07-19,12:48:08,v2.4.7 +argo-cd-4.9.15,2022-07-19,06:25:53,v2.4.7 +argo-rollouts-2.18.0,2022-07-15,11:43:33,v1.2.0 +argo-cd-4.9.14,2022-07-14,13:03:20,v2.4.6 +argo-workflows-0.16.7,2022-07-13,00:10:56,v3.3.8 +argo-cd-4.9.13,2022-07-13,20:43:07,v2.4.6 +argo-cd-4.9.12,2022-07-07,16:46:25,v2.4.4 +argo-events-2.0.3,2022-07-06,12:39:16,v1.7.1 +argo-events-2.0.2,2022-07-04,09:50:24,v1.7.1 +argo-cd-4.9.11,2022-06-29,13:10:22,v2.4.3 +argo-cd-4.9.9,2022-06-28,13:20:49,v2.4.3 +argo-cd-4.9.10,2022-06-28,15:14:22,v2.4.3 +argo-events-2.0.1,2022-06-27,21:35:46,v1.7.0 +argo-cd-4.9.8,2022-06-27,17:45:36,v2.4.2 +argo-workflows-0.16.6,2022-06-24,05:47:50,v3.3.8 +argo-workflows-0.16.5,2022-06-23,16:01:09,v3.3.7 +argo-workflows-0.16.4,2022-06-23,09:30:17,v3.3.6 +argo-cd-4.9.7,2022-06-23,14:43:59,v2.4.2 +argo-cd-4.9.6,2022-06-23,06:34:16,v2.4.2 +argo-cd-4.9.5,2022-06-23,05:50:20,v2.4.2 +argo-rollouts-2.17.0,2022-06-17,08:13:21,v1.2.0 +argo-cd-4.9.4,2022-06-17,07:01:22,v2.4.0 +argo-cd-4.9.3,2022-06-16,11:24:09,v2.4.0 +argo-cd-4.9.2,2022-06-15,13:16:32,v2.4.0 +argo-events-2.0.0,2022-06-14,15:38:27,v1.7.0 +argo-cd-4.9.1,2022-06-14,12:32:16,v2.4.0 +argo-cd-4.9.0,2022-06-14,10:10:37,v2.4.0 +argo-workflows-0.16.3,2022-06-10,16:50:21,v3.3.6 +argo-cd-4.8.3,2022-06-08,06:04:29,v2.3.4 +argo-cd-4.8.2,2022-06-02,12:26:38,v2.3.4 +argo-cd-4.8.1,2022-06-02,12:06:47,v2.3.4 +argo-workflows-0.16.2,2022-06-01,17:56:41,v3.3.6 +argo-rollouts-2.16.0,2022-06-01,17:10:16,v1.2.0 +argo-cd-4.8.0,2022-05-30,16:20:13,v2.3.4 +argo-workflows-0.16.1,2022-05-26,11:20:50,v3.3.6 +argo-rollouts-2.15.0,2022-05-26,12:00:18,v1.2.0 +argo-workflows-0.16.0,2022-05-25,09:30:37,v3.3.5 +argo-workflows-0.15.4,2022-05-25,08:52:21,v3.3.5 +argo-cd-4.7.0,2022-05-25,11:07:09,v2.3.4 +argo-rollouts-2.14.1,2022-05-23,05:05:29,v1.2.0 +argo-cd-4.6.5,2022-05-23,04:47:27,v2.3.4 +argo-workflows-0.15.3,2022-05-22,07:43:33,v3.3.5 +argo-cd-4.6.4,2022-05-22,11:52:08,v2.3.4 +argo-workflows-0.15.2,2022-05-20,21:14:27,v3.3.5 +argo-workflows-0.15.1,2022-05-20,19:19:26,v3.3.2 +argo-cd-4.6.3,2022-05-20,18:11:16,v2.3.4 +argo-cd-4.6.2,2022-05-19,17:54:21,v2.3.4 +argo-cd-4.6.1,2022-05-19,11:51:31,v2.3.3 +argo-cd-4.6.0,2022-05-10,07:41:16,v2.3.3 +argo-workflows-0.15.0,2022-05-09,20:45:52,v3.3.2 +argo-workflows-0.14.5,2022-05-09,20:36:39,v3.3.2 +argo-workflows-0.14.4,2022-05-09,20:24:35,v3.3.2 +argo-workflows-0.14.3,2022-05-09,19:51:22,v3.3.2 +argo-workflows-0.14.2,2022-05-09,19:37:38,v3.3.2 +argo-cd-4.5.12,2022-05-09,19:18:36,v2.3.3 +argo-cd-4.5.11,2022-05-07,20:58:56,v2.3.3 +argo-cd-4.5.10,2022-05-05,21:59:44,v2.3.3 +argo-cd-4.5.9,2022-05-04,16:40:52,v2.3.3 +argo-workflows-0.14.1,2022-05-01,11:44:50,v3.3.2 +argo-cd-4.5.8,2022-04-30,12:31:18,v2.3.3 +argo-events-1.13.0,2022-04-23,07:25:52,v1.6.0 +argocd-notifications-1.8.1,2022-04-22,09:42:54,v1.2.1 +argocd-applicationset-1.12.1,2022-04-22,09:42:52,v0.4.1 +argocd-applicationset-1.12.0,2022-04-22,07:23:43,v0.4.1 +argo-workflows-0.14.0,2022-04-22,07:09:42,v3.3.2 +argo-cd-4.5.7,2022-04-22,09:55:26,v2.3.3 +argo-cd-4.5.6,2022-04-22,08:34:16,v2.3.3 +argo-cd-4.5.5,2022-04-21,22:02:41,v2.3.3 +argo-cd-4.5.4,2022-04-19,11:02:10,v2.3.3 +argo-cd-4.5.3,2022-04-12,14:28:36,v2.3.3 +argo-cd-4.5.2,2022-04-12,12:32:08,v2.3.3 +argo-cd-4.5.1,2022-04-11,14:33:48,v2.3.3 +argo-rollouts-2.14.0,2022-04-05,11:38:27,v1.2.0 +argo-cd-4.5.0,2022-04-03,09:14:25,v2.3.3 +argo-cd-4.4.1,2022-04-02,18:45:18,v2.3.3 +argo-rollouts-2.13.0,2022-03-31,17:32:03,v1.2.0 +argo-cd-4.4.0,2022-03-31,12:20:18,v2.3.3 +argo-cd-4.3.2,2022-03-31,11:59:31,v2.3.3 +argo-cd-4.3.1,2022-03-30,13:40:17,v2.3.3 +argo-cd-4.3.0,2022-03-29,11:24:34,v2.3.2 +argo-cd-4.2.4,2022-03-28,21:02:42,v2.3.2 +argo-cd-4.2.3,2022-03-28,13:18:14,v2.3.2 +argo-workflows-0.13.1,2022-03-23,13:18:49,v3.2.9 +argo-rollouts-2.12.0,2022-03-23,21:12:12,v1.2.0 +argo-cd-4.2.2,2022-03-23,09:53:45,v2.3.2 +argo-cd-4.2.1,2022-03-18,21:25:50,v2.3.1 +argo-cd-4.2.0,2022-03-18,16:42:44,v2.3.1 +argocd-image-updater-0.8.0,2022-03-17,19:34:59,v0.12.0 +argo-cd-4.1.0,2022-03-17,17:16:25,v2.3.1 +argo-cd-4.0.1,2022-03-17,12:54:21,v2.3.1 +argo-cd-4.0.0,2022-03-16,21:02:33,v2.3.1 +argo-rollouts-2.11.0,2022-03-14,21:13:07,v1.1.1 +argo-workflows-0.13.0,2022-03-12,17:55:49,v3.2.9 +argo-workflows-0.12.0,2022-03-12,17:14:00,v3.2.9 +argo-cd-3.35.4,2022-03-12,18:59:29,v2.2.5 +argo-cd-3.35.3,2022-03-10,10:45:45,v2.2.5 +argo-cd-3.35.2,2022-03-06,15:54:11,v2.2.5 +argo-cd-3.35.1,2022-03-06,12:08:36,v2.2.5 +argo-workflows-0.11.2,2022-03-05,08:51:50,v3.2.9 +argo-workflows-0.11.1,2022-03-03,14:02:23,v3.2.7 +argocd-image-updater-0.7.0,2022-03-01,10:26:52,v0.11.3 +argo-workflows-0.11.0,2022-03-01,09:53:15,v3.2.7 +argo-cd-3.35.0,2022-03-01,21:58:21,v2.2.5 +argo-cd-3.34.0,2022-03-01,17:37:13,v2.2.5 +argo-cd-3.33.8,2022-02-26,20:07:35,v2.2.5 +argo-cd-3.33.7,2022-02-23,11:02:53,v2.2.5 +argocd-image-updater-0.6.3,2022-02-20,17:56:33,v0.11.3 +argo-rollouts-2.10.0,2022-02-20,23:01:55,v1.1.1 +argo-events-1.12.0,2022-02-20,20:57:50,v1.6.0 +argo-events-1.11.0,2022-02-20,18:31:57,v1.6.0 +argocd-applicationset-1.11.0,2022-02-17,08:19:49,v0.3.0 +argo-cd-3.33.6,2022-02-17,11:37:47,v2.2.5 +argocd-applicationset-1.10.0,2022-02-16,18:44:07,v0.3.0 +argo-workflows-0.10.1,2022-02-09,23:06:55,v3.2.7 +argo-cd-3.33.5,2022-02-05,16:32:53,v2.2.5 +argo-cd-3.33.4,2022-02-05,12:55:15,v2.2.5 +argo-cd-3.33.3,2022-02-04,09:19:44,v2.2.4 +argo-cd-3.33.2,2022-02-03,09:36:59,v2.2.3 +argocd-notifications-1.8.0,2022-02-01,21:49:11,v1.2.1 +argo-cd-3.33.1,2022-01-31,19:26:33,v2.2.3 +argo-cd-3.33.0,2022-01-31,15:37:35,v2.2.3 +argo-workflows-0.10.0,2022-01-28,13:45:09,v3.2.6 +argo-cd-3.32.1,2022-01-27,10:15:36,v2.2.3 +argo-cd-3.32.0,2022-01-26,15:14:35,v2.2.3 +argo-rollouts-2.9.3,2022-01-25,12:43:34,v1.1.1 +argocd-notifications-1.7.1,2022-01-24,19:19:34,v1.2.1 +argocd-image-updater-0.6.2,2022-01-24,19:19:33,v0.11.2 +argocd-applicationset-1.9.1,2022-01-24,19:19:32,v0.3.0 +argo-workflows-0.9.5,2022-01-24,19:19:30,v3.2.6 +argo-rollouts-2.9.2,2022-01-24,19:19:29,v1.1.1 +argo-events-1.10.2,2022-01-24,19:19:28,v1.5.6 +argo-cd-3.31.1,2022-01-24,19:19:26,v2.2.2 +argo-cd-3.31.0,2022-01-20,10:52:27,v2.2.2 +argo-cd-3.30.1,2022-01-19,19:26:25,v2.2.2 +argo-events-1.10.1,2022-01-18,22:20:08,v1.5.6 +argo-events-1.10.0,2022-01-17,14:02:09,v1.5.0 +argo-cd-3.30.0,2022-01-16,05:24:18,v2.2.2 +argocd-image-updater-0.6.1,2022-01-11,22:07:52,v0.11.2 +argo-rollouts-2.9.1,2022-01-11,22:35:51,v1.1.1 +argo-rollouts-2.9.0,2022-01-10,20:46:21,v1.1.1 +argo-rollouts-2.8.1,2022-01-10,18:21:14,v1.1.1 +argo-events-1.9.0,2022-01-10,19:56:43,v1.5.0 +argocd-applicationset-1.9.0,2022-01-09,18:08:02,v0.3.0 +argocd-applicationset-1.8.0,2022-01-06,18:36:05,v0.3.0 +argo-rollouts-2.8.0,2022-01-05,12:32:16,v1.1.0 +argo-cd-3.29.5,2022-01-04,10:16:28,v2.2.2 +argocd-notifications-1.7.0,2021-12-20,18:18:19,v1.2.1 +argo-workflows-0.9.4,2021-12-20,11:00:00,v3.2.6 +argo-rollouts-2.7.0,2021-12-20,19:13:47,v1.1.0 +argo-cd-3.29.4,2021-12-20,17:27:35,v2.2.1 +argo-cd-3.29.3,2021-12-18,22:09:23,v2.2.1 +argo-cd-3.29.2,2021-12-17,18:39:32,v2.2.1 +argo-cd-3.29.1,2021-12-17,10:06:18,v2.2.1 +argocd-notifications-1.6.1,2021-12-16,09:58:40,v1.2.1 +argo-cd-3.29.0,2021-12-15,10:15:30,v2.2.0 +argo-cd-3.28.1,2021-12-11,19:32:10,v2.1.7 +argo-cd-3.28.0,2021-12-10,15:23:06,v2.1.7 +argocd-applicationset-1.7.0,2021-12-09,14:56:54,v0.2.0 +argo-rollouts-2.6.0,2021-12-09,15:13:24,v1.1.0 +argocd-image-updater-0.6.0,2021-12-07,06:40:34,v0.11.0 +argo-workflows-0.9.3,2021-12-06,10:02:15,v3.2.4 +argo-cd-3.27.1,2021-12-03,22:41:42,v2.1.7 +argo-cd-3.27.0,2021-12-03,22:19:58,v2.1.7 +argo-cd-3.26.12,2021-11-29,10:51:49,v2.1.7 +argocd-notifications-1.6.0,2021-11-25,17:39:42,v1.2.0 +argocd-image-updater-0.5.0,2021-11-24,20:47:21,v0.11.0 +argo-cd-3.26.11,2021-11-24,16:30:38,v2.1.7 +argo-workflows-0.9.2,2021-11-23,10:12:37,v3.2.4 +argocd-image-updater-0.4.2,2021-11-22,07:18:47,v0.10.3 +argo-workflows-0.9.1,2021-11-22,09:41:06,v3.2.4 +argo-workflows-0.9.0,2021-11-22,09:33:03,v3.2.4 +argo-workflows-0.8.3,2021-11-21,18:59:21,v3.2.4 +argo-cd-3.26.10,2021-11-21,12:48:45,v2.1.7 +argo-workflows-0.8.2,2021-11-19,21:36:02,v3.2.0 +argocd-image-updater-0.4.1,2021-11-17,09:50:53,v0.10.3 +argo-cd-3.26.9,2021-11-17,07:43:03,v2.1.6 +argocd-image-updater-0.4.0,2021-11-15,23:19:27,v0.10.1 +argo-rollouts-2.5.0,2021-11-15,07:02:31,v1.1.0 +argocd-notifications-1.5.2,2021-11-12,09:25:30,v1.1.1 +argo-cd-3.26.8,2021-11-11,15:00:04,v2.1.6 +argo-cd-3.26.7,2021-11-10,17:18:47,v2.1.6 +argocd-image-updater-0.3.0,2021-11-09,21:14:43,v0.10.1 +argo-rollouts-2.4.0,2021-11-09,20:50:12,v1.1.0 +argo-cd-3.26.6,2021-11-06,08:23:57,v2.1.6 +argo-workflows-0.8.1,2021-11-01,18:13:26,v3.2.0 +argo-cd-3.26.5,2021-10-31,19:32:18,v2.1.6 +argo-cd-3.26.4,2021-10-31,11:57:25,v2.1.6 +argo-events-1.8.0,2021-10-27,15:13:58,v1.5.0 +argo-cd-3.26.3,2021-10-21,20:56:35,v2.1.5 +argo-cd-3.26.2,2021-10-21,11:34:14,2.1.4 +argo-cd-3.26.1,2021-10-20,06:32:59,2.1.4 +argo-workflows-0.8.0,2021-10-19,15:37:06,v3.2.0 +argo-cd-3.26.0,2021-10-19,17:02:52,2.1.3 +argo-cd-3.25.3,2021-10-19,15:51:33,2.1.3 +argo-rollouts-2.3.0,2021-10-18,12:29:40,v1.1.0 +argocd-applicationset-1.6.0,2021-10-17,18:30:56,v0.2.0 +argo-rollouts-2.2.1,2021-10-17,12:08:48,v1.1.0 +argo-cd-3.25.2,2021-10-17,10:33:22,2.1.3 +argo-workflows-0.7.3,2021-10-15,10:22:13,v3.2.0 +argo-workflows-0.7.2,2021-10-15,09:42:17,v3.1.8 +argo-rollouts-2.2.0,2021-10-14,14:58:28,v1.1.0 +argo-cd-3.25.1,2021-10-14,12:40:36,2.1.3 +argo-cd-3.25.0,2021-10-12,18:49:49,2.1.3 +argo-cd-3.24.0,2021-10-06,22:13:09,2.1.3 +argo-cd-3.23.1,2021-10-06,15:28:20,2.1.3 +argo-cd-3.23.0,2021-10-04,22:20:00,2.1.2 +argocd-notifications-1.5.1,2021-09-29,15:15:42,1.1.1 +argo-cd-3.22.1,2021-09-29,09:07:29,2.1.2 +argocd-applicationset-1.5.1,2021-09-27,13:58:05,v0.2.0 +argocd-applicationset-1.5.0,2021-09-27,12:06:48,v0.2.0 +argo-workflows-0.7.1,2021-09-27,15:18:14,v3.1.8 +argo-workflows-0.7.0,2021-09-27,07:14:58,v3.1.8 +argo-rollouts-2.1.1,2021-09-27,15:10:06,v1.0.2 +argo-cd-3.22.0,2021-09-27,19:32:54,2.1.2 +argo-cd-3.21.1,2021-09-27,10:04:46,2.1.2 +argocd-image-updater-0.2.1,2021-09-20,14:43:20,v0.10.1 +argo-workflows-0.6.0,2021-09-17,19:51:33,v3.1.8 +argo-rollouts-2.1.0,2021-09-17,16:39:27,v1.0.2 +argo-cd-3.21.0,2021-09-17,20:14:56,2.1.2 +argo-cd-3.20.0,2021-09-17,17:47:39,2.1.2 +argo-cd-3.19.0,2021-09-17,13:57:58,2.1.2 +argocd-image-updater-0.2.0,2021-09-16,18:59:58,v0.10.1 +argocd-image-updater-0.1.1,2021-09-16,17:30:59,v0.10.1 +argo-rollouts-2.0.2,2021-09-16,19:06:11,v1.0.2 +argo-cd-3.18.0,2021-09-16,17:59:45,2.1.2 +argo-workflows-0.5.2,2021-09-15,22:27:25,v3.1.8 +argo-cd-3.17.7,2021-09-15,10:31:26,2.1.2 +argo-workflows-0.5.1,2021-09-13,16:21:35,v3.1.8 +argo-cd-3.17.6,2021-09-02,21:59:12,2.1.2 +argo-rollouts-2.0.1,2021-08-30,06:46:48,v1.0.2 +argocd-notifications-1.5.0,2021-08-27,13:12:54,1.1.1 +argocd-applicationset-1.4.0,2021-08-27,12:33:43,v0.2.0 +argo-workflows-0.5.0,2021-08-27,12:59:50,v3.1.8 +argo-cd-3.17.5,2021-08-27,13:47:25,2.1.1 +argo-cd-3.17.4,2021-08-27,10:06:21,2.1.1 +argo-cd-3.17.3,2021-08-26,15:11:19,2.1.1 +argo-cd-3.17.2,2021-08-26,14:22:27,2.1.1 +argo-cd-3.17.1,2021-08-26,13:55:36,2.1.0 +argo-cd-3.17.0,2021-08-26,13:43:13,2.1.0 +argocd-notifications-1.4.4,2021-08-25,12:14:37,1.1.1 +argocd-applicationset-1.3.1,2021-08-25,07:05:41,v0.2.0 +argo-cd-3.16.0,2021-08-25,15:05:03,2.1.0 +argo-cd-3.15.0,2021-08-24,12:48:33,2.1.0 +argo-cd-3.14.0,2021-08-24,12:38:02,2.1.0 +argocd-applicationset-1.3.0,2021-08-23,13:05:32,v0.2.0 +argocd-applicationset-1.2.0,2021-08-23,12:23:43,v0.2.0 +argo-workflows-0.4.2,2021-08-23,11:13:42,v3.1.8 +argo-cd-3.13.2,2021-08-23,17:23:36,2.1.0 +argo-cd-3.13.1,2021-08-23,13:01:57,2.1.0 +argo-cd-3.13.0,2021-08-23,12:14:11,2.1.0 +argo-workflows-0.4.1,2021-08-20,16:24:43,v3.1.5 +argocd-notifications-1.4.3,2021-08-18,10:02:11,1.1.1 +argocd-notifications-1.4.2,2021-08-17,09:13:14,1.1.1 +argo-workflows-0.4.0,2021-08-17,07:31:04,v3.1.5 +argocd-image-updater-0.1.0,2021-08-16,15:23:23,v0.10.1 +argo-rollouts-2.0.0,2021-08-16,15:27:43,v1.0.2 +argo-cd-3.12.1,2021-08-14,11:03:56,2.0.5 +argocd-applicationset-1.1.0,2021-08-13,16:37:25,v0.1.0 +argo-cd-3.12.0,2021-08-13,20:15:28,2.0.5 +argo-workflows-0.3.0,2021-08-11,07:32:31,v3.0.7 +argo-cd-3.11.5,2021-08-11,15:44:45,2.0.5 +argo-cd-3.11.4,2021-08-11,07:14:57,2.0.5 +argo-workflows-0.2.13,2021-08-10,13:45:31,v3.0.7 +argo-rollouts-1.0.4,2021-08-10,06:39:57,v1.0.2 +argo-cd-3.11.3,2021-08-09,08:58:30,2.0.5 +argo-events-1.7.0,2021-08-07,22:43:47,1.3.1 +argo-cd-3.11.2,2021-08-07,13:08:09,2.0.5 +argo-cd-3.11.1,2021-07-28,15:42:38,2.0.5 +argo-cd-3.11.0,2021-07-28,14:37:27,2.0.5 +argo-cd-3.10.2,2021-07-27,11:07:30,2.0.5 +argo-cd-3.10.1,2021-07-27,01:33:24,2.0.5 +argo-workflows-0.2.12,2021-07-21,16:02:29,v3.0.7 +argo-workflows-0.2.9,2021-07-20,18:18:54,v3.0.7 +argo-workflows-0.2.8,2021-07-20,18:10:55,v3.0.7 +argo-workflows-0.2.11,2021-07-20,21:51:21,v3.0.7 +argo-workflows-0.2.10,2021-07-20,18:25:05,v3.0.7 +argo-cd-3.10.0,2021-07-20,11:41:23,2.0.4 +argo-cd-3.9.0,2021-07-13,06:35:52,2.0.4 +argo-cd-3.8.2,2021-07-13,06:26:07,2.0.4 +argocd-applicationset-1.0.0,2021-07-12,10:54:40,v0.1.0 +argo-cd-3.8.1,2021-07-12,11:07:21,2.0.4 +argocd-notifications-1.4.1,2021-07-09,11:09:14,1.1.1 +argocd-applicationset-0.1.7,2021-07-09,11:09:13,v0.1.0 +argo-workflows-0.2.7,2021-07-09,11:09:12,v3.0.7 +argo-rollouts-1.0.3,2021-07-09,11:09:12,v1.0.2 +argo-events-1.6.4,2021-07-09,11:09:11,1.3.1 +argo-cd-3.8.0,2021-07-09,12:34:38,2.0.4 +argo-cd-3.7.2,2021-07-09,11:09:10,2.0.4 +argo-rollouts-1.0.2,2021-07-07,15:18:22,v1.0.2 +argo-cd-3.7.1,2021-07-05,09:53:30,2.0.4 +argo-cd-3.7.0,2021-07-05,09:42:21,2.0.4 +argo-cd-3.6.11,2021-06-29,08:49:22,2.0.4 +argo-cd-3.6.10,2021-06-26,15:05:26,2.0.3 +argo-workflows-0.2.6,2021-06-25,06:16:05,v3.0.7 +argo-cd-3.6.9,2021-06-25,06:07:25,2.0.3 +argo-workflows-0.2.5,2021-06-08,13:15:23,v3.0.2 +argo-events-1.6.2,2021-06-07,08:36:00,1.3.1 +argo-cd-3.6.8,2021-06-07,09:40:13,2.0.3 +argo-cd-3.6.7,2021-06-07,08:52:24,2.0.3 +argocd-notifications-1.4.0,2021-06-03,10:08:10,1.1.1 +argocd-applicationset-0.1.6,2021-06-03,17:50:44,v0.1.0 +argo-workflows-0.2.4,2021-06-03,17:11:17,v3.0.2 +argo-workflows-0.2.3,2021-06-03,11:08:38,v3.0.2 +argo-cd-3.6.6,2021-06-02,17:55:17,2.0.3 +argo-workflows-0.2.2,2021-05-31,20:15:38,v3.0.2 +argo-workflows-0.2.1,2021-05-31,16:32:09,v3.0.2 +argo-workflows-0.2.0,2021-05-31,16:18:32,v3.0.2 +argo-rollouts-1.0.1,2021-05-31,21:23:24,v1.0.1 +argo-rollouts-1.0.0,2021-05-31,16:06:49,v1.0.1 +argo-events-1.6.1,2021-05-31,16:09:51,1.3.1 +argo-cd-3.6.5,2021-05-31,20:15:37,2.0.3 +argo-events-1.6.0,2021-05-29,10:30:24,1.3.1 +argo-cd-3.6.4,2021-05-29,14:37:41,2.0.3 +argo-cd-3.6.3,2021-05-29,08:42:00,2.0.3 +argo-workflows-0.1.5,2021-05-27,16:33:49,v3.0.2 +argocd-notifications-1.3.2,2021-05-26,21:41:54,1.1.1 +argo-workflows-0.1.4,2021-05-26,10:00:42,v3.0.2 +argo-rollouts-0.5.5,2021-05-26,09:44:42,0.10.2 +argo-events-1.5.0,2021-05-26,21:27:33,1.3.1 +argo-events-1.4.3,2021-05-26,21:13:44,1.3.1 +argo-cd-3.6.2,2021-05-26,10:35:46,2.0.1 +argo-workflows-0.1.3,2021-05-25,06:06:50,v3.0.2 +argo-rollouts-0.5.4,2021-05-24,21:34:19,0.10.2 +argo-cd-3.6.1,2021-05-24,19:21:16,2.0.1 +argo-cd-3.6.0,2021-05-23,12:25:54,2.0.1 +argocd-notifications-1.3.1,2021-05-21,16:00:09,1.1.1 +argocd-applicationset-0.1.5,2021-05-21,16:00:08,v0.1.0 +argo-workflows-0.1.2,2021-05-21,16:50:29,v3.0.2 +argo-workflows-0.1.1,2021-05-21,16:00:07,v3.0.2 +argo-rollouts-0.5.3,2021-05-21,16:00:06,0.10.2 +argo-events-1.4.2,2021-05-21,16:00:05,1.3.1 +argo-cd-3.5.0,2021-05-21,16:43:57,2.0.1 +argo-cd-3.4.1,2021-05-21,16:00:04,2.0.1 +argo-1.0.0,2021-05-21,16:00:03,v2.12.5 diff --git a/scripts/release-analysis/argo_releases.csv b/scripts/release-analysis/argo_releases.csv new file mode 100644 index 00000000..f630abe7 --- /dev/null +++ b/scripts/release-analysis/argo_releases.csv @@ -0,0 +1,877 @@ +Repository,Release Tag,Release Date,Release Time +argo-cd,v2.14.0-rc6,2025-01-21,21:40:31 +argo-cd,v2.14.0-rc5,2025-01-08,20:16:38 +argo-cd,v2.13.3,2025-01-03,19:23:42 +argo-cd,v2.12.9,2025-01-03,19:21:15 +argo-cd,v2.14.0-rc4,2025-01-02,22:36:35 +argo-cd,v2.14.0-rc3,2024-12-18,19:22:51 +argo-cd,v2.14.0-rc2,2024-12-17,18:43:53 +argo-cd,v2.13.2,2024-12-11,19:18:46 +argo-cd,v2.12.8,2024-12-11,19:17:57 +argo-cd,v2.13.1,2024-11-20,17:11:22 +argo-cd,v2.12.7,2024-11-05,16:08:15 +argo-cd,v2.11.12,2024-11-05,16:09:52 +argo-cd,v2.13.0,2024-11-04,12:46:49 +argo-cd,v2.13.0-rc5,2024-10-18,21:56:52 +argo-cd,v2.12.6,2024-10-18,19:07:18 +argo-cd,v2.11.11,2024-10-18,19:10:03 +argo-cd,v2.13.0-rc4,2024-10-17,22:20:25 +argo-cd,v2.12.5,2024-10-17,22:03:45 +argo-cd,v2.11.10,2024-10-17,22:04:22 +argo-cd,v2.10.18,2024-10-17,22:02:48 +argo-cd,v2.13.0-rc3,2024-10-07,14:11:10 +argo-cd,v2.12.4,2024-09-26,07:14:39 +argo-cd,v2.11.9,2024-09-26,07:39:46 +argo-cd,v2.10.17,2024-09-26,07:39:53 +argo-cd,v2.13.0-rc2,2024-09-20,12:16:17 +argo-cd,v2.13.0-rc1,2024-09-16,09:07:32 +argo-cd,v2.11.8,2024-09-11,07:18:22 +argo-cd,v2.12.3,2024-08-27,12:33:34 +argo-cd,v2.12.2,2024-08-23,04:05:09 +argo-cd,v2.9.22,2024-08-22,18:09:07 +argo-cd,v2.8.21,2024-08-22,00:15:46 +argo-cd,v2.12.1,2024-08-16,17:16:36 +argo-cd,v2.12.0,2024-08-05,14:02:15 +argo-cd,v2.12.0-rc5,2024-08-02,00:02:42 +argo-cd,v2.11.7,2024-07-24,10:27:18 +argo-cd,v2.10.16,2024-07-24,10:27:30 +argo-cd,v2.9.21,2024-07-24,10:27:35 +argo-cd,v2.11.6,2024-07-22,15:19:04 +argo-cd,v2.10.15,2024-07-22,15:28:11 +argo-cd,v2.9.20,2024-07-22,15:26:01 +argo-cd,v2.12.0-rc4,2024-07-15,18:31:03 +argo-cd,v2.11.5,2024-07-15,18:32:15 +argo-cd,v2.10.14,2024-07-15,18:43:13 +argo-cd,v2.9.19,2024-07-15,19:10:33 +argo-cd,v2.12.0-rc3,2024-07-02,19:11:39 +argo-cd,v2.11.4,2024-07-02,19:52:42 +argo-cd,v2.10.13,2024-07-02,19:16:33 +argo-cd,v2.9.18,2024-07-02,20:06:18 +argo-cd,v2.12.0-rc2,2024-06-24,21:07:03 +argo-cd,v2.12.0-rc1,2024-06-18,13:46:04 +argo-cd,v2.11.3,2024-06-06,09:43:29 +argo-cd,v2.10.12,2024-06-06,09:44:03 +argo-cd,v2.9.17,2024-06-06,09:47:39 +argo-cd,v2.11.2,2024-05-23,14:14:51 +argo-cd,v2.10.11,2024-05-23,14:20:08 +argo-cd,v2.9.16,2024-05-23,14:28:35 +argo-cd,v2.8.20,2024-05-23,14:22:46 +argo-cd,v2.11.1,2024-05-21,15:03:58 +argo-cd,v2.10.10,2024-05-21,15:04:04 +argo-cd,v2.9.15,2024-05-21,15:03:15 +argo-cd,v2.8.19,2024-05-21,15:02:42 +argo-cd,v2.11.0,2024-05-07,16:37:25 +argo-cd,v2.10.9,2024-04-30,16:55:10 +argo-cd,v2.9.14,2024-04-30,17:52:42 +argo-cd,v2.8.18,2024-04-30,18:11:05 +argo-cd,v2.11.0-rc3,2024-04-29,20:34:30 +argo-cd,v2.10.8,2024-04-26,14:04:02 +argo-cd,v2.9.13,2024-04-26,13:54:31 +argo-cd,v2.8.17,2024-04-26,13:32:45 +argo-cd,v2.11.0-rc2,2024-04-15,20:21:25 +argo-cd,v2.10.7,2024-04-15,09:21:23 +argo-cd,v2.9.12,2024-04-15,09:23:39 +argo-cd,v2.8.16,2024-04-15,09:24:55 +argo-cd,v2.11.0-rc1,2024-04-05,12:48:47 +argo-cd,v2.10.6,2024-04-05,01:04:01 +argo-cd,v2.9.11,2024-04-05,00:33:21 +argo-cd,v2.8.15,2024-04-05,00:08:33 +argo-cd,v2.7.18,2024-04-04,23:10:16 +argo-cd,v2.10.5,2024-03-28,16:29:02 +argo-cd,v2.9.10,2024-03-28,17:14:04 +argo-cd,v2.8.14,2024-03-28,17:14:13 +argo-cd,v2.10.4,2024-03-18,08:44:51 +argo-cd,v2.9.9,2024-03-18,08:44:29 +argo-cd,v2.8.13,2024-03-18,08:43:03 +argo-cd,v2.10.3,2024-03-13,19:53:05 +argo-cd,v2.9.8,2024-03-13,19:50:14 +argo-cd,v2.8.12,2024-03-13,19:49:30 +argo-cd,v2.8.11,2024-03-08,15:35:57 +argo-cd,v2.10.2,2024-03-01,22:03:43 +argo-cd,v2.9.7,2024-03-01,23:28:36 +argo-cd,v2.10.1,2024-02-14,18:12:43 +argo-cd,v2.10.0,2024-02-06,15:03:51 +argo-cd,v2.9.6,2024-02-02,19:51:46 +argo-cd,v2.8.10,2024-02-02,19:01:36 +argo-cd,v2.7.17,2024-02-02,19:00:32 +argo-cd,v2.10.0-rc4,2024-01-25,21:50:37 +argo-cd,v2.10.0-rc3,2024-01-19,18:33:17 +argo-cd,v2.9.5,2024-01-19,18:32:02 +argo-cd,v2.8.9,2024-01-19,18:47:44 +argo-cd,v2.8.8,2024-01-19,15:17:36 +argo-cd,v2.7.16,2024-01-19,19:38:49 +argo-cd,v2.10.0-rc2,2024-01-18,21:14:40 +argo-cd,v2.9.4,2024-01-18,21:24:02 +argo-cd,v2.10.0-rc1,2023-12-18,21:20:13 +argo-cd,v2.7.15,2023-12-06,15:59:27 +argo-cd,v2.9.3,2023-12-01,23:39:19 +argo-cd,v2.9.2,2023-11-20,17:52:41 +argo-cd,v2.8.7,2023-11-20,17:52:04 +argo-cd,v2.9.1,2023-11-14,15:55:51 +argo-cd,v2.9.0,2023-11-06,05:27:12 +argo-cd,v2.8.6,2023-11-01,17:29:59 +argo-cd,v2.9.0-rc4,2023-10-31,22:28:01 +argo-cd,v2.8.5,2023-10-31,19:30:03 +argo-cd,v2.9.0-rc3,2023-10-25,19:54:22 +argo-cd,v2.9.0-rc2,2023-10-03,16:24:24 +argo-cd,v2.9.0-rc1,2023-09-27,01:06:19 +argo-cd,v2.8.4,2023-09-13,20:08:07 +argo-cd,v2.8.3,2023-09-07,18:06:07 +argo-cd,v2.7.14,2023-09-07,18:05:20 +argo-cd,v2.6.15,2023-09-07,18:32:42 +argo-cd,v2.5.22,2023-08-25,15:21:48 +argo-cd,v2.8.2,2023-08-24,21:05:33 +argo-cd,v2.7.13,2023-08-24,20:58:11 +argo-cd,v2.6.14,2023-08-24,22:01:58 +argo-cd,v2.8.1,2023-08-22,21:19:28 +argo-cd,v2.7.12,2023-08-23,15:02:27 +argo-cd,v2.8.0,2023-08-07,20:03:46 +argo-cd,v2.7.11,2023-08-07,20:07:16 +argo-cd,v2.8.0-rc7,2023-08-03,16:20:46 +argo-cd,v2.7.10,2023-07-31,22:51:19 +argo-cd,v2.8.0-rc6,2023-07-28,14:47:33 +argo-cd,v2.7.9,2023-07-24,18:50:30 +argo-cd,v2.8.0-rc5,2023-07-19,18:28:18 +argo-cd,v2.7.8,2023-07-19,15:58:13 +argo-cd,v2.6.13,2023-07-19,18:32:25 +argo-cd,v2.5.21,2023-07-19,16:18:16 +argo-cd,v2.8.0-rc4,2023-07-19,01:04:24 +argo-cd,v2.8.0-rc3,2023-07-12,21:02:10 +argo-cd,v2.8.0-rc2,2023-07-05,20:16:20 +argo-cd,v2.7.7,2023-07-05,20:25:54 +argo-cd,v2.6.12,2023-07-05,20:26:58 +argo-cd,v2.5.20,2023-07-05,20:21:44 +argo-cd,v2.8.0-rc1,2023-06-27,14:35:51 +argo-cd,v2.7.6,2023-06-20,21:46:46 +argo-cd,v2.6.11,2023-06-20,21:40:36 +argo-cd,v2.7.5,2023-06-16,15:24:00 +argo-cd,v2.6.10,2023-06-16,15:30:18 +argo-cd,v2.5.19,2023-06-16,15:14:25 +argo-cd,v2.7.4,2023-06-05,19:40:08 +argo-cd,v2.6.9,2023-06-05,20:00:21 +argo-cd,v2.5.18,2023-06-05,19:37:35 +argo-cd,v2.6.8,2023-05-25,16:35:40 +argo-cd,v2.5.17,2023-05-25,16:37:48 +argo-cd,v2.7.3,2023-05-24,16:14:02 +argo-cd,v2.7.2,2023-05-12,14:41:07 +argo-cd,v2.7.1,2023-05-02,17:24:44 +argo-cd,v2.7.0,2023-05-02,00:51:25 +argo-cd,v2.7.0-rc2,2023-04-11,16:29:33 +argo-cd,v2.7.0-rc1,2023-03-27,14:42:25 +argo-cd,v2.6.7,2023-03-23,15:45:09 +argo-cd,v2.5.16,2023-03-23,15:34:49 +argo-cd,v2.4.28,2023-03-23,15:35:38 +argo-cd,v2.6.6,2023-03-16,23:07:31 +argo-cd,v2.5.15,2023-03-16,23:35:35 +argo-cd,v2.4.27,2023-03-16,23:05:14 +argo-cd,v2.6.5,2023-03-14,14:59:49 +argo-cd,v2.5.14,2023-03-14,15:03:12 +argo-cd,v2.4.26,2023-03-14,15:01:43 +argo-cd,v2.6.4,2023-03-07,23:29:08 +argo-cd,v2.5.13,2023-03-07,23:28:04 +argo-cd,v2.4.25,2023-03-07,22:29:10 +argo-cd,v2.6.3,2023-02-27,15:20:04 +argo-cd,v2.5.12,2023-02-27,15:21:29 +argo-cd,v2.4.24,2023-02-27,15:22:21 +argo-cd,v2.6.2,2023-02-16,15:43:42 +argo-cd,v2.5.11,2023-02-16,15:46:31 +argo-cd,v2.4.23,2023-02-16,15:41:44 +argo-cd,v2.3.17,2023-02-16,16:01:23 +argo-cd,v2.6.1,2023-02-08,19:39:04 +argo-cd,v2.6.0,2023-02-06,22:04:33 +argo-cd,v2.6.0-rc7,2023-02-02,16:04:58 +argo-cd,v2.5.10,2023-02-02,15:48:00 +argo-cd,v2.4.22,2023-02-02,16:06:04 +argo-cd,v2.3.16,2023-02-02,16:20:13 +argo-cd,v2.6.0-rc6,2023-01-28,00:07:50 +argo-cd,v2.5.9,2023-01-28,00:04:28 +argo-cd,v2.4.21,2023-01-28,00:07:25 +argo-cd,v2.3.15,2023-01-28,01:20:18 +argo-cd,v2.6.0-rc5,2023-01-25,18:35:37 +argo-cd,v2.5.8,2023-01-25,17:05:03 +argo-cd,v2.4.20,2023-01-25,16:19:24 +argo-cd,v2.3.14,2023-01-25,17:07:36 +argo-cd,v2.6.0-rc4,2023-01-18,03:00:03 +argo-cd,v2.5.7,2023-01-18,03:00:02 +argo-cd,v2.4.19,2023-01-18,02:59:01 +argo-cd,v2.3.13,2023-01-18,04:02:17 +argo-cd,v2.6.0-rc3,2023-01-13,20:36:52 +argo-cd,v2.5.6,2023-01-10,20:14:18 +argo-cd,v2.6.0-rc2,2023-01-05,16:02:06 +argo-cd,v2.6.0-rc1,2022-12-19,17:27:17 +argo-cd,v2.5.5,2022-12-16,16:53:08 +argo-cd,v2.4.18,2022-12-16,16:47:09 +argo-cd,v2.3.12,2022-12-16,17:40:00 +argo-cd,v2.5.4,2022-12-06,20:26:51 +argo-cd,v2.5.3,2022-11-28,17:28:00 +argo-cd,v2.5.2,2022-11-07,17:23:44 +argo-cd,v2.4.17,2022-11-07,17:05:27 +argo-cd,v2.5.1,2022-11-01,21:53:59 +argo-cd,v2.4.16,2022-11-01,22:03:02 +argo-cd,v2.3.11,2022-11-01,22:39:18 +argo-cd,v2.2.16,2022-11-01,20:44:20 +argo-cd,v2.5.0,2022-10-25,15:32:28 +argo-cd,v2.2.15,2022-10-18,22:08:59 +argo-cd,v2.5.0-rc3,2022-10-17,18:39:09 +argo-cd,v2.4.15,2022-10-17,21:17:43 +argo-cd,v2.3.10,2022-10-18,01:09:30 +argo-cd,v2.5.0-rc2,2022-10-11,19:55:49 +argo-cd,v2.5.0-rc1,2022-10-05,18:00:34 +argo-cd,v2.4.14,2022-10-05,17:53:31 +argo-cd,v2.3.9,2022-10-05,18:24:18 +argo-cd,v2.2.14,2022-10-05,17:17:02 +argo-cd,v2.4.13,2022-10-03,21:38:39 +argo-cd,v2.3.8,2022-10-03,22:36:32 +argo-cd,v2.2.13,2022-10-03,21:05:16 +argo-cd,v2.4.12,2022-09-16,01:33:23 +argo-cd,v2.4.11,2022-08-22,09:52:10 +argo-cd,v2.4.10,2022-08-17,21:44:09 +argo-cd,v2.4.9,2022-08-11,15:59:47 +argo-cd,v2.4.8,2022-07-29,17:38:38 +argo-cd,v2.3.7,2022-07-29,16:11:01 +argo-cd,v2.2.12,2022-07-29,14:58:00 +argo-cd,v2.4.7,2022-07-18,21:54:21 +argo-cd,v2.4.6,2022-07-12,23:14:34 +argo-cd,v2.4.5,2022-07-12,17:05:35 +argo-cd,v2.3.6,2022-07-12,17:56:53 +argo-cd,v2.2.11,2022-07-12,16:23:51 +argo-cd,v2.4.4,2022-07-07,07:59:34 +argo-cd,v2.4.3,2022-06-27,21:39:15 +argo-cd,v2.4.2,2022-06-21,21:19:40 +argo-cd,v2.4.1,2022-06-21,17:18:01 +argo-cd,v2.3.5,2022-06-21,18:28:28 +argo-cd,v2.2.10,2022-06-21,16:42:53 +argo-cd,v2.1.16,2022-06-21,16:34:29 +argo-cd,v2.4.0,2022-06-10,17:59:33 +argo-cd,v2.4.0-rc5,2022-06-06,19:57:45 +argo-cd,v2.4.0-rc4,2022-06-01,23:51:49 +argo-cd,v2.4.0-rc3,2022-05-31,20:14:43 +argo-cd,v2.4.0-rc2,2022-05-18,13:20:52 +argo-cd,v2.3.4,2022-05-18,13:14:17 +argo-cd,v2.2.9,2022-05-18,12:11:30 +argo-cd,v2.1.15,2022-05-18,12:48:12 +argo-cd,v2.4.0-rc1,2022-05-06,23:59:23 +argo-cd,v2.3.3,2022-03-30,01:55:37 +argo-cd,v2.3.2,2022-03-23,02:12:12 +argo-cd,v2.2.8,2022-03-23,00:38:55 +argo-cd,v2.1.14,2022-03-23,00:25:37 +argo-cd,v2.3.1,2022-03-11,00:07:41 +argo-cd,v2.2.7,2022-03-09,01:16:04 +argo-cd,v2.1.12,2022-03-09,01:06:39 +argo-cd,v2.3.0,2022-03-06,07:59:28 +argo-cd,v2.2.6,2022-03-06,06:08:26 +argo-cd,v2.1.11,2022-03-06,05:44:19 +argo-cd,v2.2.5,2022-02-05,01:42:13 +argo-cd,v2.1.10,2022-02-05,01:27:00 +argo-cd,v2.3.0-rc5,2022-02-05,00:52:33 +argo-cd,v2.3.0-rc4,2022-02-03,23:22:13 +argo-cd,v2.2.4,2022-02-03,20:50:43 +argo-cd,v2.1.9,2022-02-03,20:38:47 +argo-cd,v2.3.0-rc2,2022-02-02,23:59:42 +argo-cd,v2.3.0-rc1,2022-01-30,23:19:12 +argo-cd,v2.2.3,2022-01-18,18:03:37 +argo-cd,v2.2.2,2022-01-01,06:38:42 +argo-cd,v2.2.1,2021-12-17,01:41:25 +argo-cd,v2.2.0,2021-12-14,18:19:23 +argo-cd,v2.1.8,2021-12-13,23:26:15 +argo-cd,v2.1.7,2021-11-17,22:18:58 +argo-cd,v2.2.0-rc1,2021-11-12,16:44:39 +argo-cd,v2.1.6,2021-10-28,20:08:23 +argo-cd,v2.1.5,2021-10-20,15:25:12 +argo-cd,v2.1.4,2021-10-20,00:47:38 +argo-cd,v2.1.3,2021-09-29,21:59:28 +argo-cd,v2.1.2,2021-09-02,18:13:57 +argo-cd,v2.1.1,2021-08-25,15:20:05 +argo-cd,v2.1.0,2021-08-20,05:40:42 +argo-cd,v2.1.0-rc3,2021-08-11,19:54:48 +argo-cd,v2.1.0-rc2,2021-08-03,17:17:22 +argo-cd,v2.1.0-rc1,2021-07-28,22:39:33 +argo-cd,v2.0.5,2021-07-22,21:00:58 +argo-cd,v2.0.4,2021-06-23,01:36:22 +argo-cd,v2.0.3,2021-05-27,17:47:33 +argo-cd,v2.0.2,2021-05-20,19:38:10 +argo-cd,v2.0.1,2021-04-15,22:40:37 +argo-cd,v2.0.0,2021-04-07,06:07:51 +argo-cd,v2.0.0-rc4,2021-04-05,23:22:38 +argo-cd,v2.0.0-rc3,2021-04-02,17:59:51 +argo-cd,v2.0.0-rc2,2021-03-29,21:39:06 +argo-cd,v2.0.0-rc1,2021-03-19,21:37:41 +argo-cd,v1.8.7,2021-03-03,07:20:14 +argo-cd,v1.7.14,2021-03-03,18:45:51 +argo-cd,v1.8.6,2021-02-26,21:29:08 +argo-cd,v1.7.13,2021-02-26,17:29:32 +argo-cd,v1.8.5,2021-02-20,05:47:09 +argo-cd,v1.8.4,2021-02-05,18:02:18 +argo-cd,v1.7.12,2021-02-05,20:29:49 +argo-cd,v1.8.3,2021-01-21,22:26:34 +argo-cd,v1.8.2,2021-01-10,05:47:08 +argo-cd,v1.8.1,2020-12-10,03:05:37 +argo-cd,v1.7.11,2020-12-10,02:47:15 +argo-cd,v1.8.0,2020-12-09,18:35:24 +argo-cd,v1.8.0-rc2,2020-12-03,05:15:48 +argo-cd,v1.8.0-rc1,2020-11-25,18:21:18 +argo-cd,v1.7.10,2020-11-20,19:57:30 +argo-cd,v1.7.9,2020-11-17,23:26:31 +argo-cd,v1.7.8,2020-10-15,22:39:54 +argo-cd,v1.7.7,2020-09-29,05:02:51 +argo-cd,v1.7.6,2020-09-19,00:58:10 +argo-cd,v1.7.5,2020-09-15,23:10:12 +argo-cd,v1.7.4,2020-09-05,02:51:36 +argo-cd,v1.7.3,2020-09-01,23:25:39 +argo-cd,v1.7.2,2020-08-27,23:40:37 +argo-cd,v1.7.1,2020-08-26,21:17:44 +argo-cd,v1.7.0,2020-08-25,19:05:00 +argo-cd,v1.7.0-rc1,2020-08-15,19:37:04 +argo-cd,v1.6.2,2020-07-31,23:51:10 +argo-cd,v1.6.1,2020-06-19,00:47:03 +argo-cd,v1.6.0,2020-06-16,22:46:48 +argo-cd,v1.5.8,2020-06-16,20:05:59 +argo-cd,v1.6.0-rc2,2020-06-09,22:29:03 +argo-cd,v1.5.7,2020-06-09,18:46:23 +argo-cd,v1.6.0-rc1,2020-06-03,04:11:50 +argo-cd,v1.5.6,2020-06-02,19:13:17 +argo-cd,v1.5.5,2020-05-16,15:22:14 +argo-cd,v1.5.4,2020-05-05,19:25:30 +argo-cd,v1.5.3,2020-05-02,04:58:47 +argo-cd,v1.5.2,2020-04-15,19:05:41 +argo-cd,v1.4.3,2020-04-15,19:09:30 +argo-cd,v1.5.1,2020-04-06,16:35:44 +argo-cd,v1.5.0,2020-04-02,18:49:53 +argo-cd,v1.5.0-rc3,2020-03-30,22:42:52 +argo-cd,v1.5.0-rc2,2020-03-26,06:12:25 +argo-cd,v1.5.0-rc1,2020-03-20,23:02:28 +argo-cd,v1.4.2,2020-01-24,01:18:02 +argo-cd,v1.4.1,2020-01-22,23:10:57 +argo-cd,v1.4.0,2020-01-18,06:12:51 +argo-cd,v1.4.0-rc1,2020-01-13,20:48:09 +argo-cd,v1.3.6,2019-12-10,22:54:07 +argo-cd,v1.3.5,2019-12-09,21:25:22 +argo-cd,v1.3.4,2019-12-05,23:31:46 +argo-cd,v1.3.3,2019-12-05,22:55:32 +argo-cd,v1.3.2,2019-12-03,21:40:15 +argo-cd,v1.3.1,2019-12-02,22:35:57 +argo-cd,v1.3.0,2019-11-13,02:17:35 +argo-cd,v1.3.0-rc5,2019-11-11,21:34:47 +argo-cd,v1.3.0-rc4,2019-11-04,06:53:16 +argo-cd,v1.3.0-rc3,2019-10-29,20:19:18 +argo-cd,v1.2.5,2019-10-29,00:14:59 +argo-cd,v1.3.0-rc2,2019-10-23,01:36:08 +argo-cd,v1.2.4,2019-10-23,20:11:59 +argo-cd,v1.3.0-rc1,2019-10-16,21:46:33 +argo-cd,v1.2.3,2019-10-01,21:10:16 +argo-cd,v1.2.2,2019-09-24,19:34:55 +argo-cd,v1.2.1,2019-09-12,17:31:17 +argo-cd,v1.2.0,2019-09-04,21:39:00 +argo-cd,v1.2.0-rc2,2019-08-21,16:04:14 +argo-cd,v1.2.0-rc1,2019-08-06,20:26:20 +argo-cd,v1.1.2,2019-07-30,18:02:46 +argo-cd,v1.1.1,2019-07-24,17:44:23 +argo-cd,v1.1.0,2019-07-24,17:22:37 +argo-cd,v1.1.0-rc8,2019-07-19,22:33:59 +argo-cd,v1.1.0-rc7,2019-07-17,23:30:42 +argo-cd,v1.1.0-rc6,2019-07-16,16:43:32 +argo-cd,v1.1.0-rc5,2019-07-09,21:43:03 +argo-cd,v1.1.0-rc4,2019-07-03,21:23:36 +argo-cd,v1.1.0-rc3,2019-06-28,21:09:41 +argo-cd,v1.1.0-rc2,2019-06-21,23:41:40 +argo-cd,v1.1.0-rc1,2019-06-14,18:42:47 +argo-cd,v1.0.2,2019-06-14,17:23:08 +argo-cd,v1.0.1,2019-05-28,17:32:09 +argo-cd,v1.0.0,2019-05-16,22:13:10 +argo-cd,v1.0.0-rc3,2019-05-09,17:28:45 +argo-cd,v1.0.0-rc2,2019-04-30,21:30:50 +argo-cd,v0.12.3,2019-04-30,06:17:03 +argo-cd,v1.0.0-rc1,2019-04-24,18:21:02 +argo-cd,v0.12.2,2019-04-22,21:50:44 +argo-cd,v0.12.1,2019-04-09,21:28:28 +argo-cd,v0.12.0,2019-03-23,01:35:42 +argo-cd,v0.12.0-rc6,2019-03-20,22:50:14 +argo-cd,v0.12.0-rc5,2019-03-19,08:07:36 +argo-cd,v0.12.0-rc4,2019-03-12,21:55:07 +argo-cd,v0.12.0-rc3,2019-03-07,02:51:44 +argo-cd,v0.12.0-rc2,2019-03-06,11:20:06 +argo-cd,v0.12.0-rc1,2019-03-06,03:04:20 +argo-cd,v0.11.2,2019-02-19,18:00:25 +argo-cd,v0.11.1,2019-01-18,21:14:24 +argo-cd,v0.11.0,2019-01-11,02:13:53 +argo-cd,v0.11.0-rc6,2019-01-10,00:42:34 +argo-cd,v0.11.0-rc5,2019-01-09,00:13:56 +argo-cd,v0.11.0-rc4,2019-01-04,21:48:23 +argo-cd,v0.11.0-rc3,2019-01-03,23:58:08 +argo-cd,v0.11.0-rc2,2018-12-28,01:33:08 +argo-cd,v0.11.0-rc1,2018-12-10,17:50:56 +argo-cd,v0.10.6,2018-11-15,03:01:53 +argo-cd,v0.10.5,2018-11-14,02:40:13 +argo-cd,v0.10.4,2018-11-08,02:06:57 +argo-cd,v0.10.3,2018-10-29,07:03:10 +argo-cd,v0.10.2,2018-10-25,20:12:36 +argo-cd,v0.10.1,2018-10-24,20:28:59 +argo-cd,v0.10.0,2018-10-19,22:01:34 +argo-cd,v0.9.2,2018-09-28,16:59:16 +argo-cd,v0.9.1,2018-09-24,21:46:35 +argo-cd,v0.9.0,2018-09-24,20:41:50 +argo-cd,v0.8.2,2018-09-12,08:55:44 +argo-cd,v0.8.1,2018-09-11,01:34:30 +argo-cd,v0.8.0,2018-09-05,01:10:25 +argo-cd,v0.7.2,2018-08-21,08:22:07 +argo-cd,v0.7.1,2018-08-03,20:45:14 +argo-cd,v0.7.0,2018-07-28,01:30:19 +argo-cd,v0.6.2,2018-07-24,10:04:03 +argo-cd,v0.6.1,2018-07-18,07:44:11 +argo-cd,v0.6.0,2018-07-17,09:42:25 +argo-cd,v0.5.4,2018-06-27,23:25:33 +argo-cd,v0.5.3,2018-06-21,00:09:10 +argo-cd,v0.5.2,2018-06-14,20:19:39 +argo-cd,v0.5.1,2018-06-13,21:46:40 +argo-cd,v0.5.0,2018-06-12,20:39:05 +argo-cd,v0.4.7,2018-06-07,18:37:20 +argo-cd,v0.4.6,2018-06-06,18:12:48 +argo-cd,v0.4.5,2018-05-31,10:29:26 +argo-cd,v0.4.4,2018-05-30,23:40:52 +argo-cd,v0.4.3,2018-05-21,22:38:11 +argo-cd,v0.4.2,2018-05-21,08:25:50 +argo-cd,v0.4.1,2018-05-18,20:40:11 +argo-cd,v0.4.0,2018-05-17,09:55:08 +argo-cd,v0.4.0-alpha1,2018-05-11,23:59:31 +argo-cd,v0.3.2,2018-05-03,18:25:30 +argo-cd,v0.3.1,2018-04-24,23:32:12 +argo-cd,v0.3.0,2018-04-23,08:29:14 +argo-cd,v0.2.0,2018-04-03,18:19:24 +argo-cd,v0.1.0,2018-03-13,00:38:20 +argo-workflows,v3.6.2,2024-12-02,14:12:44 +argo-workflows,v3.5.13,2024-12-02,13:09:39 +argo-workflows,v3.6.0,2024-11-14,19:02:01 +argo-workflows,v3.6.0-rc4,2024-10-31,11:56:16 +argo-workflows,v3.5.12,2024-10-30,11:49:27 +argo-workflows,v3.6.0-rc3,2024-10-24,10:51:47 +argo-workflows,v3.4.18,2024-12-16,09:03:37 +argo-workflows,v3.6.0-rc2,2024-10-03,07:48:59 +argo-workflows,v3.5.11,2024-09-20,14:08:00 +argo-workflows,v3.6.0-rc1,2024-09-18,10:03:03 +argo-workflows,v3.5.10,2024-08-01,06:03:16 +argo-workflows,v3.5.9,2024-07-30,06:58:49 +argo-workflows,v3.5.8,2024-06-18,04:52:31 +argo-workflows,v3.5.7,2024-05-27,07:13:30 +argo-workflows,v3.4.17,2024-05-13,02:47:39 +argo-workflows,v3.5.6,2024-04-19,21:43:07 +argo-workflows,v3.5.5,2024-02-29,21:47:50 +argo-workflows,v3.5.4,2024-01-14,06:19:09 +argo-workflows,v3.4.16,2024-01-14,06:17:57 +argo-workflows,v3.4.15,2024-01-13,23:29:40 +argo-workflows,v3.5.3,2024-01-11,03:12:46 +argo-workflows,v3.5.2,2023-11-27,19:16:42 +argo-workflows,v3.4.14,2023-11-27,18:56:22 +argo-workflows,v3.5.1,2023-11-03,19:57:45 +argo-workflows,v3.4.13,2023-11-03,21:07:31 +argo-workflows,v3.4.12,2023-10-20,13:00:24 +argo-workflows,v3.5.0,2023-10-13,15:00:44 +argo-workflows,v3.5.0-rc2,2023-09-20,19:20:10 +argo-workflows,v3.4.11,2023-09-08,01:14:16 +argo-workflows,v3.5.0-rc1,2023-08-15,20:01:35 +argo-workflows,v3.4.10,2023-08-15,18:59:38 +argo-workflows,v3.4.9,2023-07-20,15:28:41 +argo-workflows,v3.4.8,2023-05-25,23:37:40 +argo-workflows,v3.4.7,2023-04-11,17:26:32 +argo-workflows,v3.4.6,2023-03-31,20:16:18 +argo-workflows,v3.4.5,2023-02-07,13:26:29 +argo-workflows,v3.4.4,2022-11-29,21:15:21 +argo-workflows,v3.3.10,2022-11-29,21:24:54 +argo-workflows,v3.4.3,2022-10-31,09:17:41 +argo-workflows,v3.4.2,2022-10-23,07:36:55 +argo-workflows,v3.4.1,2022-10-01,16:09:34 +argo-workflows,v3.4.0,2022-09-19,05:23:46 +argo-workflows,v3.4.0-rc4,2022-09-10,19:34:15 +argo-workflows,v3.4.0-rc3,2022-09-01,01:28:29 +argo-workflows,v3.4.0-rc2,2022-08-19,14:51:26 +argo-workflows,v3.4.0-rc1,2022-08-10,07:13:17 +argo-workflows,v3.3.9,2022-08-10,01:08:09 +argo-workflows,v3.3.8,2022-06-24,01:18:03 +argo-workflows,v3.3.7,2022-06-21,00:41:49 +argo-workflows,v3.3.6,2022-05-26,01:22:39 +argo-workflows,v3.3.5,2022-05-04,01:13:34 +argo-workflows,v3.2.11,2022-05-03,22:59:55 +argo-workflows,v3.3.4,2022-04-29,19:54:39 +argo-workflows,v3.3.3,2022-04-25,23:19:39 +argo-workflows,v3.3.2,2022-04-20,23:16:10 +argo-workflows,v3.3.1,2022-03-18,19:45:27 +argo-workflows,v3.3.0,2022-03-14,23:06:47 +argo-workflows,v3.3.0-rc10,2022-03-07,23:50:34 +argo-workflows,v3.3.0-rc9,2022-03-05,19:01:28 +argo-workflows,v3.2.9,2022-03-02,23:04:35 +argo-workflows,v3.3.0-rc8,2022-03-01,02:52:15 +argo-workflows,v3.3.0-rc7,2022-02-25,21:14:31 +argo-workflows,v3.3.0-rc6,2022-02-21,20:27:19 +argo-workflows,v3.3.0-rc5,2022-02-21,20:07:56 +argo-workflows,v3.3.0-rc4,2022-02-08,20:05:39 +argo-workflows,v3.2.8,2022-02-04,20:19:52 +argo-workflows,v3.3.0-rc3,2022-02-03,20:31:05 +argo-workflows,v0.0.0-dev-bom-1,2022-02-02,21:21:47 +argo-workflows,v3.3.0-rc2,2022-01-30,01:45:04 +argo-workflows,v3.3.0-rc1,2022-01-29,01:08:13 +argo-workflows,v3.2.7,2022-01-28,02:28:31 +argo-workflows,v3.2.6,2021-12-17,21:12:28 +argo-workflows,v3.2.5,2021-12-16,00:34:48 +argo-workflows,v0.0.0-dev-kc-7,2021-11-19,01:36:27 +argo-workflows,v3.2.4,2021-11-18,00:41:27 +argo-workflows,v3.1.15,2021-11-17,18:46:01 +argo-workflows,v0.0.0-dev-kc-6,2021-11-18,00:10:06 +argo-workflows,v0.0.0-dev-kc-5,2021-11-16,20:03:24 +argo-workflows,v0.0.0-dev-kc-4,2021-11-16,18:38:30 +argo-workflows,v0.0.0-dev-kc-3,2021-11-15,21:54:04 +argo-workflows,v0.0.0-dev-kc-2,2021-11-15,21:36:23 +argo-workflows,v0.0.0-dev-kc-1,2021-11-09,21:24:30 +argo-workflows,v0.0.0-dev-kc-0,2021-11-09,17:10:14 +argo-workflows,v3.2.3,2021-10-27,02:22:57 +argo-workflows,v3.2.2,2021-10-21,18:24:56 +argo-workflows,v3.1.14,2021-10-20,02:52:43 +argo-workflows,v3.2.1,2021-10-19,22:11:39 +argo-workflows,v3.2.0,2021-10-12,16:28:36 +argo-workflows,v3.2.0-rc6,2021-10-06,02:26:30 +argo-workflows,v3.2.0-rc5,2021-09-29,18:09:20 +argo-workflows,v3.1.13,2021-09-28,20:07:21 +argo-workflows,v3.2.0-rc4,2021-09-21,21:03:56 +argo-workflows,v3.1.12,2021-09-16,14:12:07 +argo-workflows,v3.2.0-rc3,2021-09-14,19:40:01 +argo-workflows,v3.1.11,2021-09-14,07:41:28 +argo-workflows,v3.1.10,2021-09-10,18:58:55 +argo-workflows,v3.1.9,2021-09-03,22:39:13 +argo-workflows,v3.2.0-rc2,2021-09-01,23:45:48 +argo-workflows,v0.0.0-dev-mc-4,2021-08-31,18:10:35 +argo-workflows,v0.0.0-dev-mc-3,2021-08-30,17:45:10 +argo-workflows,v0.0.0-dev-mc-2,2021-08-30,17:40:57 +argo-workflows,v0.0.0-dev-mc-1,2021-08-30,00:26:16 +argo-workflows,v0.0.0-dev-mc-0,2021-08-28,02:06:29 +argo-workflows,v3.2.0-rc1,2021-08-20,02:49:34 +argo-workflows,v3.1.8,2021-08-19,00:19:56 +argo-workflows,v3.1.7,2021-08-18,18:21:43 +argo-workflows,v3.0.10,2021-08-18,23:53:38 +argo-workflows,v3.0.9,2021-08-18,17:03:34 +argo-workflows,v2.12.13,2021-08-18,23:42:45 +argo-workflows,v2.12.12,2021-08-18,17:57:06 +argo-workflows,v3.1.6,2021-08-13,00:39:51 +argo-workflows,v0.0.0-dev-dataflow-41,2021-08-11,04:28:21 +argo-workflows,v3.1.5,2021-08-04,07:14:30 +argo-workflows,v0.0.0-dev-dataflow-40,2021-08-04,02:06:40 +argo-workflows,v3.1.4,2021-08-04,01:06:06 +argo-workflows,v0.0.0-dev-dataflow-39,2021-07-30,20:53:39 +argo-workflows,v3.1.3,2021-07-28,05:38:36 +argo-workflows,v0.0.0-dev-dataflow-37,2021-07-23,23:23:18 +argo-workflows,v0.0.0-dev-dataflow-36,2021-07-22,01:29:29 +argo-workflows,v0.0.0-dev-dataflow-34,2021-07-20,18:17:04 +argo-workflows,v0.0.0-dev-dataflow-33,2021-07-16,23:18:16 +argo-workflows,v3.1.2,2021-07-15,22:04:54 +argo-workflows,v0.0.0-dev-dataflow-31,2021-07-14,16:55:52 +argo-workflows,v0.0.0-dev-dataflow-30,2021-07-12,18:40:24 +argo-workflows,v3.1.1,2021-06-28,21:31:33 +argo-workflows,v0.0.0-dev-dataflow-29,2021-06-28,18:51:44 +argo-workflows,v0.0.0-dev-dataflow-28,2021-06-25,03:44:24 +argo-workflows,v3.1.0,2021-06-21,23:35:00 +argo-workflows,v3.0.8,2021-06-21,23:52:48 +argo-workflows,v0.0.0-dev-dataflow-27,2021-06-21,23:00:03 +argo-workflows,v0.0.0-dev-dataflow-26,2021-06-16,00:01:26 +argo-workflows,v0.0.0-dev-dataflow-25,2021-06-16,00:01:43 +argo-workflows,v3.1.0-rc14,2021-06-10,19:18:50 +argo-workflows,v0.0.0-dev-dataflow-24,2021-06-10,17:34:10 +argo-workflows,v0.0.0-dev-dataflow-23,2021-06-10,02:31:42 +argo-workflows,v3.1.0-rc13,2021-06-08,16:45:35 +argo-workflows,v0.0.0-dev-dataflow-22,2021-06-09,20:38:24 +argo-workflows,v0.0.0-dev-dataflow-20,2021-06-08,02:42:49 +argo-workflows,v0.0.0-dev-dataflow-19,2021-06-06,20:41:36 +argo-workflows,v0.0.0-dev-docker-0,2021-06-06,19:00:54 +argo-workflows,v0.0.0-dev-dataflow-18,2021-06-05,00:59:50 +argo-workflows,v0.0.0-dev-dataflow-17,2021-06-04,01:23:11 +argo-workflows,v0.0.0-dev-dataflow-16,2021-06-04,01:03:00 +argo-workflows,v3.1.0-rc12,2021-06-03,01:40:44 +argo-workflows,v3.1.0-rc11,2021-06-01,19:02:58 +argo-workflows,v0.0.0-dev-dataflow-15,2021-06-01,22:31:59 +argo-workflows,v0.0.0-dev-dataflow-14,2021-06-01,20:34:22 +argo-workflows,v0.0.0-dev-dataflow-13,2021-06-01,19:06:07 +argo-workflows,v3.1.0-rc10,2021-05-28,00:00:15 +argo-workflows,v0.0.0-dev-dataflow-11,2021-05-27,02:01:59 +argo-workflows,v3.1.0-rc8,2021-05-25,18:06:14 +argo-workflows,v3.0.7,2021-05-25,19:08:55 +argo-workflows,v0.0.0-dev-dataflow-10,2021-05-25,18:22:42 +argo-workflows,v3.1.0-rc7,2021-05-24,20:15:18 +argo-workflows,v3.0.6,2021-05-24,22:03:27 +argo-workflows,v3.0.5,2021-05-24,20:16:47 +argo-workflows,v3.1.0-rc6,2021-05-21,16:46:01 +argo-workflows,v0.0.0-dev-dataflow-9,2021-05-21,20:56:00 +argo-workflows,v0.0.0-dev-dataflow-8,2021-05-21,06:32:47 +argo-workflows,v0.0.0-dev-dataflow-7,2021-05-21,03:02:41 +argo-workflows,v0.0.0-dev-dataflow-6,2021-05-20,23:34:42 +argo-workflows,v0.0.0-dev-dataflow-5,2021-05-19,23:23:04 +argo-workflows,v0.0.0-dev-dataflow-4,2021-05-19,00:02:40 +argo-workflows,v3.1.0-rc5,2021-05-17,22:42:30 +argo-workflows,v3.1.0-rc4,2021-05-14,21:20:57 +argo-workflows,v3.0.4,2021-05-14,06:52:02 +argo-workflows,v3.1.0-rc3,2021-05-13,21:46:01 +argo-workflows,v3.1.0-rc2,2021-05-13,00:17:44 +argo-workflows,v3.1.0-rc1,2021-05-12,21:19:04 +argo-workflows,v3.0.3,2021-05-11,22:31:06 +argo-workflows,v3.0.2,2021-04-20,15:37:15 +argo-workflows,v2.12.11,2021-04-06,18:10:38 +argo-workflows,v3.0.1,2021-04-01,19:52:20 +argo-workflows,v3.0.0,2021-03-30,20:25:33 +argo-workflows,v3.0.0-rc9,2021-03-23,19:04:46 +argo-workflows,v3.0.0-rc8,2021-03-17,19:30:33 +argo-workflows,v3.0.0-rc7,2021-03-16,23:25:22 +argo-workflows,v3.0.0-rc6,2021-03-10,01:08:31 +argo-workflows,v3.0.0-rc5,2021-03-09,19:50:05 +argo-workflows,v2.12.10,2021-03-08,22:57:52 +argo-workflows,v3.0.0-rc4,2021-03-02,22:26:56 +argo-workflows,v3.0.0-rc3,2021-02-23,21:38:38 +argo-workflows,v3.0.0-rc2,2021-02-16,18:09:12 +argo-workflows,v2.12.9,2021-02-17,01:28:49 +argo-workflows,v3.0.0-rc1,2021-02-09,00:36:27 +argo-workflows,v2.12.8,2021-02-09,00:36:17 +argo-workflows,v2.12.7,2021-02-01,22:21:36 +argo-workflows,v2.12.6,2021-01-25,20:24:13 +argo-workflows,v2.12.5,2021-01-19,22:49:21 +argo-workflows,v2.12.4,2021-01-12,20:53:35 +argo-workflows,v2.12.3,2021-01-05,02:00:00 +argo-workflows,v2.12.2,2020-12-18,18:17:19 +argo-workflows,v2.12.1,2020-12-18,01:11:16 +argo-workflows,v2.12.0,2020-12-17,19:35:41 +argo-workflows,v2.12.0-rc6,2020-12-15,19:00:45 +argo-workflows,v2.12.0-rc5,2020-12-10,13:50:01 +argo-workflows,v2.12.0-rc4,2020-12-03,00:55:16 +argo-workflows,v2.12.0-rc3,2020-11-23,13:35:50 +argo-workflows,v2.11.8,2020-11-21,16:36:24 +argo-workflows,v2.12.0-rc2,2020-11-12,16:23:14 +argo-workflows,v2.12.0-rc1,2020-11-06,19:14:19 +argo-workflows,v2.11.7,2020-11-02,21:50:13 +argo-workflows,v2.11.6,2020-10-19,20:51:22 +argo-workflows,v2.11.5,2020-10-15,23:14:34 +argo-workflows,v2.11.4,2020-10-14,22:30:23 +argo-workflows,v2.11.3,2020-10-07,23:20:10 +argo-workflows,v2.11.2,2020-10-06,00:19:46 +argo-workflows,v2.11.1,2020-09-29,17:55:55 +argo-workflows,v2.11.0,2020-09-17,23:09:05 +argo-workflows,v2.11.0-rc3,2020-09-15,16:50:33 +argo-workflows,v2.10.2,2020-09-14,17:45:20 +argo-workflows,v2.11.0-rc2,2020-09-09,17:43:25 +argo-workflows,v2.10.1,2020-09-03,00:02:01 +argo-workflows,v2.11.0-rc1,2020-09-01,20:17:41 +argo-workflows,v2.10.0,2020-08-18,23:15:58 +argo-workflows,v2.10.0-rc7,2020-08-14,15:48:45 +argo-workflows,v2.10.0-rc6,2020-08-06,23:31:38 +argo-workflows,v2.9.5,2020-08-06,22:45:49 +argo-workflows,v2.10.0-rc5,2020-08-03,23:21:27 +argo-workflows,v2.10.0-rc4,2020-07-29,00:15:54 +argo-workflows,v2.9.4,2020-07-24,21:59:33 +argo-workflows,v2.10.0-rc3,2020-07-23,23:04:45 +argo-workflows,v2.10.0-rc1,2020-07-17,20:10:06 +argo-workflows,v2.9.3,2020-07-15,01:33:15 +argo-workflows,v2.9.2,2020-07-09,00:21:41 +argo-workflows,v2.9.1,2020-07-03,15:28:51 +argo-workflows,v2.9.0,2020-07-02,01:43:01 +argo-workflows,v2.9.0-rc4,2020-06-26,23:05:54 +argo-workflows,v2.9.0-rc3,2020-06-23,19:15:20 +argo-workflows,v2.8.2,2020-06-22,22:28:02 +argo-workflows,v2.9.0-rc2,2020-06-17,04:36:44 +argo-workflows,v2.9.0-rc1,2020-06-11,00:19:33 +argo-workflows,v2.8.1,2020-05-29,00:31:04 +argo-workflows,v2.8.0,2020-05-11,23:50:27 +argo-workflows,v2.8.0-rc4,2020-05-06,23:58:00 +argo-workflows,v2.7.7,2020-05-06,23:32:46 +argo-workflows,v2.8.0-rc3,2020-04-28,16:46:57 +argo-workflows,v2.7.6,2020-04-28,17:31:48 +argo-workflows,v2.8.0-rc2,2020-04-23,23:29:50 +argo-workflows,v2.8.0-rc1,2020-04-21,15:36:43 +argo-workflows,v2.7.5,2020-04-21,01:35:36 +argo-workflows,v2.7.4,2020-04-16,18:20:58 +argo-workflows,v2.6.4,2020-04-16,03:02:24 +argo-workflows,v2.7.3,2020-04-16,02:03:38 +argo-workflows,v2.7.2,2020-04-10,20:29:17 +argo-workflows,v2.7.1,2020-04-07,17:16:19 +argo-workflows,v2.7.0,2020-04-01,03:13:14 +argo-workflows,v2.7.0-rc4,2020-03-30,22:13:50 +argo-workflows,v2.7.0-rc3,2020-03-25,20:18:44 +argo-workflows,v2.7.0-rc2,2020-03-23,18:38:05 +argo-workflows,v2.7.0-rc1,2020-03-19,02:11:45 +argo-workflows,v2.6.3,2020-03-16,18:24:24 +argo-workflows,v2.6.2,2020-03-12,16:23:45 +argo-workflows,v2.6.1,2020-03-04,21:33:38 +argo-workflows,v2.6.0,2020-02-28,23:39:10 +argo-workflows,v2.6.0-rc3,2020-02-25,17:32:04 +argo-workflows,v2.5.2,2020-02-24,23:10:36 +argo-workflows,v2.6.0-rc2,2020-02-22,00:36:29 +argo-workflows,v2.5.1,2020-02-20,18:30:07 +argo-workflows,v2.6.0-rc1,2020-02-19,18:48:23 +argo-workflows,v2.5.0,2020-02-19,02:54:07 +argo-workflows,v2.5.0-rc12,2020-02-14,00:08:36 +argo-workflows,v2.5.0-rc11,2020-02-11,22:25:57 +argo-workflows,v2.5.0-rc10,2020-02-08,00:23:39 +argo-workflows,v2.5.0-rc9,2020-02-07,00:40:24 +argo-workflows,v2.5.0-rc8,2020-02-04,01:25:11 +argo-workflows,v2.5.0-rc7,2020-01-31,22:43:09 +argo-workflows,v2.5.0-rc6,2020-01-30,22:14:51 +argo-workflows,v2.5.0-rc5,2020-01-30,03:13:49 +argo-workflows,v2.5.0-rc4,2020-01-27,21:08:05 +argo-workflows,v2.5.0-rc3,2020-01-27,19:37:31 +argo-workflows,v2.5.0-rc2,2020-01-24,21:43:45 +argo-workflows,v2.5.0-rc1,2020-01-24,20:59:49 +argo-workflows,v2.4.3,2019-12-06,05:53:42 +argo-workflows,v2.4.2,2019-10-21,19:06:52 +argo-workflows,v2.4.1,2019-10-09,00:01:23 +argo-workflows,v2.4.0,2019-10-07,20:35:32 +argo-workflows,v2.4.0-rc1,2019-08-08,22:12:22 +argo-workflows,v2.3.0,2019-05-20,22:34:35 +argo-workflows,v2.3.0-rc3,2019-05-08,00:11:00 +argo-workflows,v2.3.0-rc2,2019-04-21,08:32:04 +argo-workflows,v2.3.0-rc1,2019-04-10,16:08:39 +argo-workflows,v2.2.1,2018-10-11,16:44:01 +argo-workflows,v2.2.0,2018-08-30,09:00:24 +argo-workflows,v2.1.1,2018-05-29,20:52:07 +argo-workflows,v2.1.0,2018-05-01,20:33:03 +argo-workflows,v2.1.0-beta2,2018-03-29,20:55:26 +argo-workflows,v2.1.0-beta1,2018-03-29,15:35:56 +argo-workflows,v2.1.0-alpha1,2018-02-21,22:54:53 +argo-workflows,v2.0.0,2018-02-06,21:55:25 +argo-workflows,v2.0.0-beta1,2018-01-18,22:58:14 +argo-workflows,v2.0.0-alpha3,2018-01-02,21:32:11 +argo-workflows,v2.0.0-alpha2,2017-12-05,05:13:12 +argo-workflows,v2.0.0-alpha1,2017-11-16,22:10:07 +argo-events,v1.9.5,2025-01-10,18:11:20 +argo-events,v1.9.4,2025-01-08,07:48:18 +argo-events,v1.9.3,2024-11-27,06:51:10 +argo-events,v1.9.2,2024-06-14,00:38:39 +argo-events,v1.9.1,2024-02-13,21:21:44 +argo-events,v1.9.0,2024-01-09,08:31:10 +argo-events,v1.8.1,2023-08-31,23:49:47 +argo-events,v1.8.0,2023-05-08,05:54:59 +argo-events,v1.7.6,2023-02-10,07:30:54 +argo-events,v1.7.5,2023-01-23,08:23:36 +argo-events,v1.7.4,2022-12-12,07:45:11 +argo-events,v1.7.3,2022-09-28,22:10:34 +argo-events,v1.7.2,2022-09-12,23:46:11 +argo-events,v1.7.1,2022-06-09,06:27:31 +argo-events,v1.7.0,2022-05-04,22:47:01 +argo-events,v1.7.0-rc1,2022-04-23,07:22:52 +argo-events,v1.6.3,2022-03-03,20:56:12 +argo-events,v1.6.2,2022-03-02,05:39:57 +argo-events,v1.6.1,2022-02-27,08:51:59 +argo-events,v1.6.0,2022-02-13,06:42:27 +argo-events,v1.5.6,2022-01-12,05:18:08 +argo-events,v1.5.5,2021-12-19,03:32:55 +argo-events,v1.5.4,2021-12-10,08:49:46 +argo-events,v1.5.3,2021-11-22,18:36:36 +argo-events,v1.5.2,2021-11-09,20:01:58 +argo-events,v1.5.1,2021-11-08,07:35:38 +argo-events,v1.5.0,2021-10-12,18:48:33 +argo-events,v1.4.3,2021-09-30,15:49:41 +argo-events,v1.4.2,2021-09-21,18:29:51 +argo-events,v1.4.1,2021-09-01,00:37:05 +argo-events,v1.4.0,2021-07-12,16:33:29 +argo-events,v1.3.1,2021-05-04,17:40:52 +argo-events,v1.3.0,2021-04-12,18:14:51 +argo-events,v1.3.0-rc4,2021-04-08,06:37:06 +argo-events,v1.3.0-rc3,2021-04-05,20:42:52 +argo-events,v1.3.0-rc2,2021-03-31,21:34:56 +argo-events,v1.3.0-rc1,2021-03-23,18:05:01 +argo-events,v1.2.3,2021-02-18,17:52:54 +argo-events,v1.2.2,2021-01-27,17:40:28 +argo-events,v1.2.1,2021-01-26,08:22:50 +argo-events,v1.2.0,2021-01-08,08:30:04 +argo-events,v1.1.0,2020-11-16,20:07:55 +argo-events,v1.1.0-rc1,2020-11-05,06:36:21 +argo-events,v1.0.0,2020-09-04,20:57:04 +argo-events,v1.0.0-rc3,2020-08-26,04:36:48 +argo-events,v1.0.0-rc2,2020-08-16,21:20:09 +argo-events,v1.0.0-rc1,2020-08-10,18:25:28 +argo-events,v0.17.0,2020-07-24,12:40:33 +argo-events,v0.16.0,2020-06-14,23:52:44 +argo-events,v0.15.0,2020-05-08,13:42:18 +argo-events,v0.14.0,2020-04-12,23:34:58 +argo-events,v0.13.0,2020-03-21,01:21:15 +argo-events,v0.13.0-rc,2020-02-26,01:33:31 +argo-events,v0.12,2020-01-17,04:51:55 +argo-events,v0.12-rc,2019-12-12,04:52:49 +argo-events,v0.11,2019-11-11,17:11:35 +argo-events,v0.10,2019-10-07,12:51:38 +argo-events,v0.9.3,2019-07-15,12:16:22 +argo-events,v0.9.2,2019-04-26,01:11:53 +argo-events,v0.9.1,2019-04-26,00:33:03 +argo-events,v.0.9,2019-03-30,13:07:25 +argo-events,v0.8.3,2019-03-18,21:09:05 +argo-events,v0.8.2,2019-03-14,10:32:46 +argo-events,v0.8.1,2019-03-11,13:42:08 +argo-events,v0.8,2019-02-27,18:08:21 +argo-events,v0.7,2019-01-30,04:12:58 +argo-events,v0.6,2018-11-27,11:46:02 +argo-events,v0.5,2018-10-18,19:51:19 +argo-events,v0.5-beta1,2018-07-27,15:00:03 +argo-events,v0.5-alpha1,2018-06-20,19:23:36 +argo-rollouts,v1.8.0-rc2,2025-01-16,19:43:44 +argo-rollouts,v1.8.0-rc1,2024-12-09,14:28:35 +argo-rollouts,v1.7.2,2024-08-13,18:42:47 +argo-rollouts,v1.7.1,2024-06-25,01:38:31 +argo-rollouts,v1.7.0,2024-06-13,20:23:14 +argo-rollouts,v1.7.0-rc1,2024-04-05,18:24:00 +argo-rollouts,v1.6.6,2024-02-13,15:56:59 +argo-rollouts,v1.6.5,2024-01-25,20:19:53 +argo-rollouts,v1.6.4,2023-12-11,21:54:30 +argo-rollouts,v1.6.3,2023-12-05,14:36:31 +argo-rollouts,v1.6.2,2023-11-02,19:58:08 +argo-rollouts,v1.6.1,2023-11-01,21:19:43 +argo-rollouts,v1.6.0,2023-09-06,19:00:06 +argo-rollouts,v1.6.0-rc1,2023-08-11,14:22:24 +argo-rollouts,v1.5.1,2023-05-24,19:26:51 +argo-rollouts,v1.5.0,2023-05-08,15:34:06 +argo-rollouts,v1.5.0-rc1,2023-03-27,20:09:25 +argo-rollouts,v1.4.1,2023-02-25,15:23:34 +argo-rollouts,v1.3.3,2023-02-25,04:38:57 +argo-rollouts,v1.4.0,2023-01-09,21:43:34 +argo-rollouts,v1.4.0-rc1,2022-12-20,02:07:55 +argo-rollouts,v1.3.2,2022-12-15,17:05:26 +argo-rollouts,v1.3.1,2022-09-29,17:43:19 +argo-rollouts,v1.3.0,2022-09-19,03:29:00 +argo-rollouts,v1.3.0-rc3,2022-09-15,16:00:07 +argo-rollouts,v1.3.0-rc2,2022-08-25,20:49:49 +argo-rollouts,v1.3.0-rc1,2022-07-29,19:54:34 +argo-rollouts,v1.2.2,2022-07-26,17:49:31 +argo-rollouts,v1.2.1,2022-05-13,20:57:34 +argo-rollouts,v1.2.0,2022-03-22,17:16:13 +argo-rollouts,v1.2.0-rc2,2022-02-25,16:54:46 +argo-rollouts,v1.2.0-rc1,2022-02-07,20:00:22 +argo-rollouts,v1.1.1,2021-11-29,21:44:13 +argo-rollouts,v1.1.0,2021-10-12,17:02:30 +argo-rollouts,v1.1.0-rc2,2021-10-05,23:41:25 +argo-rollouts,v1.0.7,2021-09-29,18:02:01 +argo-rollouts,v1.1.0-rc1,2021-09-21,23:23:21 +argo-rollouts,v1.0.6,2021-08-26,18:13:19 +argo-rollouts,v1.0.4,2021-08-03,04:38:07 +argo-rollouts,v1.0.3,2021-08-03,04:36:59 +argo-rollouts,v1.0.2,2021-06-15,22:33:04 +argo-rollouts,v1.0.1,2021-05-26,08:43:12 +argo-rollouts,v1.0.0,2021-05-20,04:11:28 +argo-rollouts,v1.0.0-rc1,2021-04-29,20:29:41 +argo-rollouts,v0.10.2,2020-12-17,21:20:44 +argo-rollouts,v0.10.1,2020-12-05,01:23:44 +argo-rollouts,v0.10.0,2020-11-14,00:21:31 +argo-rollouts,v0.9.3,2020-11-05,23:24:15 +argo-rollouts,v0.9.2,2020-10-17,04:41:56 +argo-rollouts,v0.9.1,2020-09-28,22:52:01 +argo-rollouts,v0.9.0,2020-08-17,22:17:04 +argo-rollouts,v0.8.3,2020-06-04,00:49:11 +argo-rollouts,v0.8.2,2020-05-06,20:40:16 +argo-rollouts,v0.8.1,2020-04-20,23:55:07 +argo-rollouts,v0.8.0,2020-04-13,16:40:32 +argo-rollouts,v0.7.2,2020-02-25,19:46:06 +argo-rollouts,v0.7.1,2020-02-10,18:01:08 +argo-rollouts,v0.7.0,2020-01-22,05:09:28 +argo-rollouts,v0.6.3,2020-01-22,04:40:30 +argo-rollouts,v0.6.2,2019-12-16,17:14:42 +argo-rollouts,v0.6.1,2019-12-06,00:25:57 +argo-rollouts,v0.6.0,2019-11-17,21:16:29 +argo-rollouts,v0.5.0,2019-09-23,17:59:31 +argo-rollouts,v0.4.2,2019-08-19,20:21:15 +argo-rollouts,v0.4.1,2019-06-26,16:07:32 +argo-rollouts,v0.4.0,2019-06-21,17:48:41 +argo-rollouts,v0.3.2,2019-06-13,17:58:53 +argo-rollouts,v0.3.1,2019-05-18,21:27:51 +argo-rollouts,v0.3.0,2019-05-01,06:36:28 +argo-rollouts,v0.2.2,2019-04-16,23:10:01 +argo-rollouts,v0.2.1,2019-04-04,21:43:44 +argo-rollouts,v0.2.0,2019-03-04,22:30:55 +argo-rollouts,v0.1.0,2019-02-01,19:03:49 diff --git a/scripts/release-analysis/fetch_helmet_releases.py b/scripts/release-analysis/fetch_helmet_releases.py new file mode 100644 index 00000000..77e2fcb3 --- /dev/null +++ b/scripts/release-analysis/fetch_helmet_releases.py @@ -0,0 +1,90 @@ +import csv +import os +from datetime import datetime + +import requests + +# GitHub repository URL +repo_url = "https://api.github.com/repos/argoproj/argo-helm/releases" + +# Get the GitHub token from environment variables +github_token = os.getenv("GITHUB_TOKEN") +if not github_token: + raise ValueError("GITHUB_TOKEN environment variable is not set") + + +# Function to fetch all releases with pagination +def fetch_all_releases(url): + releases = [] + headers = {"Authorization": f"token {github_token}"} + while url: + response = requests.get(url, headers=headers) + response.raise_for_status() + releases.extend(response.json()) + url = response.links.get("next", {}).get("url") + return releases + + +# Function to get the content of Chart.yaml in a release +def get_chart_yaml(repo, tag, chart_path): + url = f"https://raw.githubusercontent.com/{repo}/refs/tags/{tag}/charts/{chart_path}/Chart.yaml" + headers = {"Authorization": f"token {github_token}"} + response = requests.get(url, headers=headers) + if response.status_code == 200: + return response.text + return None + + +# Function to extract appVersion from Chart.yaml content +def extract_app_version(chart_yaml): + for line in chart_yaml.splitlines(): + if line.startswith("appVersion:"): + return line.split(":")[1].strip() + return None + + +# Function to fetch releases and write to a CSV file +def fetch_and_write_helmet_releases(csv_file): + # Fetch all releases + releases = fetch_all_releases(repo_url) + + # Write the release data to the CSV file + with open(csv_file, mode="w", newline="") as file: + writer = csv.writer(file, quoting=csv.QUOTE_NONE, escapechar="\\") + writer.writerow(["Release Name", "Release Date", "Release Time", "App Version"]) + + for release in releases: + tag_name = release["tag_name"] + published_at = release["published_at"] + release_date = datetime.strptime(published_at, "%Y-%m-%dT%H:%M:%SZ").date() + release_time = datetime.strptime(published_at, "%Y-%m-%dT%H:%M:%SZ").time() + + # Extract chart path from the release name + chart_path = "-".join(tag_name.split("-")[:-1]) + current_chart_yaml = get_chart_yaml( + "argoproj/argo-helm", tag_name, chart_path + ) + + if current_chart_yaml: + current_app_version = extract_app_version(current_chart_yaml) + writer.writerow( + [tag_name, release_date, release_time, current_app_version] + ) + + # Read the CSV file, remove any instances of `\"`, and write back the cleaned content + with open(csv_file, mode="r") as file: + content = file.read() + + cleaned_content = content.replace('\\"', "") + + with open(csv_file, mode="w", newline="") as file: + file.write(cleaned_content) + + print( + f'Release data has been written to {csv_file} and cleaned of any instances of \\"' + ) + + +# Example usage +if __name__ == "__main__": + fetch_and_write_helmet_releases("argo_helm_releases.csv") diff --git a/scripts/release-analysis/fetch_releases.py b/scripts/release-analysis/fetch_releases.py new file mode 100644 index 00000000..6d27faee --- /dev/null +++ b/scripts/release-analysis/fetch_releases.py @@ -0,0 +1,57 @@ +import csv +import os +from datetime import datetime + +import requests + +# List of GitHub repository URLs we care about +repos = [ + ("argo-cd", "https://api.github.com/repos/argoproj/argo-cd/releases"), + ("argo-workflows", "https://api.github.com/repos/argoproj/argo-workflows/releases"), + ("argo-events", "https://api.github.com/repos/argoproj/argo-events/releases"), + ("argo-rollouts", "https://api.github.com/repos/argoproj/argo-rollouts/releases"), +] + +# Get the GitHub token from environment variables +github_token = os.getenv("GITHUB_TOKEN") +if not github_token: + raise ValueError("GITHUB_TOKEN environment variable is not set") + + +# Fetch all releases with pagination +def fetch_all_releases(url): + releases = [] + headers = {"Authorization": f"token {github_token}"} + while url: + response = requests.get(url, headers=headers) + response.raise_for_status() + releases.extend(response.json()) + url = response.links.get("next", {}).get("url") + return releases + + +# Fetch releases and write to a CSV file +def fetch_and_write_releases(csv_file): + with open(csv_file, mode="w", newline="") as file: + writer = csv.writer(file) + writer.writerow(["Repository", "Release Tag", "Release Date", "Release Time"]) + + for repo_name, repo_url in repos: + releases = fetch_all_releases(repo_url) + for release in releases: + tag_name = release["tag_name"] + published_at = release["published_at"] + release_date = datetime.strptime( + published_at, "%Y-%m-%dT%H:%M:%SZ" + ).date() + release_time = datetime.strptime( + published_at, "%Y-%m-%dT%H:%M:%SZ" + ).time() + writer.writerow([repo_name, tag_name, release_date, release_time]) + + print(f"Release data has been written to {csv_file}") + + +# Example usage +if __name__ == "__main__": + fetch_and_write_releases("argo_releases.csv") diff --git a/scripts/release-analysis/main.py b/scripts/release-analysis/main.py new file mode 100644 index 00000000..3fcf21ed --- /dev/null +++ b/scripts/release-analysis/main.py @@ -0,0 +1,31 @@ +import os + +from fetch_helmet_releases import fetch_and_write_helmet_releases +from fetch_releases import fetch_and_write_releases +from merge_csvs import merge_csv_files +from plot_graph import plot_time_difference + +# Check there is a github token +github_token = os.getenv("GITHUB_TOKEN") +if not github_token: + raise ValueError("GITHUB_TOKEN environment variable is not set") + +# Do the thing +print("Fetching releases...") +fetch_and_write_releases("argo_releases.csv") +print("Done") + +print("Fetching Team Helmet releases...") +fetch_and_write_helmet_releases("argo_helm_releases.csv") +print("Done") + +print("Merging release info...") +merge_csv_files("argo_releases.csv", "argo_helm_releases.csv", "merged_releases.csv") +print("Done") + +print("Plotting time difference graphs...") +plot_time_difference("merged_releases.csv") +print("Done") + +# Delete __pycache__ directories +os.system("rm -rf __pycache__") diff --git a/scripts/release-analysis/merge_csvs.py b/scripts/release-analysis/merge_csvs.py new file mode 100644 index 00000000..72b6917b --- /dev/null +++ b/scripts/release-analysis/merge_csvs.py @@ -0,0 +1,108 @@ +import csv +from datetime import datetime + + +def merge_csv_files(csv_file_1, csv_file_2, output_csv_file): + # Read the first CSV file into a dictionary + releases_1 = {} + with open(csv_file_1, mode="r") as file: + reader = csv.DictReader(file) + for row in reader: + key = (row["Repository"], row["Release Tag"]) + releases_1[key] = row + + # Read the second CSV file and find the oldest release for each appVersion + oldest_releases = {} + valid_repos = {"argo-cd", "argo-events", "argo-workflows", "argo-rollouts"} + with open(csv_file_2, mode="r") as file: + reader = csv.DictReader(file) + for row in reader: + release_name = row["Release Name"] + repo_name = "-".join(release_name.split("-")[:-1]) + if repo_name in valid_repos: + app_version = row["App Version"] + release_datetime = datetime.strptime( + f"{row['Release Date']} {row['Release Time']}", "%Y-%m-%d %H:%M:%S" + ) + if ( + repo_name, + app_version, + ) not in oldest_releases or release_datetime < oldest_releases[ + (repo_name, app_version) + ][ + "datetime" + ]: + oldest_releases[(repo_name, app_version)] = { + "row": row, + "datetime": release_datetime, + } + + # Merge the oldest releases with the first CSV file + merged_releases = [] + for (repo_name, app_version), data in oldest_releases.items(): + row = data["row"] + for key, release in releases_1.items(): + if ( + repo_name == release["Repository"] + and app_version == release["Release Tag"] + ): + time_difference = data["datetime"] - datetime.strptime( + f"{release['Release Date']} {release['Release Time']}", + "%Y-%m-%d %H:%M:%S", + ) + time_difference_hours = ( + time_difference.total_seconds() / 3600 + ) # Convert to hours + merged_row = { + "Repository": release["Repository"], + "Release Tag": release["Release Tag"], + "Release Date": release["Release Date"], + "Release Time": release["Release Time"], + "App Version": app_version, + "Release Name": row["Release Name"], + "Release Date 2": row["Release Date"], + "Release Time 2": row["Release Time"], + "Time Difference": time_difference_hours, + } + merged_releases.append(merged_row) + break + else: + merged_row = { + "Repository": repo_name, + "Release Tag": "", + "Release Date": "", + "Release Time": "", + "App Version": app_version, + "Release Name": row["Release Name"], + "Release Date 2": row["Release Date"], + "Release Time 2": row["Release Time"], + "Time Difference": "", + } + merged_releases.append(merged_row) + + # Write the merged data to a new CSV file + with open(output_csv_file, mode="w", newline="") as file: + fieldnames = [ + "Repository", + "Release Tag", + "Release Date", + "Release Time", + "App Version", + "Release Name", + "Release Date 2", + "Release Time 2", + "Time Difference", + ] + writer = csv.DictWriter(file, fieldnames=fieldnames) + writer.writeheader() + for row in merged_releases: + writer.writerow(row) + + print(f"Merged data has been written to {output_csv_file}") + + +# Example usage +if __name__ == "__main__": + merge_csv_files( + "argo_releases.csv", "argo_helm_releases.csv", "merged_releases.csv" + ) diff --git a/scripts/release-analysis/merged_releases.csv b/scripts/release-analysis/merged_releases.csv new file mode 100644 index 00000000..a4c13445 --- /dev/null +++ b/scripts/release-analysis/merged_releases.csv @@ -0,0 +1,195 @@ +Repository,Release Tag,Release Date,Release Time,App Version,Release Name,Release Date 2,Release Time 2,Time Difference +argo-cd,v2.13.3,2025-01-03,19:23:42,v2.13.3,argo-cd-7.7.13,2025-01-04,00:07:55,4.736944444444444 +argo-events,v1.9.5,2025-01-10,18:11:20,v1.9.5,argo-events-2.4.13,2025-01-11,10:22:47,16.190833333333334 +argo-workflows,v3.6.2,2024-12-02,14:12:44,v3.6.2,argo-workflows-0.45.1,2024-12-02,17:39:46,3.4505555555555554 +argo-events,v1.9.4,2025-01-08,07:48:18,v1.9.4,argo-events-2.4.12,2025-01-08,08:37:01,0.8119444444444445 +argo-events,v1.9.3,2024-11-27,06:51:10,v1.9.3,argo-events-2.4.9,2024-11-27,20:44:06,13.882222222222222 +argo-rollouts,v1.7.2,2024-08-13,18:42:47,v1.7.2,argo-rollouts-2.37.5,2024-08-14,08:31:31,13.812222222222223 +argo-cd,v2.13.2,2024-12-11,19:18:46,v2.13.2,argo-cd-7.7.10,2024-12-12,05:33:28,10.245 +argo-cd,v2.13.1,2024-11-20,17:11:22,v2.13.1,argo-cd-7.7.4,2024-11-20,20:48:11,3.613611111111111 +argo-workflows,v3.6.0,2024-11-14,19:02:01,v3.6.0,argo-workflows-0.43.0,2024-11-21,08:27:21,157.42222222222222 +argo-cd,v2.13.0,2024-11-04,12:46:49,v2.13.0,argo-cd-7.7.0,2024-11-05,00:00:06,11.221388888888889 +argo-workflows,v3.5.12,2024-10-30,11:49:27,v3.5.12,argo-workflows-0.42.6,2024-10-30,13:24:53,1.5905555555555555 +argo-cd,v2.12.6,2024-10-18,19:07:18,v2.12.6,argo-cd-7.6.12,2024-10-18,19:27:20,0.3338888888888889 +argo-cd,v2.12.5,2024-10-17,22:03:45,v2.12.5,argo-cd-7.6.11,2024-10-18,07:16:30,9.2125 +argo-cd,v2.12.4,2024-09-26,07:14:39,v2.12.4,argo-cd-7.6.5,2024-09-26,07:42:42,0.4675 +argo-workflows,v3.5.11,2024-09-20,14:08:00,v3.5.11,argo-workflows-0.42.3,2024-09-20,15:08:40,1.011111111111111 +argo-cd,v2.12.3,2024-08-27,12:33:34,v2.12.3,argo-cd-7.4.7,2024-08-27,13:30:34,0.95 +argo-events,v1.9.2,2024-06-14,00:38:39,v1.9.2,argo-events-2.4.6,2024-06-14,05:09:08,4.508055555555556 +argo-workflows,v3.5.10,2024-08-01,06:03:16,v3.5.10,argo-workflows-0.41.13,2024-08-01,07:19:01,1.2625 +argo-cd,v2.12.2,2024-08-23,04:05:09,v2.12.2,argo-cd-7.4.5,2024-08-23,08:51:19,4.769444444444445 +argo-cd,v2.12.1,2024-08-16,17:16:36,v2.12.1,argo-cd-7.4.4,2024-08-16,21:36:53,4.338055555555556 +argo-rollouts,v1.7.1,2024-06-25,01:38:31,v1.7.1,argo-rollouts-2.37.0,2024-06-26,09:10:19,31.53 +argo-cd,v2.12.0,2024-08-05,14:02:15,v2.12.0,argo-cd-7.4.0,2024-08-05,15:22:06,1.3308333333333333 +argo-workflows,v3.5.9,2024-07-30,06:58:49,v3.5.9,argo-workflows-0.41.12,2024-07-30,07:39:23,0.6761111111111111 +argo-cd,v2.11.7,2024-07-24,10:27:18,v2.11.7,argo-cd-7.3.11,2024-07-24,11:44:52,1.2927777777777778 +argo-cd,v2.11.6,2024-07-22,15:19:04,v2.11.6,argo-cd-7.3.10,2024-07-22,17:14:41,1.9269444444444443 +argo-cd,v2.11.5,2024-07-15,18:32:15,v2.11.5,argo-cd-7.3.7,2024-07-16,01:17:05,6.747222222222222 +argo-cd,v2.11.4,2024-07-02,19:52:42,v2.11.4,argo-cd-7.3.4,2024-07-02,20:43:46,0.8511111111111112 +argo-cd,v2.11.3,2024-06-06,09:43:29,v2.11.3,argo-cd-7.1.2,2024-06-06,10:51:51,1.1394444444444445 +argo-rollouts,v1.7.0,2024-06-13,20:23:14,v1.7.0,argo-rollouts-2.36.0,2024-06-14,09:00:46,12.625555555555556 +argo-workflows,v3.5.8,2024-06-18,04:52:31,v3.5.8,argo-workflows-0.41.10,2024-06-18,07:47:04,2.9091666666666667 +argo-workflows,v3.5.7,2024-05-27,07:13:30,v3.5.7,argo-workflows-0.41.7,2024-05-27,08:09:42,0.9366666666666666 +argo-cd,v2.11.2,2024-05-23,14:14:51,v2.11.2,argo-cd-6.11.1,2024-05-23,15:37:21,1.375 +argo-events,v1.9.1,2024-02-13,21:21:44,v1.9.1,argo-events-2.4.3,2024-02-14,08:53:00,11.52111111111111 +argo-rollouts,v1.6.6,2024-02-13,15:56:59,v1.6.6,argo-rollouts-2.34.3,2024-02-14,08:50:21,16.889444444444443 +argo-cd,v2.11.1,2024-05-21,15:03:58,v2.11.1,argo-cd-6.10.0,2024-05-21,16:36:49,1.5475 +argo-workflows,v3.5.6,2024-04-19,21:43:07,v3.5.6,argo-workflows-0.41.2,2024-04-20,04:55:21,7.203888888888889 +argo-cd,v2.11.0,2024-05-07,16:37:25,v2.11.0,argo-cd-6.8.0,2024-05-08,06:21:31,13.735 +argo-cd,v2.10.9,2024-04-30,16:55:10,v2.10.9,argo-cd-6.7.18,2024-04-30,17:14:22,0.32 +argo-cd,v2.10.8,2024-04-26,14:04:02,v2.10.8,argo-cd-6.7.16,2024-04-26,14:21:35,0.2925 +argo-cd,v2.10.7,2024-04-15,09:21:23,v2.10.7,argo-cd-6.7.12,2024-04-15,10:43:13,1.363888888888889 +argo-cd,v2.10.6,2024-04-05,01:04:01,v2.10.6,argo-cd-6.7.10,2024-04-05,05:00:08,3.935277777777778 +argo-cd,v2.10.5,2024-03-28,16:29:02,v2.10.5,argo-cd-6.7.4,2024-03-28,17:30:11,1.0191666666666668 +argo-workflows,v3.5.5,2024-02-29,21:47:50,v3.5.5,argo-workflows-0.40.12,2024-03-01,00:03:01,2.2530555555555556 +argo-cd,v2.10.4,2024-03-18,08:44:51,v2.10.4,argo-cd-6.7.3,2024-03-18,09:36:58,0.8686111111111111 +argo-cd,v2.10.3,2024-03-13,19:53:05,v2.10.3,argo-cd-6.7.2,2024-03-13,20:46:14,0.8858333333333334 +argo-cd,v2.10.2,2024-03-01,22:03:43,v2.10.2,argo-cd-6.5.1,2024-03-01,22:33:17,0.49277777777777776 +argo-cd,v2.10.1,2024-02-14,18:12:43,v2.10.1,argo-cd-6.0.14,2024-02-14,21:04:43,2.8666666666666667 +argo-workflows,v3.5.4,2024-01-14,06:19:09,v3.5.4,argo-workflows-0.40.6,2024-01-14,08:11:19,1.8694444444444445 +argo-cd,v2.10.0,2024-02-06,15:03:51,v2.10.0,argo-cd-5.55.0,2024-02-07,07:10:30,16.110833333333332 +argo-cd,v2.9.6,2024-02-02,19:51:46,v2.9.6,argo-cd-5.53.13,2024-02-02,22:50:34,2.98 +argo-cd,v2.9.5,2024-01-19,18:32:02,v2.9.5,argo-cd-5.53.2,2024-01-19,20:20:14,1.8033333333333332 +argo-rollouts,v1.6.5,2024-01-25,20:19:53,v1.6.5,argo-rollouts-2.34.2,2024-01-26,06:31:27,10.192777777777778 +argo-cd,v2.9.4,2024-01-18,21:24:02,v2.9.4,argo-cd-5.53.1,2024-01-19,05:48:47,8.4125 +argo-cd,v2.9.3,2023-12-01,23:39:19,v2.9.3,argo-cd-5.51.6,2023-12-02,11:03:49,11.408333333333333 +argo-workflows,v3.5.3,2024-01-11,03:12:46,v3.5.3,argo-workflows-0.40.5,2024-01-11,07:20:47,4.133611111111111 +argo-events,v1.9.0,2024-01-09,08:31:10,v1.9.0,argo-events-2.4.2,2024-01-09,10:14:30,1.7222222222222223 +argo-rollouts,v1.6.4,2023-12-11,21:54:30,v1.6.4,argo-rollouts-2.32.8,2023-12-13,06:59:39,33.08583333333333 +argo-workflows,v3.5.2,2023-11-27,19:16:42,v3.5.2,argo-workflows-0.39.5,2023-11-27,21:13:09,1.9408333333333334 +argo-rollouts,v1.6.3,2023-12-05,14:36:31,v1.6.3,argo-rollouts-2.32.7,2023-12-08,15:06:58,72.5075 +argo-rollouts,v1.6.2,2023-11-02,19:58:08,v1.6.2,argo-rollouts-2.32.4,2023-11-15,13:09:53,305.1958333333333 +argo-cd,v2.9.2,2023-11-20,17:52:41,v2.9.2,argo-cd-5.51.4,2023-11-20,18:50:04,0.9563888888888888 +argo-workflows,v3.5.1,2023-11-03,19:57:45,v3.5.1,argo-workflows-0.38.0,2023-11-04,05:58:06,10.005833333333333 +argo-cd,v2.9.1,2023-11-14,15:55:51,v2.9.1,argo-cd-5.51.2,2023-11-15,05:59:33,14.061666666666667 +argo-rollouts,v1.6.1,2023-11-01,21:19:43,v1.6.1,argo-rollouts-2.32.3,2023-11-15,10:00:45,324.6838888888889 +argo-cd,v2.9.0,2023-11-06,05:27:12,v2.9.0,argo-cd-5.51.0,2023-11-06,12:54:52,7.461111111111111 +argo-workflows,v3.5.0,2023-10-13,15:00:44,v3.5.0,argo-workflows-0.35.0,2023-10-13,22:07:38,7.115 +argo-cd,v2.8.6,2023-11-01,17:29:59,v2.8.6,argo-cd-5.50.0,2023-10-31,18:12:30,-23.29138888888889 +argo-rollouts,v1.6.0,2023-09-06,19:00:06,v1.6.0,argo-rollouts-2.32.0,2023-09-07,12:23:50,17.395555555555557 +argo-cd,v2.8.5,2023-10-31,19:30:03,v2.8.5,argo-cd-5.48.0,2023-10-28,07:29:05,-84.01611111111112 +argo-cd,v2.8.4,2023-09-13,20:08:07,v2.8.4,argo-cd-5.46.3,2023-09-14,04:56:22,8.804166666666667 +argo-workflows,v3.4.11,2023-09-08,01:14:16,v3.4.11,argo-workflows-0.33.2,2023-09-08,04:20:30,3.1038888888888887 +argo-cd,v2.8.3,2023-09-07,18:06:07,v2.8.3,argo-cd-5.45.3,2023-09-08,00:13:52,6.129166666666666 +argo-cd,v2.8.2,2023-08-24,21:05:33,v2.8.2,argo-cd-5.43.6,2023-08-25,08:46:11,11.677222222222222 +argo-events,v1.8.1,2023-08-31,23:49:47,v1.8.1,argo-events-2.4.1,2023-09-04,01:15:35,73.43 +argo-cd,v2.8.1,2023-08-22,21:19:28,v2.8.1,argo-cd-5.43.5,2023-08-23,03:57:35,6.635277777777778 +argo-workflows,v3.4.10,2023-08-15,18:59:38,v3.4.10,argo-workflows-0.32.3,2023-08-16,11:00:55,16.02138888888889 +argo-rollouts,v1.5.1,2023-05-24,19:26:51,v1.5.1,argo-rollouts-2.31.1,2023-07-20,17:26:45,1365.9983333333332 +argo-cd,v2.8.0,2023-08-07,20:03:46,v2.8.0,argo-cd-5.43.0,2023-08-08,14:36:04,18.538333333333334 +argo-workflows,v3.4.9,2023-07-20,15:28:41,v3.4.9,argo-workflows-0.32.0,2023-07-20,23:20:17,7.86 +argo-cd,v2.7.11,2023-08-07,20:07:16,v2.7.11,argo-cd-5.42.3,2023-08-08,06:11:54,10.077222222222222 +argo-cd,v2.7.10,2023-07-31,22:51:19,v2.7.10,argo-cd-5.42.1,2023-08-01,05:57:37,7.105 +argo-cd,v2.7.9,2023-07-24,18:50:30,v2.7.9,argo-cd-5.41.2,2023-07-25,02:10:03,7.325833333333334 +argo-cd,v2.7.8,2023-07-19,15:58:13,v2.7.8,argo-cd-5.41.1,2023-07-19,22:26:30,6.471388888888889 +argo-cd,v2.7.7,2023-07-05,20:25:54,v2.7.7,argo-cd-5.37.1,2023-07-06,08:26:09,12.004166666666666 +argo-workflows,v3.4.8,2023-05-25,23:37:40,v3.4.8,argo-workflows-0.28.2,2023-05-26,04:19:27,4.6963888888888885 +argo-cd,v2.7.6,2023-06-20,21:46:46,v2.7.6,argo-cd-5.36.5,2023-06-21,04:27:57,6.686388888888889 +argo-events,v1.8.0,2023-05-08,05:54:59,v1.8.0,argo-events-2.4.0,2023-06-21,12:41:55,1062.7822222222221 +argo-cd,v2.7.5,2023-06-16,15:24:00,v2.7.5,argo-cd-5.36.2,2023-06-17,04:55:38,13.527222222222223 +argo-cd,v2.7.4,2023-06-05,19:40:08,v2.7.4,argo-cd-5.35.1,2023-06-06,04:53:38,9.225 +argo-cd,v2.7.3,2023-05-24,16:14:02,v2.7.3,argo-cd-5.34.5,2023-05-24,23:23:36,7.1594444444444445 +argo-rollouts,v1.5.0,2023-05-08,15:34:06,v1.5.0,argo-rollouts-2.28.0,2023-05-10,15:37:42,48.06 +argo-workflows,v3.4.7,2023-04-11,17:26:32,v3.4.7,argo-workflows-0.23.2,2023-04-12,04:52:48,11.437777777777777 +argo-cd,v2.7.2,2023-05-12,14:41:07,v2.7.2,argo-cd-5.33.2,2023-05-12,15:19:23,0.6377777777777778 +argo-cd,v2.7.1,2023-05-02,17:24:44,v2.7.1,argo-cd-5.31.1,2023-05-03,09:48:25,16.39472222222222 +argo-events,v1.7.6,2023-02-10,07:30:54,v1.7.6,argo-events-2.1.3,2023-02-21,01:14:54,257.73333333333335 +argo-rollouts,v1.4.1,2023-02-25,15:23:34,v1.4.1,argo-rollouts-2.22.3,2023-03-02,15:08:16,119.745 +argo-cd,v2.7.0,2023-05-02,00:51:25,v2.7.0,argo-cd-5.30.0,2023-05-02,07:29:11,6.629444444444444 +argo-cd,v2.6.7,2023-03-23,15:45:09,v2.6.7,argo-cd-5.27.2,2023-03-24,00:09:05,8.398888888888889 +argo-workflows,v3.4.6,2023-03-31,20:16:18,v3.4.6,argo-workflows-0.22.16,2023-04-04,11:10:35,86.90472222222222 +argo-workflows,v3.4.5,2023-02-07,13:26:29,v3.4.5,argo-workflows-0.22.10,2023-02-07,15:11:29,1.75 +argo-cd,v2.6.6,2023-03-16,23:07:31,v2.6.6,argo-cd-5.27.1,2023-03-17,08:25:05,9.292777777777777 +argo-cd,v2.6.5,2023-03-14,14:59:49,v2.6.5,argo-cd-5.26.1,2023-03-14,18:42:39,3.713888888888889 +argo-cd,v2.6.4,2023-03-07,23:29:08,v2.6.4,argo-cd-5.24.2,2023-03-08,07:13:22,7.737222222222222 +argo-cd,v2.6.3,2023-02-27,15:20:04,v2.6.3,argo-cd-5.23.3,2023-02-28,08:32:15,17.203055555555554 +argo-cd,v2.6.2,2023-02-16,15:43:42,v2.6.2,argo-cd-5.21.1,2023-02-17,08:23:54,16.67 +argo-cd,v2.6.1,2023-02-08,19:39:04,v2.6.1,argo-cd-5.20.3,2023-02-08,20:15:43,0.6108333333333333 +argo-cd,v2.6.0,2023-02-06,22:04:33,v2.6.0,argo-cd-5.20.0,2023-02-07,15:02:47,16.970555555555556 +argo-cd,v2.5.10,2023-02-02,15:48:00,v2.5.10,argo-cd-5.19.14,2023-02-02,21:56:38,6.143888888888889 +argo-cd,v2.5.9,2023-01-28,00:04:28,v2.5.9,argo-cd-5.19.11,2023-01-28,13:41:15,13.613055555555556 +argo-workflows,v3.4.4,2022-11-29,21:15:21,v3.4.4,argo-workflows-0.20.12,2022-11-30,15:26:09,18.18 +argo-rollouts,v1.4.0,2023-01-09,21:43:34,v1.4.0,argo-rollouts-2.22.0,2023-01-19,21:14:27,239.51472222222222 +argo-events,v1.7.5,2023-01-23,08:23:36,v1.7.5,argo-events-2.1.1,2023-01-29,12:16:37,147.88361111111112 +argo-cd,v2.5.8,2023-01-25,17:05:03,v2.5.8,argo-cd-5.19.7,2023-01-26,08:23:02,15.299722222222222 +argo-events,v1.7.4,2022-12-12,07:45:11,v1.7.4,argo-events-2.0.10,2022-12-24,19:41:24,299.93694444444446 +argo-cd,v2.5.7,2023-01-18,03:00:02,v2.5.7,argo-cd-5.17.2,2023-01-18,06:44:45,3.745277777777778 +argo-rollouts,v1.3.1,2022-09-29,17:43:19,v1.3.1,argo-rollouts-2.21.1,2022-09-30,22:29:28,28.769166666666667 +argo-cd,v2.5.6,2023-01-10,20:14:18,v2.5.6,argo-cd-5.17.1,2023-01-11,06:33:59,10.328055555555556 +argo-cd,v2.5.5,2022-12-16,16:53:08,v2.5.5,argo-cd-5.16.7,2022-12-17,11:36:17,18.719166666666666 +argo-events,v1.7.3,2022-09-28,22:10:34,v1.7.3,argo-events-2.0.6,2022-09-29,15:55:01,17.740833333333335 +argo-cd,v2.5.4,2022-12-06,20:26:51,v2.5.4,argo-cd-5.16.2,2022-12-07,07:41:56,11.251388888888888 +argo-cd,v2.5.3,2022-11-28,17:28:00,v2.5.3,argo-cd-5.14.3,2022-11-28,22:10:18,4.705 +argo-workflows,v3.4.3,2022-10-31,09:17:41,v3.4.3,argo-workflows-0.20.6,2022-11-01,09:26:43,24.150555555555556 +argo-cd,v2.5.2,2022-11-07,17:23:44,v2.5.2,argo-cd-5.13.6,2022-11-08,16:04:52,22.685555555555556 +argo-cd,v2.5.1,2022-11-01,21:53:59,v2.5.1,argo-cd-5.13.1,2022-11-02,07:31:33,9.626111111111111 +argo-cd,v2.5.0,2022-10-25,15:32:28,v2.5.0,argo-cd-5.8.0,2022-10-25,21:22:42,5.8372222222222225 +argo-workflows,v3.4.2,2022-10-23,07:36:55,v3.4.2,argo-workflows-0.20.3,2022-10-24,05:53:54,22.283055555555556 +argo-cd,v2.4.15,2022-10-17,21:17:43,v2.4.15,argo-cd-5.6.1,2022-10-20,11:23:48,62.10138888888889 +argo-workflows,v3.4.1,2022-10-01,16:09:34,v3.4.1,argo-workflows-0.20.1,2022-10-02,09:28:15,17.31138888888889 +argo-cd,v2.4.14,2022-10-05,17:53:31,v2.4.14,argo-cd-5.5.10,2022-10-06,21:05:05,27.192777777777778 +argo-cd,v2.4.13,2022-10-03,21:38:39,v2.4.13,argo-cd-5.5.8,2022-10-04,00:58:31,3.331111111111111 +argo-cd,v2.4.12,2022-09-16,01:33:23,v2.4.12,argo-cd-5.4.4,2022-09-16,08:58:43,7.4222222222222225 +argo-rollouts,v1.3.0,2022-09-19,03:29:00,v1.3.0,argo-rollouts-2.21.0,2022-09-29,06:43:50,243.24722222222223 +argo-workflows,v3.4.0,2022-09-19,05:23:46,v3.4.0,argo-workflows-0.18.0,2022-09-19,16:10:42,10.782222222222222 +argo-events,v1.7.2,2022-09-12,23:46:11,v1.7.2,argo-events-2.0.5,2022-09-20,11:55:01,180.1472222222222 +argo-cd,v2.4.11,2022-08-22,09:52:10,v2.4.11,argo-cd-4.10.9,2022-08-22,14:04:30,4.205555555555556 +argo-workflows,v3.3.9,2022-08-10,01:08:09,v3.3.9,argo-workflows-0.16.9,2022-08-10,11:43:41,10.592222222222222 +argo-rollouts,v1.2.2,2022-07-26,17:49:31,v1.2.2,argo-rollouts-2.19.2,2022-08-26,09:03:17,735.2294444444444 +argo-events,v1.7.1,2022-06-09,06:27:31,v1.7.1,argo-events-2.0.2,2022-07-04,09:50:24,603.3813888888889 +argo-rollouts,v1.2.0,2022-03-22,17:16:13,v1.2.0,argo-rollouts-2.12.0,2022-03-23,21:12:12,27.933055555555555 +argo-cd,v2.4.10,2022-08-17,21:44:09,v2.4.10,argo-cd-4.10.7,2022-08-18,00:28:21,2.736666666666667 +argo-cd,v2.4.9,2022-08-11,15:59:47,v2.4.9,argo-cd-4.10.6,2022-08-11,20:43:51,4.734444444444445 +argo-cd,v2.4.8,2022-07-29,17:38:38,v2.4.8,argo-cd-4.10.4,2022-08-01,13:49:17,68.1775 +argo-cd,v2.4.7,2022-07-18,21:54:21,v2.4.7,argo-cd-4.9.15,2022-07-19,06:25:53,8.525555555555556 +argo-workflows,v3.3.8,2022-06-24,01:18:03,v3.3.8,argo-workflows-0.16.6,2022-06-24,05:47:50,4.496388888888889 +argo-cd,v2.4.6,2022-07-12,23:14:34,v2.4.6,argo-cd-4.9.13,2022-07-13,20:43:07,21.475833333333334 +argo-cd,v2.4.4,2022-07-07,07:59:34,v2.4.4,argo-cd-4.9.12,2022-07-07,16:46:25,8.780833333333334 +argo-cd,v2.4.3,2022-06-27,21:39:15,v2.4.3,argo-cd-4.9.9,2022-06-28,13:20:49,15.692777777777778 +argo-events,v1.7.0,2022-05-04,22:47:01,v1.7.0,argo-events-2.0.0,2022-06-14,15:38:27,976.8572222222223 +argo-cd,v2.4.2,2022-06-21,21:19:40,v2.4.2,argo-cd-4.9.5,2022-06-23,05:50:20,32.51111111111111 +argo-workflows,v3.3.7,2022-06-21,00:41:49,v3.3.7,argo-workflows-0.16.5,2022-06-23,16:01:09,63.32222222222222 +argo-workflows,v3.3.6,2022-05-26,01:22:39,v3.3.6,argo-workflows-0.16.1,2022-05-26,11:20:50,9.969722222222222 +argo-cd,v2.4.0,2022-06-10,17:59:33,v2.4.0,argo-cd-4.9.0,2022-06-14,10:10:37,88.18444444444444 +argo-cd,v2.3.4,2022-05-18,13:14:17,v2.3.4,argo-cd-4.6.2,2022-05-19,17:54:21,28.66777777777778 +argo-workflows,v3.3.5,2022-05-04,01:13:34,v3.3.5,argo-workflows-0.15.2,2022-05-20,21:14:27,404.01472222222225 +argo-workflows,v3.3.2,2022-04-20,23:16:10,v3.3.2,argo-workflows-0.14.0,2022-04-22,07:09:42,31.892222222222223 +argo-cd,v2.3.3,2022-03-30,01:55:37,v2.3.3,argo-cd-4.3.1,2022-03-30,13:40:17,11.744444444444444 +argo-events,v1.6.0,2022-02-13,06:42:27,v1.6.0,argo-events-1.11.0,2022-02-20,18:31:57,179.825 +argo-cd,v2.3.2,2022-03-23,02:12:12,v2.3.2,argo-cd-4.2.2,2022-03-23,09:53:45,7.6925 +argo-workflows,v3.2.9,2022-03-02,23:04:35,v3.2.9,argo-workflows-0.11.2,2022-03-05,08:51:50,57.7875 +argo-cd,v2.3.1,2022-03-11,00:07:41,v2.3.1,argo-cd-4.0.0,2022-03-16,21:02:33,140.91444444444446 +argo-rollouts,v1.1.1,2021-11-29,21:44:13,v1.1.1,argo-rollouts-2.8.1,2022-01-10,18:21:14,1004.6169444444445 +argo-cd,v2.2.5,2022-02-05,01:42:13,v2.2.5,argo-cd-3.33.4,2022-02-05,12:55:15,11.217222222222222 +argo-workflows,v3.2.7,2022-01-28,02:28:31,v3.2.7,argo-workflows-0.10.1,2022-02-09,23:06:55,308.64 +argo-cd,v2.2.4,2022-02-03,20:50:43,v2.2.4,argo-cd-3.33.3,2022-02-04,09:19:44,12.483611111111111 +argo-cd,v2.2.3,2022-01-18,18:03:37,v2.2.3,argo-cd-3.32.0,2022-01-26,15:14:35,189.18277777777777 +argo-workflows,v3.2.6,2021-12-17,21:12:28,v3.2.6,argo-workflows-0.9.4,2021-12-20,11:00:00,61.79222222222222 +argo-events,v1.5.6,2022-01-12,05:18:08,v1.5.6,argo-events-1.10.1,2022-01-18,22:20:08,161.03333333333333 +argo-cd,v2.2.2,2022-01-01,06:38:42,v2.2.2,argo-cd-3.29.5,2022-01-04,10:16:28,75.62944444444445 +argo-events,v1.5.0,2021-10-12,18:48:33,v1.5.0,argo-events-1.8.0,2021-10-27,15:13:58,356.4236111111111 +argo-rollouts,v1.1.0,2021-10-12,17:02:30,v1.1.0,argo-rollouts-2.2.0,2021-10-14,14:58:28,45.93277777777778 +argo-cd,v2.2.1,2021-12-17,01:41:25,v2.2.1,argo-cd-3.29.1,2021-12-17,10:06:18,8.414722222222222 +argo-cd,v2.2.0,2021-12-14,18:19:23,v2.2.0,argo-cd-3.29.0,2021-12-15,10:15:30,15.935277777777777 +argo-cd,v2.1.7,2021-11-17,22:18:58,v2.1.7,argo-cd-3.26.10,2021-11-21,12:48:45,86.49638888888889 +argo-workflows,v3.2.4,2021-11-18,00:41:27,v3.2.4,argo-workflows-0.8.3,2021-11-21,18:59:21,90.29833333333333 +argo-workflows,v3.2.0,2021-10-12,16:28:36,v3.2.0,argo-workflows-0.7.3,2021-10-15,10:22:13,65.89361111111111 +argo-cd,v2.1.6,2021-10-28,20:08:23,v2.1.6,argo-cd-3.26.4,2021-10-31,11:57:25,63.81722222222222 +argo-cd,v2.1.5,2021-10-20,15:25:12,v2.1.5,argo-cd-3.26.3,2021-10-21,20:56:35,29.523055555555555 +argo-cd,,,,2.1.4,argo-cd-3.26.1,2021-10-20,06:32:59, +argo-cd,,,,2.1.3,argo-cd-3.23.1,2021-10-06,15:28:20, +argo-workflows,v3.1.8,2021-08-19,00:19:56,v3.1.8,argo-workflows-0.4.2,2021-08-23,11:13:42,106.89611111111111 +argo-cd,,,,2.1.2,argo-cd-3.17.6,2021-09-02,21:59:12, +argo-rollouts,v1.0.2,2021-06-15,22:33:04,v1.0.2,argo-rollouts-1.0.2,2021-07-07,15:18:22,520.755 +argo-cd,,,,2.1.1,argo-cd-3.17.2,2021-08-26,14:22:27, +argo-cd,,,,2.1.0,argo-cd-3.13.0,2021-08-23,12:14:11, +argo-workflows,v3.1.5,2021-08-04,07:14:30,v3.1.5,argo-workflows-0.4.0,2021-08-17,07:31:04,312.2761111111111 +argo-cd,,,,2.0.5,argo-cd-3.10.1,2021-07-27,01:33:24, +argo-workflows,v3.0.7,2021-05-25,19:08:55,v3.0.7,argo-workflows-0.2.6,2021-06-25,06:16:05,731.1194444444444 +argo-events,,,,1.3.1,argo-events-1.4.2,2021-05-21,16:00:05, +argo-cd,,,,2.0.4,argo-cd-3.6.11,2021-06-29,08:49:22, +argo-cd,,,,2.0.3,argo-cd-3.6.3,2021-05-29,08:42:00, +argo-workflows,v3.0.2,2021-04-20,15:37:15,v3.0.2,argo-workflows-0.1.1,2021-05-21,16:00:07,744.3811111111111 +argo-rollouts,v1.0.1,2021-05-26,08:43:12,v1.0.1,argo-rollouts-1.0.0,2021-05-31,16:06:49,127.39361111111111 +argo-rollouts,,,,0.10.2,argo-rollouts-0.5.3,2021-05-21,16:00:06, +argo-cd,,,,2.0.1,argo-cd-3.4.1,2021-05-21,16:00:04, diff --git a/scripts/release-analysis/plot_graph.py b/scripts/release-analysis/plot_graph.py new file mode 100644 index 00000000..8657fe20 --- /dev/null +++ b/scripts/release-analysis/plot_graph.py @@ -0,0 +1,58 @@ +import csv + +import matplotlib.pyplot as plt +from packaging import version + + +def plot_time_difference(csv_file): + # Read the CSV file and process the data + data = {"argo-cd": [], "argo-events": [], "argo-workflows": [], "argo-rollouts": []} + release_tags = { + "argo-cd": [], + "argo-events": [], + "argo-workflows": [], + "argo-rollouts": [], + } + with open(csv_file, mode="r") as file: + reader = csv.DictReader(file) + for row in reader: + repo = row["Repository"] + time_diff_str = row["Time Difference"] + release_tag = row["Release Tag"] + if repo in data and time_diff_str: + time_diff = float(time_diff_str) + data[repo].append(time_diff) + release_tags[repo].append(release_tag) + + # Sort the release tags based on semantic versioning + for repo in release_tags: + sorted_indices = sorted( + range(len(release_tags[repo])), + key=lambda i: version.parse(release_tags[repo][i]), + ) + release_tags[repo] = [release_tags[repo][i] for i in sorted_indices] + data[repo] = [data[repo][i] for i in sorted_indices] + + # Plot the data + for repo, time_diffs in data.items(): + plt.figure(figsize=(10, 6)) + plt.plot(release_tags[repo], time_diffs, marker="o", label=repo) + plt.axhline(y=72, color="r", linestyle="--", label="SLA (72 hours)") + plt.xlabel("Upstream Release Tag") + plt.ylabel( + "Time difference between upstream release and Helm Chart release (hours)" + ) + plt.title(f"Time to Release Helm Chart for {repo}") + plt.legend() + plt.grid(True) + plt.xticks(rotation=45) + plt.tight_layout() + plt.savefig(f"time_difference_plot_{repo}.png") + plt.close() + + print("The plots have been saved as 'time_difference_plot_.png'") + + +# Example usage +if __name__ == "__main__": + plot_time_difference("merged_releases.csv") diff --git a/scripts/release-analysis/requirements.txt b/scripts/release-analysis/requirements.txt new file mode 100644 index 00000000..1c1b383e --- /dev/null +++ b/scripts/release-analysis/requirements.txt @@ -0,0 +1,2 @@ +requests +matplotlib diff --git a/scripts/release-analysis/time_difference_plot_argo-cd.png b/scripts/release-analysis/time_difference_plot_argo-cd.png new file mode 100644 index 0000000000000000000000000000000000000000..738c0b983d2b5b7ef9b2e0782ba7637c5fb6588c GIT binary patch literal 84009 zcmb@ucRZKx`#yeaASok+j1UQtRYvwqrEJN}9+8zj3fVMB$sXCOl075Ygj7~ml-}n2+&*SlWzs1w@dEeJ{Ugvq7$8nr@;7vujV+7O$7=|6YA}_6sVFxEM z?0_adF8pMku7w%?Psl+=(?P|?#KFnH&KSFH;Be2%#=*+`&guKccJ}5r*1VkD7dS6) zoHlcCxMwfK#dY^zui&(?Gv$h~)3k$kIdV__mOX|M8KD1g(#6uuF&qrLA}yin9P?+u z$yvpC6K~GuDa)_85FSgaCRO4?R1XilAtNW2(IvZAv0(oYKb`f5c)i~Vy~ttAgPi1n z#w{K)nFwYcV^wk1=Q9`0U-7wkdYzfzGk2p zF_QhS9yZ6jH@pM(zbF$j&82CUTwYJh@)51-`VEA`d z-p3vdJ)OR;(~Qc#?KrM*Y4bl{+1wea3lwntO~%8^Ti~{8Z8cO$>wlb9(!hYBa{cEi z%^Y=y*+E)8&-K)&i!6+pQL1c_a(amr0yx!)QvMfA+i13yd-Z~Joql~zRSXwlWIWIs z&Hn*i>&l;7G7XuQs%+$R&OdOXimr$i>6G0+?4mx%&cRXFUt(|j%{YqT;zbH2C8f#k zj1wj;FCN%WwDmN_w8aYh3)=s5rZIZeY66RcTT)WuyuI8z-*`6u^!fAW^PinzOcH9C zAYDDF=T0K^h|t!pOgAq|tkZpGeS&<~CnO+UbYtwlef%VcPAM6@zTv?^yyE`MFl>3jUA#Kzme}%9gg?f zsriy~yR*nfFRc&$;ZnZz`Kmjt%`r_BFh1}_V7V-SKWLlR* zjtQ3mW0JngSgccfoCvIv*w}0pY1FC!=)1_YF=x*XepTRa@8;HRPM za(K3U@wir@h2P|)86n+eO4GKO2gC>3MK?L3FWH2pr?d7ukA{9~ZOyS8n62DAuA$>d ze&@~|;*%%+r*g}V;}Owi-{-s<#aaJ?+YrNgwe3TjmA9ORJWkRI-}lwclk0kY-FA0- zl}Su&XrjTZM@<7K-WZ)3$454hRa8goTDPrjq)!#pE(4f}dla*m-b9M)-yu>zEXT#zC-kEpdva4rfm{s5VV?!o`Vpr_uo< zp5b3<@v=qM1CJj+_I~k#Qrodd?du!k;4YW2yqAZMQY1J|ed(B5c3vHDvaKiAz%Z8U z(PzZsqd0YbFW6p-5g^&#T*brCVPK1FGH+e_+4^d{SM|;vM(gro?Sk%27$|M`Go^r zXlG|9D+k9R%zb@4YO*8oAgoYlhRRuYICz|!wrlSX#7-<( z9BXJiAR7dSSddw#^0hva{6DQd&kPQ7)WrZN7nCq*9bbNhd-6 zB;>Zup%;SoEJ98*A{r_SjshAFOa2c%HjD)k{PqvP3-SzIgreeBBANp-K_#({3!U>G7X!vB45PxCRSj zjRLMqtQ4Hu0Yjdf$HcamPQ25~=?zyQ2zd7N>6jsevUI$tM@RN8-j*1_6WrX~Ya_v2 z_qwiM8iq_<`{@bOfUeEr&sNHdR+OcVQ;)vAHI>RyH*9>$OnE^cLp1^=fA1WUuMjjL z1%?etE{i|crt+%t?+r_$tR&ztNt~3NJl?QXdz9g!7?;+ATvr;CPkM@JoEK6E5Xaa(k=_S-d|*DSbm7$s&% z$%bF^4KORq?_yhXQvLV)?iNqPx!qJ%^_2;xF!=PCVGYVaRzx<}tv82KQ&abnWbYKW z-IzQXIXQ~`j}@zf>|T`JWllCx_8Y5JyP+nn(FTL%F3yvQ{`Vl{6Ch7x-q&AUG=L8> z>&Ybl+49oo=~L43<>*AUSq-OOTEkACm9ei)~?IHS^PN_r9#`4tsSHtk(Ki}S>GGw_`aULp! z)1b>)q5FRV8tA=f0s{lTmN{`j9`=X3z`-caYx$x8pByN=MCUR_5_8#w6um2?u+Aiz zVCsg`jF~5V4~&eC*3XYN_z_E%L-^d8`%xo_&+y)6h!e7DZXL0-^jIyV7_R<`$Qv&% zNTj5uHV&B@8R26|1|J?Viizoo?m*@~ijBN!<~(8Y_Lit;-`%1kv5IFEu3m-rgoO{R ztCO~E7g-euwcputdGh%2&2eXARLil`aDyWbm)Y5`PC5v2JJ0DG6lji(+Ei`7$4*ml z>1t0qMseI?!~$SH0wIV3cum^^$l28c9vwSHP@&7!79+?MFMRKZcxQ>d={olj2HzeF z@(QJEcxY#Ul+UV*PS*C+p{~uKL1W-6@CcH<0r2u@NXd z&%<@@e={B_oyyHxDR2?ebHcjU5QJIZUL=tWfUJHLyR*J9zEHp<7lw~X=BNk54akUA zdTzVoh;!U}lk$DtY5Kd`nKNg)*96$xYvw1k)zw*)RaELHJCnx^$H&K$va?%$Rl>fWaPNR4&3z5PQ%CYVsD}Te*WbQIafMaHdIX6q- zi$bk_+XmW&0yxF6+VA_U7tP8)e^yTGeYWJh{UWtgsVB>#IvA zWn^R)3Lr%hV2ZQnv($4)u{!&9kqL+0S2mTm(pA~kZKRzR78hl-wPPl~y-j01ch0u- zx@*PDYb>4VN=%)pS5Kx54M3je!q6IM2;)NDOq35SBbL++FEsCBA*2_j!8(#;jz-0Q zKS822O~q?M2$gVb)@|j_k?QxA0L5y56*n3^6;8D2FD6-EUoW11-}g8+_Pm!lAN3N% zvVu!~+Qqxy4?S!2m7{a1GjE*|S?%|MW!akb+FhI!^1(eO`Qgzq2-u_j?u)GeCu@H9 zWObIi*kkXX4#7Q+KEG`(p``TW@@`BF4Q%tFhA>+DzGaW0N)Lhie<(kOp7MuZtXJat z;2gv|UPmOhb$VBrlAN4*sNL!!)7i6lcfY@rfD#5Ln`!9zix&Ytctj(RtvDN&Oe@1s zVYBKlE@SI5<_zVFQuu!M);4pL_Ctv4cQ!-1o^d$j?Iln?)ZHp-Yilid|IGaS z@%5QRS{EufiiU8f5Z;(~kA;l2HD^ zoMjXggfsLjHEQI$WnO*Jkmv1jQK-l9a=l-smKUZP?-ZPdi-zkc9(#IKTlC|R6D$HE zPVInJ#dg*XI`!M)-7z#AAB9RS2hb#TW)m{1WOC<^M1MLvp`FR(a7p|JkbrZ)msrD& zK!8B~Gl_f@#uiC{Pn3F!wmzQ709v^JPIfz?aZtd<~eq&J( zuswGB!h}353WVswG{4J4tkb>u`jg2C2^dt&kFYTqoarIYtut=hf6p&K|4Nsbdw^{KC~FLnIw z89)xblyz=A{wXPE{tQ(O{rW0L@8PSV=RqzPM)TmC)${PQv^0&9*I9-N_g4GyteVBX z}NXkj;#XZd+Wr^%0NWo%rf= zjvA)$%MW!cTp1V`a3C}c8^Roa?+oPWiNy%m9vE_8Ja*CQt2gW!abDGq(4gC_2x<{L z0l_MSOibA~$KId*ZZJDoAz=SAq`@*oglekmhFCr7$PhXyXrPmVs`ik-U3)924| zF~C&mDl9EVJPb@sAJPg^^rxaNb88^khrZ-BZR-7EQK+k@;`(QPex85OsXmDO#RY={ zx*p4F>zd}~8O>o!jg5^j_{>QG8~eiUEdh=L&|3qo)pW1B2g#rL%iMSB@ZDFwnXWB$ z-I#~s$bNqSs#XHTy=IABYS*G263iC&@8lq zlT-jv0R(Wv+NV9$Z}dBQGP9zJ%uID>^$r~Nj$aPWi>;Sp-^2t{oR^f4z{xF}5sLrm z2CYXjq&LlceH^Its9Ye#xYq8qU3R1U%?ZoeGBJp8$vm+ltQPdMFZi*1B@t1T_i(NiX03^HphlB`JyV^7_~_ zT|Es2I)Rty@4L3y^u2F2x75KXMcoBBD2@(#Zr)8BMKKJNLcd5A>=7lO+2gIA zv>WtT^^Y1K5@;Jw>N?{9oK)<6OeY0turuF4svP=n#oKF~I;GutLpUT#=}IYd1<+*+ zxGWe|e=#G0S{Mv%POaZjTS&m83(Z^&uqo&-V?;fu5%%jyyAjXkl_324bLvq(>SL%! zAR{9a&+9d;_Qo;mPA8%B+Olnl6+S8Df4u(KrG9T%?IySD!WXv|zCbN{1ZYzq`g;VX z=KxJ4*bG%p_LuO^luXdQv*;l}C={0OLDlX~Src6+X`xmqI;~JjrJz7^n}0ro+AY)e zxccYkZxhqghx1#0!LZz_9ar~-#Ckanp&vlr>@|-uF(Ie{ zfTQ93;{o27y?bn4-a`@H>+iJAtLJJ5LhF*KSLIne{`@xFB)wUo7R_a6;^rtWIc4Ri z%@rM4_JCgv$D1NitA(P;$jImi0CTueT5V5kQ~?;JCs2rCiHU4&ZK32#K(A4;b9)lD z^doeR9l&MvJND`^wX?`9_VTxe{lS z=8~k@*I<(rAy8$qZ@ra`5q469ofhzbAkklY)B3%ctLl$KT-kJd%5*bL(eTqYdLE+y z*a6}vPo5+}21DG~9pK6M+g70gCCh00cEq^+}I9_LIf)BK)=Yy#g+Hb zvh-CNv7{yk1?qdze?Zf4`Vzz2oEQlco*~Z2$dJtH34+!q5Sl&RY|VnCruLMD=l7t< zlS5u6J$LS$WL|IZyLWuH&F6~(pjPUNp5@}YaV?tf3ZGerc-_a3K@3ul0sssLz>ByI zY7ecKLno#Ph(_uR3ri4?FrB$N!t>DCAAQz1#`pT{q9dMn@$SxM#YV~c#^SG`s;Wsi z5RtZ@KY!M?KC3a%&(_@BeBy@K_B)8;w*g^c6zJ~ZM2)~co_zW8C4XDuf@O_GVG#7F zf$*V;y;Cx+K&YJ%fh2(TP?r-x!c+%< zAg1lf`&(uAh9CBE(?mXh9t0&`mCyXMG%y5#q8=Lo&=erFD}48g`an4>+hV)e$?5Nf zCtNFZ9e#IT0sc!Xgib{3on>#^uX0FE+{R60o$t(55&_`#y}w(J_Ve9&gX`*fy60V2 zXU^}^xGqgHh;IJjO|u{LSk-wF7sm;JeR8m(Y;D+|KJzjQl&WjY(#L4EF8?S#A2u4z z!Ei{GO)c_`C?kAjzAAP2^$=Pf#1R#WkTWLbCj$h}a~mQ>H*3c8s`X}us-iHT)j%mZ z9CzV3x0w>H7{G07%4dA`_~zkp$Z)j@5 zi72i=`4q919fA8Kc;>{a=p+WGY+@-gGSUwsco?xUa0h#A-rn10A9gsl0Wjx+<8ReJ zgB8LzrHJ==X}`lVUlPi?ifs)6sPH|OIuz4mQD0&|0rcI3>iZk}?D?2H{sUNexRdU2 z<+*59(u7$EsHPNPkLQ5_Ndk6HRAPXEWG8wRw&-0r=;`0G1-N#-ZvdaOjqQO|!HH;tu*ZvE1Sjf{3W7 z(ZI8DsIJ&fb}-b{)nVA{YcC(}ZqItHL5+ak*c*?|8G|!e3rFEl^_Q3#Xi23kEZ97E z)=iB}OwjrDR?n(0cUim~EvKzbgY^*!h>8xTHINcQy+3u)3cWc*B6*dF_D6g_!8zMU zy)L2iqH0ui9@|bSC-f)s(OwK71JS z9vd^ls)3+2xcG|OtmE{03}DejnpUc*( z(ybgY<6~rD!36^HJe**4<80VIec-Rv!npJ*X@IZw6gj@Xb_9ALH$je)l8|_C<7x_d zV}clMgGl{i5DQk z=c4}|DAf(OivD#BuxcY7Bv%0;R@AH$1D*Ih!tXEiDe;-d)8f>FE1_A_!vTkQ8to zu-H0niLWQzuETl1{m$$GRCqezL2QL8p=8Fd5zHqgVsctRu7l~7R4BR3?a8f z^(=1JB{MjXh$Tk)#<)GSLSJ%qg5g9YYvk!7V#)W&iMbZu_BFnQFn3 zoQmq#MOMC-*Ko@Av#PVJVggVnINsW+Iyxm~T(FF1Z^VUkcdM3f{LVrwJcdp86*U0; zs)y7lQJt=5gN}e`oPqT~aJ^XM?D_M@;85kz4AXsfcs#hZkH@&8CEbHiP8>W;1Q{{O$Luc9i=^5kZ9E z9bokDfqumR`(|!#je6vI#}MnN!z-|#P+VU@x-JNzvXYVq=-lTd05YiC^JfNvXl-DSxV8NGDwhG& zfv=^G>~?l`G1ed`tJ+nPedJJo5KC3^H8!WVEks*0o8P8T4lRr735G)(n(J3 zYS4)wY##uLtnEHuzc7uMGaaV^KP06rOc{NJI)5QzY#HbJ%-9hl*ZdB zQc08iM!8HM@4@EfS~x*-u(XD-T%X$7p1%cJAYL|2F&4uB21T`V0SJN`=L3jeTl96O z83M}dm2if24(=g6AorCkD~gLLH&>>mpnZ7~6Z7W{&&J&F z2h_;Ngz319M?yqp#f$lEG*4g^pdl%=`TRZ?tfoH`EoFT*KovvlZ7H1c#*hV_&Gj=1 zSv85Kk5mP%3$>I~HGPZM1k!un_f%DxjNKV|8r^Hc73*-gG>uuk#LL(fN`x6PvZnYQfE&IA`uWIouPw{rIS-tjTjldx$Lg%;|aJp zuT9KtB|A?_iE@*lsaN;QOf>fR*3BS2-u}E$29$d;!xT~_-*MKCYeXoHE^VvbJ(YAt z@=Sl~Bh`FI`>M>lQhQwIT`?#;m`Xdu3*To&K#R z$Je)};aeV1w88B#2OMH!LyHNo=jQY!RA#UaAXGpim)$wweU+<%3>MYCOtAvqOYzt! zrn(+iK5Fmn39{agq1_#)!q{B`0s^>c`UL1J*MQ9c+e5A9bAS4?uC8=wF`tO>S&*BA z=O50Al(PJ_`He~FP)aH9xpPOLA$EqA-xj!OtHE+Aun1($dlFrq!*sp29Z``)w?gN+ zW-vBB-bjBOR`CZU`8wpOu^tej5puv^?YAcik!1on&so%4fkcq#=pbaBh|=?{ff_Uq zt{4NrrkJ-sy(c9i#Gf)>odeJ?g4&oGAH2wQgKibksA76}GsKPMR;*}&p(p8fku};x zWF-Jz12~jnXaI^qTIKfIaR+@yyU|7Eg&En&j7gWh?7Tz$J>v*PSXFtG=wt?t^_^_> ztoikc_)*XYBq6d80%&je4>~JJku!z5|DhGugQU={6UuqTC6&!XfWu+Sw(%woUG^1 zqn7+0DEGj(v{O$isfprEqNScL?41MZU=)%&Jt&c3uw98MDTj_x^X)OU7PP&sOy)R_9-j(i8S3ONT0wXTG zQ#s*a{sfAWi&?@+&AB}Gj;!lUCT)8NzygVPfb&Jic(+w~cUD-9B3|5Wg=q4Qlh7QJ z+KU)61by^P_|d zXMG>@PMT<(O4_&7`3cG#SORYCD82g}4kGJ7@>q99suXD7tlWqE1fSIh*=3#QF~yDD zTi)MH@CP9wgbn~rnrtg{iF|4j>WImHh8R<^$rg~YaR~E)lA;`fX8-38d;BU zXg_Fx-cb)83N6b~cG3jUd<;Q7Q47nvU345`LgNnH3$9AZ)~2XQ{bJD!#Q6oF ze?bZ(b*-QS_>Fu)$jY@I6U_jhlH&h^BM-$f|Zl=_@2#t>d?2|K9|O8q_R5tbXthAVVYPM1#M`&WDpl8i6!ORz9ewh(T(En7-doE2 z5|*IEG|@*pD{S?mD4lhgN2XW_uj7)!7jT z0ydX}`TQb%l^(*t-l$D)!$$c4V^Ulp!pnOCuJQw@cskQxRbF3{K*lOa$`%b*6%=X_ z2n7~t7%sg5!mQwK-$kq%z#&T6d(7zX%&dFhBsKW<#uy!o9k3RuxeYV{TRI06ZxVzu z3My1ek?qcFds+VKRfPZMJEVvN2hzY6bm8SS0k55M4a0L1(B*zSWm5-vjj&oh8sIV! z>MD!pKb|T8V-`BfrhIB_wx;`L;$?J{ZD;xg(Y7G52pKVv!=T0P`bF!0e4m=rQT3P1 zIxr-B+g^7B5mUv*%^2k(uw`aVSBio)4-}e?99UH2vOAWbIp?>K%oS zOAc&ZmN9ASS&kdJsmf}?RZZO%{JzAB4cd`a4Rv)OTY@GCUd$ih>5>9o0(A(Z;C_yF3+V-#Jx+&QRlK!|~Yg`ud{?@m{`nblJaX~dEv_4I*Ela5;>d$~9$IM8-i zP0&qypk#&6GIWA10d|qj)Xv_{Zm#vx&=1JY4PX%+%R|&_LPElK=1<`7`8fQ+UuO^~ z^oz*X1wJs-$Ua|UB*-BfH;M)5XX8ZjEf6aUiRx>KeOi~HFlgWXlR0pODA-gU&sa>^ zXh0&l07NOWHEyoXHUMMj2gaJ_B6@*)7vfTa#l105U` z91I*I45FgCXe+t*^@inJii*drE0)#!!R1j5j3QD|Q9la;Uhe1mZSegl)}(`6VrR#L zShSRslpkQ@0pqA$={B;xjMN7Y-1mjgKV7*tax|*wyly!q+`Ust?$*xcYy&`^d1z9Z zAlXf{#{+tU9{r&<+e{8D#|Sz)$V0TdH6aH5{D+p8yq(~XblCwL2R{%*-jGU1!E*i) zXze*T?>&@Wxj=USeqOukoPYE$eeYU z0mAGdd~lQAK&j&g0M7-$phJcKd`=)L1T;y@FWFCeT{JF&)ey<2kX;>xbZ_4Dj%3$p zx<0{nyZ9ahbTb$9t1%Fwj)QA(FBGBA>1~MjZH49mHKQogO!j1*^d;6TyPu;?4JgK~ z94aoNp-{dWh6G*@4U|Q>HPC{nN`hx60s1HB*@{(kWD+5B0mU}20scmil^XKaHx-@` zZa`RuKu9t|){N4*|I*$4NA&|Bs!~X$Zoc5nuiFD)zqu=P!vVo0Ho4k^+6Z8IeY0w3 zBdf_H)gGzT={>pj`OxIo0YlS27zgVPXOBLwVuc#HCqFfuASJ!2t^J1&Pfj_ogwG$k z`65Gk$l_Y#Ux5~$;gbb5xj&$MVKky27Im+EZgT;CHj_3Dv~bi!_m!LnBdCb$Qgx(; z?yYGt>0@yL1?*c zQ=tYR@TmlzHwxfjuFC3PU1>m7$5`J6Gl%krn=kI{1J3mO%q%QI#tBo&zgJv{a6wFi zv?K@uU?_C|qj1TOzFB>QMy|kR(FA;gdyqA`QP8Ii`vDD@JWNY50NNPm@Cny zJmZ-R?0laaVr=ryu!(9FsAgxGnZZngk0A#!=ztgo{5w%{XF7t(DVWGPEj;gi+_ezj zZ4e`W<$+aFn*6h3&+QEZV6c(h0IbhGs9}9|$>t*ze{L{iqKiB`?GtC!p71sp5ium| z3RyicDZ&80H2}uoq~I*td83sB74JXz)YC^8!0&%=xb`q42Dpd%hMQ-^y`aBT($XTp zoWYa;sutqw4FT`H;J19f7i$s!u7jeV&G^g)%LP$Qht2}A)ohWOO)ir75fKrG{!Q}N zAfG<4KDc922VmVmEn460vEVmpi^-@n&WOv`Jgm^th9ktgH@`C${`IS7N?O`pU4ZnE z&|{GmV|ek^JTQs>@tzNW{6WN5J`p}yAKo_LBxFoegvkp8WJ9U>YavAa;X@G;P&g)K zAWzWtAc%jmWv>l+QUy%`urM%K@QWwm=+eIk@ZUl*b_<|JNdfJM$dp#ur|W&-bi&X!&dfj^-4+IsMWNlsmG5DYzl0ob9j;`R~oq08wNKbeSAP3nYT zIAf+4Fy7FsJ$d=^*7zD2+EIo@8*k$9DPd|Kn=&T3Dm=kFz)}x`7Pv?#i&Quai2#XG zK%jh}b?Q%qK>JAeI*71Td&Jt{pV_G8V7Ly@H#@*U@XoCB0NgO54ZJ7hlT zti*GD_kr5sdGTIvsN|6h>KAyb_gX{O-{(*)qd)sz$o~EP-K@Itb1hWUR7;exvYfVD zyu9Lj{C?7gOo2xSP68-{X5ZeVK8;Fo71x3r4c8Cci&~PN+dxM^bF;kG4VN~1gnXZWLR=!v`rg@ zMx`FGFv$0{FA`hgBziR*Z1JpO`SP!Epb`l$TWe){Uw(F)x>w6|~< zT99tNP84bFy)4O98o(_`sR#gac;zW)=oe}sqDtGom0y8S!l1?WSgAtlLv`cZZf&x* zdn>3K&#F8kipVS)0bPCb zBT*i=0&#tiHqdMml434U5>oP8kO99K3_y7=zFm%$w!I(J)_T z85BY~L^m-1lwJ-1-!nwWTM^pA6)bi?H8N(R7h4u;fnQWFu;iwQ(Hl)A>!I1pS~l$o zeVcWWFH8Os5=1fz{SD#t;V`Ul&h}iUX^1hog!8-i%7MbGd)*wI80jZ0wgA=;$&H8{ z>w!`R7M72{Rv-Yc2O6*vUZL$@Cb5t<>%MUNJUR2szp}X(>r)A_dp|JFsx3R1r5FZ= zuntbkcplX9b@u^!&ovyRoWQwDRL(#EF|7}1YWzrr@g;tk^h>jc5uN!wukE8?b&|h! ztq#%UAQi+uXifedbhV~#}C|q;GiY}RtvClE%>~G$D5<@jM~Oxn`rxSPD`H0()Him`}^kf zfSMohKqpOj>SFeHdl>UUV&&j{(BdIvk5_H4oGNviJ&rlU=)?sej?e%Q@ShnY_AIlX zs2p_aRsNQ8ReC=M@0mbwzb66DDi2+pH_pL1urM<~Cxant8%Rn`HG&u+H6K3keZo#N zbx>=wwDZ7@2vchdtA2idFn87Xvh^n>Mm==J-u{xDmkm)jrJrnHyO2WKbFYuefn^2R zzuU`mMceel!MA|_5hQ4TePm(yfB80wThico4JGK!#3BFNw{dYQeOs}w6!00yqOXc) zsIsA{r{Z6)UyT_eBmoQqIETVeokti2oGIY%1F6~vVTR;z(OPH}V{>~TZzIp|j57vUI z1!}19NeKz!J3?Uo#ZJF@`_`|~h~OI+G@>vj!%T=PC2kF?NWbkMnbNAsKBK#l<=*yH zLnHVdm1X_IV{)}WZE@ZH%kHt~RKed{x_?|ObJ586u%dDQK8%V04t5W6BR^-m3%xe- z{z*#<=;fA|(||U^3rQ@k?gGCB%<@q4nR$;kgc|}_l?N24uC5*_IR5izsZLQY2=IK- z2eBOWqdDrQ9=ot-ymr}eEBkEtH7bEgmY#wBnL>Z_;eOq;T#>f#)c@1w{Xe$!|3ksQ zERyzqO_)mtTxdU|Eg!#nb$i?y8Ee6Q!Tf0M6BPGQ7+C;I+93>C9f2D)1h!^D5J1)= zXqvzb>2s0GuKlJ-a7Qw2(XF>)?AQBELib5e62P63`01*dYz@#q5}!CRy66}j9E_BU z^-W+y|MV3Rfq_|GQSl>8iXu@Qh%n>~d;wJd_jl$#pe$n8cNkPf)_Jg!A)grD+ixMr zmjvL&7;lx>fbZM;Tfw$pO|H+3{0qI3R2^_Ix3Pl}O%Mx&A|Ku6pn!}>592s1>l=`^ z?V74@#0rsP7r-nC$|5o9G!a(=#%<(C14GA0=%=Un!l51yKft3yQsY0eeK`z?iM9tu z7+<)unILS^aW{0hsi}nMpL9g;d3X{;Bg~3w31u)Ujpq7OkiIh~ERGCRFyRTxaKsCu9^OYh z8kQY*clmEc9P2p$-vaSW)Qx>J+2L1=I{kX?^D>uLz8Y#me+NBdN*!}X9Pr>_%rl>< z9p2hqANfN2sji>jA5=F2ai8$;X~}24@-1|oI8ws=N>(&`=!{Vhyl6w<3I#S#N**!?-EIm;S$rk83f9EP3?RXulzo?(Mkj21`+X` zQp=C~>(QT(TB0j2u{^E@lcwU>O`I2HKZ$dv9}|RXjjuZIgPlrXbkUdwX;h-CJezI! z7d4}fLbmZ0iQWHJ3++0y9D{~NQFDOWgD2R45{x}xV|mt90DWGnf8quG0)mJaS-6u5 z&x=jTONiP$1jF|Nob~3`%*b&Jrg@P3h74&ysKJ=2pa)5b@<_)aPFeaFq^q*FPlDq1 zWOr#YR;Va2HQfMi6GWd)F1sSe4$VkMgEKr_Y)2Dt5Fyp{?d%LSZ_%WY3`zz^Tdq|x z@!2PFAuLCp+$$>8KAZp|CfFV}MJVG$3xG5a@#rMFa|TghR`;@?#>v5B$K`on9@PojTle~gPJZan{G ze{GDQrz-;UH`x9$Z^TzZyNc;IXP;$Zfx&-2hU5%*BXQVEHEdjc_n<>HMT$*4H`aRM zu7qoN@Y8&cj~MR6-cFM7AWI8)$xx?(U9kUot$eXfI3OgX4zMKh!<|F#=hNtjt1~s1 zt(w%Llcbb|xt;TPr}*K`{kFU9XRERxBx_X2FQ# z*?Y~b2ni?rj^?JEfKK*HCK(m>?it^9MZWC&QzBB!^H6g2JV zVLL6EBUz%BkgfeqytGbNT`#Gc!g@al6_h!|!EiJ?4<2nMc6N~b?dRS)&)-RXlz8Dz z#H%_r59;4c-K>{xk)5|aDf!7Q?{5c`C=2}xSliGjT?a6zkb&#Wn>iSrQtp09DvV|; z`o-9N;RQ#~A3x4>>_w8l1<&%Q|AT(XA;=I?L@YCq#X5n_N+JxAuNsP>9r|;$vzd%T z#;GOxKR$?ahUM82NRH|w%Bta?bow3Dcqd)mysh7`o|KOgI5e*PPgjPnX&d-UB=bcU zll3qupLEioa`3=-Cc})U_xnc}KbSA6^Z4DJv9NnPN4*?w{_8vQ6KI*ie4l2o=Qhnh zWGZivRf-y|+#l3Sr2be%Kb!u0&BPwo1uF9Wm>zOJ-T^x_wd4VYDh$IrPIFJF?UC(R zSVU)7XGv2+-^2Sd2bUCXEt0CnS6aCJ`7Zop?K(YT)OK;s{fjlCH?epHUKc$g3q(GVjKCBfluA0f(8d7 zj6fN;!YNiE4L+m!<`Vfo-sq-L41CJ_r zb@8qwC>R&u_{p#+49jSF<%Zv6l2lo?PxAibqkGO!w`6Rec1pjvPLA3aWY|S>FwX%g zqIN+NADL&ILA09x#1t-`)x*ZGLBO=IVSf@(yT3#d>+5?Igd+=%XEC`yh&F{1%0ghykh&Z_d;BW6-b6c$?tdrI^LXl5*qjD9Wqix zWI;;#r$v(t7}Dv-5yyW3QiVPY{eNm|df4-uMm0yfL>bzz5V)dCec6qW%yB1WdH;ro z1C(1a7;N7gezMFh!3EdYBZXAukvC)?6~_1{`6G(izn)Q~>(U)*`_~;ns`dg>3yGwU zi0E_c#?$FwA#^`nv?MTwLd&3+#psi(eLrq5vwzYH%9gkRLpd7Qqfw9V)jT05OL{FpyH-6_Whq! zc{8PM8<_VR(|C_ZV2m413g&zW!bhnGfJ_BKDFf+2yn*XLE6hgb&up*y>E95pHf3A05aaY0z zCSw<9YJY%Z$#6szw8MVm2>Q&tudBGT?ALflCgr>1>w&)cBu8?bQut>{eGq;qBfH4n zIs|Mb$s2tJ%L3TN*`b9#%eErnq%tx?%ola;@vrAi-++-Yqm5fmC75};pGL-rfa600 zoG36s*+@kT{kW{StPz+THhFgDCXSsvaxU&ZQR09%c$1$COOEfK3rRml<{9V~{5#F0 zK^Y{WrPWEjqHS%ROZwp^Wya*ljF3;Raz;Y<&E#$?HC7+%GT8{lgON=X>8Gw!SQi2y zfG-9xta^Z%MnU`0?<2u#pN@U+KRoH3(^AoG<<~gk<;{6FgTgq^CcHb-fbUk!d%gW) zl6gJI(e~^@L|5FH>*@`O3iX2#&w+r>1H3&tr}wsh;Gcv0ew`-aBn5@5JLf6rThFno zXT_8iYP{CC$F=lS0mn6EyXs#>q;>)m;pQ&*xZUPQ4DNz_){e2@T7Ok*y5!*W6~Qyp ze%8tfU8NC);hzOfI%@uIFb@<2)aZ|0PN(DkDqLLFcjtOic>aLyYjN+H2#J&L`6t5~ z_6xPeE3ifG?rcYbm5xdIV&4FT<~B!eVWLiAhi~tEqG7X1Yw8W}dz{TiP!qVwzB?!v>oj_$2O=+R27qBd2S~==4HF1L;q$oMW zgHeu=u10@JVAmMYZ6e(7Ec^r@bO78X!MKB37&1V^(+<#Uo#P~m4tIiw^%d=xgo6Qh zo(b%iIBoy|VEce)fjCEw!n1qi&}ju27*Nnsi90Y#Sb6|Zy#E2MiMwAk_oYASM08WA z%RkfP zSVo$Yn!d-^%sv1RS@>_737BUW2Mc&$*D5?dr+RCBk-Sf98kCA^@M?xY#$p2L3XMis zm;Pc|zt3>Uq&+Sa#RWW~06pgec~C%1Y??q6BRB@@kRY>fA}74p z)Jd!tn$kw5aYCWLG+qZ{P#@g6K)I)}#X1ezx@^KFpa)%z00H&^8B|Z4K&^JdyLYOh z6MDNFCy&!z4uHCG2TC{s{`UY);!ZIb7G zfSd2G#C!&~-6PO+OUkd~KLEp(KJwhdW#VAK=W`=}3Cy(`0243ZzIFjU9|S#41{MJi zL(erqqp-RzM+%<83(lFgXlrH;B%r9TV3sF2s%TJK9D?*PR2jPjh3# z%lhqphD@x@Biw)oI>c5MY2~Z|Xt(`QjgvMCk16pH`%vrvpMr@45{eDGWZkb>ISq>l z0~AlXrlFhzh4H*S1D+1>Z?X=1`;GAJx9qQ5ku0sP12o$eIvL!)>5wc7MXpb4x?b`8DTJwR?-B+^er`z9kOWjD%}wuxa~=^9Q%#nTA%r*_GCSK z6Ny@@oV476nx?a+k4fi&F0RFG!81B(=I^QrHyxWes+aWc`n1m~g;7&C?VIX)KAG{| z=`Xg0X)bYiPQ&U+V#h-mlGdAt;stCaF=Chqbri~j1ULfzP*NDF1lu;u=1w}4eY2vV z4wVH(>hrk3{{`WvVG(kpN}Kt!NjAAT?-v5YE9Qm0Yx9#XPc9nf6#pDQ@7X%sH?&Iu zzY97ww4+p6kzTABCugE-8@qMu(Z+vGu+2qF{cl5Jh)}Bnp7AiIbo1s9mHtzoua9It z1F{r+Uhd%A1vA!B?6%+roV)QB=RDmC&^f~){*%Exi+O{^;R8(2!Ynjr-hT|^z*Ox6 zmkR`$<}i;lGt2*{XSzc!orL_>^28tK&=>OHWi={LFNwQkf8kqHzT6b!n4xRz@eO?b zrluU$lWbAF1k3TpIxqj{p{@V?>E6Bk&ulRo&KsF6mlP7`0t*Dwtf+b9c~ewGU{|2Z=6wgJs(2l2-v^jX=lmy@Z~}KsP@{+ex-p$ zLLvR;BuoBEk2uv4PM=)Ezg5&9CJG)NK03CG#5#D?jz7xrFkXatLvGaH-dJ}2osqT` zcgBw>FS<_f(3r8w(K{lOTQdrQF%nM4=b)NA^SVB{k98w{*n5kj(du1D1)-*KF1SE> zdAt9ClelL{LrzKx8Iwt0d+#|8fQS+9tQU;5I0rcHHbvG5=MB}v{p4xUhFQ@Q@S zX&(L;7wp+cr%SqXtkksrRB1qv;!GtQf5|tKP@TWcGGM$7$Wmxp-Vg!<9xQYg(+34x zv&foObnVAMMEx*0*{GvT# z4>X6QV~_vxa4N>Pw)T}1xy6BZ155O?gjS!uWtI$Q#1X=fn+N(mmEU$`ughB#*p)}D z^{Qs9kGbZrNa#78KJiR!z^6&LG@gsKe(c67BHyS|_EKn%A()=QDvt1yx;jO+`h@}n98PIH+XbiAL^jZ#@G&;bzL%!9kXHHD z%wET$dINg6U6|`ZR#rU%KY zb`>+?uSX1{$2>ZGR7R`|gMvs`wOSJXi*&6GXQWyJ@*h3&0SLTM=qpdB=RCCp;k1{^ zVd%h;vVTk2-B*P{ax^W3uF1vnGVS|v?_4qnu#i{*5*L$3C7qssJ*IU9JO^&2tS~7u`8zGAaZ0~c5xR~ap9yPts5HV!1yc%)OrHKVqItbGzd}xxzSIASM(_dx zB93%)ef}I#On6x7ZiM#L8oPI#2iPJ_dwb0PY$n`x*Y@GOTkw<7XQmieCvye=o$^~5 zz+DM0cgTF~_u7#I2{*kt1>pg7;5t194`FcFdUVSArX8hnfU4bghv{a_fgj?L+E;O0 zL;R=OadvqpKX2G+;FLOC!@qr^RQ}|x`>8stZ1x+XWnagBUfX-eOdIIJ2e zkThX}GUnjI(RyR+wlnBmlQv|Z{4c`ZJ09!){r^9akxe99q>PXvBYPH^*|U_rvXZS% znIS8MY}q7xr;LzUoMmU^M95aw?|7-t`}6zUe!uVM`_FZ|U0q%0dc9uH=ks_RkH`IR z97eJ;V6#EwT8I>jKK#Yzzx$mKfxf~Pjkv&{$u+|Z*yWm0I_MDfApr= zbS#I|J3E2`pIyifD^#^aXwU5Z0RCw1>A(JvIaFofR(^+|p#ZZZQ>+INL_~Q&sC&P_ ze+!i({zvD4Z`)$c4VLVv^i~Hl1AVs+VQlKUC#!o_1xVa~@>%l9TmwNj^MCZuDRvJ! zBu-@pz$G9=A!t-MTM)h*mRJEZE-a8ZZ})UqQ0W1q1e&9JweyTUIP~3`B%CWb!oFN= z%oOcrSQ*7Yep+sw-n@UNi=2-PoA9`Q2e}f7X?kz}41;@JKKJu?kg@+&lDMEuO&-3* z$BqlA$hn`;G$Eg*SG%sJ>2%}<`^Sz&adk6Pm@ig_6P5A31l;qvO}x=(Qfh9?oc_0? z#k_(C8KMKg(ZJX2lh`0dj`9!@{SKOS8+g$3!L)(Ob&LGS&yQBmQks9g7CJBzHBXOs z>w)9N4SzCkMS}5W$Kf%{<(zlpXJ$#g>vfFVZakp+SKohB0&gIc=d(x7AoC;H0Px{L za|Yki*>*iLUUGFz0>`_UKyceyKK1M+&XvkCg2vW~7yMnO1dY#!)2lTiKL9f^8g35R zQS`raK{7kNyFMTb>D_~BOt%SK;H%@JS{1$yrxUWHoyv&e>!DDyjB0NTo+$5p-WzQj z|LM=_-Z9g{An&x3D_tsWYx1So~kQ=`9$ z39*ni&0JMYF8hA}H0pNG;RbdOPOI0RL44p~l5qU=*Lv`CL=o2CFp1l}u3+!Ls(p_( zfxyz?_|YJCB<)|yH$k85C=bU$jSv2$cZbE%m2(AN)B={BXNFTuL8*Utk1uDkmn!{B zWD`}!>YbGofuM}54=)mBPh>(sX(j#YXCC|u6;NeDCM8ME?Yl)&=)s%SH-#f$HK_s zV((|$pEz~V^efc2$VQ769#{7yRS&E7#;*VsCqelu`_i+^x+Bb&6YbK01|bg|d$Zd?sp ze2w)eCP^f82oFW=zD@1|em7F> zz?BqPYr4PYI9wWH1ftPjX^-LQ*z%SnB|uZlKYQ$7z8c`)rg%f$XGnFli1vAsA8|16 z=RDmPl9_lYos)w(tJcw2ROE;$5e1f=CpEK4D4aJRR?k+yeqNO^NBYf&`K|xerpBer zXjKG`Wf_zLK;#r-HixqnH0{B3RoQnNCB*+&B9b8Vsk>Akb0tG)`1-O*78Rw_W2*$> ze!D_xj6?A23Ytp{Wur}p4aP>)n%cMq#ev_R?yhSqymZhAd;HVa*mLK_i*Wn+_^%~* zE{R587+ByrY_6brV{l1Gl4Uj8F2s76B^FNyb=~1bD6+HKHiCohfiP!kKxa&+m0w=S!;8ErI##ZeL9M8*yJQ>@OqoFFrxt zVg?s!F`Da=a;2raN9*g0=4l@Ll9?kI>l%2~q>#Z?s=+e}N0KLh_yoZ4s4ObwdGqz+{8WdJLSgCn@jVDV_2JcF;do*Llc>J<04u*U^ChE zEno6@ay_|BZ~vAi`$d5KF4w*;x1JM=*GM&4u4U(tFZz8@g#7oSrUxcl^DLrl8r8nT zMRt9{NBeGVeRmG`?fM$Gs=U}8+l{oWs)*LMM~C|EEE{=||DcdA@+a?3)c*wS?gHtZ z4-~xqboLmy&efA8FFv$K4y9cSXxdM?1TVDJ7h+h>^8;MUTbNf@)ue_t=hKGL_5zOd z*BT^zsz%)S;FAf4OiwSC`fT*{mi8_7GE0s9uGH%B3Cb~-PMhQ?QfXAq&JpX&cs{|A z^5qxH+3*P7A5(2ULA%XIg@10bpX5-`doB^ZzPD27PmbdqP1$^CBnbGq zyloTnNsiW7&Y?8MpdF$zOVzFUb;H4B1oWYkII6p0z5Z z#pkqAuocGk3pEY@&@wgjv8*E!CjI4KSm_!Oxb%J-X^@UB8lMsmxFH?#bNaGSaRU9{ z!}`Zx+(o6qEw?Gb7#2O4SS;*Ha4;q|n#-HetfG>#IbxK*EmqnTz%qo)K$~pX54%*1QAxCse_L0HH@A>!f ziSw>3>TX0Ztj&uH zLz(08wA0a9)^md1lJzB-NiE271*;AdY4GCwZ6Uo+Ee;R-qJ)B5G}r3yi(=-Oex`*! zH!hm)khgBTvbwLoU$GO!C2+AoT*=U|%`J0qBctm~RG)A}&L6S(1l@fm71hE6vCzT6 za52$+ev@ACAb!ZPs~uMSZAMFO6LMq4_&*82-5+`93~v)t}s~LHWh{#;f_; z0nzubQFMsyuCZv%{fV-B7)?1G9?s-E!J%MlyVV?h{HhWGxLYjWU15n8hMO$to5|YV z{at3>Ex2hYU&qES&Qro|b*D_{=nrWeEFT-1yOMG&GtEaHy;1mUlJ9LvJH)tlS zhkMb~?pE^=tx{z+G+2>&Mt*w|P5hG?E28djdpF=(I(Ge;)~HLlL9 z9E2kU8xi4;IWG@B7#pgi><|+zDa3i^7%3CRPfaB_T!8VAz(`Sa2yPmYX&ObnbtOrU z-hN2V$us(*><>|%#oaC;CJ785H&w6M2HFv zTif5!8fRj{JQhn`>SW543~qiq{#nnIuPjw_h`o?`P&MQSd*cqDxn)gnKy7 zApgYqbtL)TKdN$l>B`sy2a~S<%8+|W?%09jR8Q?tvFA=8c-));s_YBFWKu2lL=kZW==Cj`R<*i(!j3!N5FB|(gYqyu$c7Me@`_ef+3cVM{ zG6GSDaw}qoFdx|)iq`w_FT&~Gei@J~jB=%BbGGv-q7_M_{jU+sGSo!Acua_)l6qkS*p80nY!=Q>#40IUV{BNPIg ze99n93>IVd-Xw0TCh1*TCjgsUXu8ptEkVN}u)Kql&$@RdQUib2R)QLc#v+O6uFgD!yTmDc% zTN7cz3>D}?M}ZUw#sa0+`ntM+!?Nr_e8HOjNfpY}EMP@0HeObQD@9gBh2DL2b;&-g zK1H_lbt|-npzM0V_lTrFM{+7B_Q4Ibs8667;bp9$Vya*0)WToR#4HFa2MBT>;$`kK2xAI z=ZcJCyCkLSPx{T^1l-Nw?Wf+R2IvW{-f{xQ)PD}YUYdnze_(JRH9dqPS}hYz&$A-g zK?IxBN;%6hA2nKq@|&m*p~~0QU#^LKmr$c>KXTXC5bZ>f+5Kt4vOmXTZeR$kiVVW+ zUwGn;Apvyy+`AB(X2Q4Q2{o7uQt$ssnm}ovVjtib_rQ}oF8&Hqp+-d^mSPB&Wjy%m znhAm}0_N0~f0j7rG1jE1^P_6!fkphf+Vn*|Ev@MlRXWc|C}XBa88$!K;kv)ei1R@) zwpr5E^1DFCn=S$9hz-=oEE4S0`qhMkW>BmGm5N=x$d50fu0{;0I0{KwgIyH=uf8L; zSLZsXk`sKEV(5#DF}`ufGC*R)@pW#H)4L-$$s=^}W9lo}Uq9zkdlticccVtIvUHyB zPQRl|NFc0eHSJ2*haaRbFEPPb%fKiqDDU09UkR519&wQ=K+LLGoUOEw(BY+9;$Aw& zWpMr3f2*|nD45X_8j6b)|Bzmfg51Fjgrs*NEDZ=gB&UHeQ^2AN*W7Hqa;8dW+Np}@ z3=OeC&ept33|0T`ucsRx$(7o-dN^02stJYAPR}l5dpTEPjL0Bynr8In$z}MQ+0DLg zZQ9RYpN#n`bywyq{`|jsUC@7x-`DphdM&~;1IqVW%yD`LA4xMois%=7io1}GL@>sH z=e`dxNQ6m(Bz~YMOY~i?Va^%)X!<#)vHO5Cp<4Bum-B+(&uOPkP^UXa@oMS3AH;wH zWIk7=VM1N9luwxcK$Pm)!Ecs z%`8!FG`~ma&htJ{L*Mi;-0rr(d$csoAM{LhjMvkJkcpv<7V`=vIeMq$H>Z_BQAVTx z1fwt?1&%|v{QCt#L^RT}frOlfii(_;78NQTj&q_A06~FCfmJC>E9~q?RqYN(PcJpl zQ=P<}R4rFjgu}b9aK*{)JV>sj7Px|KM_KlhosZc6E{CouVAU3?2)G`rYv8#};b{`U zAGB_IWFJ@BEstE<(EXh2ffE4#MuHruOAtww0Bj#(uf7k%9`1nW;P}$!&Q!%O=<#4< zw{7hmN;88SQxFtyWgOSOZjCI}N^ID^?(uQONY`mfbDurTJ;&OFe5Dv2)n!r%_F zfT!S9)MRq&4RF4M&~M5Jhq+Y~)@AcAKjC-zl#VB(UUt&PL^V$9#sB*|rKXr@oiB#I zJ{Vj%`BjO}fEp{cw4u<8Vsfij z9f9OK9Pc^4;d4VKfk<$q8Xw<2m z3{ZfmKtMhr^N4iph}H)>9q>?7;lX;FH#JJiW~ye)uqyBrbP6_=fZ3#f;(1M?x4|^O zbNT5!>KzN%b3|~wnLmM;>foj}Op?3$;gR%zT`K@9G(jvJfoLO{7C@kCnK-D%0p@J= zg``gv-1gBbJ*W3y>EohoX74DLR1iq&XOPypGf&pn>ieBw`rI6bAPO zInWt{)b*)?5I`t!K_ifNR-Zd__5>vz{UcF|Q(sj?!ZxZS>PtCSw3Wtm?}DU)awat( z7%!*ZVM3p@ilB(tL>HyEK6TwYeOE2hvEzMyt0}S~J#A=sx$ie4Dp}Qc=H1k>Tn?)b z>Hsw9cSwYX$r&h%&<}=GoUi-z6k$&Y~|QF{@h^doopLs z_MdZu9%oPSC6sq4E3s+O`NJx7*j4iN{M(wM6w77g>88;H5gF#I!1hw)>I<1ao8h9D z5k8u4QsVJ8ZK78>M8dA@nom3NRA=TDG07-St@5SS*Cb1fS*h9A`#TDU-73^wcl5~k zbRZYA`3Oy3wry@}x_i5Yj(+=)EYMNf2YpZrh<11*B6uU{w6p;_3h`J#j2Ga32;L2` zwXW36kR#8)tD4&+myCo%*LJ1AAFqnhEDQ{~exx$iXiI$|=$CJDrOYa9ZD!++rIBxiA$NulJ%T1&6mi?a_iTfS3 z5?k)A)d?C~*0zVQKd6kJYiSY+;}zCFu_5eOe%jJJi{%Zex7HTDdpf&J9}npP>QYAr zI~zZE5QFaq`tx)U6{0LQ8P1Iccz9&Ie}pVAi~L|I!YsHS>vPED2grT^^h61^(}5~S zV{jiyQOk*1_D8>3|LMOLW0a>GsEhiobcLZqpLI&_0wz^bJ$%jaKn#UlrvG)he4gID z<97X3OnPDxpKDmaheg~?ah++iGRGA7;lo!=vQC~ZBq|ghxxoBKgof@kTW*olzCZFg z@>U?fkca?$5SZe6>}&{$q9qqUZ-^0o#m%sGL5fwNLOeTDEML+RB$0J8az=72tp}eQ zo%-`GS`^i9`;&9U%w06`v7>2FU3e{tG#5PY@07_h!S_}h>uUIT-)Dr49F^(*$e#K_LUnE{HlyHmq`xVT zi|40wdzHXeF1~fuPalPY3Df@a3Hxe>hmdjTqAe&BpuKtcqkYGuIvM84uOB<)|@+DLxSX0C%KE95us zGp4&F{pAsAHlsDqFXXay9FleX9PJc54&7$Ttc%G^!o;!IjdYagf;^CYzHssPVXXB75k59`+S)pHzYvL_u&&iX#aNT5&t-loXqR|yN&L21$P zF#YG|`rk9W?~4Jz0#Jopha*jX^}eH!wRmII!+;D!LuRf(izx)6jQH+S8MF5uDAL(E zchb8{muG4RmMVl@oAP>DKQQYR=2J1Ocip0j=tZNA!u&}M)v=sW)la8sM(dkG*yRmt zO>Fzw+QnoNhhK-_EmVFMI!irJN7QQnk45qbN+T&SjYEGG8B_qhxb-zaAkab||CR+& zH5_*lFmHe`;ABvU@e-n}-{JQB0MSasgAS9BP9UK>pk5^g_Hxt2C-LoG>(lG(?@AQL z3Ti|1hCg2)HQ5HwY6isZ)%5o7t8YCo- zF{&I3)L86iRfkOi-L@HAMNyqiy#tz)L2-uZcNt{S^hjhMEpi0^I&#$^e)B4-8isS_ zs(aP^u8M|VG#Jbd?120PTnCIBX$XWIz6AswE+zLMvmSh%Af46^bOrFo;XwtK)4c@P zasW58%kUth=w9?#z34f_FMM>aNA1t*+J+(}ZfNvVna5_jbK6NPtfkfX=C#3tJk?&_ zWTOX;vc?VSrZWeHjPiwAEe=$d;^V!9LNcjGYhtMEa@|Z#%{hY_R()d1NRzHtVxm8f zFVlsq;Gn{^sDyj7?i7)?Sj=|!FQm@ht__4@e#W1J&~DSIyvE(N7rC^%+a)@N_PG_zJ}t1fW`$N=aZj_ zAf5KfxS`0>1Wf-p6FZ?DIi@gtr-@nU1j#dKb@Zb=%G-Ee$%z%zwxUCTSn77JgNgWKc7To)fW{HbA9(-OZOg2r|YX8{!aM_ z{DmtQx2sMHo63(2N*JyFY3SOC9<)W_-9F9pyCygKGjoCwdY^iY?DTosAQD+ zCAQL5>eJCz;yeDQi}Wwk`~U6_q_L&Oz>v&+-~nPss|64x4G1uZrUdp)MOeC#yAK{$ zQJ3ixU^jgXQ~_jY3E*}Tou&VqQ;zSbUa2@?(Gx=8BBMyRvrm2HqSV#4t}9<3f6hL` z2lH_>Fwd~d<6kA0r};e?qPNp;q|A7!tUO7z7Lq5D$tl?N(#ySLf?a*W@0sIi<9)%o z+)C*8zR5{W>kXCLZw)dcG_!0i+PsMu1g*dA5g)e;xO-Mf>%f`_PQ^8Vi++cpnK~Bg zERbGeQ2Gn0MJ6slMj%)ztHrT;JQy%`2=d~ExCak-0;pha4Kl9^7IxQBHke3u_Wt0+ zle)@AlFI6Azy2pEV%1Ml9(VdGox!P@@mwHVedW9Wp1Vesp__z8C;!S|)!ohkaRnQ@ z!;3{3OsHW0K>p=NpdAYP1D7vs)K_R~V9k)wgMzp*EMRCO%!wJWRDyit@6Im`UF8D|=6dsfyi zob*C!&v)BrZ_0+zixHd}8E$W-aUVSVlh2ecQW4Pao+0WUAdPI@I@REIOH53>3m`%y zvxtl-eQ{=9+5yQda)Owpdk^Jj9Ke4geE2)av9qJ9LyZa6&E{_@zU_1YzJ_xpRl>Fr zvR==qJ@X&4wbzq+M`e)Cou0e=TcwLX7T0}#(pKdu`2~S9&u;x3b>ob`cW=~8dVws( zT>3x7$5l{nU^L(qTq!~n@(`(4{~l#}+Mqwc)?2+bPi^a1R!YCgq<95Ot2Qm+HTXQq z5yvSz(Y`;yfqK4xsX@F`Q2e+esg*kXgx9I#qi_gR7P=j?FOsr|V8SgdqqBfpX@h=zif|NOVH+6vYR;_Ny zA{(MkY7-y5CzXeOoi5%HC@{BQ&EE~HZy+#zgo3x6x2424NeeA&d79|jx{<^(}jXtw-i$nMFZBtCuZr%j`xoq$t#BW zV0%UxFU)Pt>q?JlkMc61o*z?av~FLLp}3Ok`t;3S<)|Ji^&bV+ekN=eJQw<(pgL$ST(2#lkhB|J+>C$^+JGh>Fh5BkZVoA)D zu?S?b$|k+Nq*UfFf-U@*?!%f+a+YR!dgbf6-cx3qb{9L zZJP^6(KYwo=XNR055Qw=Luw5zHbMA=7s?}1fqG>7yv~Hcx|v9y!yR7;n=VWRR)_gW_6uAfkY4_?v+`@de4jBKDJY}@ABd(#4 z{k4*^ErQoq+wM%kqj($#_+gQS`S!AEKc~n2=mA@aiNzxED3D_}i-fO995jquspSh} z6}S6@rr9|fy!Xjw*m1t9j?K`%47Ye2VY&({8+REk89tvLPGsGRV<}gVOmH%&SFV99 zk5wuEmMFK*$smJX4q+e-SkHiz(w1Lgl%ow_HS;NxPhf@u!FbaHiAkGa%J+qPKNu30 zrpR@8TuQ$i8e38H>lTE6@==>5t&_v?E|ZjT#wvPUo6?+S30Ir`Ik&_usLL9+c_&Ku ztM}>bhres&W%ab^Nzapj%x!f3pBJbF%8x@t06-cCfO#daOw!$`R3r)!#yVXNoOt$_ zKdy~9s}uJXUGvD8#oTZj-UMj*^qV%t?K2*`TErq@yq8DYx2z7tkoSE|Kl0N~Weik( z>dXo*E39>E8OY(>Ju7c0?)WIEjuIp&f2&HO5FK=zl+N@#5nZ!VA9aLvV?6 zWOYe#NvPk}q4}0GV;j_3`0$1a;M&r(iY}8}o?3ZWGRV2YZRSu$pmWbA5~Ng7IYqV6 z_8ZZ{xltwZiG>oSv>b zRaz+^H7}6XUBIb}m)+r!!SEPQuhx42=&E$O4HqFcV`C%+OlX;v z{dOjF6W5n|m!Q@6poi@A-A$^{0o&V`4DV;;J^kxU<5r1j<~N5SjWBfS49M_0)2_2w zAW-BK?iX_7C`@QW5FKX5L)02# zxxddA>U5>^(xqQe(*NnaOt#>ga~TWklUt8{KQFF(pXyi^^Kc>W0GIlNRZj?MosN=U zh0GHe77^}yd#ZF1F6KGRcVX;R7-0;5|cFTbbvVpzRvVl&~rCE(!E}mloreUaYj4)zqw3tgRM+M?}**!IH zAn`LFc?#r@gVZ=_9`Ty`010rl5<-B@zee}-Tc*EoKtN{1*Bn9Pj5^jAL};#wHe@sLB9I)6AcYj697H>)%keo`?kyDF z<>C$LoXG1MJPC`#0S<|xQzk^67dq+AkkNo2gJ_nA%o z{onW}emLl%fYAg4_V14nOxU)*iegh|#fi}6I^7Cufxz2L?fY<6)FSq9**PzhSYP8q zpUzuB=UoCPp{$MF53%M~Tw@G17q=hautCcojQW}SOEk?t=1DYE#&WtMK|s_i46HjX zb^TX@&UESugj$IEBmRQPW8TsjqSY&{A-}NcXM3e-#D^U9Yi5l}5p(fE+jV$w@it9- zswCm4MeZb{?dhDkKhFtvRY8mj&Se=N)0THP7Yl7X#CrU^eARz!A5=b{BytmcX0Q zu^=iq_rm^pPGi4hPrB+{Pbcwn2)#|De&4QX9Up~&@`zPWy)afq|BB5Q9%#I^d+-&3 z<5~2NhM@X4%nb~IMwLOFP#zxVii(cJo4CJ?<;UP)0V^pJ63nZdo- z*}fl7w}&zd-`gZUi1~tB+4m{wnp|_<(v?ygZpPHT(FEI88%?%qW5tVd&ZLMNfOS{wtD(YsEF$GNYgQa=;FL zfpcKuS9Yr@(b-b19q(jeFuU*UrBf__IpMjjR_Z!7X%~#-i^eYE$f1(S4`x0K?{g*; zsxEaGLPAkqOh!L*TDFtg6ZQ&gCH@E2g>SBKV6uuQkmE6z1Qe^%Fv;bZjtr@AnZn|) zMuiaMMW)oi)6W;1)H+9RN8aC~_wKgF9o|&go%GhmqA_9|)@nm&hMTTyWE7wCR+!gO zETj*1cOXT5)ilPbqod!X2|`PY_Y)~qe^UY?LB(nSynp9tNjR4d1yk-x|>jdLB zTUdP5JLX0s9;2R1HFtSXxA)2%Ky%phlYCcSR4jsU2`=k>_i9sgL|WixO}__uIwXr9 zYG$^MPyYMz`&`trIlziTWH)SPL`oFGw<$InQlGcgj)MFlfWU-q43W$gH|U+cS10U_X{1f44@Syt5k(E8fEs* zBk@mS3}W8`yVP64U}UHi9jx0H+o9zAc(;IqK*+gb6v=Q>%ZMiaMT|X{d`fS9?^a8^ z#nHQr8x1U&t5+?4=}Hd3gp+6~ofzCr-z<8|xznZ63q`htBD4<1ji#e#b=Np~k<%MZ z9WcEoA*J~cBw2*73*AK9~_345{$>MiWWu*7>=^0>GIGr zv@g1pq|-oetN&7aeYG}cmG^P={AM9Atukmy zYBj{yG?I6%{mRnM$vXy3Nq3fe{gIH!Fb54nbJa0yuc>*%B_og2&c`~$X{X*Jxyd)H?oz09`v`@!lJ6Q9JmGU~ z5L|0Jg->7((|fXony+ACiVDIK1ey~vLmCDwdMdxJQ)SJNtx(6y>SQOJS~=6@D4R0K zJeK2y8iL`qSFlYduu@mU;@-|52-p&t1~FK%*1ywNF4p@F*K_S#X>Qr!l-H(;#^xV} zrhASNKUGgl@HrC(&Yl^q6+7FYyjxbpe&*)sR;-ZCDA(x=el@|;k<;156Nove$VRhe z_)SS&@r1;jV;>ItIw|rwp~+t)yZR;nlzQssoQ6pOZ+5K5T{5-S9R8I~90>EIbtYWF zO2yYG|2dQHENWv+$C9`HAgp41q+R}Kx8li5}& z$z*9TpcGaw`bP*mZv8m9de^i1 zTMiUccwkGr5hvOV6-!usWqajz?2I8O#x1B~r6+{~w%Dx~6WAefd~nA??CH+YH{8-y z0ZYemEgTzdZhPJXsatRo$2_6-v_1Ge#~0_@6x{5Sfvmc=+ylB%%1c5lj$3+hN#5kB zs#H9W{BxK|R|}1mzF5nG8=}V_(4A}WoD*P;QGtw3H7&NU3Me7%NPIeCowJ$71UiSB zw;&^iw+WEniGc0dGhg&Yf;sXV8ugb5LZfw>+!{Ijf(Z1@2Py4$tSx4~Uv%GGKLp&K z2B~v2q4em|c1jogXmJ9ZD`1oiQXSg?K#oynALbWWSx}HI3cMwzWHZEbv1UuV=xY_7 zac_RinVdFC`~ty-1+o4@kK5iCxH^wNGAlo4cNFVoNGN+Z__2ANA2TzaeOk)OUVxm( zU}Uh?^ktg&)R_(~^8>!ddY$9a1_W*(<&EOmxOwcQk6yvX_!r3%qBIz5RYy~AjHcs{ zJd4UVsFyxv@873jdw25ap=RNf4rlu3ytN;WrUfU?YR8GLLjLEGectn$c}6wllAy4I z@1sfUSnYuT_PaC}h58^a(lSLJc}L<-Tc077sJ>>n^bvPEXTFP69~n`p`kJ zq+;<=UlU*sVcW`4ORVY`-Wxzdt+63Za+YP_a90}P`voyr&gn(tZWd);{#ogX+kEvp zj(2U_)v{0TFZ-Hc4_GPE_AN+=k5-ee)~shL6pb~UGC#_B1fi?Zc3r&p;i&OF>K#q8 z{+-lLLKLzexIP7kJ=rUYakxZgI(F?Md%ZZQ!=Z9cluRy8i9^Cu#{jFDJ&vPY=5&lz z?nBOU^(F@j?D9d{;SW?1u2eJ?&;9`$TH@4C%xQc=b7=({9w@0&feArESKxFm1;Wsq zo5)xsBlZI{r?7ckja?8&(6jmmRr}$DY>c<|^okE6CWe@en=QqzF0&fJ46V@iwMR$t z4)BxQJeb~r9nw+7eb)D^f6vD!O2zMYQ*E&?Q=cBHohWI_#zEcw-TPU0Wd^LC9p_z| zgvv>T7UUC3_)ZF(|ef*HD1IrvxJL9Xt^Wt_&w0KJ%#-`ZBBH4AK? zYQFOrXyMq}xWA(n8CzNm4!9lXsilxmxiCQVR17z~1+24z()y{{x~|cHH=w^=e7`M0 zG|S))RjFTRIv%a%%6W>B^A6$;B$))Bq`uoGVbUy8mDYWPo;FW)Labb7yem+sqOS*@ z36fKDq~0m>%^J2|Xz=53Hd*H4-7pH67>Wj=vaK(>)!|V~+=ZvFDCG_>-7|@PuD<$8 zJF8_pcm0|3W+|?0mfm*@I$f%D3Cc0`wWhK(w5|(y-pR^DgJ5uVA$U&EyFhE115z3~p0wO_4tuHzWJi%&n!BPj9{| zMuMto)KB{Cs9$LtXceXfg7)Ley(=zm)jv=UbDM)z-h*|n8aBdq=M-$UG%d($FMAg1 z-cAF@b!{4GkftXrwy3}@q+CU}gxtp+-#^L0`=9Xxg!*U_r_%S>b{8lusHzUUa6}&1 z{@B>R%JPR$nx&iI_TIaq^;LHM%eeYg>!ptpa_8ptcz^vo@-@aR{O3nuQd!De`XD|L z#I?g}6tyrR;lPr6;eCdXL_GX3=~4}Zl=!jc^qatxw1AS3Qf>-KXg5#7!5InScJtSh z!gwTIn*th#i9>XP_2dbd@38bX^S!xIq+OMsN@=IS;3w(5myFjyT|Avtj81+(-LfU^a_?2CI;Y78c#``Y58H_UL zQqnRM%k*F{(N=r#?H27)zhpp)_V)fC)nxXwb&J~1>_>!gQMIdRfw$o*f-{8&s6d|* zl@4bO^7px(4?36~`3x?9cdc+bgU%duZP*>BO6x#L98F=5p6@l8R|t&a)zt-f%zeyX z^UiL^EXU4i8q%4vZW9XdR!?=79-&ZAm%hpQJE~zVeOM3X?j3ZV4py~&nAhO{Ue@m+ z1skzYGwvoByb!?Oi%WNKoAy?&{oX_V00JJer_-z zL$|=ySW4f{T!Li*P<=9O4DOz^-P)bQRX0b|*3lz`xne2O0TM)Kf31-lPxTOo{Hz#bUn27s* zaXrJl#EW}-vcc5x!OdpG4S`)Y?Us?G2)2XR_3cXY<5Jnl( zRnyv4Fo`urGdu?w_xYP!a|2MBg|^i5HSH^<7Ne^3h2sH)bDwWJ2hc_Ni@l716G-T= z?WJ{B4CiOEnawkUoq7e$pHjc~lqD+U?*4idG1fVL#>l>Z=lWjSUhScYcG*ypHLF4q zEUB;=Rj5X~8CwK+bt}O08sjX~y)8jhS+8w9p8o}E*&m*h!fhUzG_KL1w2O#aE3^@EVV zx{2pvA6spm>4#?m-Cy!_A1;bxSQW109-KwTwu~H=dro}UqBUibs$Xb~lT&3oft&H9 z-zO$Y2cP?~J5Ig|RZdtq7ZLl_aI&1G5H4+e+6B&Y@szk3r*KbZW5y?UI)0c{ub%gb zySUcS_aUoxekJ7!;2mFGnR{BfV%xOF6(@Dg7j)9on)EPfd8xMrWR_A$<@Z8Vdd% z(2>H;fI(0E!9=eFh#oCUu% zOb@k(D-+pIS&@o+yu!TAH=jGa+_-4wL|;_B@#`QgSwZ1Tvx}vxr_jDbu!#P$+R@~1 zpZFMK8E(b$_ibW$rtd~o`sAbqR-_Y$Wdj`Awd_#?KR$bgh1$G$lt8MWP<7SSj`cP1 zY3tt0p3CHio)>hKjkg_X?g?EV8(Z=Ch#7k1B+->w8FETxQ%hKQ=^lT(_-a^mIW{p< zm(aMQI$JF(E3YJX5#RCDqJ7oOMTdZs6!&uy?YV6}W4Xk|bK}}q>y=Lo4v4*K49wyyX59^IUld5@8BwpKpH(l8+U<&wB#{s;QbCsC4qf8r4sq7h8wrr~+v`u=MXHPygD1=HG58jaXpGisP$ z5+PZ#h$W%6=2NXAl_crNG;CA5;1t#;Gj+$Cf4M%}$S$9mNj>?ra6|s7g;=|P^b{aMM}z!FYtYAP)b61>)vFRq~Zeee4>^JXnYzx~*$u71FPPp?)T z_j0eF%;Q&BXjPhEQ{9IT-_)5lf6r>lg-I1$b){EZ%?x0?qlpvJ zEt}1`m7=;*$8hnB#{v>UL#;eZ)smHz2SPRRf73QLTMBMmcv5b~w_IE&DHr0>_Q>9S zUx`?3q|?^6nWz!%aJUlnrT)?4!Nl!*r^iRu4YiY=JY-~U6}GmmsU+3eH=sdV-b|(( z5fTq)Z_ru3*~sSkptmPzXZ=VdW}3MwSXSI#j+#)Ck1w*JQ8yBHO&?pxGR*$`c@rEZ znUGStk@1*YxxzZ(YGf33Vg&!BPeO@=W{(jGPD^%*?D3T#BCq>H?P+iHHfPn4DWLoc z{+{UP##}KWH{*)-Z!^YyW1LT@zg+y9ym+F9@rI!X!-qGShMTPFW7Iq8#ucsO;Y^z( zp1M9ug?plOOD3LoiG2E5>A#{&4qLu?R@>y)-c&j|Cvi2&3GTAk?$Bx2jV3-bHSU~Q znj(2ouvbNpQZ?$NZMm!fX6!*69RqTVO>Ssh2{EhhW zy+j9ji{r!=A-)#UqS)9tJe;|w0o>l9&oJLk%4Pt6bg;zC2~ zFeKRp6TJihBCpkmsPen^Ws?qfFiGpSCl|!I`gQQWJ$+uy-nrzcR%vL+-{~p5 z1vd=?WzixLliKx+Yl_QEcbVKCyRMu0FJ)&>p68ypV^5!5e*TMUA47Sn4>`N^xorPDx9RHQ%?`RZMBQKU)3;OV zwPj_8?$jik%aOlXkz?oc?ebr)Rk@WP*gISF)I&<8GAosJx)U@mbYu52=XyV=eM%)E zeOe?J^}sb;wJUwnA{GkiYvx)%=NBBGT*1yqYzvB%EOHwrO;dYHlGkNWsH-=3 zMOvpf8;5Oan0(EXcFc?NY6VC2e6su;i$?mDT~j+>&!M+Z{%p*v%eD1zE|}G8XnA=l zK!icNqI9=WQeTMRU3f(8l@o2tTsf9>{Ue!v16NW>K8sqtRSvR~nU1cx2fxF`vgOz7 z1N)8WFMdOl@uioXmLjxtBYS@stNPeGcyyIueUv6AL%UeMWCn}S^2koI)aUH5casnktymCan=r|!=sbW)?wv)55CkC zbWwRfE8!`3v|gp%^CF&qoof(-X7N)NMziGqz#4{U+#Sw-F@E}aEu(8c-}02IAi8>M zlUb#kJN-7R_2Ox&Ji+_t+~1Kp_E0Wnzgd<^&aN;S@mH#}KB`o&>&8BL`3p~wURAvrw)>jAAVXEnE^#J_&b zzr{Sms~7$`DnU<*ghpk=+er9Dv0q*L6xYyR#quXpo=XG0mw4)wPiU9^`9o-#>P*u* zieE&kYF%2KA)rka(<+-LWJ}E~?VkeEMXy8Bk<)9yYe?Ac%akOR_KdkcA;VY&4;7WA z?JL#uLvLyBwhUyC%<#O~nZ{dty2z_BC*(UrZ}pl6o&Fx(M{%45wBYPy`b@F{ScmDLOSaL1S?-XLpK-{Esw-^_J74 z6)Ago%AWh{z)k8Bz5KOG_-St_b~LGMy)9Tlq2fpM3BkH1ar1qzSL?JYcBg-;@!9QS zKV}v9#8yX0O7`%l$0>EK!PfbTTimSFN1>C+U0Q_DyHZ|_ojs}YK(35AX!=C`MJMG2 zStEYGgFfVsKWA0-x;^W>_oa~Q#W!cc9W`sc9;@Y@Zl(@h{=|WgdM)C8d!LL=^PJMJ z2+ydie>o?VaoIqTVhp^%r;W~TD!6LXFCy1%+w z;@s+!v&q}i8k^@nLFS!wOD3m`C%@(jcc+*FeeIK3n+v%kIKdprbac*iKCzuTmWerf z9@)E7Uryf7lA%!U;?o>FDH$cB<00_sZpRlv-5tJzyu;Ibfh&?dXIbfd7`|kOPxyQp zm`ECseoMS%Pon?}E-d_!o~v3)ERIq+3>STh-SQ?j9UNz;FaB9o5})@GI8T)>-o)Sk zp)>ncFy%IrJ;vIN>4Y0|Q>}E{iy_0z^U(>5y&_1f{#X1w>F0q@|G(6+u9{Rl2*829fSYK|+yE=@K~e2KRp7?;HPr z#yNX9wi3_ttb47wW?VBaP0@}(J@=G>=7omd!|esiul}>1KJ$-UC}QOlhMXsEVt?9d z`b|H*Y9c>pC7imuqt|B>s645V+BX?PuxXwl*#(v;Tb7tU_L=(18>;;m*OXFU7Vh4= z3GF<6cPVN_Tk_I<9Mhi6_H~ddtG@DGL8%wIDTT(;Zflz1sN;Sd)y})7)f4Yx))hJ0 z>VwLy+9Y%pwFc|as_a!8Sz?!b`H&vUccULf6|?-Z=Pxc>OmB(xu^t4auZA-oosf7u zaFy5{ux%R{38Z(*5LI*&Rp;{#&Ck9-mpa$KM%d+A*Y0;>J8jK`N~2iQkUCD7nISWq z@a$W`D@aMS_VtC3k&`n~Q@=)f#Wgqlud79NsBOX7kNz^t+qCG;363fjbibo@ zSsis#aqxySM#!J*aw>sb-}NQsI1TM@t8f1y)mW$HCvE#6SX3MmcCU}Om4V{;(B`gF zd~qR8paOkzpk(p9blxJW*x{D-`5EG9FRt{}kHzkdz0%iF+_%4CQLB-!rPt0?@USir zibe>=&O4gjVH)q@ee?EndxPf*q+WZK8Ictqqc3soyl{8x ztxm}I-nie@@?NX<8{`0Mc^$((RNIL(@V;1o_bdGUJsCFhz1~Ht0Q>Lvouo0=9nxaX z)79+F*q9wph$eTJ6*^8G2}W(VQ>M)He{He)5TUG2-uy~2E4a7@3uX}~hD^q2e$V&t zdAyny0t%^SBsoxNZn$G4aGEpe*IhNlcgR#p99$9!AG-VP+lxO(Q51`ob_Nz|I-L#M z(g$UQS55Om2c)#N)>4xqT)YctJ~hFg%5fmB_}G?q^C9dOeV6z#8dqG zS7sjPI|V0H$J$Yw#(9PJ40KB=tp*8-v5l1al#@45e>Z)V^t%xCZ`+QCHIzfJ zPYeA=_O>Nq9|dZAh*kp~x7L41(b6Q5&#n5#rU(*hDm__Jq4ZQ@z*SxPP&++qA|J%L zv2`=dBRoVp-71T3MUd6Hm(Af#3fcb2-otAB`$A(*Ll4u{=)-(n#R4Sl?#>-?q8aY5 zsC|vEB)pX8`XPCQ2c6HGD_hQ;RCCz$*~$CwzQ=bfur#-AlRB%#)>AH@tKXlvW;baf zBqFhNti-AnH^{Mjbi{IuYc#iHrOd=?7N2I1nYzAWzBq#Yn=JQvAr<)Iul&8`cb0gr zx<01pJ?@C?+4`82a=7j(5Zid2{G(!Lk}J=GFq4Eyi|*jy_*7C*=(OEt=J$(NOLJ%B zhurnHCe+7Uyhh&~;E7D>J4gw)5m(sH`!NqU$#-$>ZsM5h$1Yn=+aK?!``yGC)s3^B zwq7vKXUA{avnd&HV6mLx%vzW;`&|anUFl$PfMP63ZS%crni60Qprgx97Y2;g0I|## z(0>oW_-bWn3=(qR9=f*$EWr>a6^iAUg6~A^Xcsd##gpcZdbypHDb8!KN1Z2bMbFQ^ zqgif|k&b|OK7fwzBxZgx$Td-`HuUxe~kr|;bK6t zXo_yY=6d~J(qZ|EDC8aPiU@S<8!0?Y_U~uYNm<4vs*o7#(BL2L`Ww zb1Q~TJG+DlEX@@a=bj{C^N=T;%jj~NSTPU?fXN;7WUmnWT(7iGz|UcWx?=jYd7F#&Av z%&g(h-B}E|wZA(@(K*EBnkFQs$gH!bxW&1$3nf%Z&N;1B-7hjSJRtcQ$|FZyacQf7 z(WFG<_WW!ovvZYpE!$Mj-V+7*7g|{J>=1U0B%lE}y^fu}1^N^9 z1D*Aws3dZ)@q5Iw=9oHJ&Cx`dyNfu)DQU$6z3#kDPEmRNDXv2L1~EL*eSz;R50&N) zZH#Lrzf-@l9gJhc7aF@j%_9FPUjKXjuKlNU2X^U@kDhF?729tj|G3C5i&!XYEG$#t ziVV5Mu=TS@GGw|(Q}T|C^a2E8zph{TT#$|>UI{-|rnljXCFAV!*InzPMb}j0^om-Z+=amz?%GebXOddy_Fk)K}wWv|4yDDQbsCZESy;rSO;8g4vrQ|LH@$ z@t2%B?^AK??%nn`zpuXLkXc(FiK#TwYQ$BZ*{(W3$g1SN^C#6<6ARUbtCYNjj6sa@ zzMpZAfq&NHBDT`9h=Bz9tm{~5=O-iX&XndKGzQ>TMuaNnVSfS?>DY-jsR)f5YbQyJ z&Sb#%eyUjzM-J2J@r`!;KIg;0Hh+b032aAhK;x^5h)}xj7s?A6u4HC(PSP&b^`Vso$c(+7r1JWRZPwON6&Oy zK0t<^X4HP_jwHdQExAq=_d81TX}WrmYWATq%a$32&~#nz+F#Kj?z z>s?1Z*#}V-cdx7yl%>s!6XnG8GnF(3W~XN3b{^G~y{qYag;mk{yI6xVoGm{>XSSBK zzP5X7|F_I~tMobKG_fDzSm{PsOmp%%+>V%{G?RKP{NZ=B(xjW%&L`UsgQ_Q{Sm(Vb zu==oR3YiCSYx&=e$~yqOMt>pq=j1OhvwneBbi^X29## zk%{3S?)ms#Nhi-YKGo;qqz07c#Bl9Y!*CR7I}bm$A)`GA%m>;UHNcM;I3`|cyyO0> zRR&|nCe43LOxKc@XMRpPFAPtD-0V>Gh?&A=Z9zvk7?mqeLGEhJ){yM_A9Be!>Qt0Mw7<{Usz7yo>qj!{v0M7+^`+^{ZtFkbit21bgJ8yaaBoqX5LK)-+`(JydCzWyn6f zeeOf5Cx>C;m$?>N`j=9|cUs2#XA0H&G6RLTnLb>W9l)56`0)OjjgFjV;6Y@?T1^TD z*HhUoM+eMO+*cHVgZUxMkGJ80U83_m_8o$JM2bp7KHBeL)_AD%4HZ34RgSJ>@zSzQ zg+s?)^qoCsr0Mx_th-X*9?F*&$>%nE{K9k+9jj_+hLf7)>z&4gnAQzZ9r;b27^h@c zi5n}i!&=olU9B>0we??qgxB5~i7CSPZJp9BnXa1ABXA)h2qyzo`7L+8)bVQCX7<|n z^9n|pna-?yKPtMOidbFZ|Yv{tz2@Y?-BhSE#sZ$thog<55ep9FR_ zh1jIL0|tNKZ~q0Gp8Q%|=FCWnE<`eP{#5xwqoGG6Id}fBIUdU_d## z*8II@34!?A+wb-6t#$W@E&q9(+u6>pL14b5sTaB$Vl!OS_^JH9cgk4$aos!`k|2SD z@VuRQ{?nb4xZ}cg6YALVkjK5={omvb!2JpDnsfN{(=;qjUBshFIJ6Pf-Bg<-Ts z=w%R2BVu>6elCd_zC&dlGNqiAhDqFEVwZKdI_P4F*bR=IV=?d(0C&ugb@=s4R2ZE0 z1U;#=L)_th24;E8e9=eICpW&d2+y<^^Y^O6X%~^@@WfX?G4(Ql*2hDRDxOeP2P?!Ryt;0-k$x!HsnQ_5P$9}%5ZJSk5u-=UUe zYj0PQ{HfG!K}C;qr3y58e5*|2MK82Ub)Wp>WcT? zIT;Mkf4lUYr~iwPLzgYH>s|B|W$XvZbyJk;E`3?(kWum=T=){3KD}TeeZRRZrCndi zWs;q#fQxeWxE3yy;Jv$_9||e7b=;0`a=#0B#`F`0bci;MrU}&OehH}++7#XE;&IAZ zk=KmCd8ethVz#e(ot>fbkoN5`S*;Rp(37p6QkZ&AGLgim$!WMVcGdBYtu8-nXq#;>Sg^OqAMns55BhDiu88TeO){o z7M)c_rZ}FgtWU;Zyw-$fw!JY~#92n(*D5UI@BNICC+3d$2d&iWhxuwyz!k7}kfTr9 zSy)(ZwBSzT^}_E3a^lns{G=a7D+t`3{-n(wF09H30Y^N3(E};aBzfvTtaEYH~RKmElk~ zg57az5TcmZ0_~k)$6GPklDAtdAp~OJ&eS%di|PQGW=D>$_TZ2ncjT(-9o&#^RXw_T zfb;aNt}ArB2pYJY#gx;@>CKBRW)tIYOf`W@PG=XRq`pfO3PSKy%b8qWCeiZg>b%?i zHxVdbve50&F7Hf4sD4RiwJnHHos<$a9J!FJM$gf{wAHSR%zw zbbaKv%%XM`Ucj?^;&VqD=eaD7WciRwP?ODb2c6|^$>#bEwy0Xcn~K5J^1B1`rj9~v z`$N_B{Lv-)PNJ8QDL>l9<1 zimYOm>wAF)J-@Z&(kcMhdF z-ahiZufhL0cd#roe0#n&Rmo@tZt6Omu-Q~LEqpZnbeSXkm%3yXQy zyt6&A=$;1m)qJ3n{N_nAyC%ofG&WlSXf_C^NB;U)EXVZEC+2NSc7RilVpb2 zuPchLRU=QJe+>pg%)+E&LW#7;-lTn{EI5gz7zXhe?-qy zQ&%V`wct^FBv%*?#*zToV7M!}G5}nY)RN`bcoB5CA$StblHb|3YUAaGa33~Xa2Yj> zCI%?xjotG0_YsI$Vazq5tV}!(F9^~jHN0?HLI)6#JEaQw^B=y|(z|<15dhfNSFSks z?nS=eqy8lCvNn_eHMf7Sg$GRJbjfGeE%D*J?XbHP&JD~9slY1NPiWvK3LHu4z#*nu zW;H$!bX^*mYN;D{f*vvBHygWqbLGlWlKP@&Dan%lETS-FV`E6h3wtRk#kO=AGOobV^P#T&?=4i$9~iNW8WD zN31e7%T`N_r9#c`g@*`xa}38hyC`o`v8A z+vbmob$hxT)m=Tp*Jd?h{UsF`;h9Gl>ni9ntNePbm}Jrc|F($=?4*l{>S=R zYsuV*V7CS8477l^Uf8WazQysUE3vc_W zxI9I5W)j&)X^rDoSK_^jSbJKV&i9D%;=W&F)l5k?JC-l!!{?pH>q#(h&G=xl?%;6C z1v6gAkF-38R=d)nG3H@-+Up(ShB2Qp*#&3%STXf{<61G<+x{0-$tUx?i3vzQ;XZK* z7Rh>P5c&I7!*iVvSx#!-O!Dl6Djf>?jsp{4hy)$H()d0(ZZi7ip_FWV6#gV8Q(e%^ zI2c&DAyMHMe|UKLBGkg~KLce4+eN;y#)SB5t*NAP2|0Cu*krGL(BcF?; z%FiB!fmYj9C(`S}L+oLFC5d5mEro?2TGI(nWduB5l$toZt|ZYk`-$r`K4t744hiK$ zpLMIsxkTlYRlAms|J_2N%j%<psyk7q~;`Y3>e|V^_rx(+G z1oK(KqjuMLKP@a|rHVjCQbXn8^R41)T#MUJl2bSQk{U=X7_X2IKlDs=<@>sm$}LXP z-!Etrp5kb1|MKmHt~J%S@a^ksK{-=WOtlHE%vLEH_@Qc#YO!L?57pl4S}rthOK-KT z7Y}9{T{BZ12!bdl;1D_0XQb^}tn#5fXv)Qy6WQIK={g!JKlHPVm^68H9(!_B3>q1& zY=6qJ*Y*U(a8oj5c%W!=d*YrNxsBx9o3C3AOpYW%-Lnq2-D51d4|JNCI+``d7(b7{ zqDY$~))8A0*{uAUw)>*aY@;e!87*Y}*}byLj6gq0PO3v%4@WE<>gmh4HVJtDW8WLGD0(Qi63CMpWcu&4_f zewq5IEy2Cu!R6;br_6O6*)fAeII(;VNkAZ``=MHLtj;5z`Cgs^ummQ<^d-NqFbq}^ zhP5!n3OK9%I)*7yeN#>E9QyayTPWK`Mk)qZjG|94hKm@ptMpr@%tRd8 z{ndH-UoMr-Yr}Q?o(}o0-!dgkrP>!KYuf49<<*Vonm(YYTlz4O@?BzH2txCo>HZ`! z;^l3@ozJQm5y3>NIP$|(c~Dqe*5IQmySyLoS`=^3K=0<%GpV+=?(Q@o$yC$TC8?+) zo%BnO3D*IW9}(-d9h%MJ*@cY+ozwdNiW7XxyeyQRpvk~ zm{BfB@D1vNJrM!-ov(@{c-JM?wgQ3`q(9DhfIbr#y^}{Qd9f0oKfpbTqTl@f&8s2D zBHHHOTq#zP($u?)SM;z9%0=H_rf+WNMuEBj#1*-{cS3& z5A-1rH0WtuXW4G;tJhy!>*`b0x6O12*V56sFVrC~?fm`6&m0#koqf4Bdx5U*^tZ&! zE!5RT3?n1>!T}QjS;4uviiJt+Q7NphceBItl!vtxP4HEZ#vx?f`9$GB)B@sh!NJ(itO%p^L|7$JMyc}@sA&! zwT`CVnB33k(!C_~RY;7rcJ<{o9x}hPi>smwA1(yvbG6DSi%cORLc_>3Bd4=X`j?r0 zXbDwXTogwI@5~KJ9UU`I-u)7Mbw};~+0DDjZhOi+^Uy|<2I>7i;Im_7V)7;7Hj{wX z+@Z^4Ew?Zm1U`mGTu{ONQIr*p-jZV^^StxJ)q26sx;@;nQYPiOikw?>h-ZH9@MvugGZZwI!rplRdK8Zp;K|%sLHv6hlVjmHCXA)`4OE2iW?8ut>xyX3L zJHIX~iS6?8;}cUYd*=2k%?Zzo{w3N6)qBoSY^g5Td=0ROTbSwx=yM736^#!BE{w;M z+j~EXE)okRw)YYfopjs8BImRBfiXd{nS%lo5T73hi(#F;EE&zlw@Lz=55S?=gzD(7g7b&Y( zk_(Ix3FcpL&CikD2!yq>LLCS)A|O@fY%$(UR8SZi*_ANq`ayhTAET%&MBRas@G`3* zvOkicf^gVgUS9Sv4f+7OgPCZ=xfg*j+P%HAGhFV{*|Qs>NRyhrZoGVM%51M9I5yzP z14(%EW=z`mqIC{S1P*Hxu~w6{ieRTtmEXsYr0&1#(ZZvmq``CY!Z$lz@FSuNe@JP& zi|AJGHO;J4pTxjob3&eI+e7mca*2SyjEaGQVI5(sUI1MJrABA3^Z%j2wer|Bn1|yv zKbj9Lo5>D7_yne8Eqp69eDdsBzKtLcPxR_|6@wSX*+Vy@tF4Fz&7rTtQO|hO-kz6B z4aLXs>fWw$S_}P1dKdXV{7DVKckPApl*%~0>4Z%@Cpb|~X*@J!40?cB#oz`WnT ze_vw#Q|wfFnEyTq4Z8f;?G3qFv?DDu>=~ADq@V|Gx5CLwIG7N8*~s#I?ZVeEGD*r| zX*d;n@ksdW8DVT%04PmUn1lGAN4wF4=k(~rna$&FXorznbQ7!!{{qBW%$ixfURMZB zKz8x3T@!~zaKUhA5}0Hs)ys4CjA{14UqtKZS)c7XMSP)!@1;e9m|Vjh86E8hUp7?^ zqyhO&CR8|oI)ka37kz%6ZHOnWD-@E{o*cWH0UH?jQ+>Jj%Y1z1;U=cRDrHk&pS_af zWtgREFwd1hovP+@Q}AZ(*I{Wr!Y2p{E-UD=mB64J=Yu<5Q(evVy5;Z9O7%>YAG;DR zaaX;_*C$9DIWBepSieF<2m{ZOfjTWLccm_SHaRJY@y;DBjO%Ad;g5R}O_1L}6obz1 z=b;p-U}9W4V*{lgWjKYob7nCAc5MbKDu{8x@dKQWuR zM%R(HJt3oeEhRnV}l8x6k&;_{VI<;;7N=`?|&li5JOh z4}8=%HLzV2g`?C81K`*=0^o3glUW9aBE#_W<>k(9-cwmu;Qg_fVB6ajD>?~*U+Ml2 z9Fn?)>gTz;ACgOUr##gPgOFDT(qbRL#Zpd8Ow`ELP-fQ+Z9WR;zHJBu|*fHsM|&F_(!vEFIj$Sf32rnRa9^4uG28bbE1# z>v1Ex%ieD)%aI~U=6_{ptdZFMmuoK|z>A$R*%zo?f+OYA@zhhfP9N$Ot?1Ow+N82{ zAXy?zALs=cWD*dF0a`9);2%tITp5ML+~0?*uM?f}?@3^IO61rrZ%YYVM}rm0GY?dq z48p>~KsHXWGE)3jKu|DMCi3hhOsKP~qWMs}pye_*C*b?Jja^X>fJh&;=6S!^u)F4Uj2lfXr zb7>wphD)5*^v#B{uCI(&MM3pXhFk>mf9<5%EQLK(i4g2$X5XXdS-EmJNJm;hMHmN* zWWu7of`|4J1`kQ2VUs1eAMW&l4U)~&2#t@Ahsv=teL@pmh3q%rneIXYp>BH1+<9n# ziOx09WV%W`%>330k47W~_5vw2fe_&>(41vLQgbj-91WPv$$(WYa5wqv(ZX??c+p~I zW>UVlKH*wDES_FLIe4P2Zbq!@`?Q-F6v<^!Bzz8wy>BjG%YcEV(?5SwNrs+DxB>^q zZZx+;+>`9pZKv~4oNhdam`~ zO70Y(rnW6+;VwoV>^7J~4+wr3+1M24T%@E>Yc|?h{wFurBnk_U`Y5)V z14zRZ=xM-Y#PU1Q-~a9rrp^eh@X<0LJ7wSgTH|Ie+X{cZ6-y?X{9sPoE3G|U_0!Lu zqrwL?yA-sFu6@m?#Ko1AmR1Kmr*&vZGkoOxcXey)TUcZ~z0?Av%tIjN%sYBL; zELb;qnrtgNnrIP7yq%vv?*%Bz6e!E5S5_2-kG8Ij*SdcU(nY)skU*L-GOyxZ#hwIV zDET$&Yplqotr3HtG~RVKnBAk-HGnhvR zNK{;0D!aG$_MUHSZvNK;p4_y#TZ8t1=W$m{1mdp}nIkDAX#Pm2laEvpeYGflBdl#6 z%B#4Zc9RJiBf1tu0@H>?cgm_8(?zZivl6E#0mNVX66gySt(=52)r~hZJ*{%Mv%PTvzJ`ZCH(Q@$Begc zhf&keAkd8(ZO@tcif*fG$$8J=8JGGAO)y=f>oF{+Q>6a_H+WOxmZK#hoU+Kq!xD+m zRmX03ee=B8nQ&Nuc+`g1WgHWlAx6t^TAR=)Hdf5iDW>0E9sh_;A;74)adr#+iOUIp zk!`h9qajC~1%~tlrq^VE5uKi$l^RG>Og0@z3#qE&-(DUGgHcp0|GHk7es-O@7^nVs zAv3Mc)G^Et?Q5a*P=JsEH(xQ9F9J%I6xV8YDHP)bbTGL8e%@uhcO0HKrEHu^)8D3= zT?fT$h#lIQAPkK+KnR&7k&*QO`J6X)y|*_pWHaB?AKGqQ50A*dL9IW9JRh5k zBlZEfDLHoTFdccY%IVpE$;Cxq8tV4Wy8`cSE(@2HMVS9VwuwntZj8iZqm5zeos}RL*K#=e3;?fV=Vj;I|g1N%$?D-W6 ztsP2I2Xoxoxr%U(CXeQ@jf@D8O?ZvRj}RQFjnXA)axMrdjQ&URU8rTO<04 z1e}I59pzn!{YJ!wSSnE0RfEfOwd3|YyuH>1e&jFsa~+dv{$pYC@R`Orc=-2KX|I23 z;S+VwQ$UkAu|46bCsIgostaLrG9Q-v-kv`dgjt=}r*{MN35It$+ITDGf#JldOgTVV zDtJhfTyA^TW+O#(p!8rm6XIj?xopAs4n!2;&uwcq+uqv&7kynj&zANU91hSnnSg0e zPfttC^~9%F3k>;K01g8*_OAbG>Q0Goo^e(WeXG=v3U3xiGw}lU>K3XYXIHazLMV!MclpwQ9Ms#seWG;c$Ys0R8lMdi`eyLazmpriM)971x15x^*< zvVUi1MK$i2p z|LSC&vhbhZ7ix|VmbMnN^W_r1+<+K^hLV!fY^9>1lYl1Qit(N!|MH zE}@aWzCNGnEHDs?uKH+nO#Au(yq1yh`L|BeOu)mBRHSSX_wWJo71x_Kk-g+Tp}w|lrMI1>Q) zDT)a7ePrvw2SyYzk`Kts%WG0HgooXNSwloMbHL=Hk*-7@y9C54DVML&s~8*8^Ma)T z?ZZS%`=<8KhWvUQOjk!d!TF7u4txrVys+jZ$#*6&U6=1GBzUB49UX5vzW6ID9|i@I zn&vFpv`}^X#GE|#pOwv&oW#Y99WghgDa-a@jnpDDnj9NGM`~yc}QqzlARzh zJDZxCHp#K@@)Cn5%5lKX&aS-n460nvsm1j4$WR_O`ryJy>ilLw_;55IbePTUGSJ%9 zC8?|X0qO^0`EO7Qy!b-|l)qYs?7;nfayWSs91)?({69d=>m8`wPn(K<*2VO+nCfH* z&E3<8-(=w|vU8X&E{m7m=B<0&RLi0jhGSmvYE!4s;uH(*tVypv5rj9F(6A8J7J*5L z;@+5v;OO?I$cAy{J^TJC09XnLM`3c)h$$=}BtG82ciAT}kiJ4s2_gt+O#`I5A8K+k z6B0xOj#mJ4)u?i`tm*jf>qACH)><#>BpeCAN;9tQupblu|1UvNscRXSoxG_Z_quhw zUP(OeL$2S*ueF~kA!*#x|702dx5%N|tue8)mdc0Tuz`3u1!giX>a77mA_AdfT;~JU zix?QxFG+Y)F9GDE7f1My$Zg}!1aQIMb?*Yu(Kay=*X&O$9(D6U5`+x>0CJhmcD_%2 zeCu40}Or3x+}wX*C4W+kVjJCg7&x zlaR=9aBv{~y8jybrq4s7GYL=4c;~+y+qvGac#eY@Q*xPM=DTKtJ_v_>X6Tu3`iS-O zxaxIT9&vMDS2?Y|V>_hV<%y9MA@TwuXgf+(lLd~n@R%3{xl}cA@OAhz2hR-0E#n*A z33I0137f}u@PJE_;4wD(UgNT#R{?uOaIP16kvP>D@zpX;jURYujlC51k9_&pgb}kX z1Yrh)Qj83YQQHEZch!dvZ?H%GRj*IS-q5W&k78Gv`SPE+m6YICfwG0FHB z$|RUFdx$D1Y2WL78b*u)fZ+-l6B8Acs9(yNLLs`m=j2=E7|b(-=Olb)-TA=p_E;(X z3VcaAh~fqJp8-I6EN4$ttQ3_~!NY8b_WkH<_>Z#yE+E3)hl?9PA*fqTAJ&GBg68|z zy+>;locE3_uljxJ!j=LA0$>fJB`WDB`Cbz!bksfY1=|1Og(s`GB(bL70%D_SYMN6^;Vq9yPT~ zsJe*U&`D_2m9yOW8x?!|lJ0F76r%S0c{#LhAcpo)^keE(arO_Qgxw-fPn~hTkpHg`m7j06CpqrS zd}qQYt~or=urGL9fSIX;=#I==)F z&v!V07Q6B)y4B)f<`g#s=qNJuVIg9P|Mjbbo{cl#agAoO51yPwJbY*87f$`x-&sYd|(-52k^ii%IU{e1=?IBkm;kX!EQ5g|PQfxRBGQ3yN3e-a2OYdM> z88X~Hz{8XgP$(hc2BIHuadUM`{Q!QVi};IMrxBHBuE2+A@Xpj)o%vO|2%ZnU9f(O7 zEPkr&ahopytgiM7Cf4`&1p7gF14D?JThx=lcNM9V6eq z`F#Cfu&V+GZdCc)b+t6+VE%pUi-3R=Wy8y0s&5EjIyrXZ_4Ticii-YoVXkrbx$09H z;p4N}oJpe@tndGdu{KFq_u5?v57&Z@`lwSdxKNkYcS;CY{XPgdbI#1p;-LTxgl{=f z{eA*Qck0%?sQHiFPbE3Vj3$!}Ve-YlLT*V7+>#&|1s)RZbSH7m_gkrD{`jtH@Nm>-hLS9yp|T{6U)_7(b!| zAskNSFl?52OnavP)H(IuMOMr)IpZLKd8ztiv>NEV+}c`Dr=~6{EKGztKR}us9n%1b zlYI=}FPt={A@LU>`*UYOQBC+a(cR6>WSDym<5*F^tb`IH5I_8p@w6WN@RBh8RGv%2 zpW_^W;mCx^jkIBHAf2irA}{M*uVYBc4xRn}ErK6u1dQDSZGp=cw7iXPk;`^TZaD!d z3xazq1{UhH0|$uJx#RGi#*@QX|LFhB&*fQc zHfQOU|MA^y-ua2MD?4Nz%yXvBF#O+n2JD?IR9u1{2aDK%PI zk$k8cSB8;Zc?_vD{n;P8`zGGuw6}4>FEn4JixUm<_fHXjiyaabMaXS6_RS=?9AcFS zjlbDPbp?F6-l_4Z%PvoDP!r<<82vsjoAh(XIAXPYAP@)Wlnx>qYU;(W`SBWm!^c|$ zw$Rr?kupOP?&$-6^=CF}nCT3pFN6C4D6ZOLH20rhyj)J=|LRDC(A${&b95Dm&SWB` z9XSi&;HYpS#>nVu&b}=t;JG?8V`M*B!3VxMo#vTvHQFH-x}! zji^#n*ff7!kcfQUQn^1Tz@i4TN|?ZS2IzjWfXVNO&x9bq;AmJD{H8`kYYi%9;&$%H> z)G&d?eg9-BKk2?3yH^JIH+ahs>83*zB=?Uy|978RZ47GNcoDB37{|mRvg2~yv4F8~ zcrd)SA6gk{{xN3AZO-fkWiKruq2lHy;0_rO1a(BRpbtNzAeQ42Dym#!(%98NKY3+k z_NVgx>QIvk)Lh|laY~Mkj-eeaeo$ZXpP-W`9*I@wic=wo`&*F%-+;jF*~PlT6zRZ@ z&u=40X8`QiC^Z|}xN|06$U2;*Ktlv7U3IVv?iB3-oE!jeIVC0fRJBYh*W>*;C|bM8 z7$H~baUxVvQ4yj*&+^O;GZa<6S@Ukx5L`3+|YqBiUzU9~&PJ(9)8h zxi0zt4uG7N$DIYP%*f9C&&r#Ba1RL01=fH6W?X+p=R0*gYM$Q*tb8Ik6aqKkao5*$ z9Fg43sj>xJIR^p)56HwJ9`>IjC`|a9Z$^IM*bYt)hlI-qCfrd=swrHy0S_4R*`c1E z;+d_dXY+qv!T$zwH2&`xPqb@KaUf*&Ai=ueMW_$-%EB-it5&J?5JnK{X8ld*A*(sP zi62J>Z@W1`NJrfE3sJ18eznZb+HUGV7h_r+6bK}NK1f~KN#iq*W{O<#M@8{F_ z-i?iqR|drDRMq_RBRL;hifyP2Glc}V8tq>LkG$)NtObyZB&zfR=3_cp>pqwudLj0P z4a>c}a4{@(ZE&CAQH6LU|!E-HzYZ75NLIUo=7&bF(% zr5z-@KqMn%b%+{bw%9UZkl--MhN+?qrzZs|sXS!T5kQ5IT|Wif?RO_h$;qG}WIjXm zfk0HKGmu11fN|=vJ~GefYTfoZ5y-HqKa;)jm0BjN7D>|(7}2L1%C@$gbaZsYipABI zTnqt41wR2ivS0qj;kg0&styHAXb zNseMuS2$GHzfV6c6+C7y6;~UUci$+=h?-Ri+0cn`%z*hs@^$hOX?2R=86o94o@>7# z7mH+Jlw$de3KaVL`x)uzyjCY_vcD=N=DgYYtl~=br;K(jGT1|$4}>bSpddI-$UW=c zi`~@+?X9ghD)g)h#{J&CONRWO8n6oJJA-b5q*oB=+1z_C7W(Nhu(8v?#uAgeX_hH3 z9tURfNj`D*XwitJE(&zhrF(dM4VhvM?%B6e^C~h5%g8Ar>bG2QLNs z20*vA(vTU+kWrl~?h$GLwd63(#Kbgp!h(-Mz7Np)Iy8D4LXZ!{ac}g=;iNvpkrh6y zKko*0w0s*tbNI%~>nAXpp`aj&N*D@&-Q3&|j`f;_k41fC{A{JTw;n*@R|Bl!DhY|- z-HGQHcGo7qhO{&`e(vhR;(U(@Q-AtHTAG?3bw+c{kCw6^oC?sIOin6%xO_Y3K@|be zA${GixdSPU=5m`~y%3vp#_+0_Joo`gGM*QI%J<3~PAzOF$jNRe-hkCQpvj%W@8OR^9<2=R$Qp+`&cwF#*`% z-&*>LQ+Irjtt14BpXE3=e-aO9KOxoT+w*Iz!jA9G*2;H6h#JLU9I*A???+hsAb?b1 zZ7Ovy+*49h7rN3_A|dzKYc8*#fLRU80?OFN#>V*+s_@i+04%@)Jt1m}tqylY#PYn{ z#3b%5&Ga0)_+bqG`IB>?1b!|q`ay;3Qp9Ar&4qL4&OHb89_x6buMhVcy@CkTX05lg zT&jGO z|ENh|Y~-kk5|pN6!EOG%x!C|Rv+X$H#kUS6YspZh{Cp|54CT*#24qo7OYfk{<{>0P zfB*jdIfmDctG%zM2L~#fB*9bpxw;y7?gHu!dU~lf>0J;-YbU1`mi+41QTi^I!MAz? zb$GY+Y?zp!08i{|`BR8KkiCV?aGG>arz$QH)M7Um zw=7C^P-1-7Z}C)Nh&NSDXK^K1EffDcs{CSXq2oMMeM>FTCLHW&tFd=whKVc;cbv!x zz4EAINn5<|aKEgre=StS>Y!HfJg5z6kjPtb0Roo5MSJ|7myho;;JiR8doxQb*Dof9 zEVk(P`g%Pa1;S6E5X*NR@;uKsrZ1yt9{t|f_yWNHEf}KjPsDNl&Ye5j#l~2ioSdL5 zAPtUFeXy7v&1**ww3FxFD|kcg&M&ye<&cg7jrL<^CY8e{?Klu)Wde4I2)x98hSR51u1%pdL5eWFRS-5Xzk%E$v z6r^bE7o%?7AR#Bmf^tMwz4EJod%p?_0ypS+f_h}?$RtO)(mA@NHT38#_2F=3^VCLc zq-L?HFBNv3^r$7A5|I4YA3uKFD`aA2Z49B2E`ZpDOyK!dl;4p3e*}{ZQ8bbb!8|sB z-n<1BJ_yMUa)CfcT?S1CSgiQXsCUV)UoLu?LxoQh1-##TgnVjktdM6NJvW?g7QXmEhNtpfDdkaQ4>0ZE`e*~ z1tJNi9?{xv;Kq{dA3^YQ>&2hv)nMkWZEf-3wT~bFfc-;E!^^B!zJYyKP*CwY>$gBZT0~D?6J7 z2!#|;KD(~fpb-)hj#WBbLHP}MN{LCI7^^vocF_~xJtv@TfkH>0k>aNpP@sy=`p4&U z-$qB1?&a(AIB(FFyax_a5OJF0qrG**>ciD4@P)Mj%HVTc_JRFKgx{O*PkpCdc5VpW z0#5Um)2iP3=)v}qYK@D-She%Dmu8mgiohMYB`L&OtRZU_pJ%cbHW%sp`b z3ZUc>C9X z)!O_*eeLPV0YMQoY5amchV8hF7)iiuL^CyjqL`w-zJAKCyREGrK-~3i{xy?tz-x1a zlV7t#B6KiMgRBx-`d8M$(Y0P2WGb(y@O6-^Qv6gRh$>f?dpo`R+-JY*EONQzp;;5e z=5KeFM?CdwTpmp|`l>KTw03k1WP}~=uC;)N!Il*T8_Aum6lq)o=%a8SaJ^#0_kf=B zS@TiLgOED*k)jGpMnY`lfI-&uxt1jmq7Ku z0Y4@gXwnf~{m|T;<56<%NP0K~~)obnwH5p9g}EDhS_f4x$VKEH4T2LqyzW_yF~Kf_3rR zWddHnIuA;uaMYT}eQ$DpO9 zy#ci3NFNMT{CWHMphNh19>sBO0;@tV@TMyet5h%3qfPZ#46QVpk zsA|;;Q8srRgw~265^lN99~r92{>O&xXkKEk;sjm4G&NlUlgh}-D$x@s*arh*_V)HZ zx3ygc1mg=3efQP4IzcoF4>A+G~kQ8A|xk{}4{Fo(^Q#PrO}Ih2i! zjjPwMd%?sYeen}`!Brw69}u_%xT^@YGn|Vbn6Sc-&W?_TrTn@;pfMD+xOh&pVPRpx z7s{>h(bvK(CFaQ+&M1-$pzz{ILqE{h@rKg7+P4cB1JiW zpbAu~gOir_A~3M9YLY?%&>J$7*P&v<8;n=fYk+sKC@3fjii;aS{F=6YO--qkSv|0+ z_=zaHf=A-eOG!B;XxQv8s-c0894^Q|6)P*Ijg1Y824yDrw8=2$(%QkH3Fv1ShS^?0 zlO@b?@xOXPu=oqAm@uiuAVc;Wko;fp0ZIS^0 z>(25yls{Vo%0#@jw4tG)66E=H$9w=)zin-m0hMKYz~v&8{pib)gA4Sg84_b z0LsrXB;LTmP+)kShdK&zsJOz#!#fWaY46~`Ec`A0nv_jkS>jWx#c@Q1AbV9H^xWAw z5rh!&qH=VK+jEqNvT(S~hcDtjf}NdGs|E~^hM5@yihJiLYWR`q^T;Ov+>jKeqN4H= zbbAtr2no#}xYuvqzJ06h1P(I7h-@Md1e=fmCJW)QhUnPuf=bp(Z!ncOY??4! zwEiiVr#a+iy$R=#Ge)`EA)gTjN$f^xO7}P5s{Md!cAy|uFI+Sd6MH@4fG3hU)B$EC z8MJ-UK-$r&W{TSju%J_RceN;?^8(R?0zd{ucYH_Z;DO8jOjI9~fVDp1w3w`Y@awxq zvJ@7VNiPcMQY3zWW7A|gX{GLR+*wIOs^E<0|1^F#4w<)VSB4Gq>0c+3JuXvK>yG+@*3akPC8YJ@I8>@;j$2|lJj2<}gKPUI>&?VaWf%^(n3N?Wf+f*H8?9npDcPRt4-fsZ$ zcaY#8e8}kAPXmXh2XtfY-$j-~H3<>&-?j2&wXF_bzj&0z-F;(eeGvdw^7S?gdw^0;-i9da&qJya-GDIW*E4-`8d7w zii%>J(;VZ?3e^S8cLB;<;lq`ZlJo8z{r3qy6KsSOMA5!Y zMG*aq0&M`2Hs>Eki|W5K$Faw$?f}z4n2bPXR8*8np&eiO@0nw*S$jELivN9~n6tEvcpu~hzhYc5yu|ID)>}LV^s@i{%5L3+HTPpM| zZEb^584l<0K!=3sjLJv}NxSU{7Kv=wz_ac^p)%G8-;yOki0>gU_5$<${Q0xW^F~}; z`ny{kn;9$4{Vd2(1L}d42~?_vqht1uh&jRfWx}3NEqnz8sO;%kLF)|Y07*>zei}Me z=grp#hlg_jKANO_m*2XTA1ho92fn+Pmkc?%>gnl)c3G?F+dpvsP*{t-p_h4I4PaXf zoATZJ_qUpxHykfx;e4P*WneHSzPb;uzAYlnb@t~E88DnOupShonq2bCv{=)Y80Zg3ul543-ktQuVV<@6`ScpMYP z<5s@g*Wu1{)FTEE-^$C&)A1Gp@Iya*FUSC&&w?@sUn=ZW!nTvFsD}j2ED+wgkUzaA znzcMI+7A~S0M)#RoZJ!^7#MuX_>0vUoW8fPyStlCL!iL-g8Ye%D}UY$;#yWb}rty=eQ|!wjuwahESI#G?xat~$8P_%%8N zghBO{rsw!NBsIQz#Sd+OihT0qiPhxk=Q&1Ck{VD8Ws4@ZhiPy>0$$Sc z5g1kzIA415BR7RdaAIMRp%n;&VQ8LX(Ix{*Q})&54MDuEY;RwJw$hSA0fmLKb68o! z8iWGf(9{quf99KIlwlx|kEO1zp%L1kzCy`6L*}HI{5zz2e#J{T&r}s^njd}4yoYXq zH^cFAnm2#VG1l#bpnz9cnD~wG$jT%Y|K7enW-TqP&u@wsg2A(EN;LZXa zwE%WZ%C(xxi#OUs?%j9S%lg!kSDO3x@5dAFMRS+6VFBYqW8#L`G=uMZI(r8PLnz(= zv{596k}8N>cs{DKf}d>&-01jU@K^`zi%n)y=DCGo3F_j+sZ*MH7G<~)KYU=g+^W^9 z{Xz^NeWNPq2V5e(;9~&&nHkv1=aI1OK5xTPmWK5v7^=ix6eo<|!hwGf zP|?*T1QtyhR8@gh^?VBawl8irdu*l398G1`Y{|&K+?~Pa(_%Y!uAm@~RQNoLhoO_B zm$4zSHJ9hfrbmc#i=k;nJmeo%gN$vEL7@tyrth9iby#X^{z>Tl=>r-HD}@&uKWvTEW8O-Q36|64&u6x+2N&v)qXUjd1+<@%*BqYMgtw8mL1#efN^s(+66X zv!r#kUo-o7eXDa6()pDGib%p@ynG67gT8pqaT(oAL0uw9huD6i07?kLQ0g&~9D)Jn z*%%#nZNfF<=NM#ro=ilmq+5~tUOa@EOo_WVvrAI2%ygv)>8qMAz{(_$uBY< zpPL!-_f$;&b&%P(XZ4792^f>1*=&5d5MteX#F^B3(!hE;c*im9yl=F=E;_~!a}fcS zfPer3kxQ2@1>9fMa|ck2cnsceao4Ve0v1^!nE*xypxnS}7=z{08qHd}?$Y8HE4`4n zdO^5h+gKr@oN#gB>$wLkzH;Nnzqy&Pt-?Ol*R{2^sjw9Nz-brNGbi6YncJ+*&)NaL z!4L7*Fm<%4=-B?q^NEld_aS7^>6%rKm@{V1A3l88Dq1a>YpI;00OB?;;y57f_A}#i zaL}3xYUV2EgbJ{TL=ZyRN%$TuT&sgi>hB_XSedQt*oFbMD2?~HX@;BS-O4or{I3k+ z5@J-?l}R0s-{buFhMZFvsGC?XCEP6bW7VQ;2UlM%@IOAlzCjH=2O$631*`ZBM))E^ zLMqlIdNV`fiXCn*J@3rdUM66m+s&VzH8$3QTWSKadh7OWW`nsGNiPD#m$OjD18E`S zV99+=7xp$qYk9MCAOF;i{}_(3i5zNln#VjqPTdp6KYUc zSDEtn9$G_oiouuZJitnHc&zf4J1?{LuKnCmzydSy)veCU%?}=|PRmslME!xV^t|>w z3)|PaHHntsmIQDUnVFeSpv&{Q=kbc)zkgFz0AyMfl?hr2pVI`zID)kO9G*Sr684k{ z%_Qjf)XOs%TA|wND#oV?cgDob2~;&qIc;6(H`lH;gYUzO_+zJhqVMY6x^>GEMde^e zL8_*$X$B8O&HTep5r{UTY(ueuz*b+O zAZL?DwB^B%QOqc38i%oXG9yE2s;kdguyA4X1Ls4IUH7?+()BbTyTrABZ8vi!7!62q zsjybH*x^Clp2FI+*X`F{F2@QKz&=dtC#-o&#rl4yoleD<`>5?(-TelX=)RN)Zq zx7Y<^=3vEL&uK)K$U^QFN)e!*#6(1x5c4cFH8ttjY#{pPt999S)2(O!OcbdxWQSOi ziX--!+`Ti}HAnfU98;D}$NKf_1t-l&D=74Vz!jWsfTA18SA#7Nu^dmbamUm$D$>EAT7T`W?Bm>$ zl(hl~sCH|Qw?ATBDg;OmT?fJ>8d0BP^?gOEIM%_taG^hrGe+oUCdx%pi-9wTTomwLaxbOi6?dC$HB%IFWMyL4nvz; z?dv2Yc4e=@cJx5qV{m8RI@+S1(_^;}4_TBCJ3C*9j^-us4l3j7 z4lg;nI*@t8>gnA;gr%jWs9Pmj6Bm3L1LKbHneX^|6QD^*Rtr0s$!A6DMGm0%00v}aP{V;b`k0s#S ztxjy1oXL0lw1)@|c*J>!pW=6_c3fED{gnw)!sysoBJqg`6s!$r%DPtS{P@?t2)Xq! zMXJfli0p_g(b3VqF#qttXCd!1Q&@QlS?!EnPx%hIS!i{1bakadb0;Vqg4R!{?v^4+ zZLjQZ$vw`O1LY9!SFawvshYg;z{h}I?VzFfQ*%5p zB+Moy{v-C9(a-hsY)tS-WgbHZqxo3Z*Wu7{)X&k^uZMw$qelU-R|68D0H)vPi91(- zqf#?)6d~mZjRyUT=QblSbrsIF+kfa27?LGm2LhDe#ekX9nmoHydisBsXl^{CNk7y6A+6mL?KPd8nYx_7OW_I9X!SV&& zyLazlkB(v_#dGv_sh5U=PNNvzDpfVLE#F6m6kkq38gLao6YS^$`GB6J)_ednRFn4|7k)GjW7o2h1 z5ii;;y_T(5u_5;dZ@1~B+%zcFKF$oVIvdy86*re-i5=$&fqrCpdbWtnvi0QI z6WDonJC=V{hh)%DJwhST`yl@!htU?%NY{(Ew6^w#ohKRmrDsnOXmcyb=uvsSil!6q zsHKeqMKDb8U~7)q{->;yW%Wo?eyORcn%lC5J(Br$FPs`7>C3>y<;c9u zjr0`6Qmw(3+|q(((nILmyU%3Yg{Q_+1s+!$R`}116miqXNLr@Yv z)Qb9oB5l0F+@EH7|I9Tiar<Nm81P=o}R^x5jd$p8JordXEAGF;fB2eJ$&**Y}-n$oqW<>u8vOXo(cw z2fJ!5P{>6f{;4VG!+gP1|5%XKBldaC$rC4d54nxV!uxxkpbs`8tf{Y}hlSjAb#$Hp zMt?;!pckdF{Hf0Z)W9>&H8*Wd_Gv^=1fZAf%vg8f!UZw=lsmQ=9QNB9D7jPIfVqM zmA<1KGF3+>Cy>aQhTI5*TB@qd>n%zp>PLGX=NWyRNK3Z(I8j$L9Dm=uq&u^rO>E7b z)U%DKncRkM-sc|iw9Qx+ppc$G)dvyqsUy+J)bpSd);h7h0l&hUE87$kfD={FKBp*1 z5{iy{wmjv(zME0!;!R^Bz5#U!(S}(Z?}su(J3Fp(9OX@jS9zdk=GjJwZZ|^pj1Fg* zP3C(3*c(}0nK}K?$O~X_kjaL?(HSU_#!#4`vD%MrgW%+zUkRwM{@x<|a+SA3Iuir5 z#=WchPQ~TkSv}uCWDmVJI+!c$t&_;rIc>Z~Murc_p(aMsC?D1+m%uqH-%of!0*KCmeG|NuL%(oR%jrg{z?S}L0Gs=U=XPpUAS=J*w=SzE<*k2fv5|k ztV8!t{nV-Z0?YnUj11@B&pd)L6a^vS<5I8}9gp1CqR<_KNFq{U687;h*AZ{zAQs5Ocn3PC zTVsbC(q}f8dW@y$DdjBf_WvER5K=R0_RTSDj)mIAL@nXcB|qGSe&A5gflg{)p)IG5 zb|hMneiZ$!c|7p>2MX;(>XBR=Vt)dN^s&h*C>&6$1>-@B(dDT6AwkrxRam*Ar%H>DO{mo7DxY)v1imkMy@y3@`^?iPK#P3B$XqNHHkOgyB61!8yx1z+^9PQ z$qj1yPtp&zu098^SI0i~k0&{%AVBCtw^SViQ7dKl7#WRWzC|ydi}+m?y9PkwB3_^Z+qp#1YNo}&*><9?4e6J%Z>rqS z?_JJ-+9e%_w_M@DtFK7UjAtHPa{I3g3=L~PbV5)ES1CtB*3@Fh@*;8P1t6Lvq^%62 z^eB%D%GjkSHnYTVxsuR$r0+kA3n{ReuTVJpy3qcz{6?!?!7@Ss4=V~1Pk>|unom~o zXT@)GgBuWMeY8*>6C0YnIMYPl8zp+9SP`6VZ8t=71O>^S=joD)lXaL4F7m;sObNU+ z_Jk1dTmTMeAcP4>8oE#rWpYSpsEnsRER-r|G&O@%rYQwPM_U@K=e#O#HyM1_YA1Pk z&CrPFtPlLv7UY((Ld8xxQPq@K8EEAC97}rTZH^r2#b);$7#jTmG&s>MCjSyM@lino z@!R9QmJ75bANNm|#dAK7e!5W1omvH2tFT%(fkC6v6!}MRwiS!q?LGPCtHw92;;(Os zHh;O*DR4N)kW2fm^x>B*H(qvuR zw@hc>0bsqx=k1PBeZM(R{+e+ok{pc)s16cej5|0@gTIvhzW(|p7AdwK$Q?J^zNkWy zltJMTDG`di!Z$!eOz=rY(#3l+TboF+N{s_z5gx|vQH(@w6mHL++Favi{>W|K*|TR! zz(>44O7+lL`vBIDxPrbNXtPy$@d#jXM35J#DAMsmxHpdB z*qknYg~O}9F>&XHZom;i$T(ji!|C3#Mwc_id@w0^ugwkbXi6)dBJmQ$fN&!lt^a1fOUOUU4=A zUCdr=YzjU9>O9?3EF%=)g^j`kk()Hyt*_8AQJbM}2LjpV>p?Qpz~edxgQIz=wV0Pkg8a6$ALhL`SUWL*^p z(Q>o_;v%>AXwapYE88^!8HXTX^qKnGHYFND6Y~{1Y0IW06^ivJEcqwCyft%cDH_17 z34{rS+UAgiU3OJ2V!Lzb@mZ?e@Vx$tKJXHfY9yTdeTHjWlB=t*urTD)wz1}B!7E2! z-&+I8fn+GDR#Sl0`<}ck*&2v<20%B-z|Pwaf*?AtfXD2g4$Vy&fJO zz9A$JKrM^q039~$V&F z<}>pHpIFAD(zJW~XbbhLF{Y~m@;JmT6zNQShwLSPBIY+qGdD|96;kZaFiQ;o6Nkqj>0sDlgMgQua3z{8#+`UKwGNXR}Z zzw}MrLq%>S2&}3J)H{Z$*3imX?w8E0>+9Lp@_-tcBux)hm%gHOP&E za&p#zU#b3WprXP=shqGiw2s&qXlXOaId=F`O$BKc#6%(}n}YFzkUytBcbrE_M^+W| z{^VWXhpZaEn_sy{nB)^+eyHIC+{#KqJmh7}Ii*?^E6f|EX^J=cIaXd0%j))M!0oetP!>Si7&=ALVqA3@xfVJzopCd3w7S%DTl0fjCq#;7g61Z|><`<}xuU|?=!(J3yTH`ID znzC|TQMTpqMgJEu8$i%3yiiWD-~FbW`!p^E%3lt*q1HObX#}l}nA|$XIYEpA*oGfS zAt7Q(NzIa zNOKqLT5iolqnSc05}O!=IM5kZLP=EZ6_Dx@koIq<{nblb?OWzxTTxBT*jrUkh6l)p zu@BUtt>Rm>C;;G_A~%upWbAy>fO*4kAPy!fZ2l{6^efl)^b;$YGBsN2|w!{qpHGQXg94nt@4G}X5 zG~Wcm52ob0IoYSbrfA5mit*Md4& zHT?W{1`SuWYw0OYLz_@{W zLbKq#O|pLo32<2RU?r&rCmDi$W(6r4`7%IJaKXQb*5^u;!c=flqt**t9Pw?MF0b^S z#*}8eWsDYa@$l3_W#>Nh6u(Z=R+8IwOmbk#yux<3Bj>Qr=lPsc_ zZ$>j2dp!Zk6$0EYvSWuZ3cL!yk5%=D&I~L@zTFkWQUNJb^=J$KGb{HOI)DZh1j=4@?;XGi#0ypE z<5zibBgH&LauPwG0F%e8kQyOwW~G|@dmc(y@oPV+ZHTU8Q@Z{NLky6~n2Lc&U3g-C z6}FW7%?Thbm(}^J#_?$(u7}l!P_co-6=o=JSNn=)jQAx8aj`ZG+&XpCf}0o|4Xubn zV1OPJ zeM5t4@HV-@uHf7#aLTKEj9e$Z{;AW=vIdR@S4Zs^^i!ql@d2S|FhaJg6LUvvd7RE~ ziWZxHH)cg)Sw`|XtC5d|sxk2&7IP*aq0UL-06A;Q9FO=7A{GWG=$6&WA| zBE4VVwE?%Qh0ou(dT$yrg)KkOi>gz_zFCXUE11w z1FARNP#u$pkqCv}W>8XMnWacdeW$lV5J>8%AKp4@T6nVz@Sj2?fkvxfUF--RF&~^) zxMm$Get_9jiF2`s*~*xcmRDJUX-K*3(^oZ*o<)Xn<^rHJP%;0;P7Sr`#>~#n9{cR_ z8)%KpbYlbNz$~ns0=^K9LQ;Q^X3Ox7SkMn433f5RVXV+P02TV8xTBey?ORsC&bIfb zBDkhC*YC{ih^^NLvkUP&qXLZ*US3{b`g$amf`Cisphbcl`Ec;}CbQE_ZwJRvz6v&{ z?XH_lD>(bhGj;sZpn)y&3_xM&i_hK=Pj2*_u!HGxUqpJ+mjE4cen*cb?v!xRD$<-{ z+MrNcF1Hf-mV6;7`zV5YczTk9f?>?k&Bw<_ zBGl0{sO}A+GyJlm2QmQ6$O{J=xng3mL;+h6!dEpIBA+%i=!$hv9Y$RB^BY@vpbnSu zz-)gf=}U39qY#J*^oN1zMTOX*x@~$Lf-MM{OfPP6zEMHM@HE{ zjID2*1}#S=3?pmlJmii@z3{a0mX_qv2v_9+WxX46yVum`mwUCc@#%>2zZeikg^FZ* zp6b3QV<@Y_VN5|lO*bA;6+6%_hq{Y2vFZWfRzhu#NX>XbUH}SkcRkZv_DNqU(MKEa ztPbQJx%LNj2Uqcl+aAbu1+YeAs)WN&O^0I3r}u7?%d~IXfFCH%9<9U9r!d{Aiv1g7 zBWMI_Ucw5eg6smLh>7T#efySBSsLCV!9jGJZ09w6ax!j?XG7C6Z0hYCatvjVMrfpm zEf!vGu+D|Q+hxSF7}hF+4x7LDN}VtSc&fJMLXi;xde3FG;p}qV0Vv{<4MN6&!`>lL zRsaMtWt2NnHy5ESAEHu5R;B)k7u@5`XmCT3c~5=3rJdwclzzbqEOuva+zRz1b)LXJ zH^Dt{Q^9>c4k$oqWu?`Hkv3J;)%2)HE9Ad#06+&n2MAn;-D8XR=qRyH80tS|x;3+lpkI8rs>bhN*z@bKC%$+G*`YX~;_aXr}q z8aEhs0qiK*)cM!?l_>?t5w0Qfc(l8WmfSyAH>&hYTb%q-U~F+fA>iA?B7(wzL6KP9 zkt(Zvrbxx>FC>03E;b58J*gDY(+WT*@}asJ`t|;y$oy#CZUz*_y}|6rg)ZV6sA+N! zJ&wYAP^k)~etCI0aZ$LVE;AGM;R878#D0jtD7NtyJ+2|>*1$*jLo-r|=wu$2?Q<8n z#GkW%GHpzHh|)Wf9>v~*Jcms4gTcHk9{}@Ttwk1ui0vub2Y)pcXpXI3U1L=&hczlE zb*|l#?QOlJghZ3PzCe@PqQU`m*9ewU*^BPOW!Di|7&14)=?8W6&=r=f9dhb(Ko#BG z;njZ2Trm>nb>#BO*RM_UN>?d_9eeujX|N3HZ{sXuZMT(0FXg>|Y^;eA<~Vom+?W_n z?uq&vJJ(B}gxW3^;}!z#{8z>u0B~W?=wkfU@RIu-oN0{Cgokn``y?9f0-KJ61c7e~ zGfeb?{>pF-v@HQZoljo9+V31MnY*kh+lcgyz-Ybw{nq*22kvm6$5bKQSdu>C#=_{x ziK_?)qDldN6TJAAgM*{`E`nl7Mn3>K^%Lp;W60|}v^LRfN;LoVmiIjpHsQeP%FRah zCQ@-vSbcf|@W$kn_Ux*9I8w0;yO;r;XxjRb*jx2i3PO_e*aI(|5 zHw7!6ohn!)CBB6Vt@q?6Xxe|0h~n}c61W8qTcxFt z=$p+Dg`m&>$w{mbn@VjZ>L?agPGtl)p!6^>>&L2k3}K3V_N;>3;pl@ccP^h^4Gc!A z1s8^dqM{I4OR!qLLNSqyZ%KqU>iYmt&8E^DIA|(uxlu682<)N@62rgmK7nJy~JzQ*!=p%IP zgSc>K$@{8(`{^p=j;!P;3))hpdpot*|%?vhaU3GOJq!1G8 z*GEC*in|$()w3JY{8R+}P#YY*vm1+;Ce44!iL1UieCGkEy!ZY6YNQ^hgwVhpz!hWO zL_|fMot=je3h2}#a;RP3Y|EXNo_-lr3fg-wk)CMc@dOZ_5jZRy8Z@+S7!v>-3a_BU z-I}j*P*2^nOJPK|@SEu}VH+F&Q>N%~5@{QriH2t}q>Q zKug<^JdHFXt`LGgB*2%))bM-aY{d4NIp0O!I{WD#@yx()=D zNf2?jpgjBp`2Y=ZpU=frv}^t4I-R!|@(co82ik)qB-j=pY>ABtKsYX9;gjrfifx*GUZHDH>_qkB?rUS=g_(9C`pi6_$-QB*R zG!ugKs-0{wI4F^8egmDP7J$k@h!AdpGZ?uam8@IP6!rV;X!i~-A)I>@%*St!$G121bsZU6b<@|E5m^y2 z^92LRwIGtKeCaAp6z|Q(yKN#jlWrME=xBTy9lZc7Io5TcTOsV^C1aQOki(~xidO2r z$>C&RQmig2soTh_3-}CyPAJ;Zxig@<6vm;~6@=mn*1)=3KS5w9D8MKmxoq2|1g|gK zF#lRVbBKJpaJ4jA3CDJj8Dj=jeBwOe_OILjEl|0UpTAKMObsR(n)G|Z&x}QF1iAMo z&@OHe7a~G)19>!~LA499ZAsne+Y;N0QIs4Yr-$7?9N&BwD4jyv#^sour9>yofVdfi zG{oF_UB*K2k5*=|-B{EAqzePs0#Lq)AtTT=Ud+pL4)oYsf3NIU-oQP1r;Ey9s54Rb zPhc_up(vUoB`Am39feG%L6H|afN1me8>YN}?@zEb^|^tGy6gZ~-_eH2PrR|IO1d;A9>Yv<2Zcr$`poUila)X!pbwW~ z?(v5dP-r#o5BX@iPoc1xe?oUhB#0+zlY9o^+f|UJo8i#MXt~e@MH(|HkME>!xLGob zEK>R61^0&1uYPUs|E{3%u3Jhhwu7sLjHY7lm!{B^`oELcDi4gCUhG}!w)Q>5V=oaU9HAoh0!uO%fdeG7GJ zGa?_2rw=jST!4s=;}=$iMnRze5=9M7A~nXmjOMdcmri{%J)2;YoQjE9SfNgD9$thX z0HzH?9KPn9pQ8v0frcndpcvSL4UNn@aP3+8mX3<)RriMDSMs-ri)O(o3Pf@NXeh&Q zO=t*GG9BcHOGg4X-L3RzZR0)ZPLW9kun4=5`O|SDF4LSqRN;cInAuBT7OJQgv_&)! z^lwvG$1tVPfldXTr~gg;|2r(szv#VD*}5f;O>6S(^8Jt7ptx-TQ7nOpwjjFoT#L;k zwh!U>0T3sJFs)I>{d)*4+C^4%ILRynUlQ?Nv!I}$@JQVy+dUYp_w`U+`ZhV#i_P%% zN~~TTgr0~xT7awdm*wAQpH$BpSv54e!gv1E_6Aig?DE}LH=d`&jL|shkiA?A*_E12 zquT2gaDV``nu90+Q?LzpE}Sl;34kA7DH=8RGc}=~@d?PYZwf}=IJ}MyXj!yifz{&a zpLyFG@7e|HxL(@rqSqiJzTuO-Li=qDGX#Rmu4Fw{mp)U+p{|a}3OGtnyngMb@o_od z<|+(<1fWubD=!%(V{FK-?3>sKM~)rS#n*S6{q96_fe|(Mb&*%msIqZ`8`;&(?G}77 zJ1+lkpX{!KZBtT8Dhyq?T{J2a>xz!!`hiRAL z`lU;IGH)S;zXZrYGk5Q$p_QVvy3yroB2rlFr&Q-RX(wScb8ew86b9NwAMHY#1KSB= z<3~2<75B$ye+^=eRw{UMTlhn*SU$cig`SRU*ROM4Q_C0GOx7^{ENQ6!m9o-LHrY^B z%JTZrqdFqzug9L5*J`gmwzBAZ1eRR?QoD4B(FAH z@8C$883V#^(NfuEn4Yst-zY+D_rd*`Ms@*uWvPWRw_jYt5?%-#J@)ZJlM#ntu7b%_{6mDFaB%sdEiHS})?rQ+ zj!(fTC~26v?2NrkO|LBwqaU_8zy`buyoI>#6TcY<~f4YxGW-Z-(bR}%xo@L85G&H_WOsInuBKsKlIf1sbm}jtk z_VYc=jFZ>V)g?*?XC^E|^R))KQ+oCPzTF3dg9jr!I}eay8cePSPU~6sC5mP7;>D2` z=aAlLgv$vO`FG?KZimq%C*8Kl7?Z zfIL3N`}Yf(pF_#x0)iOcHI=kI*UI$Fwk6ya2!5!eG#n#?>v*=uR&Cwe(5DX9M)tF; z3gGPnS7Zg{fGU_j^kc%X6{MWd_348dcL{dfeFHeyMMYJyX!7@tG;aSEA+dI?krjN3 zrbjrJy5?U|h^%{u9k0qR0;vfmrCe$`Zhv~22c{C;@cxApw7MLk(lf2zl%6q)xpE~G zaFZim@718U-Dr92K+$2Y|MMkIKbEnC`_l?l)NYG&>AP>N-W`A6b^C4^ZkH?G?UKjv zVbN(Xg07c*^V`yYy6NBN;HE&U)Iv9n>fWE4$jH09bamChsbVIpA7~2F`vGECAWxaK zb>pev2P&a_yu6kdWsW?n+&3hl1nqi!Ebbqf? zmhg|$R}SUu3-9dgoXs8Y>J-?rWsA-s=t zqz_d8U6^xxQR=ANX=8r);ArH(GE>g%gNNW%S%5-$A?jj&Ae_GB;N=UXuIQkVc4v2I zj`)AeZR%KFZtfB!0Z}y1>e6rD)?^n^2Y5Cq_bv{Jj9g48515i{b~z4*iX5(F;N>u6 z(n>({;l3`XNB}*?K+RNYG41o&-nCg%RrQHaBb(9pqT)k;zgGP_l^2TEwZ0&uI3hL0 zsD88g-(xG9a@UAGCNx}lQ()8kmAdh&Z)Ue8=f2(N;8BzMADCR+ zHrpa-Rp_R4H8pQHpIXo|$Kn@k!oh+Gad+G8BexZ5aaz|Te=pB{=IUe}AG;7QIFfnq zUE{p_Aq(B=WX;>k-c7AvUikI^g*C*s7`3-O?jy0DwdZF>9EuK@4!nx-d2L=IUY+r{ z5hzwDp6A1tV@4GI=wHE)d=4m#Egoqlq)8eOBT|(}>zo++_-cZ`T-P!ra zNxyadQeQ4*&gL2mLmDFI^xu~a6WBD6H1jcvrMkKrpzN+jk4w_++pItYH2ns9u?f)c z@^_n)Be6?TkMI2sTfCgYisx@%-44Mg{r%VERB_LlsU&OPf86iy#|E)$5U7bzGZ#;E zuU|ypH0$Nnv5pT{XSdE#Ke9A?Ad1C(Z4=JdQ!yQgJCK+5?Yz(Kk#{P!A_;Nr)&I}S zcHMqlaKFnM(NvQLVYZ=tNuxNm7_PSGZ|=n2`G5JnpyG3C%IdMTm-bKRtnlw-oxT42 zyfve3%~N*`#N~9G|5o*_b1r^*>O55o_D`pMe_Fo!WUqkoWZj8_7e(0G?M<;cRbmyK z;&s?Xp8r~}#Amu(B%o4M2_st0WBl%oq8n1IMO@#vTw|$aWa$SDhjDJp*J}vFUAfz; zJ#_+a?3D7ZqN{!6c9@Ejzt8Ru6*9g>!COw=;`}fbPig^ln z;kADZ4f&8uQ0zXBpU=m4(e3Yt&D6rW9*hLJwKKQPp&8FvE_|VoP`HeBP2uZr*K{D_ z#xLQY&!0bk1tcX`6b{1KdfLHB^G=)87P+bPjErY*>=*D|ywY-2kqKAgaKPPt3nl!@?!)^a?gFx%h^ri^l*AL)xR$6_+nv!YBqVs3J&n0)2Px-A2d?;7p|fPUy0NQ)1q`cQ0CJRTxna1Y%M1 zjMjJbvyGHykoS(G^GU`L8t%b>0CF+9UZB3kmY@6S;*AMbtkYDEAm`CU2*^hCS7RldINwA=)V{vg?aOd=3IGE$1++&!rg(yk}?d^e@0Ikp)MS#wi}Z=vb9u&5+~ z=>b7c$F$_*=;XArloT?e))&l2&l>{G%f-m4mEe}At(~2DAQv4NLs7i(M6WW2)Zyp+ zplF@|+uM9y2D_m$8san|gIL!@pYKcYK&7Ol4tzd@gBP54U3HW>8}&ZlI7wUEKk*ViZcJtH5j$ZWF* z+z`_3UHyq>G9n6-JN$^Ptr#RTC^D~ZvYF4Ip|}TfmVn-Xd2c(^IqyDvARp`6=^-}- z5~R@WaZ?bcF?4trqR445-KNc(WiZ(ii`){aS#weas~SZ694{{~n;SCI?fVT4&!bC> z(&8}s31pfgT@N{ip)F=(81LPC7=1@}E-nol8*!S)2DR;6NQ8jJV5zGH=bMk(9RjG- zTes$54zo@K6iZ}9|8Ig98%-Jn<(rIQjL-__D12#aYXj}43B4Oy@*AGVEAk`9?b6q0 zW0+%lEg0rn*rEMFDdYQFgVV|hQ&Cr!`v=EYT;x>^0pT!);$F5h0VgqT-@ZMjmW~9# zJEvr2>Ab!Vdm$vcQWKtKBK^ZsV(y1{K7EzYiGx zRg4grNlL0c)YXr4{oqEtYCcDz6?sL)wHMgnORulj0RT<{FoE+%0BTe6;Xw!zv0~?P zOvi8-JA-z5-p`V(toaJ@+yEk4-rl8m%aFh@yso|<=SZ4_QPc)2trsIFZQO~M+lmxZ3vl|$M$^RfY~98%7TN9Y5)FL znof8(L=3W#6@bho?Lb;uT1HOJT*e}Pelf%|ECj;P@UaGqmAB9}Ve{P*u!XMb}TdIDi3;1t+c(feonWUEn5lp1Q$Pzv-Z=N^`n z^h1>qd4IpLv8-aHV_1B=FpZuAYqm_uTL9c|1=wMN;M>QaiB0`_j4fCHc1oIw=~!J{WY93-Y+tcb zRCFfqzqF-=4To6}Z|r74W(HJLDEm915U2eP0LNf}&F^d?%JOFoOYq36zgy5TlK(tGC!JlpA_AieEPQZZN zsFp^`?%er!$u}nqiaq-S`>+`^BJE@&&q+(JU8@GN;=bc+KeVzL3=DJ%)|@RaDG`IF z9$E`hBnR=Vh#DVvrLoj>P$1AZ`qsadi#~k(n3|o<3Any5>Ld!tN+r-C^;6BmXkmUo z--q-%(kt}^_w0`cx^v)kLck0D9S?|4Bo{vlQZgT~&cb!Tj}1_Z+U8$9S^#Y5=IAbp7ic5a^ z>BL}@2u&$Qy^7uH7Z=A*?syUxQjJQJO1>_0uf?H|E5J&TH-tnk1=i5OtCQlJ1m`sP zBPB%?9!M)RKO$GZS_cw27>kn>wnz}~AZi8GD zUIu47qw=-FTA-N*G(wpXa^V6kMp9aXyu&nP*&9YU5t5|Dn4JY(1`QoLkh5<(3t_+C`xchj|6_ zm-X)qO~CTL?@l$A3@K<)+X#}2wNmNA_HlLu@L-Y_DK zT7t>SAM_x&k!Jh{Z=D7~`BsDAHngxHtVN5N%ooq&ajcgq<80OcLB8gzqW(j+|KC9{ opxMPa|2L5R{|mDI`=-BnspWZ;jshMsz^s-@rm1?ZiPg#Z8m literal 0 HcmV?d00001 diff --git a/scripts/release-analysis/time_difference_plot_argo-events.png b/scripts/release-analysis/time_difference_plot_argo-events.png new file mode 100644 index 0000000000000000000000000000000000000000..7e6c6431583a8994cc1188abb110857bebde0334 GIT binary patch literal 68592 zcmcG$cRZGF|37{y+3O-BSy@SDk-aaJsLZVFR46lhMY2heWK$AFlD#vt6;U=>C40}` z>!|y4f4+Zw{{4A8?(z1%oY#3Cv2199%{)3k-_xcV74}-acQ_yiwnjdy^*S@(+ zxMcst+T}GrvkQiwEw|;km3`~+gbW@fWo0Tn>^QCFwXtLHU+&8I%GdB65Aj>+-~(Af z?89DJ8i}jB9GoH_gQC82zuxxE%Z=aQl<4w#ap7mDv)m>J4ZZ>f`|rmfZs-Rd)qnnh z#)bXgPhu^8a>(DG76KuK)Bk??0Z+X<^xtpoF#rAN$^ZX8+M*K4D#x<^tFO?N;mJq) zQP~!&bMu2GT|d$XIF0tVT^2`})6>(xQDo{gN3*InM=_7j&yyvnKRSP_Q(uacoju3= zc^VB?mm@)4FH6wqauQ~2qA}ckv1-#{by`EStHO8RGu+nA!9iYL9@7-f8ZG6v5F+`k z7rsS3;oPf+L3Ozjn$uTwoOPz+V`3g`ug+vDhtoMYIzGtE zp<%3QbL6b^lXv~Ug`Iw0eEIU_*wd@Bb&tqTUMsmboJ0NuS9H6FeQ%{r@Eb*7$m|2A z2JuTeI>!$VcI}7C?~_VMNGxq^sO0Ls>rPi9ye+~g{D_S`2YbP8z-)QHWYjl&X=%x# zIZ@j-Y684Xg(y@t)Ge{;=s75i>?X3THTpCj_ zE_HZt`0S#-l@+Jw=0fD`?Cl6932MQrHEJDR+RkLD;3C`piJ4TtroPzHfJUl6OZ|vJUBmF{aaue_6#vIDWxDt4d2nOLJS7o= zY~t%xxyDeM(__DXlluAjiAzedb8#ILyEo*ol3Dj$*m4O*YgyZxogLF9yZg3r6Yf&M z-QB%lawFUC@Zk1fF+XOkk=_*d&amjc)o1FxjX`?`QJdJf%*-$z9-i9w=JiyptkFKZ z8|lt7opdFF#-&u3pYgrfc+R_0cU@8O2u41)FO2T8tLufNQf74l5S~{-$yu>8!PDL+hf>Ti;@ZDd(&Ok=+@$Mj< zQL!EN{5|#z#>E5CSuy*Ohw9w*s;oW_yW|d;PMtdC;N+w@TJ7VwyK$E&z<+bpkM+TW z2M#VS4UbPLJ$~{;YrfKNf1SSEW$wtWTenKf%Pq!gAHdFWH{<)=pWoaP!-0p9@m%96 zIDQx|SS?>@-I1o3JHEIW{rTx>4u1Z3pZZ5%U8cu0CA4J-m{vz%IaF%Dex+fIB)B_R z+-P63ub1V_BI9{{e`h_gqCzSuDXIINkrb@yaCzP5&&1@6BDFB> zc$nSIMb+JnKjX8rA#g$S{=6HMGBa1@_8%7B>YDgdGAi&a>8O8V;z>FIWBvK9#&G(c zOjSy835io|Y?#aO0!5`Va&oMz(;Z5Q7w(QNEKtB`xXgVy=C!#{RBGB&lQ7j5pXs~5 zb1k=TYa(25X}~fX55ukg-0Z-|q{i1Lv|reF&)wzsH*$;+Y%187u;quncT;4%+WoW* z-_a>OBCC6KIi9a`dBkf`f&1w=+TYU&x5mcDH7B|nIAH-oEx^GIj89A)5fc+zTO4J* z)s<3In))WSmQrrdzsz}t9q#qYl`AbREf|d5_YcQ35-$X)WGdXg&EtEpJwv@~WOeJ- zWTe=L{IzRTy*8qZqBaksWp{`I*kTzc_gOZ6tn{d|qVI+QYh;nS)yb5t!}~HT>qT_j z)MDS7bCvJDBor6QcY365Zf@$&h45grPw#%VI)|>CXkRTXH#*rIO^C6wwzl~3@lN*j zd=~f`Z*TAJ*H>ASB=6_6_g}$rJ|pQ$JKU@}RMywme^Zj%XM?IAZ2jg>L8Qv2g%@#F z`4{dDh3xHlS8n{Uy?E(T-IrIFg>8Cy*5<#{z!cUS*;fU@;uFZXY^(@cr&ktJd*H;>ErTRQN+?$cR{pBSw z=K0|+47d5g-uCQpg&4QSi-%{g=b828=!*O9iBm93;=j@|SokfnUok#DZZ1oQ#Xh)_ zEQwYGESg7!h39?umQ|&uCA~@}ySJo-id~8Q=%d_R+cz`keT0^VoV#S!B*UA!^G)T* zPF^6(REhiqlaJa#y2tAD>}ZV~X7a^Ge)SFsY!wmiD@h^k?dorDRM455n~S^7>lZv( zhsRTR{dN3Ryh(uJyCx|5F$oEw@W<#k=lmFY3oM(dEj_oV;;~dz{?K*IfAzj`pD$=e z)fF>PWJ|xZxfuQUF;(T}h*wKT2TbbO?l;<}(Q+9W?S%r<^WI#E&+y~ygU|L*{C&5l z=uzdbtE&r%j&43Y*px%t3hLg&nwpx%{ZYR|A6T~SNfI<39v;`;=xnWa$u0M4Uquh3 zU+FHarLDdEiByn{jjeW~Ab@Qw^mIz?NR=1*UE0mIX9ES6gd^Uo8bf8ygsI*upOsQe zK2#P*Fp82uZTl20cMu{r>iu z%^#bbw9M-scyAuKZNCm=ZYaWU zSv~*Ya2eDgAuTrCS5x?6H?*Yh4T+~iF`Hh@%*epU1eBDNJbw1fT2>aeC!T+IhBB!_ zet%-L-2U3v0JT@tE|SS?L;;Tz63*N%GBlrP2&J2BXlx{2SXgL`8nuU3cm!jIx`_6W+~U>j2G-~%NDyWnuP0<69jg{yuo%< z7h)ir-ktjSlL)3vF;&)wFKT#kX}tajW_-}TMwHdICnHG6VXT(W#K>ThpWHv#ms!rY z@{1g+0@Xu!ZnzI9V+qkWs=W;`Y%NnxvDjfzXg8%56^S+Wqt!B)$sJchLc;LL?d|R9E3;75E?&M|4{#^)drbgfSnq~0TBU#*$eQ0QC3E@%-ArNpBJH_2|=lb4)9{~>Xj=h`uYrTDLtG1O=w?ZKZIvm*LbUmxx> zEO+!wle>U`02IBC+q=-v6>|GBEEK6B}PFcz!%pc%_vN z%bCvd%yAN^4jBJBGkG;N68PyZzB@?W_9U2+mBQYB(Wz0BuArbm+rvsQPwKYB>()qXa=QY*_D+Scl*wz>H!SSHYs1K<|o+#@HOA`7>MBSS;$0H6p% zeJm|4eID%w^$FHRiTgadghKi?Gbn*{&7G$4`scF3Lg#mqgZ5YikOdugoIJQ3g2xLtcmzu zcq)SBLlE!-uh@BOf_a{SG8pJbq$dzJ5IktE=h3Q9^)s9VMnU zzRXZMlifz@q!uf+CnTt;sl(zHk8I}o43#>*ib_pMp`fIs{5d^s0j*5GWXaH>V01&hR)9!Sl{nBzX>*UH*Tleqv=}D+GjhzNx zgoR@_DkvG^{b2iM>T{HSXtEGuSb|;+2(4NkNDB!mX-5gP3EGOo{Tb25Z)pmF7Mpjw z(;g^4@%#Oae`|M_epjgRLkUn9prSy$qXcGfLqx>H9%GXs zAvpm+J*I(}Cb+kFp!-D2@IOGDgcmI@F;2awl`IFg_Y<7N%wtUFD2>K~CWt*)MR zt;r}{{MHTlz?pvYbgDOXvXooX`7Y@|z%R9pjg3r)?Fr{E|9POLb?(Se#RlNR_r3f@ z>V*;cRU3@Z;e%mgrz-_hIJmh510R4D!*Bhk-1ScwqDlRxevJT}miw-ojw9;#t1ovM zMof=)B#g?kGVI`9ToxcLai1L#XazU;J`38DDL3ydR4fVs#zk<*eYHbud~)(=km3Vq zi1fC+MEZKl`bGwp1|M%@M?7Yjr2zoBAMS6C&&?47LV}x#8wjeF%v**v@M&**wPUpZ zoe@2d6~2Dk@R}MqpdSIOetX!%?JhrupDkFNs;ZI8s$kb>?j>bERlLcab%7h@V~G8s z`yLNwwfOvmYoPdUV%Z`dR`Wh~YWO)D(KP*6C;{dGl`s*75?rFir`R)o-LeV!IXS64 z5iwssB$s=~;)lv=Yus77^H-okhJ=OXbn9nX<*G)r=$AQhS$Cz}l`YYF!?!7+(Z4V~ zz0uta4T=_~w!WFw&rUY$>zvyB#l^X~P+}Txvri9+TUuKcfoLE|KMsWOtqu^B;mNqh zvAV$J{ms!y0EqQT63#fOMVJySHFW@xB7;4X>fMEko3g5RYPzO0*W3<$;{{DspvUo6 zM*e`$AzlIq?AwI9p&_FUVAbgX=p`oe#kjzxx8n7qtwH{S2S2@8Q{UAk6yKi>^Bhqm-VNe@ct_lw)WfZyX zUs)-Q$^M@K4#9GCS9&bio zH@sQ_BV<;KIZj7sG1VGJ*DSaFlLpF^^AkpxNC1?HHBfKy)AsWD0f+=Erq@C_i-xP2 z!2+aXwThitERqI(A1*T*6cj{v`8sBD^a&u?ZTp0fY{}4bfz{sIP7x>06V&Xjkixy+ zbtWE$*}pve;UUzFcwnlC-^`?VQ2;b+f(<7)PG0%;8VpdjGs11axGhM1RzWYlJG*`!9#ZOmdg$ngUw5I+elUGeZ>zvr#NdBh6gr__0dVq;;L z6o~5H!R{i)Um=hH_&Pb%8&#-oj$2FS^FNAm2g*l*qhtVyzWp_eTv|rPaiW2ERZoMP zHnJom$Ez|}lQ#~w@kylkpu*UjtqIRY6RXArI^O#`U%5eci7lny2_$0_AsQ^cTMzU@ z*kMc_r>txa($8%ux1q#0F8%7y2hti2MYg`LkG8Y3^EN0RW&OE+TjRlq<4C&9`qP`Z z*Hw1B01*OqYn4-SZZ^8*x`1QPh0Kpgy3U8dfLX#;pE9Jc0^Nx0#5sIGUa-k&9=~`I z1{;c9M5K3OM#O!|4A|FEkTx#d8>tMX<2N*e@!MMOHx<77Lu56=^$u*r30UbMdzgLy zaI>Yoy+Qk`%uUDYmA$HGs<7hU+x83a85NTq92^i)P^dsprea`#6|Iu?PqV9ok#N}C zat!BXWY4hC{(fQU*s)`u4)%A0Vq;@1N~Wf#NuYSeF$aWXH|4Zkux0h#N^jg(8$9^@ z(Z`_YZmIevB`GNl0On(nDjdK`Oc?-gI{;M(ZmO{EU_8aiiMz&gys>!B5GX-+siURB z8y%AB>grD~FFk#TI$BEMNAY6{RM0$wV40Av|L&&;AcYTj9l8gRWpfnm-rgQi=QH^D z_(XvOyx!oV{XalksPdCbo+i>G13P3ZJ z4x&OpW@hHt^fWgai?n{J`*KF3kNV&PE^h8;k}8^#$yeM#b9o3LmNY6VO7ZoT1tsf3bwu^Oeftw+4kO7&egRNXp8}xKi@@{PJJz8*BKnYHDguTSD`ogT~Ga zDkcf$A$$ih;GIt()|~lxyGPOC{(V{~LP7A@M5f-$$_e?2As5xpDex$5Mg)VpR_ZdR z6?gv<+HUNQAEBH8`XQpEEOF(*;apguB?Lcu^vvrdE&BI4lAcv8uoUT$U@m>Zx$Em)@N(T-w}hhDk5* zT(<$*G6|Xx*TU;7INUcbwE%(m(ZmqJ@}M9#qQ{@D8YM@m;jcCO)UIA_zARYv5b(?? zVPP!n@7caw`h(rkL)nkZC$U(AU_e-~KUm$pKvU$E0$PNAG$Xmy0^rJjf8sb=WoHQ~ znB2$y07#&gbHAbS86 zbG*MkR&CN}qprC+6^S?iK?Jy!(1_u3w z=Flf;Kb3;ivULpKRTB?*==Y*F671ha;;h@OW-2VRI z6@$`$yqLb*8Jx4w_>l0tzdz05x98}+zus>_rtoj*bu!`kRh5+uyanUipo@`1S!$a5 zk3C}}4L1z?B+QZV-;DHttc}R6lR%XTC2-kU7s*TaIQZe721^NEX%PcLxH&`r?$QuU z_%i63;~*Yl{9(aObcl`OKxS!R4EQ_#+3G8+t5{mvV}W&St=sqt{;8>~2+xian0@0! zmn$Oxp;Jz-hBs6p7JnaMH7NE%b^}7{$&$1fhuQ8^YrpzPkqQpLo1;nS-_uauv@v{l zjfd*^ar`o4lR0NbG6JicH|rW3m19?R#b9dm4;k?lfd(X&s82C?Ec57%KmZu_;I$=rwO4efMicSm6YY=0R#0J|2j;4u_HOu z7L5PHhxl7tTOlS30HL?i!=ymK$gq8C(7>dR?xsJ63UOH>WOUbD#5>&FufJ zELXxq>Oil=YO5*%lkinfD?TIyA4{!*vw2Y$Yl&jD8r-yHy^0lAjIq>lwBTkTXugLCh(f+s=+ByzO6ZFC+V8;NHE&e#<#Aer+Lze>u zho`vT3_5WG)1!aWs&==ADtx=f6lYi7>D}J18{|ePR`0L6|BfMn3zp0)tvi2&E^=mw zgaT4#M81Zqswz}`dZ_HE-Bx+7gOJDfKR4NDu^XhXzOxXk>_mYfPS}24IVVzV8uG5Z zpu`>lqx3$T@u{gGzzX9{ktZ<`=RcoIAWIapSAj~C)^q#4F~ z%Mv+g09u-m5d~{_9LgrfA0Q5%kT09V_R38=Ab`;G+*dxI?g8ftT>}_L6SO1F?auv- z*wR!9X96hZICz{!apu2m$IO5|x3;AJN?LIR!6L=IFyHi|cg!p?!!3RE8FQ7)8A+Eh zRPpIbtDCOR<__rTAJ$#c-S}v`wKPsQ3SL}4*sD!ItC0_cd4Az8Bj73P>MoGYg+LN^ zzWN@p=)~c{;$eFUcvO}EgSYlpyLv#G03j2w0s*Lg`W3GHAaZw5TYiU4Nk(wAdgs?! z=ZT7Y!;-M>z?i0lCDI6_q5v><<ef3NWTn5WV%tw zJ^dmZS`kKa3@|4=_w~N(cnostTR)#(eGhuDh)pjMAO{RaP*4z>&!>(K@;i6#T!g+2 ziVI?RV2Vs>oo*%b1ac4)8_U`B25n}WhhNmJCcoT&zBc@Zmp_J!eGZTeV~X$29T2E$ z;Ue&GM=>AgIJrlh2F&$�*cG;HG6S9v5*mt!u^TGIf>8NT zFIP0x63j}v846O;KoAjibYdk^Kq2hiJA{qz>+6du()!F#5CLF2bATHaNJ!ZP>n?0S zf37A^&z(SqgQI@$5I9*KOvZbl5+e2^mHJP?(<=#6y$D5+Qy6yFs$Y%1P3T*)+PzW1 zjH}vmJU_n(G;=;VqWbCxtcbX|>gEhBA>ZNpe(U_yC59izyq?{eUty4T7y9+>T{v>q zM@Lx+0`UOiwsdugjW&P(US>SQ7mlR2>GlM=<_{k}bZ2Rtgy$+4*w-lh5iPU905mBY z$O7I|ZjDbMlScrsH%gkEiZ^Y7ogbc@dHekGuJc8RAiUk)+D9VN8|~K?AQ+>Ym5Gt=IQ|WgaCp{84RgX;R87avaBbqh#GmQ1YMk#-E<`np1fT- z1w2f5diC}7V=7j!twAo@OuJZ$UVE96L|M*eF8=O4%iO|zy;PJyeAaR~S%GEBR^G+^rQW{9z8tvkL z_bwUh^~mf^j*MS@f*&vF$qbec$j-{TZ7SsFa7R0pG0E*M9nHFujAjK@hg6@96XkA; z2er*r&?Q5{!|TC_OTWgm^yRW3@^ncWt5$ZP>M6bcY7P=Jux1?aeef13kObgq0+fzP z+yP@>wT}4ZBS7RpKGUw}o6w#A1sMQ&X!Z{C1Hyc!)k70ZV0!axERIHlnsX9#^#^Q3 zXqlvV{(5un(3pvd>2J0IsK5K>uv-tr7myqeJgN!AkwEb4(0qXf(*&}+@$~AC43g8c zFnx5k1T3%%q=<-!vS%I8I(X6}Fi@z@_2H&LjT-J-4-CVO$a;N2_HjMeEz2Ea!~6%&m- zh_6bMPhOC?Ir@PQy9Aw8&cS(iZOsLB2dEfyUXutc_E}|7e}AHLKa>v}3d=ZM$w!dv z&I$i!rAoUE`wiItC`*%PQWb`jkuNVVfn53tkg(;S?(8I9=|ErDH%Nd3>*N815KwGl zagj1oB@mdnaiu%@hTFsCqR#|wgn=R+azYG#5uz^OG92>_<#AvT{S5;QN2b_$)#_wSJGzE)v2y~)TVq)|~HhrIQ5Oaj!3rH=<*b<&N z1$8P%_}=TE`fnBJ@r5K#vu9}Ox|2(yTbI$dvM6rcbo=7`?l>_PdkODviY$YdI?hVH zJFqGVgAu+nw3!qVqSpL3f0i9Kq<(>WHkr{K5A)>1O8QrN!}E~q`e6PK-{*w9X{frH zCZ*#vX|p!q(wRYn)%=ViU%-yB+M!-mhMh~-PDT%3nv#TI8*jpG;vHD#$R`KlISF%t z@dwg83CcaKEfK1(pIbW5$}3v4VA4|JX{2?UPOLo_;hx1=B?8KigrGy(`}a2S6A=(f zgY=VCT$H9}rfPH(lCg`Hl`nN)2W=5b3hLzmInT?bgD}w+FGz3s_u`j?J5szPbH^64 zAI=P)So2FrqtQG=O+zDm=L;va3PP~1pc4|2k`@k3Rzmr|*;-J2c;LlzoJ2iEx~zS& z>xC#O7&k$R=@>Khmp9KD6y#fXyhvazbYHfRhBXYTL{M}zCBn(Zph3;k-?c>j1t<~{ zj(I16apvn6907@^4lLxmzUT1LpwNl?9aR1!otMJO0=@WeVf=%ChzE93yRq|jfZ^=8 zvvvnCk65YaIxlF!Vkma<`Sa%~*?y>D!nWV|yg{1io?{u=odAKp)NzvF5hd$A*$wcE z*e_i8ws#*QQV5d&Y>AoPogb}XMKvIXLzRk!g#sc;K+M^tq$*yTzvY#aJ51jsCMQ>h zg}XfLHma+HYy8J?(;=PF7zO5GqPGRAk~u#*EQrgO#V-$qW^)20LLrd?$c!Ng5yUHH zC|d~CNdtwOlDv*$cH1+o?I|)Rqor4fz_|nqVh^OC*{`oDMHnNupM!h}+FQHn=_^U{ zHa5H{fK=TDatulzfh0!8Z}_nmG&?Lab0plotV=t}{{RPl1g!`H2V_+y_SO8NqO^c; zgMxzzQ639`qj806hxabXqQT&C87A3puS`Lc|3fIwY<8u2y|C_vm1J<$ z)pgEvv+JDPY;{@L%?f)7&;r5JI);RBu=08DCjeWihu%ECun+}t9y)L>d}b|C01?po z#)C}*K(|OS2HD`5C#&|I($}wNj&>CR4u#Hf6hx^;RLB9{pu#de2!J3O!jWUp4eCMI zK1Fl{3}~yEhWJLHD2`LDv=4)WCxOY2@lk8_aI0ap-O)Dn0-meA5sDx`q{sSg*m*e@q2L~C>f)v?J7 z#2cIyVc(sa(Av3slmG*@deMuOmF;x%-a97$Z)+MQ_iC$sHW!TYSsusg>?H+Uo9>1l z^&TRhNRiLIp05JqfyhS$iwq;o=k0_pOCbjI@87~E@h_PBe$u}30oXJky2kC4LV>Is z9j)mdw6w5Tf`VZVkeiap3#4)+t%Lf=%J3SdUN6rWw3G)xYLU$|P~|0t(mycN<7k|~ zJNzpE)WW~V9zXsNdI}A!8K1GTa3@#SCh(As#i<>`AnhLHMd91sNT19AMADd3x4*w1 z1C$JAmC%<#lNOht;0IYJwCdZFrRV|ApojqKao&)$KnDMRHg#)DjI*};h0!p@;P-$qHp!V(39lZ-(KgSnQg#}7d;LX;R8 zn{;w^=5HNb+yqGok_NKxcXxp5I*xw|Iu{o#X8Wx@!_NR{Ld@gG7z`+&)G*xL)jnRU ze;|W+yEhvPO>d{$nZ6H95oeGEpu;HuAw>or@?(H+;I70_T3~7+wTKC0&Zo#|Pdi$R zIFofd!_S{T+0LFNm6esXNPh8mDQFe0#yqp+tA9H)MOKRmB3rtz%fWpk*iYMe{I}lD zNptobb_0V~qk5bM_?RILIt`#}=gyr2y_uk_-setlN8&^Sp?qdf+SOE9R0oj1S_v6M z1YTg|tN|2_gu))XQ)*abb4paSs9_KmDJ+9Xxb;r<@BB8cv1hhm zxkDlc51)WQR^$pOCd*ao+`x9+XD8KvI!Qd-*wa`TD&y^h6)G>pP>4^cb>V@ zo+w5MIFkjSI0dL@82DN|jJuatyaY=@$hp9j#6;Tz7nI8csTzU_5};_F`KR@9HtLL+ z4Bj}Z+E*pEe_&{-)v4l$)0>z#-s#^jY^E%?kNLUzV3Sq>R%_dkyOe~)36SK^BHkaDDL1NSahYxypk=3DhoQiMQF(%DAWDdev2ZM~ld}EM)X|Fp2em=j~pbZwT0oqj6_zmy#`BANF1D<1NCwn;kNzX?#l8*oSO+rRe+w- z(%1m@f83)-%C%0wu2gB_R>jHD-a<_#?64pV3$Ta=w^5&9Xt1Yvc}XDt`!_!ccNe}p zQs&&ujwc7{7D&MrnAa0PNiYXfjfk9F)DL3aN5Iwf8~X;vi@7)$S)nEGAnFH|TF~*v zHtZ18%TT$1{;X_l%rr4E@z~3cqsr;_!2466>;*u9M6FZYYlAPvXTtyx`18w~6>f`B z4GlQNRX}X11(QAsMPAZp4q%lbq&*IHBuX(??{64^xa&MY$#8Od9lrI`^7Tg`NCC_2 zMj2w1;~k%wxm7)YV%Nqqt(~1J;dJ~N1h3qMnSsxg`DyZMA^rG{|-l2LU<9j#CxAzS0*{%p-PQfBtd~Aj@)|W z;y`Oabw0o5fRQ(j1o(PA$i@h+hvU!~XS1sld$#PKpEaB$lLY)T>kF_EiA%tQSlw$9 zDfJf*<_o)?c@9Fh5(QKtTM*}7@%r`YEcJu{NNSElP9Sv~OrqVRiLZuhC@T5XY&=WA zH4k5uk(O@P{lT3ji{VBpkBP?=ZTK#Peh)py#F5fkox!}dSO{ttYTeM<-RJ191wkXS z2hxqgdPCJdCn1d|6n~VHlQVXQ^cohtG$5r)5KQW52J5s3+5wZSHv`52oNSQH!e#cL zM39#m-!rL4zjFEWqc5XQ0j1xJ%d~7P@d1)&d?@#$bfNjm=<=+TCWhY=YK11K#7?5N zxp!jKUU`H|+EU#l@Bxz&H9#Ss9T(&;FiW~%%#t)}{H~U@!W|sNfPQAkw7I@6I!Z@R zfBkJ>C6p&{&iNOd{Z@~Bm6)8E7=z5X-8=*$!Xtlaqz=ul?@(79`$3{@SIjgS_U7wyK#l&VQbg&Z6k-x+hTp1`HF!4|iUi zxsZI_rj@z|q6mZXB=u0u{Qt1IOl7{T_#0Op z{Ym98KI>~Npq1}F_frnT^f>Oif2!}UoOoFA_}%r#tR)MLhsf`6dIz#V!t}AId*(0_fTbBClUI0xqt;}!tBMCJ= z9y}xzYyJY_#CK1@DEwm_2xmz^(g7XSaDFp)mT^0bieEv_aRT2LqU@lg((lIFfUuGg zfn{PMlarI1AE_EldVC8)=+GaZi`=2cq=8$5QlsF-fRB3;QwvUnnGnNYfaHUMDzHda z!H`j)jMmncWWv4Tdvc=Z$;f9uupU^y>ef(hTj$%M$@r$>EKVK*WxXhx9VZ zOq^f8&0@9NuN|wC5=a>H*Mdy*%u5FeALLdLGn~qJ?v}K3b!DxpMS@{zH^T@31ti4K znzp$8VY;atgb-Zj2e9D$AyE?;PIO2J(fs#9LWmOrr_$4V<{>CoJHW62Z73uv>JhZ( zk9WSJuJK*$@6IgJ0U6b}L@c7l~lM_|XJ zj1>a0bmxCUv&PYy8~XYB1&Y&rHJKHjvpcS;)5rV8JZaWE$H}J}jALkKpCHQ@03(ZX zDyhCZX8@xtgFa&vn-PyrBy~gfYjrd0r3Vlh{Tg2xV9h~*a8Xx-DNzEC2r|d6;a>va z6q5x2Ipl-Gcpx5IzzP<#6sq-b`AoYoJ<|wQ%^rXe*T;YV3KBQIyu2na8e<^ z#VK(V`LMrD1KEgRkEvQ%u>W)_Ys@pVz;Y?n0G}qHU?RdmB)_Gz6Ad%q@g9f?P$%Zb zWdSRr+ZVPM6Bv@z zAiLyn|Hl>JlOV+4`Ty4#cveA!9X`#iLFki?i3=R6{I=)I=Xg3t7BZs)vVCz9*P%3l zG{8w?4Bm5ZgsnRRuyC-56kmVE!=UZT6Q>4%SPtSQ;vlk|1>;jkBTD(z5WlTp0*39v zjbKa7Gqcx5b9at#us`v?sO?b^PxJGYcgUR=3Rhd&l}r>)^-@f5Qi5;c13o{vC)0=V zZBrm-7c;!(Vn2Jag-=EzzhyrpWd4$l)&>7BZG(8VUk#2$YEdMQ_?Nmc|MHCUH3cP1 zFyoyKS|mv60l$Qin3x!Y!qKFlfmx6%;QDHtbyt_9;wF7@xQ(A#5(;i-)@7jx92h<; z1GUT%z8szLg86b>o7J=%EG9QFXj;ib$GZTw(*7O7KLIkDuw1_A#kXO4UHj8+yuWp3 zla2j@Y0NbK@Z5vV^KoUP=9%K4uqi^n+L-^oH5Nz-`p&%qdShS~ju1VCNi-bFRFzjLUvuV`!8 zSNJZRYuxZOSBX9cJFl{dLb}AbZ#Sb$+Qk5*RsH>LFi${pDjrw{-<5-nO+MmONcM|$ zn+Z~)rjBpFBu`>6!zVq?gCfbR?BYa$kLRE%mG&(B*Mm*byG3+QJCWqL0Go~#&IBQq zAIJ=x>w;q%V_=ISDYYqz`R`139B6bXr(?uRc zQGSFeQoX>*3WqD6vp!L*e_lAQwE5*6oE6b!qzB0qQaR;nuRgsHwRMc(bo+TLx6GS}@)6f>|@; zb)-C_6p*LWGX6UYul5{FKzVa|24#}4rAoqL1%&9sD3ow|79+eZZ6`vGNj`M1Q~u+> z6(OCpFGl|Em%F}%B0Kw_RtmLSt^PDiVqSgnN8{=&2qyWfan6EsEbw)ooLEh)fyc3nEh5iy;$Jl|mk#nQ=921(1o23C*?z=v)&8r*qiE`nM<}*&LF2V~!82w*oB}Ka+mHd{d=R)si*)xD$@+ z=A@zGv!YKh_Y#^@eD;J3_nm6$Pk`QBemNFj2B;;JqE8&r(gC2?vt9TmKDq&CrpDkr zAr;zODzB<~TwobG*BfH|ndt{Ql0#ZvN;3~>EO5=1^M*p6=cOuaDmcV;jW-T8+NV#S zZf`;KF$kz0I;*0~@s(w^uE;oSnC@FUJ?8x+JJQsjl60gcULJDJ;pB$7O(Drw5VV0l zhmL8%IUD{cIQK^dDEi;_ntm5h8D7&fKioj?^xea_^yvdoQK)9eb>?NEXmIB+8NE%| z8ckN{>ZWDWejS{fWoO$T8j?LteUm^&N@~zzdI%k~gkU0CdWC z6S<-S?CeIIL`T?ZBI8u2&N#YhN+W5X5b{m^kzzC33Bmhh=-aK~#L>lC5K*%!$ zJz8dPoXsQA)uWjC5VHg+tfoyA3+xY!yiERw)3fqD_h;b?k{+7Q5$Fu=v*aO4kK zXfrr6Kwclj#vX?=u^0bth?mwg9Q>-3wQDM0ug%MvcX%%!u+lqDSd%;{Tp64Cq;>+z zSr(<}{;;Tn&Y9Nr0Su+8aYTn1s%l5rzL0r>g@Q~QaH=dJTmr4Q2@WJXfP8|Ypntys z_iQ}UIxUz+@#v5lmH&-+{pl;Xjd$!YmF@r7a0uHcvT}%9KyczcYe@Z5s4+&}3j_!LC)g2OI_oXUXkT(WF2zK@WqVuz0#lt+(aL}=T zz`Hrj%fr`OO0hpy1m4)1E(<+2=3RM$m9d;j4E}KMXPHN+tSY>u-u#c=OFOB9v%0xS zy*A;MM&H-ne5|f0DaQ16ZS~pEJ}e{nNMUblS!TI6HxzH7h#$LXC>#X)D|12a1)a8X za4p^=w1NDs1(_1AFYT?@cB|F7hoYt_C1r_Oi%lD-%&&+k3l8`9NMFW3JR5*k-UahGsbQtXQtLP%E} z9%^YGe77$f+VVUZ7aIwy9~5=$cZqMB*cbzy49AVisMj=1txGD}0`ckg+Lnc-%veWV z#*^3>eqLM44np(OQ2)*Wc)?k37L#~7{GH1aG;2%Y%aHQXrT#lF22D*bC@1p!FlOk} z7Vu$Z+%wDlvP-*ES4*XMW0I1iX~eX1c%c|4y4Vv`O}v`JGn};i{u%ZOcv>+A%4(u< zBodyY!g(^ISga|RBh>Spi&*RK4x@LD1W-2?U~F0cak0iIdJyM8?MF^QUs{Ik8I79@ zup8Nk(3aV~cI|fUpI9c0yn_U9^g=W0pXZ?QE%sy*YH5YV7iYbG4MGJA`eR+bnz50S z9l?Jd_}1i+SEXyVI-cgI#|od&#j;>yI?A3tBLxgq6v$LGEJ7=LHSJA<41YYU6EzH< zCbf$KmDIy|hjB^+Q0jONVY6 z7ydXTC#bA)c(AO2a)^cdZ33$+uEA0j$22lKcyWFSc2lPYwpjltAU-D9Je!7FKTmP< zmkhB!p~h-Qeq7*Sy@bt-rnH<0v#he>ukA5_6POkp~ESYSsc#w-526=V*ypr z(BNbspNcfjiYqP|+IzKz4<6=q=2xoJbQ&&HmtTIRf3eA*Kcl;iFLSM}3SRGV@uk4R z;r^oEGMo;Z0J+v8DJmq#K+gn^`rIl;=N|v7{6vCxzivZqmk7Ut6V-?L1R$l0fK<+x znbn%aw892hi`B3eqnV}XfbJ;)Lxbo!5gZE)7i9l%H|t76k+F`0n~vTuWAo{An_Ftl z$~dcB-ip=6{Ug%iflztk?5J;j08L8x3V;aeGhg%+{Dl<`7fs_GInSM#lkhB+(iIp# z&Hh1IQ+Y$4Ua1!B)Q?OuA67}m-qKC+GXhMC;K@ILND9rQ2t2!H=mZz^$fTZ@e%k93 z=L>e7q#qSgyj_zB4Y7-So}Y*r%hCL#JL#`}1JB}%Q%`rlZtN;GHs)i9)`UsymDfrt zDvuiJvEPeZ7hn^-w{Eg_oQL8rs;jdyoGgf&9lK}oLisTM<^qg7>iJSqC$+QGAAlDN zdMY{tzpRWa)@Y}88yj)8-OcA_7pu7z>kK=Dy5RB<9$WWEie#gAu$lP*D}w514wxCm z!r@o(v!i{bgy zNxx}{Y78}(0(i5dU=x{|K@JXRlRPv^A-4r%I2cX@hRbn;K-e!CY`3(Z^;ak8U3P(l zERchJ#mK_hp?i@bHZP1mOJEwlZ)ap<7J{zetTuskX=`awQBxnmfZDDEr$I4ku>XLj z`Geu4Nh=(8hu}7Ix+X79D*sMJ(T(_tbU~32R}*%2+wivmE3RoRdbYr{*gqHn^FZff z!orSV;84Q9!0TjtxnAyH(!svT*bus_QmAo*(p@6=ar)WXo|fa9T^cwm4GT91G4oI< zEEbm7RX8{UZwWYtLGCU(cL`a#tgER}U{z|Pt{nEn=3u`n}UHK>iJtC4j?n=NG+CIfZ)h(~IhmKu;nMx!iy1;>&6_C;`myq?@@$ zB?1sKGopRX%^ss1TG?o*$$auJD1O*3owN<0__xELGW(MYlb!T#@dTmLfdcVu*Nk%O z-u+~1csX?r-of)hDT8Yke1Rq~SdqyVSoeYNH&9+WTLyM&&2$AJH;%k8{2PDLDb%M)jXS`KNmGhH@^Z4N?r+DTJF$&?E zLfip%0pJ4vR)u@_u5cE^ioZWA#W8V;NHH!#0ptz!NCcEJ7QD?rf!&1L(13#qa7+jp z!|n@ZGYyc~)P3q@bWB1)Q~7s&h1kl2R)whSmv+XNTRw4A=jooKfDsE(fBS;KksJ90 zP%Xga0x=N~cbFqDpyKKKvAWkr?oDL4%FhrKVK7nx?-Ql4ml7eNKwEY1#fIWxyjME3 zXfD_?^rqfe$jMLxxY3DR5DlSm3oqJDXdNnXt`KE^Qp)2zrPoMH*Y?jaKX&}gT%N7t1(wK3Mm?z7^?)e zA*G!3h8rlEH=ADVDj3&!< zX-ANXqy(ELgF5SUC0VeVxBw@@lTKmBzhjaIoLAARPtb4()jg z_8e|CEO2FbXr= zcuMFV7;crn!KTIp``zPAzhyaU!<-7nQ<$qmd|R&T45?V;QR7~Ume#ZK>V^W0Tcvt) z0Qs$?ctr#Aba)HE&qm2Icpm`TV9Pa!`;_qi;mp}7kWq=@B$nP=OoUf{&1$CGl)tFGO=2_Iu9S!r5okbs@nK3X8}b{bRWc+^oKNb=UuClM*B^jL11z zHbF_m;lm3SK#K80klTIkRXi>_zJ)Gf% zCIYJ2_+Pa4>I<>w{avtlg}`nmV-lwVH?|%f#s#;PNy?SX-*Lkm!b51OAio&BSpkl^ z@moL=1;UgV44mSA2x`FJ1Emlw?kRJ=g)%HCD+-@^>wX{C$MJ;(Q9gkInuRDe&Ra8+ z4IRgG8{~01ESi0L<#YL>dCt*)H)e%aRrpn9lu|)k5rw|cn+%dxpmLk z_2P=u!ZR0)qLvjH{Q5%FMV^)R_t>y78tL9p>QX6MT20X3yDv-dE^r7Z!xS6b z``;5=rXGNj+1`~aI>v4??iu%C{0Gl`zpz~S{gd-Gga01pVyIcaG|tF-GEtqU+}-F1 zs0#s05!8g>vK$kne3%R6gJcL7T!F zCgn?9onM4}mxr#LufC1%A^z!m!PcV7orY>S-4?nKy=CTwV{$dUq}Wz&l962TaoKK4 zBAe%b@2$on<7>p_p#WQn>*aX&4D!?O@lSrUaXjJi_%p4;wE>kuwl{|qcwheKlprju z?<=A@7X#35`6Fse^2Z_ zlm=%L*tKYUp4)6U9^@Ah(1aw}Q49*$z$*PwVlQa;7B!-i%rY1Cvjsu)H2=qATYijF zVdG|@g4EpGDa}dOX-N}2PL-N)Ys57Yj(%JKJOuBBKqfz{=h`fusp%+5oNrtoQWyX+}{5NNo^fP>dQS#K1?hfVu=P z3PHhlc*zF2pWh*GcybFJE@4yNt-y&>zDuS0|0C=@z`6e0zu~XFva|Pyi0sJ7%nBjO zR#9g59wl2wWX}+?SJ_1Nh|G|Y5ebnfZO{4E^}qkmeINhlevadJT*q}Cmmi<+=ldS# z`C6w-{E&;p1rj|C*o=8tlw*IiOs`!1;E-f?Hso;&e!~?v%EXi*RGH`iR0Fps7P6lQ zVc~R3E#OqZnT4F67J*+4K|p}K7@+tOh3mlP#cP1{;9+h74(mcCUu)b2`Hzh3&zSk%~*n#v@Qc~)cno@3p@IE+vL3ZU^a+ok+4J;cL ziZ0p=1o;4L!y^93`2PCzZwll!3A39o0AW6?<92LEp_q+Q zMd50s9ZBuH*mg!d(ny^Vtm{k;qgc7lS1d6d>2r3_IvAe^-{z%sX*nvfSnZWf zL;ql>^50ef8ClCi1Ev=2)SZR{Y^8UdB3Ey4`9qQKcbwAus8ip9 zPJNkfwVde$Y!HUj1NZ zH>F-r`WwAB`)=W8PBQnN0(S1gFHH&<(whKU=FKbe=%eNsu7m;gp@E1uC2qe?P*XpKGLm8Dh_uNN6L%$Mf>MvBslhP*>!CusrIFY%dS@1) zqf*bc>13ttupI#1s_syakzO~VF@CXY1|tQ{O`s5vzX66`#Tt$kl#lW<*2JKDO)B3GZHzZ}vz3C=CX)>381vR5&2dK$2u0F3M=DAT;9HCy5)01J;Dl2GkKesTSjmgTH2+{n1klfPh&28_D#)7h=UWM6yu3 zNCHxS&}liW)d%qpP9HpfS)*^5)MsBAG zwmP|iz&|0d#3lFz2!=&g+4K2tXAsr)eEq-!cx_6hwvrnO z76n}|4-Q7?SlZUreFo%LPQ`TT2h@&vg&?a(6LPI}2c(|w}3?gbUc65tJ20aZqTwS140Rvy#%pSPyI3d6SfgDu% zuSi$Qk5r!tK#jjKo=b~?hfnaFf1ZcC@EEP_1&ULOk0IL3;@%%mW(Xk#yhubu1O+GF z9?6P=(&*m<*x}1{&(+H`(xJ_d(t>NrV8_ZasgL3uH$ajq#xc_V-yA`^h)!;(bvEAC zodL`X{g!D9f9>OkDX1p+`NvOU@4gxSf12=M**h&wER<6M>*U~#@k~5Ee3X+IJRtWM zIg|MK_!?c7vE!J}2ZMeRdBJaHjO;USHLMRiHIlUjV8UpgoYGU}=RjTi+xs;CKpjab=S&p751NSIL8n+^wl~#+9=+N1e$;&Di2TtBx(}5}6{# zs|IMc(kMYEZM(N5e=N^E;NmPDgGTKIsQ99HfdPB~VnjCw2~H-eWLtk{@gc7AbfJ-V z8hvq*QZY`~`k>lKV5u%7+u^xyqQ;EF)B^@5kMUCPQ~7Q!4Ft{Nzm(G6Yw*yXkZSN z&`||`9{XybiJaaAiqWmyk%1>s=1I)kT`)fQM2Wyw!%I(vRJ5A+JSS2#=W&kjQuE?T z#sg@ChFAPUULvP0ioKxidkj9iL7=B-JY*yYK>eY^j~8H8IEN(%pX};x`~ARF>f8xB zr6&d`BDyrs>C^`W3e2@woYpMEH)MUU3|8*)O3;A_kLTH4Z(jgWEg{|*^hLEZHK~?& zXIK1ToppA09{&Y{=ZaZL?_SjrPIkW54rx5W^0z4=G$%F?RTopb7l-EVeDs_U56Q{4 zjEtGb2E4z58CjFUU_CIM2#>fca-O%AwWLa3GGXY}#@ws4q}@i;y%ulI+$8YE01^30 z?B`L@nh~l7O8G&BW)Py`OMdVxy}2pE67`eSZsIBiR~F`ebbhmt-1T&W!hs6?D0-d3 z`%KzV=OWLPnpg7zy{$el(zln%ht53v;!KU+Svym$(c#z?{qq308(aaPu=M3la^od; z@`L;&L^JJSVYaVJdIOY_aIRInzjcZcof}g|=yw-yw_*c*f`tigbKH%+ees~hbp3@G zCu=ZL0#IEm(s@`Qu)0-LQK3j+gwPIhAh4!%kEwRU*pJ`lzEV0%@zXRWrbI`kop6Xy zR*{G)X>Ci1W^`hl^Is58Zaf+S20foKnn+rY^w!X=44Ohc{?SjA&KN{r?V+Ckyz%)* zkMPii1!Zp$z#TiF-(3Hrctw9^G^)6nW&x*-hlu2B&$mb^gw-+yG8x0FD^+w1bkLk& zJSZra-8cvvJxy~p4pg<>S3xrXRo?m$q%ZaoumvE0JS5X%9V=BKb`A#$Q=P&P?))!h z8Z7hCo3s6NWNr+Vy*3=8A|xD(XAA9jd+=CAA| z`U%dcS4Z+-m`6q!pa(?QGNnEF5!!&_)qvkmj(!w5C|HXB>Apo$OClA^rvLJ;g9bo- z4>cCDO&zfQJZj&puM;?gLfc_0Z^j4nLYSV8Zc`h z+HWl$_(kk~-=Q)zN@2ty#nLn1@%y|AG`1zU%gKv`V z9^Wg+9-g(A)7n;_;=vK60vP_iwd8A%$7u@4GZx%_>e|{8_X-ONkb)u^Xn~I5_sp1j zxX^1mGk#!W$jmOOI9-q@wFeL@V4uD}d zv%(`)u9HKbSr|Vw`m{vog}fINl!9>P={0HG!OuR0_DCwk#eg-TM~aj(YH5*mL&6_H z)93cP4*Q&}Y*b`vWhn;(??)AzIcaW(3}cWEY03!x01wKh_wW!0v8dp2D9ud}Ru%T2 zIW6wo!j+uPF5*$Xi$_<71N5xRPcOz6MrytEkHA0ah&XBU)lnV3YQ?tRIB=Ob&GrRc zsE>%@llS+lBbx<^zpauZh}jy&av_!0lZet8L3DsU!K9m>u}qfz6EEFd5IOz6dk!DS zAM|O`|3Kq{9fFDdviNtUenevpL(Y3j-~FI5F@vPx?eVT9)_co>j4CJ;215A(7DGxL z@bMt8=}d$3V{|MrsLX@olO?jd^fEC1l^pYBB``0l8BEw(S@iA_3nDE%31XA*c7RDt>zg#9&*-cZIV! zoHs>XWKI!4#gEP=$1Hg;@V^e$Hs$LvJ_1MGR24pH5rYN+z&QBIkf zeu`^!mtWnsn8;T*z114O94W@+V5BgpAvxm{S?mFH()pLkX2-J0d`1ljD0&12UD5Nr zrK&*91A)}|b}y$9IABnWaII7@6H(4Kn-27T@dDgmHoLG+qOc^|A579;h#Rv7DfP7V zZb4gMC{&VS_n=~T!E>X}xsaXj%xhF!3!Zt)u4A7_Y%#)L%o5|g3i4mnGe>rJ;$|0z zM~YX;H|*ldDQrcqW9?AjUZ1`Q7H++d1kA4^!5);?scIVDFw|_z{M`-JW5K z`X^Nls2=Ve?@hG%A?mIZz*c16fyOJZdUQtHplk}kMd)rKk55aF*#525e@lU7=MQPR z*6o~&V;5v`Z91lf;7>Zar-d&EOXx5J6c2CDHD<} zP6cHPfojc8n*Id#dpEl~G;nqGM2Sw(LRdQ_QlFFo# zk4S*)RzZfhK8L5+(dxUe+v0TxMC18DKQ(%N%IG-{h7V-u1X~h{77C-YPyjE%Mh%rA z0nbJXQi{LVe(G`*>TA|amiR&@40P)i)by0IF&UqmKYpl$KJYyqV|-G!4SXGu>bUSF zh~0kG0WP~5a1DS)9dtl9z>%6JWVsOF}3^0Wxt#WWnonXbc1o zidQYSXk!FGHVkGHKxv;l@$uCmN(KQh0;rhdAc_mlFXj%EPGn!MGIdH+@28mJO+Il# z7=&;!$>5cf^f{2$3wZO^x*tk6UOM!=QWD=at&J0e6d@8}r%&ymI0--!L_m50PS&M# zo1FWQ&wJs|!4+UlKsNa*MZh>1Jc{L}4I=>pQc^R&kAm5+|2OA@jY0B{|Jg&v3U7uu=C=ioq*_!?xHQtHggOG2yNkic@*y&2Hpp`UkQ;Ii0u;n zAxlQYPWpMN)hAnUnAO4ogS8rS02aXb#KaJYa7O89p7tcjEDY}ljp9H?eh4f@iA5r= zD=Lr>^V!wa6~;j{{15?$2qcBdk-^Cgsk^I?AuwuRw+=rV5@lqAGOW@jZG@1Qr(Oq;)xyrk2 z#kQNH?!(gE|BBkX1oR>GfwYNd-EXtf&GW^ditsTiyf%g(J=Ons6G9r_f7yg8E)!4d z&dyi|vl}#zh(YQ_Fnh1sec~G*aL2V5FLj%Wo zIQ+OIV33p$vFmLi>H&v=TyV@7T##Ggyl-7>G$F1|SRNM#4A; zYB+y*?Sn1g*b%?;c5=lCVwpZeR6iEx_wN{gHt?UBzRLY?7aBLWQPz{(TnyZy>wWJo zS6o%DxJoAjH1?fusZUOqbQ?4FS~hPOtd2)hIH&UeVbEARuZ!)o8+9AGSo(vg5)Z&c z6QWvCy57%!ng6w--GAjrsy0lNe(-$8eN&#mvn{4g?dJG?>6*#^`FU)HU?n!H@NEtb z4BRg(JA*-ib@b;P>47*!(nIJFF2U&lT)jcL_#a3Vhv?U{7^^O+|9H#-{9$SlVpzfH zisq7Spsb-RS>N%1$KZp3IZ?S#Yv=b~GMKX0e8MI2m82rp@O6FoYHt0~(06_$* zARM~88(_IYJfKWt;(K95A>;PZw^HA)UJf`6Fb&0{1$7vi+ku^lTQbBJJS^_c*hh3V z&jtv=tv4MT?7%aSi~{)Jt`T-$*P1N5hPqG5*9N=uP1F@&D`MTO>0|9e$y|`V%nCt0 zC`+~GUrcmwz+({HE!Rz3bfGBJK34w|;B=gM5!ll7lKD8k3@l-)Fth_*@g6(#3}E3c zEJl~rm0;Et!9S82H?Q>HvSr(js>Waeuw1Z4yVRNO;Sh0A<*Jw152s)Y91BVFNeGM= zPr1@tko=;D8?=cbryWMsV(9OK?t|;xIbfKd3$yKlek#f|#Sn$*3qy*PzB9D>|0mbP zGiJqAsv{l9u~V>yy~Mgfo*$3HvgLpCLk})gD3P>^CJqrGD8DH@KX+5G5kILBr`PxZ zWF+w8xe1TU>bfAiU6bOD6(uYm6vgHCqwPvPczNMN(n0`E^Fuq@{slcEa^5+|q#H<5 ziU&-G#Mod0MS{eCpf*S&2TXVvNJ1w14Xg`T6jbltebED# z(j96Lrtx#u_DgG~YcZOJ8(&Hdx4;Bl87onLJ=T@YW=k$Us7)*ik zws`l`i4Y8PbAmOh)HFFAjC^G<-yLG*ytFQXb6UL_t~EMf^C7th7i@7dC|VsZU{pav zShNxf!vvHMPPyxxo%d3V^Z`^sDwt%+;{z~9_fvb6%x)$Nc#){foOJwtBTpzxkZ6plH+z7EL9=}Amjy@#)zHnR9M9L1#XDC2G>%xG7%;8E0 zZ?DPmFIQO*oH%fw=r9(18-7BmvLlyHq{DL05`KzB3W~J&PkV&EwGk^9bz%ZYAQP2MhkkXd$Qq4 zCHUvQWI*%Lel-N7gs3ZfBsF#p)AoNczgISv25AyA; z-~PzwdEo@=EtA4TG6Zr*c=au z-l@DfiN) z-*1vEv!`-=-pLf@mywL6y0htnK>)8m#Ah^|@iFCULN zJbRW5&ULV-Lv&v!cz)5C7W7UywVo+>%4X*pM84S?t3+=`Op&*ir0DAhC(sp20pcC| z-5$vFe^UODkp@(&7%1kqKC^_o14Z>g*$Yv>d8p_D0tjWsLuvwQ?P(|n@LiMNe4=E- zbjV9SO0c|s40lhxGQHy0qQFyTY+8;55>+w~t|5+!QX~EUZjHkOR)UI2rtzAE*gZ)k zDhAs-97YH&C^eb{33)stNTFUMfQb9G;;Y0d5KDM&PEzhCsTg3p!%@z}Vo29y7Jio0 zVL4Sy1WrcEhY>!;h(%B;VmQc{dAYz1t?a~@T_m!Ca2o^vYV#^hZ~fO<)B5uKE($#& zsgSdAPO+_fL+SMBz&8HFXo^5-rEi~K7L_FaYDcQXN9CaX{AYo)Uy&B#bQq^&qzLqO zsE%ixiE5PgwA&!XL`DuM+`P@&x?A~<8}!UYEJ=+7=x9;@0%?NC0Rw4*#W9eyDNK$)P>={8N8W(DG-|uh zIRcOcU{z;*k9+sXV?XKtxAkq|)>{DitKc_PZ25J7zc6V#z${V&EinT;PHq3(=_Rrq z%u*3(`>o0;kb^8i9Bp$b4A5|g>$z(`hk+tq0a-TMW8N2eZetby5L2AGSQ7u_3eGAm zi1opy29eJakGV17@wY3O&TD8pR_+$!%3CcmSlhRX(ecA*&2HR z-QcNxI<0+tN+C@S8nlAucHI+7901#YHNZy@R;CQ6J)we^1=fn#7tBl_)9~g^lZd;Z zviR8Khc1nqkVT*u<&~71$=KtH9AFw$g~^~^yM&JREGbuP$Z}4TaG-@o6^2d*!=Zt= z*X2cl_@~c^O?Z=&pOl;rmd)0EH^(4J^=$9;SMCF6i(@2H{Sm|`rC-COpD126Zhc!- zbgV=i=YcHQ|39Z2;Wxt~;{|ZH8Hl9=mGC_7m_#Ys{DFKQ>f`)!A(hixW8n5jT{U1C z_4Fc?dVFcQ*Rq`+`dBUGWzO6?MH$TQ^3XS*u`_3I4hz948s>#IqcB(vN+MoW0hI#^ zt`x(b=mxHZZ?LGkfx*N1Set(WZnwN=$ET1E#999j1~)aAe+D<}>6q-u z-JSbR1pYrvlpEAq_dwZ$wk=&tD3YL1-7oo4oRiJH;ns8lG~Dx=BQLWj&2arDfA@kO zRw4>cPsrXw(_km3YwrGLr+V9+r3kCr(#-kT1#ORL!Tyh(44 zdjgdavlAPDaCk!{$8a)VJp9u%qWf_gZ2IM*Pf2WP3@`qvKv&Q+ptoG&mk zG?=aeEA&yULY^GprI60Mi(g#OO8Z#*_+CXMcO1)nnc8%?_n|U40=a$lyo?sf<}ZyN ztzC71q|PqfY<14<3hJ7=|6ED1%3NhmA=X&$)Xdfv4+PXi766HtpyGnx2Cg0cvF12h zjLQwLbtQI9O5??9_$}BkhSn2Q%iKS~4?7kjYs1-|Be+A-X!mwxQ9l-FMx*%K!G? z&A|V3j_*8p09_3Dm$q)-BeD;ALm8Fs3(RN8`u!br^+XP;C)wqpR3rcnl>Pjq(fkvL zo!h@=ZCwDk@~lLqe3b<(F>}T@*d3l5D*B%L$9kPCK_0U0o;J@7=`(6dDk^J$Am#vE z1I3H-SsRAadWMl&&tF#rmzT_O&68)V4{rbQoOsT>Ne1B#oR3cGiEhH|7A!R87WpQy zM{=*VpY>+yF$ecAaHHt-S-a)8P=0M_U@*Zb;%GtD)qA|roSQNsDY6zn5OVqG#ce4- zgBJ%4w=#@Yn12C+LJ@fDKr5F$ZYX0M{=Gm!nRvgw>eNl!G6ht}ts&QV{WCCqV6pa+ z^V~$#FgG8VS|Bt?0cvneu2G^CXK7<=u+r~LKkqVjXP%8Ic>G1U?mGUSfr6=khkxva z{ER>|GI}E`{7=xs#-OYun4n6Bn5u5DHPYk4Wq@&ZO1@Ijd|@S4=-UEZc#ptAAO9@m zLIU^ubyV(1xjXI>`GM!c?F-3L0o5HFb0E%@fKIzsHU)TLB4Ve0&7T$}>3)#3In^9T z0CE`hkr6c&t#DL7iZ&qL)=Ay@x=yqI*peI9N6c9rk34WGl z^6AH>55WTy_chi(cegzQ74OC6`QKmiSc@_seLA;#lHXH=T|#pMU6lMN0Kqr4SAg*3 z0ba{%U~yW{#B^G%wPydOESZ^hXHpJn1@r{Tirn%uxX|TDG*UetIIdhkhX*kTH(`P% zIt+KLG8D;ggh-VMe~P#(Dow*6EjKUz&G_sk?o*QKxj2mtbbcpnfI{Y029r6^Q;5sb z>_}(d0}~6CTAL_jEZo`vS1hV9RSakWRtAAI9*UVpN_tQM!5C8|2&g7kgPyE5xWB<-PV&wSn23aBsE(T9KMge+NG|vr# zhVj819P~N6Rn_Xdl5*K%wZcIZhnAOkz{2zQyLY`=q>*Yz0~!NASX_Hhg&dDq4ubcE z^n zQuCu9@E$bB0m9n|F3axWqC@id_e2@{f;}Y2?Dl+gW;w*uPbzTrXV^!C(hfdQ%_Z zOgEB&>iE>HH7>C#j3|R{Uo@K|c2Ii?T4MT~no%;C-{5-m`8I1a217y-J%ItQK0eHg z)h*|U+$NsZdz+&}YOe?x<9vkL z<8R!6uCmIk3C%d9l>u-)4lussx16Qepk1`?5>d&kXnDMH4GawQX)#_dLYhwuz>iCe zIsWGF+y2UhE9`%h`E6^0FrdPkXQRH@H%LY{+YlU}9UnKu5lMe>UQ6^__|jHUAqM#b zAE7xbD5DTfnty^`>z?ml-rWJNte6lwr4dql zECiwmg3>@`FJzdiCJ}0IkI35Lw-6ljnBakf-h(no z>AAVJ1Mb9stg3;@f9bUHbaP=AEQl+@Gz*mg-$Z8(&j*#{>pG*eFBf=zG}@0ouV=z6 zElD^vs9KX~k*<7ydE50bh_+O?8S(?VnIZcSh<6bkLnmafhPQ}jLF|h_!XQen0wNd< zW`#H*m~tk_N(WKHz?yeL<|ohxXfmXpuCDIz7AeWfXvmE_?c5Nudea~k^^ z@E;e^5%5jFh7r#9e(w=LUL5$^ZtNKvqJV$&Cw(AcP%sX*JPU%q(9}#gBvA+~Frs4b zEWk()e~}aBwWB%Ph`uPdY-fd{q^#B`YLM%J|Btt_6J8GYEH8z=WJi*;W;>lxX@UfRuPYxHd0tgG#;sYDo;38@al zQ_p_Z&8@oY(u!hOlw@nR+&I6PJy7O)TzZN4JG0T_$*R1fzA7Q{rEd#@-NDc8Gh1~W zTX%I+_mmxW!#|id9h-P8%)v`LN9Z05ZY?Rs$e8BUeXimE!*&2#FAgu1ztU`cl zXky~0dnRlU=Jbhzzb9u!K2ZQCHz*>66=tejo5C~H`F6mZl&qGs*Yxx2hQ#FX3xS_M zcKbebpmaV7iNB#{xuZ*%WV4Qe_Ctl+T`gBkw$AHru3_HK>>Y|&n^k4F4pmU4>aF5_S4rOaF? zQ{#?Es-#Ipa<7HB$uIs-Ux+WOCw(ES>8QbA$|jD$eO z36!S@hkLZ~!T0YzU>8E9)o(O_A$mWfxixdgUB1qQw657lBMm;xtYut&0hNv2Hs4>< z5^0P=AltRf=G*>$WP_zIs$`Vx&vS|LG4(m!%C)o|sA9YMU!R5X=+4AeQA6~w<>R`X z5cbPfmlJ1VS~X*ZzP{u5-^P@gz6c-e1)J`I_!EJ|fzKl{yGBWVprcspp+az-K}roWssm1pg+jj-LBAyJA$+%V5iVq84h5&wy73Vt zw}A`*A%BRXve297SJy`cdw+o=b7P9p8VDnjW2!RAZQj~{(%}b33gv9A<|%}Y;a|^E zl)v{^7EKm8m#m2f@u2}N$baPh~R@RZ9KNR`U`x{xyFeBh;d1(jIyQ z6X5vwJ)enVc{i9uYoMSU>me}nW;QpVFan4lEEz8E`3oa_*kMi+=sn>)K%+RIo(%ip z1=-+8PJqq~08*D=I0+cuZa{e7)tC%I@W!ZV*1ML;^MK&&LN_&}+W>R3qI&Zj<98SG z+xeTl79%z;C^IVh<^mo_)7? zGKL0{q65=n(+W+xIr`OpRJPI|IoNl=Gx1s*$ENP|y&Qv{ECVvzYprc^+| zJtZL74l-7lSH__=dTDL7G+gPd@_j`Gr6RJr1s0@orc72i+p7UF_F-Vd#>RlXd<;0{ z7)A+V1f*Y<|AR)NdEI}eFg}UYyB)w7UyTdx{|jRsUN|+&@Gmcy`}MbdN(BX?yrk9Y zVwyPWpJw@?jmh%}E{(FgoI)>M7-? zbk3$4oPJVwtBt*iJU5PNQEU6<~qC$bislqO&F$~LOeh67;J;>LNY^O zA}J;O!r9O66M!x(85ul)9fWYui`A}sVcmt6OAeHVKR12>*h@U1t83P1osjKy$w(@Xq0mlXAzTP$Eg-BSwH$OZ4nEVoPsq}mAMdslteuCSG*(x z1=p0u5nw>9Wte)vEC*O3R&{rqz$=H*EAGR)Q(%s-k4(XXam%zox5E52_y_i659HgQ zdh@X)3sgQAKb-RaygkkP`I7`*&Yz#S(n7N#Nb17^QngzdbfoTcS+aO-Ci7$b-efQP|;O>0{KY=Y0NE!Tdx z+nqm_s%df#_6;MU7s!}DA52`%d?*J+4XUN~(99v&x{!r+3shLbpaD8v;-ZaV$3g#f zV`7q=xT!qj$rFO*6U_$_}!}~UUO=P(983i9zWv6$h!K=wV%!i2#L5N3$n`?*1<45mIB8EDp|@8{#9NV}aW$B@RD(Zi_>7Sh0m{M@h zqgIM++|x&+R#DUAWOkJafMfA`Z5$$o6o1RYbV zVP`LRIG3lXaBn^}+V^@M6w`|zFK**NW71;0desbHXYo>J|F_uCI2HA_q_pIRBmv>(_lhnl)FNO|!l5PK-uYZyHGThC4|BX(N*J@(TCGAlZ7{!t++K2k4Gsh&z)+~JhWYpe0kRiyMS{oFClV^t}Ae(Z6uRsqDt!87kOyD$-3q4 z-!`OgZsfha&ULwhMv9apG@f_Q4G#%0*1RmijUddH$zdow^P2SXujZ9kZMfU=u4FmG zrdB@|g|mn+E2(QSzV&}g%#v_Y(LHxsD7$t0`VD?H{i_$8dT(`9QEJ~(A$-SK{6Vj7 zCjCsVet-PaHymf>9xi$la;RAQGzBk0-Zz|EBi~<7Pt$>OyD{L0DCjPK%;1*bH^nGl zWApcLvreO0iv1uhj&0Qu++L}C>DpJ79;s2v*d+_0w2Xd=Q3H7+=Gb)|^-sB!^JNjM zQsT8!mKUEo?SxWrLR^ZXWt*R8$q;CyV?d{N;hdt6u(PcLbK_USJaWISQ0uXGCg53s1ZCAK;? zA`I`QNbbg#!@u$J!I2XYO9V#zp|jl7%uD7AakQfw^g0o|BrFl}erq@U&Jv4DpMIa^ zIx42`JK2*>q0}9ndUofv+@V>`V+Jc!zreJwz2ykDFEvD+)J-v6wF!59oc`EtH~+?1 zJ+{|!&nMa5!?=3T6u^i-N4=C;RA0U#SyXvL4Fj3!N+La>4t9Wv&RHe{6Y;_$SmUKYSSVBi8Zjm0WCP zcVq{ON#lKYi#+|E{|EqQ>R$>{$kL8HFHYr zmyj5oziqS;iQb8!ag$3bJRhraBx@x?G&$&`NJ~fqO{8!zBdXm0*_-3na>p2=H8)o* z0>hnl#2?9UghrCkY>=8Uc{6Ddf5yiM%(FZQAf=)3H!jsZ*)=d)%uJC#^4RWb*0gF+)bc*v)?cQpXdfuw|=}GNp ze^;e;_H1{&i!)_7ByOc;jL*HqW>yQyG^862(;?(o=^i@019>ZuuG9%db3BAjWmkTG zZVs*Rx|LW#ic#4~qt99nt!-Sm4&?88BE5D#KbNGFz8a!{=hrp*G)&CPBBp1r#US@m z!qq;Pv!ZyZkEEnjir910#fIAibBo`1?(=v$S5Yd{d1sKI#T=H3jq-zMAW#DtWS|8a zlYC1hUfU)EHAC-gvK2o&Omy@fi5Rl_cJ1&YkP*52?TeRRWKla0~nnQCz~dco8}cu>a8q0}0v zh>{*Y<-%T)A{$cud80p-*X8pYF6QR1gg7QGge+wi6CY<*n*u%(`?cM+s#Ng5Y-$## z)3sNv67y-?XhXe#Dp+|{*lOrjHE&Aa(+@X#Q-+M>^SEd}Vn-I#$oMQP;z`5bqY^sI z&CJNi2iaMGEDfcuJKdSq@d-dEeO{9?x;Cfu+` zau8y{p-9b%*iR4_y=OkiH%fm<;^|t&KvGELI81}txZt5gNJ(wc-1u15mr5;;`Q^Q% zKM_!)DCFs$^bde39|4ZxlUVT67ns+hCF?DE8~QjuJF1aysv2E7;hy_T%7i#8bTX`- zwZ2;78oQucYdm5A_WoPUeiGi;7-sS(PCGY0I2NvW%5{=k9eVv-Nu!JX_sLi+Ds!FZ8xtNr z<=}kj%A68o8`3e==epuV^_L{JPxl@pVU)9Yk4e`=OB2^Ov%pBJ8&QOellmJ{1FGompYNYJ zAkgUhTig<5IP-nlE>mMV#^odvva2Yi^!`vQa#2c31)6MBKuF=Yg7IqzUZtY`x*!Q1 zc@)gLNqwkIfz>)z#UT4>m;%C{s>l{-q;=XJRgH0;GdxmEEHZMC%BnE5U9-pQ4Wbs$ zXxTVLyJ%S%pK1}xdwXsA7BlwJi#&y=rXfCx$JN&N&-%H*FfhTW5LK9>_UaYuWxB7B zq_6_%*#VBhgy0^t+WUMC8af?S&TYM-j;PItX-Ui*^iWeoBqpO*NcPpPr2WC&m>p$0 ziP)X4cC1!Z`Qe>X-y|($h?^xvV zb+rKx0q%5cFy;i6*zHjowzakGExp8n(g0U9w~hqA-s`?92-qyeuQOZ5EX-vKbhu7l ztmhE%aF=II!DSiF6Eq=kmQynGV`Uc55-HD?Y5qC$BoXrS*!;D2r*M`3nCHC_ZLRrA zMJ4u8)6cwr3{!Ic=a1%+Xc>7%8ZTD}cUOC%dggdDVlLw~!{CUkreC^QnV3kJ@ z;<;_3kO48n$i=?%YAP8es^bd>)AJ&MyGulR_kB7R||)Ys~qVG zzlg!2B;p926to~d01fXA2z}{&d_GPY^2br45gg`FAaJr@_IH1^`HmS={rlaV`fEdy zEcKtZxQF3GlPcjm+AJ7dN$;BGU#F>`b|rGG2JJ1hYMS@y+Xe6Pcm;=*FxznHfByJa z#xtvSS)+gA@Lc}Rr{Bv`aYZIvp%e+rg$e*8zed>!FnWa(vY!AR67zDlY;rrrmdTEt z`DTbfn^_P6wNnJ0p>bTkz2`?u6rAH(z1^Q;o5$QeU)Jt-p}H=*#)nT^%;rqF-wPJZ zQi~NOAz5r$VgRY(&B_-F&Pq7ldxN9H**kC(Q@Ab_DuApKX)X599Exo3MKov@sl=CH z+7Qg`UbmuFxvoilJ|*q|2jh5wI&75SBR21&bIrkv)nCsFj0&k1az+;kpG@!}Nv*UX7;)VYb$i-{?51n3|Q&d^%vI)3xgTF6% zLwviHp38$-(wn=J7OlWunxOO-I#@Wy9*v;*JBt6A~Gk3%f`h7psFcndWSV~ zRWnp>u=7_--#I*%3Pq|JPtKb7O0#I%nV#SMna9QnB#%5nq4-Gwhn4RROg-!h_2V%kWb-0AQl zoJUHW489K4dFqLKa)bSSF@mWj>K~#a@}m9ySUseF*2YsPh4x;$&&t3M1=9Q^BXATX zWNWj@ZZSdL)~zQ8IK6k;DMHSSmB8|&wYskZ=esSfCbjIE6+w`yJ6%YG9T;oHSQXar zBhCyB$+e1CxaXwLGlBG5BwvNfu=eywd=l3OlvjfqBz?DXgc*rSA? zsUfuc?87%27!Uwyt@<~8U0j4s8k~mvcq02f_GhSTK8s zYFfI*diSwWkz7-1|K~0>rQh~lm?M&(%;h&dI|Uxoz4iJtx(=SQJa_1!T1aYivpD&m zYGLwHUJ)?XX5|JLR8EFQVhQ2-0S$rjJb?EO5(!5WZ;_`7#<#(^iXnIs!eORy#;g3) zp%?l)-nbvaw?PymqQW!IyrEKc`BLEhyXQFZeC;bb>=-KpVrkoR9^zxPDql{y<3M@w z=JE#ar9vWjitC2L3&aM7$)9``KAd@!%rs*FTcnKza zG~p3N+rju{0XT>_-&+@UA7PtfV=gRs_epuu^O@>j#S-0@Sdz*WiB*|js`ID`j;^C> zvKKt7I#$7{^kdgg_R%wvCHsobi5F*EWo^W4E(QDyFvWC`^K#Z4N-qeR(~N{&^Y~%% zFzL0Fu9-<(hXx@>=;w38Z-IGnJ=`$|@{0p<&4AnR0q6F2KR-_W)fT^(RS6QJ`{G75 zhbg13Dz8V|7P>}GXi_)9<{XuZJ2O5kr?@0eI{n%vAA?zKJ{KO9)zEP9#GZGTLt7>W z^Y?JhaQ;&N`%g_xWKqZ9*5&)?i=JzIiRFQRoCCi_a?yhfrNhl=CZ1>f2vkY-57DcmT*P)=N-22*^hLj zhhb({o0>K?ew;9$XVazgh6<7y3U3&F20|Ax6#t7x!Xa4*beDU3lPcH%JKWs95{tD# z5c32pVURXK)~3z;ONTKFx}qaRD^JXYuei`CZ}^fhtXxR#9O=`-2kWD*MB1)>qtTnb?J#a z1xF}hY%2C20B6C)&J6Uhtm?$}&w;Gvp zBS?zzWj6gxMrMBYQ$b9IQ$=OrZMvo1GIA_TVvGOOTd%D0r0=%_)YAH;(48Qk9aCO+ zN5j~!k}>gIR#$>dlrEq3_Z#{)0?do}yzjOi3SN=1(sviE*ZLHbxcl|#N|sHm<5#PE zS@lAHga_HSE;vpX>v5q;#3)V(%Ka!r(E~k?fN4uu*SBqMJUEPaj*Th5K(BfYdr09* zdBXUCo#MiL*yp)I`u7eVpFN+c_Vs$zHCO0Zd^7qSbNB5S&Cx>9$Co)^Tzy#c?r~38 zv4K&E*5{!!=3`aKf4$ECFU)3R)9UiVTZjAp%QOej6N~OoVm}3JDI8v3;L+bdX#UG+ zo4+><54#Q^Z1uBeUEsZm>sD#zoYZX{9iV1mn&W(`5dH9P9@c73!Ia4S*QH6sokG+|#S6-DAB5+*S`)#nZdymRlR$j;>Kt6icy!+m?*YQ27l^zN&;mWQHy zzZ;%XCTHOQu=o3~A0}X-A}nr-U7~iv+x?#UF=mhpXH`4Q0Y(#y0c=)+j$7DiUJA`t zhJnzls~@96pSw1^EWiMVlHcykZh7VB=~hxbpZvSH-p&N>oB0|K5{9G>>~{z;QmPB{ zTY#i|z4qF2dmHPSThabXW>X0|FA2{S5}j2kTuD4~nx3ui;o;^X6$>82G98t)Kf~q_;o>v z$y5L(eP8wog|jPUN1k^L)zhkSm+j4AdQn{1so>Qhq6K?rm&RIg*V^uJ=-?D_3>NRMp5)=%M^|!RI@4KUFo`72eUyVO zAtvm(Q8;eI&wcI;72=EdeH$SW@v+*vb<)<8e!iE6sYn)&q%dlX`_uz>s$rUeY`E{i6V;d{ z%Oxx9;d(DAeR|1;jy;ruWADoj3L)l_lWXh#^6HgVD-_AlimFeV{>khDSZHR_EWrIB zXVev!8hpmRm@~;l%o`S$^uu));SNpa5)p%5jB!M6z;kWEA_klVSnpj@r!Ze-)9HcM{Q`St!6adcg!>}w7qXAZ zfjnqZ#dPzDsFMIFG1?ysibc8p+S=nu7)630$x& zFpR@(=YE^{d<`)8rCKdPH%)hoy4iPmmMj(^zt*NtZf&RI0Ud6w`$Jrx9gW|I#U{V? zkRdRWm?b(%k!N+uLh8|70Z(`67hX;lE9{Qu;ef$|FmCnO+PFP4_Pq*%h|uUeP{QT`q6ZWWvE$h7oHpSG}*=yb$9~ES^^XgA<@o0;n9`rb=Hoo9q$W&H?i~NJcc52PRP_1Vw_Z>iIGl`EXX|q{63r*YzQ)!U)uJ)u zFUJa98MXA)><3y!d~ej(4xB25MuiqHD_(tppCaBVA#_*n|Do$GpsH-Qw$UXDCv@6^PyoWXteeo?^TmdHtt7)m5E)K>IM?)GY+%%oY(KL(sau$XsX2|r8Ty` z@0hW*r)VRxbrmj%oIL;MO^eO9ZqkLbChWzJa>++fHD3S@+)g75y@2-Td`T?{z`X|0 z?n2BX+uGWY^X{|G_p6XA@O+7kjrB)()G%>IEd2}&t|NG=($Z40fj~$tKr;ftZ)$33 z8U6X)tXW`$sid?}XZ>Qs=4QJlBs6@(7Glgk)>vrQ7Zf9FD$tkIumlxo#S{C{2JUzOsCZG+H~vVnSg- zGdd>XjsIQBju}T+hR<3W0YGzddU`a7u_apbZF1Fv5r;<@013Dq@E}Z1i{Y=Aa7o#I^Rh6lg;w65dT!+hb8J_Kg)dz; zOHoreLhWA4%yk0qgdObW8%`+0k&Z`LOeWdNJhOcQj_B(0>-giXU9+mwCWq0$*hWvU z?q)&flM(Jx>f}p|EVmphX(SrH*YgzKS(#2!J`0pk79NABxM_DPCZf58WObk;i}FOo zw;)AN_qqSOetyb?K~*C%KJe_IRF3mdS1LX@#l z`5vcW<@@p)py?&ym2(31o>jZ#GRSH1;^5#ow=2>-V*0JAI;d+`*R0?p`nJ)(<6TQP zifPCUWltcKMJ3I@n`U?k&$bP#@`cznOq6q$BD%S)oO;V%am!*ZK&O}licKlGB&`L7 z*)r;6ulXv`(1j=}o)Z2h=q$*yXqcy<-!O9#E!bn8y+%c^6Xaz8ueuZ(00ow70C;Ht z`GWmH8Q^A@4~>kRM?}Lf6l>{PSeJpc4q{Iy0RGmfNf=6j^e=n=tSAS^6>@TNsF>t( z=Uyxve6y{AdIzRaBuB)<*Mq|AYdZyz#uLv6%j5I|jCVp3bn}o5nNt}=Jnl@~Q%VR{ z^3rL%YZk!;Q>a+3alYXbaS#@3HU+-MdnbqMimX;(ArII{xQ8rzA!@{f5lNOH5kYwZS}N|{ zyW0N#lEE@SQ8uz}Zf-UN+11VXHQkE@Ox4km>r5xy3<`zdr?e_G_%09CN78C=(t0!*h zClsjq2`rXtf?U6-9M?oI{gY5sLng|><^=BQVA=^%7eTtR9$O29Alw_e zoFMK|Irvxf)z;5F&F8>W@dpIY*;3d5n^d6M8@#wPez*dvqxe(;o``=Y7$`0X$ergA z8a+7Rp?_;@{beK5!-eZ*KK;r}u zkdm&hA{ZDL`5=8D#%EYhRtFrD4FH89fWD1Qrtz^nfQN!GzJUEg#Ad4(fIqJTWdT%P zPzG($F#0nwF+m+z8Gg>q1tA*kB}bs^Mcp$FoP|gB6$3hF2HQTTlRw(I3a z`%PviOQV9>yrBA8wzc+z+*>1962ph62t9Xk0$~AdrZ*As;W-3FD1|({2idJhLezC7 ze+y7sk8;9I(LCaJuE^Pdfct0?&0L1Wi=(g7Wj{&xn0B#F*c6a}-4t ze_B|OE+=rhts&h;GRlh=FG_%vDhlO|h4(rykDWm|Apoj!qlrp4M8N?XU{A~lmCfYC zpM{b2_u~m+vF@=D3F#hFM9Af!A$JTZt<_`WF}<3F6E@RTZe3PPO^UW*3atD7lgM;= zXgR$Efnvz0^07uUIG3c!H&k7>eU=HCO3IDTj~SpH;}?GNEq{&$WFJAQUOms545&Xfz;2?gQ5KngG3v-9dv@2y{ z@QhF>+RHC|HC*^}BVR<88Iv_18&VJ>#o~o=OEO{mg)2br^#d>DR6v*_qAK__B0mRu zDLEVO9h=V$ZO zoL3Lq`8Zuc!`0ZSgPUo*VaN~ z*whtTRnTgN19!8aQxBu!z#btw%9uMtc9CUFk+$77kGZuwWu==uY1*l}+J^2e2voSZ z7~n$VAV8!TX=zKnvRu8-8=06_!}6YOx~j`LuEiK>T!p;McHgq6&w$|!q!36wr$1BsaMq`jWx4oLE3*`{`WP=JNi+ zRgI2dBh+-yUu!Y0jJ4N<&4RS?QcWtnvss{IEjfYbV#IG{SoiBHWDgo>;SXom>XXX|FwbEXm_(4C1NF8r`&8{sO?1CEJ>s+2sOl7KsZcEwF;ZS9UG3Cu)6yA2wgQqD#sYqy?~ zpNezmt+3$mJqx<$!0%9!JxtY@ZkV;QDcPiQ_kHIQwm;=WJ1)bY;rFrHmxo^t8#Vvr zi~F`LBsSrJy(;>mJMBq(@B*l5DD5p$89lO_GRm!I&$E}sjXiM6K{09H5au2Y>y)w3 zVtdzH$>c9YnHa?Omzf-wevmYdKShk&>QgscEQ?)1D>HgJx^*-+D zNL%yO80KrpglBW{WyZL8o1{309x3gi)(g@%C2V3l(A0)yEUSU;vF2sK%d{nL6qyBl zju7V#(*vE#zdd0Yie;MiFP)7$ofO6~G--pjXD=sc>fVYuvQ1g0;@g`nN=@&f^4JR3(O`nfgO5KM`^9*nE|N83CGe zylv>J9{$`zrk0awgKlg6wn1BRs)wITr-MY4|6)bLJYOfii4eylbLP{{x?g5c-+HHI zs7~@Yc+Uv1QqKCnw;?axv7DTRepUQONppU4i=<(|sNv15 zD+F=l6Uie}d4oG{Rz0Gt){O5{?uZWECyhr~M8BO|JOeuvs zJ16dQL1QQ3Z{Ij%xfvCC97;I!2(9Lx2FjH@i%?5LQLN1SZ9~BrkFDDoJ(tIz_ORdP zX?4AzlDC0sA#VQsurzAh%B(mDT#?~yy5^TF8kocRTyv-MzAH~l)xA!e-^v)zEFk?U z#!vjQve6s$(Ey$KDWhIy) zL&io{SuC2~Ho?#PCM7UU_Ki#39SE>jVaC0DbpE4GV@giA=vymJ`|Seg=09$YY*HD> zR2CqOe+|zl?s%El!lPLG2kqrtdYJ6R)YeQfU^#ouP|TU<>a&H~irACV9=)W_ z9s4}BY^l4peq_5N1^^dKboI}jwY?Qz$A>%{GlBnxD_4mZWF9lWI~}Ulp_69eUpCtH z<98_Z`S?SSxHer6B&#%qOU@_lFI`|8f6$=ezeaERP%#C4X=!8if`~$^Z|--D8^hmm zspTIQVe`mC41*5t^!A7IUwCOK8p_!{HSt}JCEJ^0Ux>j4&+4Cb)#bWn40g6#Uedm(^Bc2o*+m6*k z*&}>&_{Od^gUFLfnc87j1{@SeW|7JF^8$PqxXAq>6G%gjfJe4hzH(nM3&o$Oe`NhH zMf$`m$4>vfRbpSZ}3t2lz#)aPl8AFsK^Uy-^f4iiqo=zE=~7We;( zNBX^x5q3(bcps2Rir(A_W7)HET-PFhAh`nFPHRB=2;j$c;wG(w%XrX27z+Te%aPpwP&FAzUCq#0QV+XOIC)EM|RqPF^ z0*uilpyLERDQmEX0Fw22#JOSE_ zbO=Xd{{GiWmqQ;*J)Y{JYs|uv&x{9d;D!4aNPI*CqHO6ZyGEC;uC5K_e^*-{fD;Z# zHg3QzpvdPu)_yDe4Y;OC6E>5-wC`wLpiWQENf~@vNoSv~y?LW&)VW@niybA z991`7OJv??k7_yxUXjxbl)+iD6+nbnde^Ka*P1F0Vsw_EnOE->DTTTkMXwGUD#Z5;$mc$Oe$&9+ zRZvnw%;5H%U%{%2-s<<9TUasnZ*#?acKiy{ELV9!p<=|5je>%@?$Nm8hQl`!p)k{K z&-dvJ;EoE}0m}3y%z(2LD?;d_K(jJe9T&jGfD@vK{g|F!U0;8pzklmo5WJGtfjWM? z=n?cnEaR1{k$#=K{!_^!sqZlxqaVh06Osns!UJG4mLjXnC&jn3q zjR24j5Qr-PLl*Z!3c;8keb4c-Fi6~kDgs9L3vt*`_9yl$#`AcG?@r> zhS^r~rPI0r8={`` z=Di}L1H8)GTEj}yDWkypHrKYHm&8JeU*(M|q4>pB$%6Scnf~7FdAjr+9xgq}yyWxB zfN>y$37yko59Wl&saxPI$SvLht;qVbrS$mCJ-R07wM#vxuPexxu@E3;vQMWNa+L!T zp#h~vsb=rdn9r{gImd&;4q8=YCZEM!arx?Qw>+&O*cc+#e^{5vP$*~zTw&8G^#rmo z>}Po0eO*0$IJEeG8(vpQ6>#nGl^qCFPt^TurROy2YtW#OmvSk=FT$?|_zt;F^yM0geiL0blT38gMh zU23w~`~AJ7lp@ma({C!)BNih4kmv07pYQc9lDRWcQCX@wv0GDxN+~Po=JRoTW%OKl zvQJT;F%a&>07Lc_XO=DpA!?X-`h))ef_<4$`1ab^`@D8IPqMHm?Jz4{v(7id{IvXw zh(zaHnDdu3|E>b&+4>(hWp2$^-+TUAWt9@p{1I4?z?F_TxPY#v*o)qsazjasfLFD-%y-_C@$N?2>9y?ArXvyodIt7TC1%xG88g)4z+i zQPqDFMGaDZueun+BIYUN?Im4Ue3^e$=rWxT52|9+8+4BI(!i7%I9IYz+^Rl$6nYA> z%V$gV3QgO}z~!-bgEwIQ{-jDzu2ODP|3hQ?@5znC3#jUPOCA9#I)~ghiH6y{XCP7s zFIe^P4E8{lq#Lx128V}h&*%WK5~dMm3wP#uC~+>jMR+~%UcX44rK8<3j*XVcn+r3Y ze#(TrE2`bv?_JNcdEv29LT3tE?hVjv*>h$_POLUK79J#9VWajopWX~3(n}$EFH%e* z%+`3eif}3YBCxXGq)0qCt2>u4*!lkgmJt^)&PY28$RsHbZwHBv1EEcf4~jk?Mj)~n z+;g%5u$ZrtlU{>IkxR{x)-C(bMhIBJ ziX-Jc>2LaGSp{iyDYmHC4O%Vrnie=t%tB%@M7g-$0+1MjuRjDnz^9z68%V0pa%tY% zaTWkqdZh(T7<$F=0EY?x(Y1e-3_LJa6Bc5nr&Iv=3c*N0V(@X3qSxB2?2TpE@RMZ(9XQhd*5b#r`PQ|9nX6 zbsH378TtXlu0cYx>G<$~K;69ma}B)T{b3}KX>CY>1EJMCes0)Qu6`bZD>qF_|Llr@ zR!|&Fo|PyD8B@Q*u19|t)vv+(d;#wh@B2v!fgOpulrEU4?`+r}A5F8ZRn8k#2Twl>ZU8f`q zfP`PKDLTEsberabekM$E5t|mIl?Jfmgv7-CpN#H9L!K2;mT|U%A5@9;^H{ma4W6n0 zaImxWER@rp6Oc&xbW}DcD|Tgm4ns(HNRX8^`W+)AyVm%H~g@f-*_KaAy`eJs12-535>`-!NSI`b>N=%vjvvtsw- z!rRfFfp_}``b@Vxf(zr`QJl^tsB0gH-8R-WEk1D5An}!|a#tJZTij~WQX9BaMsS(@ zzS5QluEgoPpUq5%FLMel)%14Np6oUcTuz=3NXU*7qfUmeoHHfVn!Mso6s=7ie? zEQ+T#%hW{VqxOZ^bog2Hy~WwYJyjohGObdzTB6lD7+sTY1kuR%_a7zR2x2}cn?Iyd zNvAHh3H#Jj)+Z<*wIk$iJGPW`LzhV^y{YqlE}` zrZDiUTg2I>p669Yvs%+HEcu`LdGQVw z-%i4e#2YOKN=?1<0XPG>Yl5j?(E)jO^^s<_VV^EFp6BM~CLtznXnJ&44ur_gSNClD z8#a4@dG9Hv-QS*p^JL4tANR__!i@7qzT0g&{HSQr8yJWsCL+oQ%a36AH^kM^6Ezi6qQl*xyQ=sAs*{TVo(Pi|Va9MwE26Lu2Q z19s@2fw9szoQ;|=`VlTNklbJXqP@HKGMtLZV@xfFCeP)>b$^*nYs-18tLx8z+wNG? zvYcE@)f%Ohh#o&(%8>)(1NRC`b@lyau~QM2%nFAb>#(k!wc|a9HnP0=0HYQ`d67aV zV~X50c&7sLrY^f|E@QQJ^>e*%+LnKK492VLww{&~%g$f?aWCP<<#o&@S`Su_F|&jl zWaxvx4__|#2)^d@Y;asZflt)j?__!1N$5mH!JW5z!g*3Y(^a}MpV3Jee%jX~C0Ui+N$4v43Ge>NKw#-aW(1qN^*@kh;>&$C{El6>Ei_?yS^AoE$5zc{BE7UN8IdykW;nro1$#SZhVp zR_0Vl{q|CNu!~B$G|l7>-2oMY?AovajE$&oZqa(XOCgt6poHnsZ$c?I%^Qsp%o|uT zHw}HD$ybm1J60f}I~q(ak9^-VrBgj%VLy!8En)9rTg#{nOV-i&tvlLh#`~Ips(Ml- zjpmzVz3ynI>`nBaOx&N3L^>XR4KA+%w6o!qwf=2lhSVb}75lNPO>Zv1PRWRAEpVC; zJ9asTe!GwSK9_zg{Rx#y6z3^-r-b42EdATa3mEvJmD^uMy0!Rd$3*CjlMVYe+0`ec zyCL;5g95?`xM)kL0E4#@o7&Undg-_ESFNQXGXflq)izXLXL)s&SXqPC7yk6;wAiVu zcc1^kBl}>SI9EIB3Go*rHRG{V#Sz@JgR2NSfj1v`5$ANhZZZWf2EoGUR;Sc)z zo@nH{CsZx`K&!pf^G!V}(Qwke7TIJ~NNiyHvf;40I^WXxv9WIa=U2-lW7rw9^QA3F zM8w?F-fbo@gkZy5u=bPYjx{SEHYBRmEBbi`>nnQsym`ZdsTFP;t??r$PZMFD*TuPN zv&r9>=Of>p#iv4g{p-KBsA`(ZqF;_thNWl;$v=KRwv=##`4#o~K5_ZSK6!RNT6klT zhmQmPHb=HNk2zVQ@r9ep10Hm8kNfL=)#M+fco)LG8C&r5Ddm=#-tX`Ae*{xM{Rz8K z0KqDI!Nuz=M&-7dKe0%@5ybVIz3en&145DmOL_9kJt~!K2!hN)eh`~(KTzu=&m&Qbjqyo!l&A6OX#MJ52!*JArChLn=Q6Ha*(>D$0lXc6lk6U#TYq)H zP#_o}!!y5Kj)CTghcd`jHR#^p8|2P8Be5!bk+7VUhoK3HCd7$qk zDJhBUZ|I?Vv14;w*teU{S%TvS?}@~*s-2)$Cn{t}j-cRrnv-Ka^~RA^!L1VB6x zRyN|^Ua4jLFDUreuH&25q?Ijv1gN^6=hOtPzFO#JI9)5`*f}h6b~z-z`80+*fD|$* zBglFHI(61C0#<;3#ZL)MsLdOA55y zd_(A{Pk%q>aB)${D9_8BC7R5Oz(#rAJ;&3FO}8Dd(`YEg&rX%pi_LBiN{v7Q3U*JX zZUD|jO7AAO@eRn_Na4E>-v*#c6&TcDfCiHRl&6}YeTv8+hENN~{JS@DV6YUkJ9tL- zTmTB*bgQ%z%eG6EZisB9oPWP%KlFh#TA41<8BH2wAwb_c1ltpxL)>H67k6rMJL!0i z=u1;3E_L`7DVelk%me6L03_$d(Mw1b0j`57EF_XOy6qt3r{A$u{_O$I21Zjf72dlmsvZtIB~9W*uZ*B4tI2%dnwO9IMx|IF zriZTltFW?Z#_K*2ufD)H7IlgRL!pB5)M1kci!xO8=qME^p;Y()Z;jr)Zsa>!$>aeC zRz=Z`^idbZaNk?>U=Q2Rd@aOcUC$r6Gei1VL$e38$kV(rQtr)Z&^lzgb$WE$y_`&X zZ2S@(o>nogJtHII88!^c$Q6MlN^NE{M=2N{|_Fj`D{|FbR4avhqL8N;#ch{;+3x@j6j(GWZ_pXKO9;M>xq zA+hnQzLR+y?Jz~~Nu?LDi`5L1mCGJ)A*a~M@;(^{7KmD002t!A$g5KIjX)(FIOIXN z;m9Ni!SLdJq~Gi;_K!PNG7mAGSN_2ZPfQAK3RLMRrTs2T0{%T8Y?doFYH>OE`RBPQ zAsz(A6HWSFbBaV5*%jN%#7DeE*k2mbCv`CVt5OjFb$M@}os`1j=!^DzcPU0HT*dm- zv6KLiWL{aN8?>RrQj{-|1R7z=4d_MXP8&y*g6}Oo3rldG668lWg8;V*9G+6GoGWjl zLch?`*81R)7TnPZqbkO?#sA6jY1DNQ9!t&xT*eDkW0bJp5Fl{xR5RJ1*-Nf}CSLp| zGW7|Qzewo$KRkB?|5lQOfBUX?J<^JbPV{AJba-(Y^;69}STxhPy6wdoTtJ3LD!>OO zW);BG#>d*O@l@}4Xii=!N)qOkOe<||suS<6a#fX*;-1ZIb$}HteE-9N6n5=SvvK)T z^sl~%=&*}F=(-Lpe<|mTKF*_8Vr8QaF!#SpYYC0n>E~8q$(bU)w2TgZ{)yx?ne$UH z#^E%c!IZgWj7y!T{Ltq1XTQf(K`Pd!R8Yf(lx|fRwa)bZDIW+|BUM~&)uh9Vk4uI>A^ZE`ykIP4;X5iN?{T&;6jsqofAMn^;TOiaH3P)^@wo( zvGH*`b8IatT?nBBW~EpQ2IUf|rkvf&4O5Z&fn-5-$Y8+zlk7iMo8r;&x#Rgu_y_FA z$vd#N)x}@g513vZ2B2d1*_{U6{mEJ`kk|3b=ZcZRGv=lQ$vc}C{&JdIyLbtu?|p#C z+>oqcRPa=Wa?5I#-d;ve1-VU4DxCXieIQUmz?mfog!r2Hjo(=mg7A-Ao41 zm;j|!D9Qz;SLyn_>^*D^dd`2mb1BzXdRerrf~YTi%s}wVTQ-Gw2Y~F$+fLHSB+7eB zUAhS60^3roHn2P}4n~TZ+kd=zWF}U1l^W zFOO{o?Pd+3DFAdDujrNw>h~}Kc9hT8dpdB>crWh~0%#!JACl2qo%)oWUQ)g|51-V| zBw?$54y++PT7MZ~ek+qXrqY8d*zAh`@8g~|L4!R1Zjp>)<`E;MJ7u4lsQKe$oZAWXvYErLBfUh1UOng0=4@Jn-P z!#vjgxRkDMs`1sTPi)@k_gNljQA=xe%v2>;PO8VURtF#Hj8%OEQne!qXw`H0CVppv zUQej_h;|%3-3{6t0zb7q5wA+NMs_8D%pgM!n1Ad>+F6SWer%iIhUa3G=JUR|(!i-$ zrKVjAQ-hMbl=Ni9H084mVdpOCO{feJc??|3y1wYANcWZ(5>Q~*vHtOr=#0kVqxbpsmV`}x@WhON1^;CLK-CZ!FaS<; zvX*0<2>8*LhcLC$pAuhZ60RETTa8*ds?8Y<$Nl+x#r1cVgIb3`zeGOfSQZK7XN%n-N1kQS($ zKwQm9n5eFOtoPZOpJe|Tj^^#zy=@((__3{X20J@f_P)zs2YHvM1dR0gY?VavEodyR zu;K(;{H;wLkvivsduyeg*f*RBH+FF#%hW(JH_Y(RcL683&WgdFc_+ipOU_@O{G~6Z z3)^(B;)#cmx)`t~+`Qhu)qVzCN$;ZQ?0f?cSK`Wr&ajvkuBxps9RgTF)Y3-k?gcsH zvgPSb8S|;B_!mp&g5dj<^qnbjtcAIG3c0y=EVC4(k9v}0UAi)sg4rvpw-$Rhp0+*{-@BMK0bSTn_@P}@ z#oP!Y=Y8iWyMt(*|B;|@9=!n1xU=!d!vIp#Y!&PGKPOEMaaGEn)t(9d4P z&U$_I&V9oS9;RIqmAa^CVq*VCWrvUVE3*5SBBDP^${BVisiZr1wmrIW!;OaEPTD%`l9W!uf5@$7b)z8tL?O>x}oA4 z)9X*D`|jZ1zyH)%!@HFRH$@^%TI!iz!L%sbkG;-I@%wNv(tsYKq!yd!FV*B$nZ}w1 zEsqA6D`PrQx^1o*Wz+*TF6t1oxk7gU=ysvlS>f2vg73HUu1ypI5XX5io>cF+pLB{w z7RS~+I(2j+FUW5v!vm5vVd3(7RTp7Kl3gCJ^$1u?fNn%+0gcAsk^nr1dccETP?Eby zx9$JGkQ`T386f~(-n3&WlHmWz)-|0M;h!Ovsrqx$AcfV@L0jK`IoPVs78_O&JVHa} z`C^IB?JWL)i*xkFv~(agwQu;+vK;IxeJ+oETH2_`dP~{Jw{zQ;!0JMY4X@r%39p8P ziu`VqMtVt*^rLHTUfScHerCD&f${qpBVJoZTl5F$aZGpAG{uMc2GZO*PHFC^bAA+`*5|w z&fTFdaI_G1{kqFH%}wKh?@+8_bP}OX*43ku?^b&*U%ka3mj~109{X0OZ06%^3EHk6 z!bFi=TK2BzDgB#H$?o^@Ocw(x+g+wCoaynCzx$k=OYF+cy7rsvOaJMKG6{oqVZM~M zQ;sU_fT;uYt0i3hDhNwqfmUBGdLtRs=dy|V{M4Fw25zq1JXS?r&mZ{Km?iNVTiJvMhj|BybwD`)Mn`eCjhpbZX&9-kyIB%mrZ9Kp#p(HTCYBIho+Yt3SF^V7GRWzF|&fcjTS z8O~vTsD{dL>eUx6p~e^~joK6Cd^;@m$tv%h1jXU?8#m5}g@wU+{*wG=2QVxV5!nPm zyMM??Dk>@%VXiCPzuyfC>LBp_Q}e^Jy%7ALPcjcssE5qajn8L;RBscdiV6h1z1LCr zpEY;}{{9~bI9znp9~KmlzcOFDl#WPbd_Hj-l#1v9c@M)?Q3E6TJdN|Nca3R(4Gf^J zuem+!)q%Pg?1E~(KJP`e5A9cniBZ;Tqk_1H)gYN0}dBdbGEclb3Hkz=o1o?#~7G#$9v` zn;f{TA=qOQHk|+fog?P;H8nN2u)-h}hh@?u(~u(2^_iwNWx(_61|PvI=%W-kEUQ;0 zed(y!pL?I-_#7yH@PpguiT%@4(gr;31JJJ};Wy5HH{A;$YseoX|3!EXQ5QV>eQ3D= z|N8&@fgbJ_Q1J~RD*SA3$3$^7GVkI2_cMG@BE$>L&CO&2*4MSZntDNAN)P^EsErnu zJOj{TKI&*a!z|qmMfMp&FXld}i|MwTUfaetOO({L*1n`9t@ev|* zmHY9(x%b%@spf6=G`N8zCK-nTicPN~05(8dqA)4H<){Qq$^paLa5fk`dkzt=LStDL zfM5g+Y-u32af0vdQxlV!@AFA@!1L|;`ux$^#O&Ym`(+MlgxDxbN=g`6Cg*+p_qO2A zD2T>!wm=sg^k(ru_qc1(zJZ1k3Tk~MdH>Jt--0Cp4J4&^JeR=m?H0|90KQgkOn7?$ z4*D`G;>{a6>$iWh`pjT^BU|K*qoOAF{}*%r*LpYgP7&kz6|B}!uypc_5Rv5tEOfs0 zloZere{C(^q~qfwft@bZ1YL@=%c182OIzU7eEPEv4KAqp`Ag4D0p$uJ+C|VXvZi9R zPvA0s`n0;Y_Zs{p;Lu5gl%rMt1^oZ@<^NZNAR4YFlLq5M=y}pbs<|mSf{+*hp#KVh z>w`CQmoe9q;z~loAi&<55=^%sl$QT8gZ_sfls=A?HIJP>@tPAnk#p50&VvubQz|VKcyo z{_p!>u2%FC1MwKvCxsV4xWK*mU?_4p?J;u!v?Xpw-%Ck*jQcOxo$<2%4?FAsIs*Ir z`5ybkN=~n=uG)YrHI@Sb%t-$|Z|@ zB_JT68XB`4z-UZK+wkMW3Y+l>>;7O`to3u&HU+&Qx6~Bz>yL@CaSbS$tHvj9fz(#| z$B%Ub0~!mr`&4Nsa8ZjtNYZ1zai#Y&WX;|QCmNw|Xp_yz%)~>gKv6R&{&x=8f~l z067&6+(mgZR?b2`t( zn{YU97=TPJNhk&HRUy@AA79_8^7Tq&g@G17;;;bxCxG8Hubj`Kl@AOIw6?WB8xntgpX68q_}F*pmWb;Z4wIyT^PA2j*rQcc%d;gp-N8 zS9IBA&q9-QVWLVL;j-Q(Sy1(0N2Q;-L*J4>Lqo%w3Oi95J6`EkBF}T$i!5Nmj`%S^ za@m!B_ZrgFe7iqFiCick>7_s!9h?JvflI8gWQV|F5IT0n!BUR%Oep`&C+Pq^`T*YP z;E0g;6xTkVLbLGcrB={YYJPOZ3$S=x5O4acJUmFQT&ZqrZyy5Rg+Z{Bh*!@s4<~ zUA&(sH!42Hx}#cc)05TsROxsHiky>M#Tb3~^ey&q4x) z#nCiHTVO zwlLeaO~HKZ0Sw`KJj6?1{$+rl#-kGGDs9`Kxla6*z{g>An0Ib%tpnry`6m(*C>T?t z;q3tXI~sy&sGzWL5s18dfls$L@+AnxZ^lT>{W54XGzo;Ek#7NnsuA#g8=LHf5*J25 z5UG}xm32^fz2b&_6h)Sb7dUzi0+(U0MQTaG(vr;uR@NYJgF492tm5LyvNAFp`uh6F zL*7}RU_T(ejt+S-UJ(xo;5*JnUl#1f5Xd7_t%7hYzcPCfo$3 zL1sEJQBm~(k!dM&Ty3d5Todjl4N?^kqY-hghQzTk>D3a`+~Q(0AWomUDy?|9cn1Vr zoLgOOM}(4qL#zqwL>t`dmtoN9m4Tfh>@>_C15J%hObej%>T+9$ae};hDjj605sOrvc zpmeZ~4Na5J0Lc67aeC5LSLcn1g+)OddCyDXP(l+3r6%yXXh7q@0*i@{ZwBSZdRV~? za4{F)Gr-{E^W8{>#$E14GUS3?mUF+|`^?gBM~Dv5Ew%OnACglvT*OnVrUGce7LJbU zG?H<rt3i=Mb1e}B~W@bDDLTO$EH}7Vs(!q{}^9qHE zSHhyDrKJ*gr-FUl2$Hm26))|aU0j08w7bE|9dYJuBstmvGDQn5xQUIgXAzgO1=-!5d;(XJkwpTU*T!+1+`;i)K)*X zNx)Zy6L2{Q1rE+FZZPWRp}fvH=y$f zEF?f{nBQvJs#J6Y>5%i*;=fXJbCphEU;P!w`?3Ej%!=28L7Jz%qo_fQG9D zWzO)0u;f(0qHn;PqzAJZ*o8o!d>tK4EF~p1xwI4ne#|oexsB;yb^|lBAiW>2B-6SL z;5HN#6eLttuU@@&Z4(>}&|pwzI{X!GgGD`ZDQQL^CL-ct-TFlZ-PX=d6R2cYz^a_B zB!sgOv{2%MgK>e%|L)-?^9%TU7I5V&)n4aWIXEJ2F*3sHY;A2t!j>H-k^GT_uv=`Tb zExi)?K#cR`bDvo}#I5`9cno3XUE_E%3ukg6fI`SU5bp}ICYu#-!ZAQp51{f#17_10 zKqnZPtjTb+fRe*!@Ht+A(GWarK8rzvl|Sxa0Pb}yhFwf7DHLXf+Y8;^FwPEvn~WQ) zbbEj6=FNP7pTIzee+OPO4t0^Lna&3oICDYo1qSY$90?yz!SW|lHER&cQ7hNBE?;A~ zvd@4~W2L8;`o*{f0`AW&EjwJ@+(5ysF391>T_vTb3=9kwkeg#Luuecu9v2vRNgEpD zHcvpp0v%ESjSUXqt2zP?!mB6x!BUgT^OwN&M2@<9M2komg6zW~?#rJujI5REBX@T( z^Pcoe<<6U_o1C2P)h`Q2jKTKJWy+US)7m=UW(a6v`stFV{M{J-y#v}y#hE6ioo2l`$rgF`iWk3oc#nr zix2~_L7t>a906=s_V`@#j+b?iJGtIhQ8+D4AhsuO&YzwfK8PCooIHwcV`F0h^Uv$k8D`AbV)*?~k#eYJwA3ZN<(%jw~z%AfE;ENiN92 znqR+4hwm!mYsC=o&6?`T9{A$}^FuxN>JFf*0nF{1B5 z5y;Q)ubM@)9VO|<7J|S=UDkhK+u7OOWMr&sXu$NWbkTy_pITaCw(fzbB!rZ%NE!=4 zgdjsT5ZHkdS&uQgoJgIVocJBTU897QEMu0FpTFsoN*bzqaBK`pe)wF;r%#_!Gk&Im z(qrb7Qf{^V=T8Yo$C3h<6TmHQ0FPw`1emOCYzW&coeRs2!Au1a^#idnve*ou4|H}C zfH~QhW#{N;Wcw5S{Ujjcfkbwo{{}#nJ`KyO35ee3P>{N$R^L_RYSWpVn(~4THU&(0 zFb-lVNGdMog|tY9svPCN@~nfvl|lf!o?0QLNG;btzU!pi3})Q zU0rEkxEh~J*ARak#9Q#>lZ4zedm>F5@>)5h3RQ|{shOP>*HE5yIu-=@O?H)h8 zdnloE`B4sMqXAqcoIDp0^}PMR^RgNVu}BKDcWV2c3M9`cqwZyVnh3_zkJ?)5!v%9u z|MGHScqiu}ej%)yh~}rTR{TFr5WtIokLR!$%)c704>o1vBq+q6%H3pCjI{kUdVs!NK)+W5eK% z)>i{qVk@wK;0G)Kn{EX4%j}m(pfN*y?*PT?c(AoGAFmLEAHUKr22+@@0!5uCy07b9 zsni%wBO&i>VZC!_2zG-Rw^oK)1|AZ)VVzq5O{neHuP8{!QrPHYaISoaEwrrq;8IqJ7*QCNLB@3 z!2WUd2d<_FI39XGJ}`kyE>$p=M6G{ePIU-7nmkdr?eGKFJ{$pULiP*S-|ZGMs%7Fq z^f7_d!35fosV*M3SvARWT5wr&eU1Hc9Pv3EY^AfKQKy}2Re@!Q(k zGV6%LDYZILl}s(-9MMo;|4Xtq$QO#Kuo>uvYG+{i5RKS8?mG%u{Mh#D4~-?AS}`8% zQ^=#aA3b`cLiA0o-2*BT$b5PFA>~vVU4IgN6dxb&5S49~T}JRl??($F6$u6C&2I!` z*CwE_IbauoSllq~JcH*5O~gjcecD$IJMIsWFTp-p8Z1aN#mRvbuMm=jBKTh{nRyD2 z(FnF$duLqfj-=WjXmrBfX+&PS4jbux6}3LMD};nKdf>R(pLw5Bg=k)_*^2Cef(2Ya zZC%|E==NyBu9qz!V9o)lIKq!0t@Z5LGxfF6V54NxM@uhC9hOOoii*%M&AavG1LYr5 zY9iT?G+)qX_RV_C%m-EI-28kK;=9J{YQIVOhT9l>_rb0n4=f)~yZRL09Z z=FhVu#c$p6O%!qnl9iVqc;4RwQXJKq+rtqF32k9ig0+x|F2Rp2)rpllu2R5>fj*CQ z*#PA83~_v4CyKl*927Eg7yo4D?hRWB$0edK8aP3m5DAe3bZ&XM6h@ERRdpaQe%#m2&d~Rw4&J=XW_&91Cy6{0 z=xH<}buS!8on*bF-caVS^6|xFWMptQ26@Eo!wt#WOy9n@^a6sT1ss1XeH!}4A&W&= z*w{s|hYCTlDr%vy3cTALkM?ZnQeze&5o_z|c?(-L05Hg~Md3g=Zqd=VIFwl0C(n68 z38mW-z0vpdN`myHWX{EJlJMKTyQa^F3U6swICDPA=~GJU&abYPC~-eNP#qv0Ih1tx z8@#9(3HYbEnVC8gR?TYY9B5itu;Sw27%@i&-O;Ov6LsCoA3T8N0e2bW_As)lO0!H| z;~So8dli^4tNg$si#%B_&4!zn2Vh^EREhz-8!k2^Pg(BCIEyaG!-p+_4p|KT3CfuH zFsdkkygP7CyXc?`tC0*TG_}heb2m?qkB^af1zG8e$LV2mfwr=;GCsT?YV(njT+^~^ zva+(AVKX865gd(!0Oo2J5fu%-?__kn#0?r_A!=24puTfOmNNT&6{L)BJM?M8=!UV6 zguuOR8Hx#90s?+EN|@T8RnO4n8iM!yw4yK)DvYw-^I7vIAqAjbRRFE9LI7={YraC; z?wPT1gOZZcAUu93eA#;&_L4@g{5?E83}z5V#XIv30|FO3Kcr2tYGsNeazDdG=L17AsEyqsp1Mvc= z2lGKiy#Nj=?ohcpXvsCgLLFpGb~QRmgsW1qzr`y6Hv~{>?E+(1fiMAh#(Mkqr(Y9< zy<(uw(+J&4=u>7P?;j8F8}-nZ0LX$N$gEgEFG(ruabeb@kA*N5;Na#iGSZg{SUpBo z5ZVGnXplbzgT|RcD7p&<^jt!bKn;GRM3i~b7H6tINQ*SN;Go+t`vb<0q}#*M&*4J> zf(*OZ(`eTil-MG+7kmBhCkhqUzUlUTNIPtRAgrFfc+n2;-S|ko(*T4#+Pb^nKxq`5 zdHCq%<-=Jp3N{8NPby_|3B77(XWTylDrj*Eo<=b}f&u|4r9ksMADUJav?I_yVqPXr9HcFI24d#WoO)FofDQ9ST-C&+$Kj)FRJPi{kNM6^$Xu) zUwekz46|Hq$Bf{S3Z*s_(THF24v6mw`i+f_A{hsGFoWV34)u2*Sgq0>;4DTA6>T*% zGmzO3%2PcDAaU~0B$`@X#mi8AVqs}tz}4n71b(ydafl-UDA}bIh#E2ekF?g=oxy1b z_3~vzq8TLX;m+isB7iO!!c&CoDYy)@gw|(f&X_ZRgGYLRkU}ApG1ouM@V$^5$;ir{ z^SnI~$yBxRuT#AwPnj(<$$s%-XONz+dQM;C>A<4B5-hP;y;p${I)3gIkwK#vwh!2! zYR0nZ#^vVTfg|jb&Eyv_8b!8c0n~I}*VM;Aoh{zq-~Z|Q;+y~XqRQSUpc1GC!K>iJ z!}<32O$Y}RN?=SSbwSlO{Vi@O7$-qVV^ok81Mtd0XoL)b8|ZbJ3Y`CT?K?G(O{LXT zy!66}ML!h5&(!+jLItguF;7f-o~b0obPnK#`7r3=@|CJ7b6W3!`nC!7z)fD#8|d&V zp1_chr!cu&ftKb~0hKH0ueY${yq*sAUN z{iOSl*Q`LU{1hS!Qd2r4Wd8vju(PLU^4a}s3WV?2{1)XD8;}*;=}~0o1Su*K^?xf%~4rm5^I?wwlh^eb%g5A9UYqOwid^TQc6!QL78%0v9b?wz2T@m|o)>u9#~8ehDr8o!-kT zbaZw;NM0~H_OFdg+u08)I>TC5Q?8YPK2>%1aoT=8vg%IfEmax$=bdKgEZRHjmrq4G zp|QTJon5)QQ@4@)>H$jg<&bSp{u2WerR{l9Kfz2xh>u>h?R@=WQTurb(y#H?+3RIE@KfGHYd`s%}8@ z?NvI{Uod17c%cFhQ7_x7}C6S-nm7O&8smm*Umd zG#eQ1HTB=!miM~~G=_f3i}JjG9~+%b8z}Roio{AGKWp)W6F_Kc@WF_fDLpl5L>BYw zn&RE<%jdFo`I5K1nI4 z_S$~+8E?v#ruQM6($*!kkHfgnOnnUUAJew@36=&aTwGFHTdM{WOxUrb$1(cy#Cw); zfAL9APZ@vJDY{~yvE5P~JT*fZqB3UZjj=f^>P`SzFL-iqtU}?V!;o1@II)9fN^ZDv zx>EBk7$yDzAt#!Y(!Z(VY*h(a4bH3F1l`ZU;hJRm6y__P;zRXZuHGF+#NE$t=c-l~ zJ>M>L)DFK`6r@Bcaai?l#Sk_V?XS2@s%)L5jfI^zIh8WJ<+N$j9#ci6fd8m77npOg zH!CZnsmBGhdu!hJKMTL#;XBD9Rm$@>+I>-b_ujpOg@uk!p~5s(iM+-&73!%0IXxC< zjQXo+=?P^~g(2u|&uojhVhGz^#1Ut0~K0meScRx3Lut&bCqP-%Z3bAwd3)|+-$ zz1z31N!vf(z2C5?hL1Bj@7i7S(0?r_`Ym>u2os#rRJvd!bMaoYp?@H7_+910pZvfq z8vKrt81nwM$@gp>CI++ZTw^FvZws519!zKhr@!lO$A-=a+X@WI%{oZ_g&AB^!C2s1 z4<7tmN*3a-!>1Kzv8Yq}TmCS^&29a8YxEeyo6 z+d#+;SQ-CpvmhE+pYI=`NKR&$yi2N^I%|oA;wIBU9l={tTvN~QnP3r&KW9;G_Ot6j zVz~?EaRKr(n5ir-6hI|1uMx0PsMc9mGpzwBYKprA41>Esn<3{J4jr<=Ud+R*eC(Jp zf|#+!#grlt9CkkcdjH_I{@F-|%Nq2Zsm)*Cx_vv067VceILvEBw@O+$rOu_}TE;2GQS~uqM!i-Eb{t4kK zip?l2qm@N<9KF}!+_>e8Tx0NrK$z9EIhXz}Bg{^oIaA0DB1yLF9Z*P(2sih`ppx@ zL>|a}*_ugl17wgakI)<{2=PdD-dO5x1Dh61|N#y9g+s5{RH9{(Uaa;eABg+>;{K0Uj~=RN1T@k!F^9_uov6nFTVjVC;7MSisp1o4%w<3JI?NlD1;K5kQ3tZ6JTLEa zpKxlbifpvtj>aB+L!jm0!N#&aDT{?u{nBokE($3`REkxVm9r$i;c^}L^1-eP2YpBD zm<%=`q!e(~%F?9xcnGp6@6tpty?tAPeSth$#diKjF(1En^X4g*v3MAw%3Qtcs}+0H zj}{XrPn8qMznkw8irY{4`V&{K7{Ph<*g%YkclX@jj1MXdqIj620*C`z@}`*?xUAY3 z^!`-+boO6GBT|@V3XChF^sk+}yKs=kP#e+6;0>1UVZc0$MG#YXA%tVUZoK2U$hagv z>x|3%4Mi$d2gtz|3h5(7*n)wxJ|^P(T$d-UkB^Ta1o+U@_b>rHYoX9F9ct|1;UPn= zZdO<8A~&(Ox33t|NKAHQSKyazZ#+1#9R!D&gm4M!bV5)Y1=LTY2Zv1f^j_(?bIzRN zX03{PaNwXp-H_)&E*2G=O1jw-#yn#3LTJlh>Cjy%6oE$H2*IM&Y3m5j4 z*Cu9TRD{hHUjiT&uDE>pvJ6QPse_Jk%d!HU)hp~y8FUX(yuC@UyPk5qZ``zb+xqA5!xT{Fp_O~Q#AMojyJ?W zW_6f)1jC5~*|n{Or2#AOW)essd9T~LZ$%&~Ca9T#HD+74ZNpr)4@AmVBDUhEYiHY* zCaquZHn*^@mlX;#!b2X_Ktx*FM+_3Jo zrKOe3Y;f`9v50>*5}MPIoAp@npvSb#`OVN^sE-7g3O0;TOI=omezX~DU$PjQYWy~5uf~RYiT?~zw+?A|rC+qf$!Nel z9RP5d>#nD#_Z%FR$b8WI2O&gc3Ifp15Ohs~D~g&-QNPiam2`65Yh~RisQ^T+fzZQt zjbAPkS6^|Ar08C8OH@lOlgXr&*NzR47pQ0MEJT#zr%8+AOzqc@DkEY>gs_@sydJmTDCRP3JD3xraj=%M2zXV z8U~K4MW(C}cy2LYFds%?%ELj#H%a7+tFIc48&cPS93lw{D`n~d*2Pw^k3dF_$)Fg{ z(RM;a69u*sf91iQJK<#NTeOX<2}VO-+-V<7#w@x_Uz0Brlc3#Gc+a59IqAz*yQc2@ z?kSO}pN(3VZA0qoHl80JttGVu@6$g$^@fzdEi}{l*vA{BAPWTO zxOwyDDro*&q^=@_>%A9Svdzt$G&QWl2&m`dj(!2j@T7dsa1^wpF|IdFB+SuZPB4yEt-F1vhQz%9{edf5|!87c?C5gz{ literal 0 HcmV?d00001 diff --git a/scripts/release-analysis/time_difference_plot_argo-rollouts.png b/scripts/release-analysis/time_difference_plot_argo-rollouts.png new file mode 100644 index 0000000000000000000000000000000000000000..4a24f4912b2a6fc5a56ba66c03ba6219cacad7ac GIT binary patch literal 75003 zcmbTe2RPRM-#2_JA!L=2tjuhZY$BB?N(fnz2$dPxC6yFWY1z_JgoHA)8&+kMO(C*U zl=Zwm`d`=aT=#uH$MHOmmFXl$Api z$_jHj8hmGx@0|$#Q1#wn?tS3oQE%VFo{p5ghrQk1PI|i?vllq!=;?Lre$1 zb=6mB?^`F{d~b$AwPN+K#@*4t5VxbTB2=;Oh1FgahO}0tt0}0B=MFcNjL)e{XtPkW zur7ba?0s~cm-6rLtn%7og3DjV)S^SW|GwzUs1q(Of9X-(N?!Z#mEx4O-v3@HxXSLV z;lEejqwHyn`1jIvp{rH@^ZqO3{`*ZS|KHy9o}AFm%iHo?KDqIpxBmMhzdPCZ(ZrXN zrR}Qgb{K!Jd2rx?AssVwz7H4kubJ+Uw7qw?y8HNq>!-i2yC!y=H@2c6ctO=ff_%SF_3EqnG1QdymB+MBL`=+~K3>JSqd>l+qoZeZ z^zy`nd(p3!Lj_)gQG4xQdJQt+eXU1@zc_EPZ%o#{7#&@+i$Ca`Y{~43l#~?54Z=4H zbN&|Y)HSg*^z0DcyqPUzevR-jE#^^v%Cd!f*4P*6&W@%HW8%HBgP zxCo(IOY>`;>f?LIS=3Jb_^jwX+`LNZWLIUfc9`6$QS%{h)p%7Ode_#>DrT+uP=lK? zHv+7D$2!X6RlN2+wN%`4ta%{2)wbB5UFk$e*&Rh!IsfUQ9OkQUc33P~2?^$yJz|^2 zEjT>foUZIYy-C9K@wuKJJ7qOBAx%xbgIPA=<#uJy4p&UH96CAKc~tOmqm5ths>qrP zOuRZ+J}Ld|`x_E9nu<<)QOa<6dj|(Egfnp3&;9A2_5w-mg5`R0_?{-Z}ly;XTXx_pto zx{jI(m&5(ksTUTEy1KvLeNXDa5m)6nzLm4Dr0Xc~SlQInq|_o9;mx-jabSTnoxYycdvyn%@pXjBj5W>ogfUOx$7%k*zPo#PXy>2kWMOAtrOh%i z_G&y;|AquUX=isy5Gy~w?NCYS{1n6I{FBTF4<0Od^{W52Q(}30t`qS+Gx%1Ye~+Ynp|s#{Jn3@_b#SI{u=(DC#0 zb1~9vIoZYYCI6&siv}~l=4Cz&|FRDs*2>7p47FtoG4UwddAz@}L1`jnX(r_1fd@?S z2?@O;Bazx+H0+iuT(@w`JJs`id~C`<6Gl~1QsUg2$%|cmB(jyeB}!~;Nz>>1I@MF7 zbex==AD>vPJ@mqjiZZ`AH}2e?BZ7C@|G*h#!DoFWHL-M&M(amYSq4ZlT%=r zZhZLnX#0+86)a0i^itue>7o7J<6XSL!NFurnVWOj1pjf&=o1x`5YKRGT$<}%N)4D9 zW7f!O9cg-WK+OC5$JIZ-z3=Da7fdz&{QTJ3oZQ^W&#qY;aSb9lq+j=xhfU(Z`t!Sk zD-NA34wpQbY4>O9>#fa>^es;hiD}G4%9fN(^j0(#2lz@^6|f8s51SWyihRy^lj)<2VoR27^n;{eZc-^NpF2~PS<#K+-o3uMar?e>eRiwTU|yV! z?gPUFchtjzf&#s))8%JZacTH(!OPF!zVc}Jud9jX-_@FFZNQtgNkL)l%y_q~x4NQY zUSoE1)Xl3`L-DZ=wO2QCZEbPZ8^qf6ZFfJkymxycw^qYfT6DZCHuw+~;8HRL+IMcxEs$fGLcYxjIhz5Gi>nhbztxwdaaaekT5I(41q$ zW>K%cyguyu^>t6IUvYH4@~w#x+C?vIVOtuku~|Vuo>b&t{?p^#{Nm!`w-jADs-t)% zi`Rd=zxS@7ga6kX2lo|vI=)NN;>QiCyk?{sfqFwl!Kw*M)CfpLMY@HKw|VpCXMuk_ zpCA9ifisq!)=)&DA^ZL3U_;1}sQ`2Vw=XZ&gwd?g!I~QDe09M{YhfL>S0(l>3lEQ* z#{!loLxSN2@dNh-BqbSC6PVCN6c&GFg^)8ce`ZI;#>OV+@^KToWqV)YS%IE*r=+Tq zpgHnAv<&K3r+&P?d$J?~HL5=?TGM}Ya1BMqrsyJ?7++S=6g{~Jsy^R)aLJuN++WlD z;e$NZ)$HHD_WjjY{C>APWjnr&vkzikx5am1py)oO2V-}v;95_+ctmOWa*>t7?S**+sJY*(~(k0_qGc=1i=>|}rVg#|i3 z&A+G)7>~42Ff{&fZuf4+1WZKCfA=izU3(I?zU|l`9=QeeSEM!Asih+KWjG&b@`Fa ztB-$v&g$~%u?R0NVA75!qStmmG|h->#Ky!=cekcLc))P@@L?S+X6Y!6A#CgwlwMSq zn^B4Z_R4-_x5hAtgJM*S^_BJ98tVj8QqS{e)6E9W*}h$;cToh?ajmPkWfc@Y^v&%K)bKC1xuxcNBBkIl(8G{xKGvHK zK8W0d;kJ{d3!;=~v+X&@zig!no#+Y}w@?r1DLZpkKb6+Vjxt>78lrss_{Yh6}UuYZKH@8&d?(K0n)E#!{!FoCC_x zuc6SP>KMj&F!5_z`OiN~awR<=Wn5M;bxQcHXnKE5bpQ15hvt6%ka^aHzrQL%7Ju>| zadLVqPtCeNTnT&4&);7^8hvwhSy5>x&_tgfz=z3d4MD*b5fKr7i+=_^mKKAClXj+Q zzm1b-kY<+2#NrT8Q`>M&bZ<`EPt~LExcvP5)&+>W-juQK86S_ndXV$%`}_LH@~|oi{F7qZZIq}U@%E;y!%$<&#mLBOiFf1T z&f}suEG;fHmkgW@IC^ELP+wo)zTBgG{Z60m#pY;Mk(HH=M|Hj_Yb)dVuDSBiJ_2G` zS@#chV<(Hx`JFg%f@|}Ui_-;$398s*I>r9K?qw+mEV+)MLqr$ZdU{R?IkoX~Y%jmV zh>9U?`TQA|L0Z$c2Op>?dqmgv_4mhIyA}q3a40ZJcO?yDXlZFkMBk>Up&{pZ_0wzs z-J#LZ(cVS-({>Jh&XZi6DP3asug}OTv3wFR^2>jCPFzWe)5F8V-OFn``v0ZCD<}r} zv!9CrxDAsuuiUipUyWmIp2RXw#j@dOSm<6_q`k5;EMl#gB~M8I6(s?>6~TYL-n6gc z;ovZHHvPJ^IHUF4x#_jNO6lFZ8&GQ_!3O#}3cadc=KIM~ZmFO4Oi`vXFLo>0WdHOG zDrA}SmN%zt1ylQC(=W|QW)+&k4)6}lDf4F(oJtK?jC9;aF%gm7OIp5TR?|PeaOSzT?)38mSRXpWX&cCT zgeoPlGtiMhFXN&tt?9wz3w&$RE}-t+zO+4Lccm4}1;?LFprU(G)Q zYjt<-6jV|=s5&?@a%ku;?YLyMS?7K+GcKdd;HaYL1eO5(&tXOTv^FWuU zoqt?Qjb#;B%0sQ4V?O>!q<(YB@6WF0=<1?-@0`OWtpGj;Zry&KG5g_SXUcY3D^Mz} z#aW?K<6Tz>G$03T_S7=GDQ(wH2^-g1`NTZiL(B*APgut*d#u>Me}8!Fd~EeT_b0NY z^JK4VBarFa-IIa>0u=5mGz=V4n@mhtLQ^FoIF;i5{2X-n_U^VH*7_t^$?KXLT9-U- z6c>pc`k>QA)y$f+6s({az6wP0$Fz*}3#vjTdhTL|z#3tuVM@O_3h zf4@rx;*@V`2EBBf>CACtKo5y}dMMvA(7NPjy;@btu4A$4`^&QyXsrv}sQ|0Z^7nti z%M$&+ivy3f^!eG_3(n8aU*i1&+CrZYFk$ZOyosD7`bVV2Gy|uMdB;flO`9C^$2Rfj z)VFMzPT@~FJ0la-*tqZ39#Irui#um%LjlS+%F8$P*>rVvg_k(x=H{~U@*ejX^{}OV zYMG}4Dj;{VOWm!jXgz32MXPPd72I`BwG)DZuC+O|#ixIM^BXUonW*Bl?LjxKQD{(K zNx69W^7Y3FY^*WI2_@j;TPJuafVPjldyoX;&93Qv2?m?zU|d@*RM_=Z*aB(UGMVxkn%FPovSC?FkdiNa764 z+?gi6MWHD0&yRj7+$TMGN_NKRQAN@S9vqRYoJ zRB7qVL&g3+DdYVYf_R06h1dO^jm$X7=Qa#ghU3U>ZClV$;IZ?dD!pL0adFMZ+jG9A zJTRjXT|#ee6J)A{NUF1j4G?-uLNlW z&s|%YAWl`@l6TmLBkp+R%S_A6SBX_k|LY>hqfah@K+A+y~LLpsA!_0U2#qlpX8K3%~0<;yKRwybijvNhN+yv}YjY`*4 z8WN)Z^PK_~Y~^FqjD4t6g59Cw`X~%NU%!T%W|)Utn8_d|lN`Tg{)sDS z{kxC109{9pR#;n+H$*R%_Z-lBe(VFy1EZvB@E|F(N9y(Se||RQpR^?uM`%}+u8z(M ztdBF$;Uc3CBxwc_@qyg8Y9Q~X0uP7LuHp@(*rFHN+|8fx)6-{-hiBk3)pxb()<03jrFN#-eCNIe4 zGBMFU)=&s#y=8=iw%69z%lu%`)n%%=v(*)3v!u$0*>y?yg>1mHy^Ww(=RnpN z5)%{8mfNvFE!lXPOJ0X`a)*BF+@n{>`p`~mTIaI&xqTIV%8AaGXU#I$A;}3}-k@X% z^x-$E!O!tPfDZd9b6?udH7PhS9Yez?0lKs9zrLIHqOuXFzv`)(B#52GQ0J?BFqJqR z{%f>{#1fP}bo|B&2dQmsZMCyn86ag6MIqcaWWn^M=*ErODA4zM1_#9o3JX_**>Zwn z?0cy3Az-{%3>ZrXkdY1YQ8*|OJyZ(G>A6hhNliw|;rZD~k-r5NbCbhu*=f*A!*u%3 zoj=dfZaB6-TVoU67(6(x@!8?+kdt=EaWU%n`4z|o{q^3cs`@uuUVXOMZu9MP=y>Fa z&e~*g-r0IwVia%H)~%2Vh`#@!ZD~o*z`%4{oGbI3=2~j)wp^#^#uvvAmAAKBOiWC$ zfcptS_p9&Y&UQ3+a~s`WvkCgZ0Y3o7bIHj9Wf zmR}rzxGrAQ{{~Vy)SS*hbYE&(+J3-A^E?;Apgn+41m_;DWsTWf8=K52HNF4Y@o)jU zeUD74#x!=5Pffpe{rb6VhnhY>w2N1+glA+(s``#y25K)&mzdwFtLtbKM-AC1BxK+Z zK!4mRI&w1jx*%%sU-pDI(ms{t;c6!KMjxUK|>mB*Rlp{N4d&Lf+9 z!H?X1ee?aEl8@HaHIZKpK1I?pwc=uFHilThn@n9q8~TelQC`6*w`559lxJQ zehe-x>4(@CG*8W3N8F|4wvOO`;wqZeM|rD{YKYX-v^}Y4d-7mlmg}w$*WF*&d6Hrs z*20Dm5*F5d!)c(8i*T4I@91%HUs<*a$+*r;OzaChJJ#2?0zIHAh*jbL&07Xs&HIw< zxVzCPLDg~6oP}C<*RKB3r3G2EZowKZmVXl=Mne$TqBfMuSY=u}lX|DSXB zbj}eTiiwHgi2mfFIKQxPSdMF;K;u8AP{lP7ZRRy=ZuG;sB40Tm2LL3`eYiL-?-YuU zkH32R_M_TUAN8Y*R%ai}vjiI7{HoM#M_=&Lf^XnNIW3WWD9Nb6e(01-?}G;gB0qZw_0Cgk@cuT>5rFIy=v8NQ79z#?mFYjwW3AK%MDO-(~1C?WCYyN^mH=8cMq?BFYxE*ab#n04d5D?q1b zWVCC~9!845rcHXk<&W%cB(BPiNRHlLt+qF#_Qor-Vm(!Z%^pgnE=H$BlO7bxDg?H$ z3HYHn`ZO6*0dC z=l{dzC{lgDl572cHXy%4E|WuUVr;*ITgzd$mII!Fm*1INN9OZxW~`Ns8#m74YVQZMj_eQkJxa<5&vrcy87n$i zk;lXr!p6FaBSS+ekq(B2h7*&M%>Jws#-Rx$Hw;O`na{X zw_~-J0fE>IjYw)}6r0S%iD(lAg~a>K5cGUWR<-J<_rUtmP}W!EUZADBZfrxP$16FPLgp{GTr7<@f&jQPJ5J zVpzA3Im0qCGM)=th*N8C)7Pi(={4dSHA z0T@}ixHcXC%=vX-Kmf)G-h~p1D+S=)(8oQQ?e{)x+CM1eD?@1EyOQQ$0rnkr9-IH4 ztLvdUWtH0>cy8#Y*9LtI-R!V(AYvRHk&c0(0;*Kwz1?f)(Ng`sKYDQW>QxHr$lYpD z+C0lOH}p*hT7!?3avpKbZ2_W&C19KRg?$*DP#2n@RFn@`Agl*Ll$zBPVi&WmT}x^p zF-<7Xe8+9TN1wa38^8R9^FI$!TQd|D1#X~W%-b)^e*MF~I>pt>Z0nK9-Ph%a427PS4&Jk8Ps*CPRZd0x? z9>r!EJM8QPzJGkQvP|8p8`S3VdIcIZ2gvD_=T@(kJ5tN?NaPFd5%C@`b1TxHEdIp- z7d;GmOdnWX&hPZ)kU`AK_S2%=UcssthVJbdHoy9SYJB=pG+*yjert|d`R-l2c(PJs z9IeZ~zP*Y1A3%)eEnC(BB;kr~M`(ba-60?zG$xgp=%1g9Q|zV&>d0S?zQ1ES8sPT% z`DzrR9jI5NL=ke8aWE^c9x|8x%vdKli!P`Tar*3_O1Wi|g{rIDhC}KvQ9ltAzp||J z-k!^IQ_80jBV=A>`;O^C4g#%N1yBr-wE?trm0hBu*&~x#Xfuu34!dC1k`Gl;Q32CP zosI``V}NeC3q9%{sWgZCDkJFV=t9fww&ATN0A{o{$6dJMwE4Ci1UnPRa_}4X-q}(P zcw#WEiUt+1#krA!Z{pflpxZfn*uXga^5Qs04dF4Te;%b=oqC6&tCMb=g4<0A?GBz> z12r}j@Cjg(AYZ6wX}a0%vA{G$cD;6O?WxhWGs(%x#>d;nKR&uv>f>lgLW7LRawMfx1i++C*j zr6Kj+y)PmIDe1|NWh@&#qkY9su@I`1*!@c6L^M z^L^TyLqv0gY#;b{_yM{7Af^|bl7cwU$94dT^UZNb^QxUk7jS^QGuv9a7+$*gmjQnH z5-n~ecvY%7{{v9VWHdzZ1!lAp3IJSuJkRt@V(`!WX%s?%!ey-tPCHQ58jNH@Kh0JZBJr!kon&5S>$aoHO2RuLX-RNF?;Kf z6DNENhAt(YTEit*);9?lNCbbc!TR#|@7GY|jx`Ib&vbY-D?-k%0me?hV<&0$q>L!n z!-1BT+{CGbK9GzPql6+B0vxu2q&cA3|Eayj$1@(rtXW3fUf7uwx%}5%`6u}yO`nYh zAI{G5nCz<>>L^q=S|7if^3eL#R;;oMxU!{ft6!FuYEjBsTMtT1^YZgY-@7MF7C7V+ zie1-=<3>j;`fN&rgE~q>Y@-gLvg}`VU;*EVkL#JYp}`kii(w{ zk4>^KKI-vuMUU9GIG4ZIurU}wqP-*bBfzzMX=NH0hEuKtH6k97_uUD?_1kdz<1;J*i8 zi*P8V?!d713P;I3#3Gf**yrfzb9U_OSI6u)TNY|WecJoDwOJ5|(*Gqxhl{TALMUc3 z{AfJ`8%0;lu}|-ax@GG`(2$R=E_0gkqf5o_ih`s=s84gdD~adUDlwT-R%onowtZ{+ zTWJmaqGhArB9{gx0WD?z&tOt?U=$Q0!XyX|hCoiC41D|62Y1MLE}L7?1>#~as2JUv zHLL6lPeHdix#!N7)f9lTP+$}^oXEO1+S7i10?Nu zTf5-&Pf?VV-))1%M3RSh?b7lj0^7_U*#}_0tD+{>*4FYTI+Tn4e7kEr_Z>TaqlN}A zR2vD8cmgH6P7m^ae7Julslw>p9#aFmQPLloHxNKHF>uYOuhX}?s&w&}ER;|dvO6LC z2wMMy^yW}?iJdfOPcN@Y#W+fB4DVjrP9IXnBpPKcLWR+G| zMyw_JDYRWXNNdIn*%wZaJk58X8M7vSE3`<^1gV$4<1+7et}F{#nzO|nE1K<#gf^uO zMJ5~h6~BOho67Y-CW7MPt4|h9(g1Tq!3%QhE-5x=@1W|55KAmWek2kszZYk{1Iq5V z`UKbg0%H}-T9vgiLZmB$GCPn!*s0N5-d%Ndt05^?5FyXCMe6yPg=4> zKV}?chW;6sDbK}d{=#iN%nq|ra|o4Y1Ag#GNZthZJHcKf>!I0axRjervP+V2Uq(MW zTAbF>)ag9=U`_R}w+EP%5Bi=fggOd(MVv!yBQyU*NYLCgp&cxdyfLa=b#Tepg|M;6nN=4 zFZYeBpA?3GSSpH6|7^^2JxKCjKzZfmx4R=Q@|>}Jy39l!->joM8w$k~DsIh~f9L^mHg9YiDVriLtc41Q z@RuQIu7x+bZRbuJm?Cm+ZF0nVfGXr!ZGd-YdW>bry|_N2G)s&^srF^87#RDtPR(J5 z?!9#&HsOy`uLb3(YIB0SIl!amQg%<~nMD3{|0<4~aovNhZ%u0k;xAs5SeG%g95Ahu z-YR17cd6jx=q@YBKLdWtxziZIBivpwvA2aZqV~S`ul$4$j=HcMGZohlHueaj;hhJ03ZQc#L)Zc7KsL~~UhRnfiSP%zWX<328Cl6q&T_%?v-Z(iXj{mNEuGn!MrCJs&s4%R zB?O7VtBJXGdKdC<461EP&`3 zF`jqohvl9GRd(B;U+jp<@CPhF6^uY3vxfrOoW0z3RW1K=A{vRvB7$&wFTY_k)S#Jo zz+A+wfR~fq|sQJ4b1?xyih}uPZ9x0jwb|-dC3WhyQ6wz;DM=`VkC?N#a@- zW8~M*_BTB~~kvQjKsCh%G~+ zvrr`Y)V?AA7YcQlWR}2q<+y(y+$$n1+yf2$Y<|8Hu2CZ*Y{U^%)j~cFp{UBfU@%N= zkd%8hea3&`@QG-VsRC^85kqv zLk8aNLN76}S+QkBZlI@fy|=D58>vrHBjtJ#8#ozDuBs%u?g;rg zNzPHer8<%3CnzMu%E9rwaj+9<1C(24jgY~5-ubDwvXJ9`3e_Yc8u z0Qq2ILub8dAk6{s==u$G0oFK=SVd6yi`r@;+Jx)OW* zYGPs(GOzX!{7BdWNtAzr?LZl|_SIMqTP0qn#)yYH+;Vo5v5vwp06yF`zF8;(6EHB% z-$`j9%ukJsYa>b*B{V6CAAt|2YgYM1?eR{{AIf7}~wPH1o;E z{q3B{?Z7i4Tv0fAs?9ti2eLtKkf;aCWK#{%gSG2*@Kfme{P4*5;KUk2Yfiu7b$Bg{A$(STXIxtr$&iuygyz4Mol$L zS82Ws6Ny`U?$>A<-80Kz$m^4G`SS`ARh5IUuP={QFi+{i?+ql{0h~lay+j;^5V?v1 ztB;m~pdzOlUt#U$u*8^{jm58e5IrWL9g7@lXn1k`zp-twv)jE6CeUR1KUkqKB*nH% zceAHY&}=EKQ#8NN@iPN6F|BWi5?&=!#LLNffn?F(#3>pks*5kEdGt{upviYTN%8pS zbwCc1QytLqqDbHuKsLM{&c^DsqCH^SWw3_%3on-x5P=Nr7W!ygU!HZ5-+qbdZ{VRg z9!ufj9iMhcUV=(MDg#l7KR!A@#w>o1bxI~^d3|Fffix|xQsdIN*jPuJVxTtS6i%Rf z3Chc}679k8K?P*jY`;l+;zdRsCXH4*0wnVlAEhTVSKUx|U!{5YGF=uU}QLA5)AUN!8E5{U>n;?1)P|rPv}UQVubL zsBMvecN~RTfvC_#K@WzCQGgge2q@(pdrty?pitT^wAyf331p{|+;;ESSQJTh!AEay zUO?7uh)qokyS?ZdVlUqU_! z`0QQ0%37i~AS@%5xq#t=#^=WlM23*!K|~F#N>2THs-KIvI{E#<`>RInx^e=620`gCyT!9J^bkj5F zCvzsq;ZtL2$#W~6xC}MK?#*@a=;ExKH#t$GE|EYsq81eZ&&zH)q0yLWp?xEMz) zZaUwB)t~_`Ma-^HNZ0+CZnT49{IYeeab`W~|#BW&>%SoDTw6$U@zG&Lbcy`Yqdl5$pG2W$`!r zvtuzglbr_dT#b)$$an@cdmZd(1Dt3PiI#89&n=&ROs(gDx8ek)3lY;~%RCn{M*(iT zrcC|rqMeZn5KSuW?tsRhaRq9RsF=e}r`Wo=+<)H(P^$;I4m$eu1vCFFx}DK{$Fup1 zi|TSJg8-+=)COE4l5QCGBXTB0;{U#$E*8Q}l=%*Cz4~|BZu(nYasniQVktSlw3!(h zb?xkutFqB~YkdL;?6YI$h*(LnRno}pG;&H&#^=f%F=!-v32|Ev03O{_FB}`1kpX$5 z$Vg~d^4yMh$#buUrRvGQR4ul01}^++B{^<1fM~?FsCK5YLXWCKZRs5z7XOD-lJ|(F z)KYgUo!pvGjAnGNvYxrcgiFjnK1V854BG@c&Lp{!*s1`sHRv1Yz2^_woL&Wj=*g&! zn#d#}UP0%O`6t>L9ZlfY(!`|KS4LG8YzVG^@mMT>t&{2&<;m0IOIVcoRC92b9j zx9E)DJJWRQX0m}nM=t+gE5X!M=PlgmA{Ef4jvYG&7vrn|9Xu0o``pwnWfr)%>6PD5 z*ReU`>h4kl$#!*hfoW4w$b=aNvb2$&in(=bw)Q?L_qxWBc`M$2p(>Ldmq)Lzcu`Jv?-AfU~8v%rfP7j1W1(z^sN+h^q#n$v&4 z)6FwRMB6soeicAH6$L9`D-=0g6fkZ>ez1IH%CuKsVE~P#5{;qaIz2Zg{A=*TlD3wD96bQ#2KRAa-pu9shBhd;k zMnqu72!&NS;P(?N485_&tYlm3T}m5QFp|ezu;HE8>g!VXlS0E*Kz}0GiXi3})Jv};{^nU0v z@RO-v#U17+bD92|vbV)YXYg_R^lA<^^Lf{UR_|XWV8HK<^$ls*4nRj4-5S5!gdT#4 z5QC^Ma9wa-CTEldw6q7=e6joKP_A}B57_~O;cJly+2hY@M2DK$e8~jm!0Z#lMlqvA zt5H`@SsS+>NH`O1BYnhPzJT`YjCKR+_r6E;vSFAh^;`$_3IuXfi_iQHeY}uah$AGR zjqznxhKk33FNx2dk>mu6EE1B(zvLU$E8`|TTyZG~caS3Itmv+!yir7fHv5qUnKP|T zsWYy!_J-0=3}|3e3S8BJB4T~3+-keNhr*nsO*?hXm)uIhU1A1j`2da}YNuiLap+S9 zxm{EgNPDj_OtL>U;0HDq3amCp?l3b70a`QxaST7mW+ZTg=_EnmZrS2#Ho#^FkLcN1 zKgJDP8R27+AroXKuOg-F@&3_)2S{fHK$kgp?wlPuNK3IF?nllY6XCIq3Pan@=y)t2 zdpYhQl!Ou3ouQ}g_sG^U&%Tr^E0q8 zTKZlhaNY~q2G^+!v6p8dOTm|U)y!0r;Ix8z5cUhsRRPEujafqnv}lpQuVgoJM`!dg zt-Gb|B!c_w>7Mi4;tPT&xH92jo#s4QV4xU7#bx=0897WONKM5<55}2DMLjjoUO^}| z1lj$0E~fEXA$&xzMtbcE68$SFak92iHpTwEa2vMaVs1VDnN;8>hw_;)3ILU&4BVBV zzewFg9QGSSGeenJ1uu#^^dZTj8c!OsLE@!W`&(Mxsd`sPruO_7DnfeSY=jPp+%z%{ zlu*cauQ7%Lw3Cbo1PZxw;H=!=nQ@Y5Oa%yQ9G-&h1BnW(h(rPrOk}un?Z%DpCr{?J z7-O$pqq=pobHkPD&Hg^=V*dv>pRMoJUFS@Tv`-Iv`b?BXCri6dhxgjYDjZ*&GicX*9uBmCH7yUTmCVTy)cXCSIB^7!3&jp^%W;hKDTg75uzX{d zZK+^`)6t`;FfSe+%9p`)qNX6pt4WfD5N#~2Hb6{A?#m7e;84rc4Y2wrh94y950bG) z)b<|es1M;Xreu@ZWxQ~mY6+AC!R~k>kMDXFvqDOpTbvsF!u_JHlx1cE%=? z5<2&&{n8(Ei9bKz{Ld^_vxDRnW3eG%9u5ELG6II-=->Q(s*3yML{B*(|0IhGZ8h>I zFw{XM#@p4E3sD(W7yZdXB!!Q zyu0-{$x)L)2}qqF&=7^pZ%z+2tt9jUVvBoE85M@zsW7BK3L?c0nF?SfE=8Ah^@$ph zBtC(CmuLPO?N8S+V|Mk+KY^z*cR&7%e-B(dG8{(mx!sS?d7d5gkQa6U29Q2ODI=OF z{_^gQB18Vk?rK~PkC7H>GA9UV*IbH{Xz;QI9?d>XJHX^xPa@wi!=?P=1OA_Vd6TG0 zYU@2^{ME^y$~x_ArhSv1wh;BUE{9e_OpJD<j6#@iP8d1Q}&!kDc3 z<7a^$m+I%>6GG{ZF1io-XSP3D>k=;~x!wk&u8Rfhy(tsEAB0HX5x02QJ8ssJf}gdY zLkmYmCZY+20(4`-awlWw`RUx2CBXrPdml;7JpISiwR!$8%k!6*?4QP*Ln4e!F@L1X=- zeo;C2#J3Uq1Gz{L->!nTcf6V_HlLiIEZxr2T+E@jK ztk3Aip492z!xph)0f8mhcV6bAD%K3SZHYArk{ympcwI&Zy~a~nq%-V9qf1Ywua3SM z)7XQfzfRX0AWs=`gC( zSrd|^rsfQ?oP}Rb<9ah>sk+d)<1K z+ImH*TG>T2oRaPj9#|zZ`;+tbdly7=(JyoXC8X_rLc!5wJHOIY?ipgb+{w^HU+MyV?(AbLa9*RxZvqIoNbk8l~_F_|E z#QsYki44coex|lA(p0NChl}3cj~C}CV%?#O*h5qxGvuK1nscKHWHJjn>MY{PU;nAO zx^6ZxN=s~G+Dbrrt#>(>Jow476~wP&L~eCb;M8gwMlK3b72zC$f0ThIW*_??`X8Xb zkv&4Pm(jm`u)~SiJxqFW)EWQ};1;xYT_{!ba!@#SXs2 zEGh?riW3m(``;^dU;oFBD3iz9hy^hIiplMqC?`InW}0}WeU@up>19S1Ry2I;m3v9s&_r?BV;lJ&L167y*_ z6dBG6xEqIJ6axS+2RmYCpx9USH6fh8giy7U*mX*Tjn z|9RDu=R5isE!T8Re_Iu5^^I(k>hB_B*TjtC7Q2sZCPO^S!5c*vYQ&;Fe!w?)8hw>) zo1MpQ7DP7eegCF>;iH?$%uUJ7xFBD0RkcCG&Qh7OVErbz+<;R_`t6E;FHTF z{+{bc%xkJ=PkJ)V4wbGl{2u;~5AMOEQ!tEa4^0i;e0V*8%3%cP%%P1RTaHuHZrpW7 zIeD9`_ZWGW4()-*)C;%>&YvEC+TNfAzYl5X!2f!s?b#DHg`9WqSbx8TQ@(!Bgg|L- zU|xQIO%ah*c$7o>`epk>cad%8^`U+pIc=`SIu(gPtlynX>{CV5r?K&9oKWvf$LPovSG z$$m|3cUa;L2OSqP!$+hl7}ICWLEnch5`~oXDk3@}%SiSfr3{aAdFIr>M<#mkV277d zX8=`Wg5GwAo!Im#DBg#=U^wCGof~0o*QE+JJUQ782y{;v2ZCX8BD0f>H<`GB8VZo) z(wcb%p!jg}z1@v2e+;hSiVS=Slj#ytl%xfW+TU6FF&_=d_?$5^jw-v8@aUZTh6xh8 z)R!0d*r2Jk><>QgvZ8kj{#L5XD`va+Cq6>4Q~UH9>SKOKzKuzaoLPPZQq;L+Gx|p1 zocOnPuQ0PUNlo; zF*pXX*(J!ZvF?!vQvu0u6~pS63%nmj*^!=A>Sff~Hd=09g)s>N8~g3!H;=txL~-?%9Hv6jRgg z+mtP{^Hci~FPbn+`a8tRcVuJ&lOwx-YYd&9se2>85m$SR=Bd<-2>OAD#nDD6!NmAc zIS~#-k_LN|U2xDU zbG^4y!cLdgQ(8B|NgegjkT@Vff}24$w^@zk1UZta_iS%?;T z9_dMBXQJM{o3C_idv+K~l@u1lGlv=`qRyd^->65IN`tiw$F2$<@dO@^L(+w0LqF;l zi#>#7WPDP6%EMLhec38n3H_eFg2r14Zx*Z!O}cAdmoP_4y?ia?UC@SEcqb%R1#?0> zBhTvSDX<*-?u>sie5YlLDptfm4*D6H>84CT;Z8G7*C!E4GKc>EHZ4@`w#j-QvlYCJ(p5Qwnxqm)~>1$|KS@6Q4RUU3;M7Lqv%srXcP%p7DamEnLR_ z?Z*$uprN;Fg7;peI_T|f~#x@HJ3p^`lX{7*ICj}!?;5TpkzP{19yf;FA z^NYR+!#$F}eRihpTEFY3v;N-#gtI5*m&4gNoC53C?>sViORdOn{l{qD+=A>s1$V@# z$3)U^eyOpjOFHB~+#W*vTTpXu~>Q``Eh2E2Er|L0uO zgMl{P{{;3!AdlQa9VR32So3urZv|J;(5#?9D0Pw#3m)&%0A195DJm*j-FNyQrN5cT z4>t{NpM{l>CP&ukt2S8|Y;66y%(C>qlM7))1wkt^|0m0{3>w2e|-8F zCCujFP|?#(z5Ty8El(I+$hOE*?=z^CYq&EPz@@*XrQbedV3?6|(Lfc zJvS1c{)mbKC9Mkc$>dQ!N%z!H{U`}B7vOU(N#g+ zxD+)cfB_gqhO{x%q_<}e$tfhi2JgJ(GaZ`Ok_rHDj*=M~L-nd_tbDldIS%#(yKE)bDJK92hxp7j1tvlN%dhHg z%YCD7bTOgxQtCZYM4!*re4LkqwaMXz=~=?`{qI$!_XoRhyq>pmEY-q3KaGIhIA&de zWSbm1E-8uiYbVmoayP%L;WM8y)V;Sw^jc`ab2rK#gXXUT6nGy?QUkKmxc2nr zM=}J%Y2!y6gmSpYR2195$yMYjc!lQ$9yg{=#ZF3e)lW3t9ogazf%dx0MvV=HqCXp? zY?Ts5XE?7dnwxnNU@BmMDQ7&q3tJJ-DXWIx9dpBRQRFs;H!+rr$Kvb{=e(g5#@F|Q zvAbyZCfE`&%@Gl~(HTsiH#;*751ugm`;R7Xi|f9Q2Osc}A^^W)TgH3Y#%7EwAW&fi z(LzF9etp*HS4RFY0p0+U)|KF-*M2A6ET1}++{5U9>UKvGIIcR_4YVFs*kzl%JCJh1 z6L&!8OnP^Gm3GR)A&eK9rarPz(R(BJSxy3y>Dsm49`_HOSX|`~YQWmA23Ck5m{p-? zdgCNXK$0g{IMAii8%ePptopKEbxqIB{F~R_c0}majosW2Vzni#ewl<(z?W*UrHK1R zlxc_@By2;TjtGd)rF0@56wlPTT}4z^%xMMXv7gG_rIF){vM{M)VsAJ`DiQ}~85gd| z`0|8(3oI+d35XsB^iDb=NHnpET5SUMlB@B2=pG~83cJR~>9>Erv8h*He*;-CQYH)= z7Z`{xgJ)gds8dE+|Ee8FZH>N#yiYZGDi?Af0!Y?i*6G6CyLWl=#U4+j_EmAX$~5yQ z_3a^IlJVy3O98iG$^SUsu;tFxxC92JVyTeNpiAxNo|INWbis23WCx`q=;BuO>E0+_ zvm9TzzE^_n;LdJiy#JW{(9umT_zF;vZCo?>aRR54|fz#x`oM zI@*X+9St|s)j#r1aigZRthQ|0dhg_IDay-hQ|;j6_0u@dL+V|4&Idg2$`%*h&2Me{ z61BqkMjdVX62U1dy@iUb-`=m0V~xq{n>yN{=)zuP{btPRy1Dwb8;FwDcGWc>y>jtQ zT*2ky9yZ@FGa>2qUpE8133@CQW@RwB__UiIRLcBaWm~YwPjQRbyrOKc_yZLEdupFtnN?Y|J<{XY7p3lw>0Va8+$0 zbfCXbOQrel?hz&29<}&#)g(-y7h5W@l=iQ-XZCh_MEmlh!jSI0BgV|ro26K2m!G^^ zv;Q%5F`guKi}`~`*>V`T#v3R z&hvO5@8fvAp6m5cJJWTGQX0An4X-YHa?1vV{o}|3da4V&@fL8NsHigQbLbv=1DiYN z>J&}gl_UKbJJ`=baIj{6g8oZ&JrK}|L(54Yt$S++Y6G=Lhv8EvJR4olsDCn2WCv$u z_gn#lUX@>gllhQ{fV>lVV;Il!YpXd@Ibj)W__ubKsK_t^ZaMi<;BuC0V5F{%7%w`T ztOIp(ob@TE*w@~iCXg4C6QKu8Wn^`lK-MuKk50`S=qC#Cd^p+rz=YqLu5L>bVAI%N z`%>XVl8mK|3@mHVK4O!O7Wx#DWLuxvaLw8mUST0a#_=*LclNnAJD3e5|C`E3#S!tyx#ZC#PFJK0eqTtmECg z4VCCoSVvZ73DiU)YFNuKeWyQQmoyC?imGit(51-`1@*_@!h#h7%j6J21q~HB2AKum z_Im?`p*9=0z8cT6plAU+OITEm@Gcpp9~6x3KNvn720nhqX8iI zg<2LW0QJmiL|MR303lMoGUJW5V3J(#CFVJ0_;C6Ug%H57)~JG0+_6;0Qn=H6ii1yA!p7SRNDI=Fzn8U-Lc=m zBtL9Og1%4V)~_1_ZnNU)h2xYW(ot=n(M~>JRh21LHPs_6big2;FzjCx4dfT{22g*7Sk3wV+Jw(yQzqQ4cKn>+` zP{r_?YTJCJsgEj|2Lr$ev2i)qXE{FH+%tbwntFYJ=vDs(J|2W8tpjTL2deeMaAyGl zOQb|E)c4#_0K7L{V(`K;8a-eqaEajfxOfHA z{9su-z+*lI$Kv?(BiI3(FC8|ME`72Et;=Ztlh^C6g3Ytv=T?51730F8gc#<(Tu@UD zS~cVeoiO>y zP*V1tyZuoE1c3q%0Nb&hP027OQnG3*yl3$O>pe|hT7EDljKI)U50u8!{TFH;u2~9z zgfS@HD%VCJQR@qJHy2Kohbi$KH9HjU#m_vcEekwlrawoKqUCu~0oYC1ytmN)0e9&i zO}WeH{jgtQn(jEN*6`2h*ir_}vdfFy@=H+q8v(#nZJ)yLfi%I{nu83p4AiYg{OxsiD{vxmQ(X3U1saw1AJNpT%n&4d6{WV&OUXW0 zOx4r8KCo(D3@aB`oK#c4kTy~DiK8VYa_3*lhULy*PZmLo2Er2s@b(LTm!shLZ9T`1 z&x#B0dO{|uOXi{fnr9iEg;mz#lm@X?zjO!M#GKmmP)VrlYuW947jDbWYeN>=3ghI6@TE4N1dHC3x(Q?98- zzui6GSZcq;N3j0!+qB9I-hUZx&`Uu83OaruI19*k_y=jwkU|gqLS3lJ0~pDfPv2t7 zYWE1fF`hhev{!hzrU&+&TB_WJ%RA+H?(U~Yc(|5T9$uI|mI!O?Z@bm|=*bgmAanLr z$51bkyt0s82AC7Qy4OZ8^Z|Kt&p2C|=i$_EMQmA|48!o_mwy{lVIS{~wrMRR(L2}9 ziEeg84g;;AfPBEvHIxA+1m=F^0sD6Wr&2V*4%K5+o$XF%A#9J6=#@M;T%ee$ao1)- zejn#!12*NUm<>5dp)nW)kRwqfNIO8~KLwRjELu60f(ffYVjLGLFw8650!8{Vkf4fT z_ym-W(64I$y#k^^3rHASSy=&L=yjf3S&WP~2DIN>U*HzO?cXZH8V=(Vq8)>($lVaGM|U60AYW1K%_V zoMey#6aYz^CJT+Um_QC>TLv~f5dH%a>w@dae3TCe5qQ~xLPIH#pb+{xV2hJBx;X_@ zbxP2uO1Q!;GB)KC2qGM)B&q}$`I^LDA#Au@-90%&6rzBUvjqgG&JePUl7W#N7EX>_ zd#I>_AtC4*NQF?z3ywz=9t^@etsx|oL2g?>6_B|YAU_*u`KmlMRaqQ0wMVt(gGAPq zp}3^)0L0yv=`VoA1CaEDbb2V$3#IRZ#$^&r1DKwQ zd1ToK{X6V)Z@ zZH~3Q5Gx70HGqBp&9Ye}9W(kt3ZyIM#ycp~_7dPGD}N8<2HHyiWGMr|y`Opw2W=~C zR3Z$ROF)+|0_)8s*8v@euz6K0h$Y0p^N#L#;FG{xQH#F-e>uar5V!gB8o2qJ2WtKW zW~qU0hXw=GKm23&+eQ1rKVa4y$M!tXfdQhd*I3ZGavW=JCrW|cxvwfH0b%fCt`qN|gGH;8qYn z!tI0ta3E|?8na5{1AZzTm?KEZ$Ta(pK`1G7KTTV6$B@q!1kbH)kyznnw*S$#gtS8v z^jX-&mk68tc$dMiN4i;A7CMHL@vBD-U08lT<*kK}9NB%FwGqsbMy~H_#WymU^tUv- z$gi`x22v5TRCk4ZIUi*qFJ1ilw;{7tNm^uk)2@^T^gDc@Ifg43^6wa-8UO|k&}X=& z!jT#uNP(1dPV6qOz2PCC-$OB-_JMm)m{@~e0g1$s&kI;6Yxo}lphhWRcE{$GP-+|K z7;-^t`t|@NC5nA7+J2Rc1z}8B*a2iVFe@G$oHV`a5R%KGBC_r?!yk`CI}{TCjN_v6biJIFBVO>J*MI0aL* zm9TPAbhePSp!UB5F#xX8gU}hNv#~YrznH;ohK%8Wi-5LBVHYw}6QkkwVTDvmIIP~H zZV$xl*FcJdxra29$Y%%^*!y(HqoK>iyh4hY>jRLa9=cDPLHZYjirV15f>Z!`B>MgT zg{mo}{THe>TOV&beqR4m$M3Rfd7-L{3MSvIs8c#r;V^$5kNd zFb3CGw7-JH$TLKnCMNtt=uX1?3t$2@j1~brEW>{@xK&zX0V23E+qaBhXqm|z0$KI{ z3AR-fl`$lqhYtDicm7^RkF@xs0qk?e_WCQ|ps&jxJ;|el^YmUwQ`N1Cw zSZ1L^>Z*oTtw+`{$NDqs7tS~j-o{`yF4fRMXTKB*i}(NVh1{5w$g+-LG%rfbf^8ZM zMSx+ScvP)M-{D$rrES{XJ-208i$NHRbdnBNfIJ>qs$LN?V-5NA`ltBm`njsj8q|28~e!N)?5 zL6U;d&`^M{q-1eb^=E_!RmqS_=HkK*C}?zF6XSA=vpFgDdl4Tf6y?F_t@B8n461_t zn-^Rqn7QFKP79D*ah?CrDcr(vK+80{q%v{@}u_=zE9Q`zPpQ-=o8t^*uD4WA7M7J=*3sevg|s99#}FE0-* z@fj)eqHxoul!HEzz^>>bwR!g!>cNPbLbo=Zys>gr&U%ec3 zkiNh;Z4$B{{`{b)07+XYF{K6#4S~Q;IKj}$t1#UdXv;C9ow8cbr;-n90xGxN*NgR? zW>RC!4_-TK;7%XqFumnIE6QN}g+?0LvSa1o3~KiNEs*XtcLW1AE)|d!z}=3L4WS@1 zLtE?dN9zl7Jj-)FCZk8zEaLA0x2d8ZHP>o`Vtg!^%-=C2CcR(Jh&;XZZMYWr^D^8S zXnNaD0HOe%Nr>3PD1tQ!EQLq*U#s^Y1RY%z4K1u0*$l`}6RHKBMc4k1n2WnxWNI__ zNR=*H1TGhRc$FdX_t6QFX6OVAq@f0X&Q&A#fHWc*GR?NI0 zRXPdQg{C8G9HqNfgfeD4-F2O=mUvhDk`q~3xpwnhEh*F-{~%bveFO~q`&a( z-&<)$wK^3cyP?WwByy^0E@HEcGw#EmhGADM*!#pQBNBqZ1qXb?z5s3MzEHE8@7=pO ze@zNMrJTLwv8TkKXys~gj0Q{Zd6O53zR)r^CaQ&j69zC zo}wO!S@6~&TvAwswg7!z%@Ha`Dj$f7U*r_-XWd6rFq?=yREyFh%3t z21>tIA1+g44y>Q~Au*I65H=(uF2xrYo`Mm~MQvTnJtG9RS^?1yi6Td#2Z4zn5Wx$h zKLFF`3gr>O(XC7}Zj`&Mq}Lv_eR^K$=SRv;38Fklo-b!la#3V`Jc2g{+=a^rZB|IH zB@hV89eNP|2dYu|L2~anOLdYTD^%e9CL{aC*o1jhS7I0dZ?fh`W zEXu)>PS~(yVrQUjc=eQm2_g04&vTf>(chqpoZRdsJ*KX1`!b=G606Q93oB|`wp-M zBUkIdzJER`z`C#x^otfj=}@_UF<$WmhLFT!3h)3D#qLv1m{;K^SLN|R#$K9av5glO z_FQ8XkhnLN?SJHFMjF+OtJep*GXm@LwE~RonJ<7yWH!YRqnHM+-%ocf=_g9mb+lM? z&+}v%xm__2(XicUrCQc99~X)9&a419gkhNIa-o4`tqU1o$;#*NOEKhk`X+}*sH7^1 zcJnO1r}4HX*LfE4Th2>Pjk3S#vs$oan=!M<#`@L0g$f-@0uQM%$>KY1YeGL*3 z!Ij>0x(KQ0z5v{O1v3joCx-pEnPvY}Rxg^c8ty&<(gl`FMfo99BC|XMHxg<-!lyqL zlk?BijiV|5s`4bc+NwrR`xSUyH+xR`Pji4SKRs>jiWDhqTStdVsmYwE1D81y)0%*t zDeTJJz$&wP=Z(qJ1dw&T65rSaKBF@hAQWWRRyFj7<_u`n4gjM?S__FWjF3!q7B>y%8mU zpqxCYa@FAOhrCj$RG3HrL0~cH2z3=~S^_Xm0JPqbWJ%S9hH5`nN+*AiE1a_&mtV{I zMf0$evo+W5H8*k^(mT&w#%?a}*q}kXV@4@aBZe0qaHa<0h7mu=PR* zAqxW_59j?KZUsLa^nsu*=TR3@Wj^m7P5JKaBh0-R7t<+`-^%?GMkzf*({P!z~9#!eeR7~x(I4RPkd?=zmwfe8@Knq3>`~5_z#D>a7TYp|QZqp3Z%2|x`Ojfyk z1iyW}S#=#4WM4@C0N6bLO<06zGchhJ;^Xb_%HzM*Lw_syU+i9x-`v8Vp|yiq{6jTM5bR~Nza7yY1dV1EATOD-cX!8)@h``lD)nvFn3O&DubqY!Riz`Y&_ z4BSDmCUj*6)}QnzA6sFYYgAo!mabnW9Mym>m%pS&zQCfENeYg!hTh( zdD?{#(i{h9ARRaa##6aRti$U+Q;+FW23}mETINdB3Q6+%G)iX~DO&Lve&L^D^GCr<|Cx_`2TW#1ZOe-5m-4FcbRt$4P%x+NcHB`O%5ktdTm9pj+Iu& ze{&STWIQevq%pft_LT3tN^?5KMg%Y|IbDl!7hLgqqY{PgA_z3dImf`dbx;d-pMSX_ zj^ZAu%O(J91UnOr4sW-DBXU#@olEb$*R~QROH;&PJg6=4{gdu zCNw#*F^;XUKW?%tSh7qqNYUWD>YqMgzg_vuykNU_5ho)?vav5xJ){Fq7aD9&7%-Oc z;oAfxddA|RZ3lTOS(w~Fx2sn@;3aj_eW0v(LW9X?BIsw$KmR1~l4iB7ufhXI*xxZ7 zFOvVvbNQd!FF9x9?ZS6}*%X6T5YmSx!C8+cSnNSRhr|o4_f6FrW#QaV7Emm#jNIta z9$h?C5$K~-To4&D1wAsb!XuhMm^atgUbNUJE;U|5`Sbw>g#oOZ|7rBSE-;&WKj@E} z_hiVp7fQs#z3F33w-zT1D`qSKjPAoR;EJ<4_-k6n*kA1TgCv*57r^W@37N+6z*y0W z`iJ{$^=HiU5u$5b|G?|^zQQ&0L%x3RP-Sa>Dcc0CC{`H$2)FHSa70yOMly$;;9lPP zPXSB<1u!HNpaC7~pc4NHbM~%5)F{i}8TXy_J4glz2^Ap#!yi5C5C&;0TJvN|uYm4^ z=mk=kgM!9zLd;uLjr#we!ZlIO7%~C0NAHLQr4M=hanG`WQjog!(*ft8_-8W;{newc9$)^-vs_maNbXCR@R^N)VmSq(k3iGfbyV(pYg)_RlFyAmv=oMW<(rb+I{TdmF58&Tj^Cj$yKK$nVz{1^p?znN_2&(6 zib&By4~3+D=m-P{5NF4C_FEA234kg}*2}elAlLVQK?=;HopcqN6#~F57!;PF4#6uZ z!-(dHIO%-<(++U-uE5G?gUTCo4??X_i2~D0=wN!C#awBS0B;#6913Ymyoc*pS)M=< z!2#I$)M+4<*#f+L-?6o|)lcoM#u+(_=G&!wrjuiDw_ti{+|$ZrL^`GO^3RgeIc&HM zGq_|8#4n4J!ca=kD0krsJHEj5Eu;blIB*g@dFWeL{2?_I0e$p}Bo|>)QZ1ZAzs)OUK?LV5Ki;YVx>c zQ@C_XccApEp4xO5Pbq%yWYu1(RoGeoD}z5>Ma1tMiK-E_K9xl~#vB=2rTzWU@2l0s?r2P+lo>o~alC(8PNkpm$7 zcT%+k)ELauWe&sT@5dL)XvkL|d<8rljVsv&@z*9G&rz_AuEE$Bl(e;Ydd+HuKU>@m zKHhwMs=Vq>L9kO(R{Nx>L^|bLwQ7Or3OczC(grV8lK6}_GI}$w@(#s&KefC#jSoEP zTQHZUZP&4NnBgstAU4Ijb(j6`8y2Zkrpb#*f=ZZi*`fgbi`R@lux?5Z5+iFu7!2P< zBOYPo*3X|Ow+eKj`T?g;AOPgnAlke+kU<1#9&K9yH3KP+f$6)Mu=$X67n1=9J5uH( zWF#k|84ZUTv~_jQgGnESzkxU-Dq{v4ne|n&iR}xrmrJF+-AeDoe=b?B zk7)5JeIt<}024>98qwG>o8Pi%N~ZcS**sA&bk(%E1o8rmJ3RUq$#ws_FudK?0&XF^ zoTk3DY#8#hqvLEyw6I^JHt`dkPn`z~-Zgvlb2Wc;U>?bC@V^FE#&xdUw`XtOo?ST1 z<8O5Y%@Fu+BQqB+x3UtB*T#m1pJ32?3p<^Pib@%JN#SUqPwAl3m&0%X^p0@`C2r)A zHGr!!VF&+#H`0U_r4EBC@Vn zYWaMPvd*knIkLfz5IPJs3%!qh884`FV5>_HZ_C0sBQn6SgdN8l!j~MnJ)S*0t{^gW z$`gXOzaeu_U0@zzaT0Iklfg~xIpl|qg(oFBpeik_lw$sK`ZCVnG_ zahjLSPka-Vu}u3x8?go;JoSg=1G|R=q#@8k<^~ub;bj`xkx7`O(ra>V4kHe=4E}~8p zJ%R^Oe*X__$3V@O76J_ogeVC;^_r-U#X!x%_%F)O}r zmZoq-0g6kgF;t_?nWRXS=$&Omj~KTzdaNRr!7|%;SdwdzC&%stuhZGmq@L3RKuU!R zwkC$C#U$~<(EyD8N)D|*mg?{&_RUd1pY{NK((QTm#}N6va%7>Eq__vM+axG>5v3c$ za90uxj1Q(p;ma-um29i6FO|n6+60=Bk$Md`3G3%lcxR5B#{KnTcDhmX&CaX;o${VM z9tv#YCGdD_Sj_E%Q8}srG@v6IDid0$Em3=Z`SRSAak$Ii$U)&X!xF%8#pIoSd31Oj zTk-hBZ)MR!Sbi}j1sCKy!t4}Ji2Uj=ocZ_9v!(i9I_ytc9dL?9!V^HCrzKPTRURN& z!pl_KMm#cWsO?_Q1q#vO zv?!VclDJU72H>r>L#=+(5oS}%Hh+Bvvg5@eX_f?hof5laT@I;9*SvNHPE5mlBOvRe zHvrD3eJ3VQT<**Y0IV=~3Rx8(r!X7d92f$HCTXMDD1g6|+rOu&3xr57Wl=nCUACtm z?4ad>O+y@?NuXoop8u{wSK8xlZ-^WA4|Eh^>_C#U9M#;t$g|)&^@l0fi1UTG88Bjy zgV|Eq!9i%;cf(T3n!DT{ta~1eZKRe;rwMdx%GK&n$$mkPU?xX@`t9v;%)ORa@Y6Dn z_{x+{iBw+RR~PYLe9nZ2AvP!*gDA|t7@8!r;%pm0JR_t={1u?tjh$wjvSaAlF&lq z?fHTNd>e4h=Z-I`GDp??9qmw~D1NrIAfLbk=4s*n{YV{yqnG{a*CC7$*~8O)*Ds^- z4G{YUBCz`)HGw=D;4WDe|Lp^8TiW*ly4K7t>wBFhXcbHVsc6?6GUeEs%PG?VsQ{KD zPJWWNKEfNtoZg5HV*(>NfDDO3+M^raNBBDKbiQT_e;|6s)hY(#I#L8A*-guq>Rn<% zo2ex{GZ_fxhT-IT+0Yp0Q+tQ)=8?I`uOjVJ1C^2uqtWKx`BMxxQvWQy1U%>=QdZ_% zgkuCv(x9Xa(6ZZ7FXuQA77+otDlQl?{x(5XI~8QGA)A#djCeagp0b zW3oYhGtwKGm)d4do+eoDA{mvc7En$bpdD&$Z)cHaKYqOb4UU`Nk<69HNIF?1;Y?5o z7}vcjw)Nd5gZ%hGwEytWeAdsdbYvSyaZDKJ;3&{w<@v`B0pFLhj^jYc^?oAcS|AUy z;W4*ugedR>zwT}h1yL!&kPzWt>s!)+5H_(qS9ywBA5`~Z&j_tLGc%7JSTDQ{3;D8; zpaN)uarXI&+W@OFn-ryiT6Ok^(mv?aWl*qhJSV?e5+)5Yj+&YoK91VjS|n+M;a3I) zn76o_9|amdhSZ+vd9QiID_iB<&^M9}m`IoG1x3&JGkadDWO8 zWLOn%Z2zd;!lL;pdB$BPA84@I2Dw5PVaQ%d3o*0S1J#s`p-Jo$P>tttFe_`t%DzL zGYj}gO@m|Eu`O@pLZF|-S!Q0MpZGzpj8rDFb(Opb9g8W)A8J#d!OIYqP+&+|XWHmH z(;15rV?iZlOBumBR2+;~1?@Q5)wb2BmGz`}jWY$O79VZXCa02YwGAcIz&YPG(w3UR zXPc2*9K`<&LB7cw$BrKq^m(I}r=(oRkZf&m@m!3;M*fs@irhayI28}bGm!~{dmhA7 z$fAm-k9T~38?YqhL5KNiD{&lOc!e_RZm(QFom%^dc#$|0vs1c~i8Ux*{R$;^p3nHb zBZnj3Eb3^law8EYv;@#&BUWHDxO0vXNh$`Wp9@O=uVbeR#Om^%Kd%-6TZ@5_O94>% z*?_6`CgkHm8m14N&lF`cqDnsoGZ--$Re4e%GhFa}(q@>{n!BqdM9)_an#AN*(ET_3 zwcr+URanY!5@KNH5$Tm3S;{ef-F?}9`leO~1b3vh@AAbYY$|mWxlA){e3he-xOw?QnFNN5=TCD~G~2qivvQo30Ot zj%kx&J{lvoD z&LctB^y)`!?ij#B7V(>fUEba&v$bZQ}QTMRks*lF7XHqb$x!6H-Wzl>mB`el-lx} z$hbtm>B#NBwNNzq5gyz4jxowT$ToDwYEss*?T$k3UxZ3h(d1u{QK2qFRZT4ul0z;Q z_Imk4rv_CnCgn!QhYD8)!ZpQ~u5_09$06RYHH+VX-bl4APtaS+QxibzyB3FrNi1!h z8V5wjFOXlYheIvNOHcv&n^2Ae5qqpmZ?6;hXsOGrqym)-~HlAUGRL2 zkP8n|-8O8aCNF-xGw}Qk{f&V?tk=VR#{czeIAE9)3dn`YBw(3`e;{Xl1?k7!e9CR0 zobc&`JxP&V9SP$@NG43XN88v5Mu%YYADXf`UOWhS$ZhpiivdbjhLU-$5nO0oW&$>r0>C=97-<_1>?4 zO$ps!WW%!y2Uk~`OWHLBPc5a@v|8%;CH7bW(DLj$C+FCKM5=tFx4j^%6msQr!B6R& zMw&f_M7GQ88KoArjP`>?uK^ttW%GgT?05P4CmLYH2ef}BtSvEV(Ago-(6tu?x(1UWn{E~^yB?d2rgVIq)+3a@|etj8)u1s+KX$Ieo zqllEaDtemW)i@BJFh>0+t_JZt?XfA}($3suxxF0f7t=lZHXywF)oCBjJ8)?~=CcdTt^4C=993xNtXz2a!nH^-_~MOC(lO2K^B@w~_2wj}C~Y4GAHedg zv31tYDI+Rwf)*ag6;L}307LlO4MJPv+Bwq)WS-*`B&bbnK3qJlDCNXX|8}-1$Ow+R zeIB3xfddk39Ev^XGybvwODs#%<{kZ#?$5#>@yJ412vqr=0g{$)iKC)3-xW$3CdiA= zODWW?=^mBU{{%-U{Z3|l5V#E3knp8oWpe=*TM>Q|{IdE_ zj)F)P>cvxYj}Ik=CAJF7An3$fbWQvHp6hJy#p;6P$e^JqH0Mhc$W$o~^+m8Hx(*Rd zAcHDDx_rQ0F2sHe)N3#e5Iq^_u%NnK($RXR|CsEDvBHbb{e{N}v`$!I#`jT@Zi1Qx zF?XDPLHI1Wr3e-@5B3xSd5Wp|MsBW=ul8v**7%lXrR1cV8zYj80GphKD+WC0`JK}+ z>izs}0Ur_*)n>~FAz~(qZvI1z-`^S)8bP^>{VU^(r6?V*?k0sW+FRj1VGrecGoAoz z=wJUnjMCeZjF%9l(vab5Z~~+-L(6%Y_nUuR-wM}KfsnGRly#fl*8ApTD*b1Rp;ur? zEnq_>LZKWX<=4@rGA_Q+T=He!Z+suia{b%fxI^nyusnkCdzz#9q0vM8)^O$0<@NCz zX4OOVtYHxoe)>cV`WIEza2Xj~f!mw12e>Y+k6)xBlO|;Nl%84K*o#ennHzLgPE$AT z$9$c)(uWVJ^?YwNo91BvI%oRehrm9Mj(#DQuVw^+C|XLX?MUD6YA;)l>T$+rsSE01 z&d{cP=50BQH(#9UtIqgv7_WSQlk3`h;y(})dhz7rvr>o4*x)bjl-iNpwAyfIZ)V?q zWKMRmpfd3KX^N)bU}9sSdi3$lt;c;spBP*yC|^q7f54TSJN+>()r34M`t_%GN-wc; zw?(SYhY4SMaD)o)f6QL#oDQS9Fd>*;SyeekWSLHW^J?*rBQ|J4BnrdpllgI=jM`dF zmwPTV$AILDi8`Kc)nWaI`gR@1t1+0Ml_;5Pa5Y7;&+O-PfAMo4nT+FB^b6mDTMKdr zTN9o>eckALukdDv$0GIGG4%CP3N%EeN=otX!c3X2)=5SW(*6S zj_#q^6=lpp9j1OWe0ggHw?p8X-j_+>Vm5%0_nPkp<^C%XN1R5l95$;T zpi5dQBf_NEU01!jX^gi&8d?I&uz1=Hhi#84GB`!PS=Tjr;ulK;dvOCtvQ~_dMYy@w zRBfk{hW2N_01*mBGHLikxEI^Re*jn}?Z6@5-oa}AL@lHWhwuep9otmsTg2phT{vS=OQ+?-0!i_ zBr34&7%Z+sP=O6VT$?~;;lSoL+T>e5Xy9yC%mTnRMBu$ac|H&eWQ|zzjWLhjKYX7L zHTn2_)o}8Z>^8gWe>cEy)?JLMyV%Cv68=0Ul*!g$(Z?$sC%onCE$y0?AsF% z6x6?b`OloCg#``fAD7{?O(wF}H%_~?H@w$Mtu?}64iAp!Y3|r-RrxVk)x=sxWS=V+ z%L-blcylhftmC_}BR__t_0qL+8^?u?GoLR7w2q2%&nIP=2yR^eQ^H@qB20*F(iLvH z;@ZHT6=cB~@6st`%*9!Mcyj#0lgL*VrA9Uv&rXL)9UEA?E7i8WAuk#dG`z>+$}S_y z_b2#SEsxgg@p_?<@*{dZTPL63PCi*_P1Wle_7v`I7bAM?dDqu>1q9eAl~%a1karji zMTlVs`;bcJMU<$DQhkj}t)fsa1o)pSBW_^`U^Ic2<~~X>Lk%2&bRj_IAMpe07%diy z1>YPADBue#`l0x;fvE;=j$eUtNlhzu5L{FnRB{6T!w>6M=o}*EgWA=1@Kf&_#X{{CA%C9Gz3s<=WMwOr3rRh!VJ)F=hY28PDM)-=~ zBdR(k3Jm7qsLY^)t9{DqXJ(`PmDeGE@&{ZFi`}MS{ZX!(pK{!!>$Ep|sW;qCZ>_#De0WRn ziU~&1TR->RhNxjxtLz`iP1=Cvz`f#Ueq*#Z=R-?rd8hC$M69f=kKL>etxCZbSMM3V z*S^Xu@O%D@=#3+(%yUli=Q_$(anAQF1Ol`QRbnGJbHd|OBern4`zz3Ooppann0%^| z=yMbmfU-ow5&yj{3YcN4mv#~UEswsQ2m=FFi9!BS;x+;rp?5GQw_&CI7&5f#@U}pv z($4`EIwB0H84+IxW12CFpnXEG5oC&Q?kpygjKD}%Fc~p0GxL}l```%PA_5Z9!Co?t zY`IGJ?%ZW~V)bB}((AhDz!Q~1n;Oe}(UUC=#jbIZ8Qy{Qcm^HD8+T6Eta`uv6{yoS z=^o4Ye2e+!tV+w(Ft_sG5(7l{rX@FPx?=TnR2?;Wlx2%Ib}zs|y-jJ50eQqz0Tk@? zQzgq?5T*wwV5Org4i^BE4<^@xz!HwA zF<-QIW3d$JGo!}y)gH1`k;Bay6G7btmvj+iEH;siB~jxQ|8CeF;y-BL!~_LX5|>6m z6HFN8Tt0sa0#*6B87bMl37m$;#@1-w4W!J`C?sp;eg<6&97aK~)-^RXi2X%`v{1?y z>02+QcYTD9VNOX4Oo*5t%k!{zf;%{8Ci#R!GwZbrsmvpzn>>TcvS}Q#DSkX8msVWe zg0q826OXcqM<%eyj6V=-H4!cw9M?)REqs0@=V6ngURO(YV~Y@5D1G)!5+RxWw`=8h z;;|PW%_x~sjVYuZL(GObbMzo0yMu#Ck%tYq+8UTU4^Mn@VL{-d~B$y{LuhftG1_LQ;6lO^u zJ5^u(kZ=e?!Q>vY{Plb@`8JNh!&R^NXa(DX-58W{f6nDxc4pm{XxW|@amK%h`~B%Q zfnk}Ff--dN4OJw&y0Y0D_Vx^tPgo8YZ6g+4c&@GElm_~sBcMZB*-A=8si_5gCSDT( z6fa;_DyO@WYM9vlF_X25uTKhmWJI48C@LhyP`9_%mf+2rn#j_Qx7_L7Y4a^q4%Wx1K`Ds0wK$>rg=%)+}vCw!v=y)v{fYRz@tJRnNn|7?~=>wL#&BM zg~cO(cQXvXIlOj?x-_KZlh|md2-(#!VS-#sBhB={rB&gfV*&Iw`IXW$$%`GfBir0K zKS!hZR()zz=2A1|DE@_su+E^%1`JW@xuG?vChjkPKkmC0OJC2y6>oeoy5@nkhU6bo z+#LOfcI-XBEXg!oi|K*WREbwk2smL zQ~t(aQgyN%ms{&*lApgi%#rB))1_)})y!s-n!XM7O>RDzgdpP{-yc z$6pZ2n_UzLg?C!|S@Y&q$07S7f04>5iCLnBIo%?x0{cjZn&a=%miiUvI3?asf1}RC z%fL!#L!v02f`UTl$=M6}^(VM)EH8h@aKvj3@Vz;@SjsPmWwVTV5?XFaY!u(d9 zG*`Ap_-LF~u;-Wd+Emy+zZo1R7a#=S2#nf;th-ZCNReUCP%q?9%7pKm^}-_L(%bFj zy6kM?-nt)q5_PqalnNuY5*{5*@jQGH^^PRyVhHh35}1rJzIg53CDyYGQOkZG7o}-ddz_s%pqN1f{@f{2!KYvs@+;pR1BN^)%FYhW1^@INJ zDD{IVM-74I*2f2R=sPNA4D45oo5;N{h(t@YXMS+8Z;kle&1f&{w?{9q|F*@!+lI{e zKbm%EVU$I1kcwOB78QM_aLEjfHsSY-&$pywxH!kq8`lZ#g7CoxaS zw-Zh$LX?^{oG|dr%S7&r5!?scImQ0wesXx+Ap)~Nai%u68_ucr@pS*4Yv=DOHh&2)e8b7p%=#@P z>9Tox%v@Jx1q)s!K-Y2lNtB90TIxfsD3)kigUFeQ6|$lyZ;06Y#3QdWFn&G8QDI7%c%Gs*=&GyM*$99n zf}-%yESacNsD^q@Sl{N<<(->+&7PSQt=eh15>hax!`K1+_JXE1Y z^tqkUUSb6sr^|hLPfELU?Bpl2gp(4OrF=z?5B*b)cWeec+OJ>jYj-tj^Q!FO;+b=h z4TX=#qIDjQ;=`~f6n1}-#KpxyM0a1`&y5Z2lw)}3QuK%F^oIlj-J_4PV`<0UUDwU}0e-5YC9hlm>RfkOKl4A!;y(4$X47 z3Y!H6@;syWxS$${?oDwb(<-eW^2z+A!AuYnY zU{1`*R>v^1u^tgM7b~e51IqjOpA~pksC`es*?EhMSu)My9_M%AWd7oqA5)G#@WNVA z%gJB*+Bi1Y{&aO)ZF|Dni~+XubiguNKkSu^oiCaj?urUU9RLZ!N1I79=K6eT7i(Fe zeN?2+UOLg@-lex>m5$Uac;#dMCNF=xs+s%$F*&Ay-TeGE=N`0v#(}@hsX@XG07*0j zyC(*68QRf%h(f-><@JnsjQl6u;4gm%6lP1-$*em~2Yv0!nKV@{QKQDg;mT59^TdZn zy1CU%{g}u=vs6MDQ#f4Xt-a%eit{UEb(IfPHasq!xmADbkC{@TjYg+POK++HT!1lF zrU6hPvDT$uvNspKaXBh*?9;{8P)}(k>zSgTXIf-AgU_UKBo0C<5AsE!H3juJ((9iB zp%DOl?O1{}VZ3kgYdf|%O|ydFO=#1Sh!FUQaj1-}_c9+SwPPW{d>Q$? z>1tIvXcgnE2#XH|?t!(NUqbDbdwR#OJHv&vz!y=G^k{TP)$>HB%Db!QJZKd&LW#AP zqe_hE=i%eVT#9%y{OJm%RIY|#zM@j?(Y$zS=j~_~j}V~_}WX4 zucgx~KUR++_JykU=jv(;N_BwAj4-+PQdm6?SM24S*0ztz&a9`zwPcwv?S>Z)VV_t9 zXSr0WwF~7LRi^vYcTRG}rIRU7iAtx~2;2(PQ85FBnoEMuCk65(5Is5&=SwE4=x}NG4kG8TWwJ8FgYX1;)Dl5b77YxZc?~jIF+AZSOnb0`%9;9$tI=2Q zak-v~w`1RWIA2)?z>n4F2De}@`vhz@bCStvA3!837EaTxODon)2yy zstQ)dTSO4(>EPu5SZA62iL){zOE=O-*_~fYKtiKSSjE8c$huW;$!{M<+Jk+k`jr$~ zcJuQU7nY&elz{rR8Eh5^<0QgBhuaQ8Kq%;L-w?8~p$_w{=<7LI%GHAbuKhEz$;FvR z)4?cYm;p@^%k3bhR-#=qLSN0J;vd^LyNJ`AqJj24Z_=vJ*ID@C?qC05g61DaH_u2oH}fSk_k}n1#anSh*^RO zKtES2b{~9g^=#9syjHyOZi95x&VChM6$*u?HFjk2QawCH=rjn^A+d2Arf$ux+z zzkB!YK%U-lWNkr-@P07i6_SajU`hzwu%?{>o2>bjIto=idUr!EHEaAa+Sn{&jKpi| z2)-CY^~~woC+=A_i)ZEcQs*bRTjXAEFK3^5BExW^{jiJn+F0%%i|>oXag`SslZ}d6 zo9wq8XCMBitZ;t(&Pc*1Lelwf-?J#p3&YkvHy>(w~mT> z{o;iO5b2PX5J3R}>F!3PrKLk!N@9={>9#;YQbf8$x};HBS{g*Ur2Fpqo%g-}+_jGD ztmQ)HJ2Ox0{i$sO9aKAf7Jm)!OmeKME$$7pk7>)<`QO>^pLqKabquz>d4Se3hn#N~gW%RpqH=I6b=yC+3pFyS#n+IazV1 zDrq7rk6!>+bezxg%V{+#IsrEltO!T} z?CeMHk?fT$oTLcuuiA*ajEybRbrk`;U`BuTnKHSO#!KxSe+z9ZPP6MNa&$M@G4o@- zLL?N4u}$nxw1$c*I4MruR!)o0S>D(QA{jXkjWgV7vFIrqKh{-uX70Uhl^DMxKfEmi z<(TWA*!l5e9WL<+_2_ilL-`U{4FGx4H|s1`z2PDiG)!#DBX{|5U$!?157%B3|%SZH8eJ^Rr5Fti0_jMge*y9 zF=#hKzu0ds*}86D}xH=f1*JL3)Jidu$yGp$v^G}fl7;5q_>WdAl?xB*lz@8H4ca}TBYc5wNfaYD>3rn%!VGU3 zM<{<()@763j}oeY2LBAF{y9_Fr1XA)cX3$qq*)kSt1`}Nf7=E*f4EmHUvDxMDD@FY z%1qm8%HKxwKPelGe60+yq&DLFoAV{cc2BIPIp`vRrOZ;mJca2E2vjaq2bh#HH3zhA zR$3x;j}9~G&gWNd&lJ1Y15CKPba{oJJR`oL3}?Dei7lUxYumhg;PUdTJB*>pM{Wr^Z?A+4~=PIoe6Mbg^fNnFsn2 zUe(k~Gvp)9ed}nvfw<)vGT(Hy`i?FCtQ4(2#?Y%pg?VJit2K(B6(kT zWRmW7m7Q^J>0TmBo(b~s8 zx`v?T8+y8BAI7G6g0iYpXvNV>bLfc6Y~DBYqq3dIqttLQTR* z;U#r_TCE<_NBv=TX85F)e^C{{U%&dv<8^vz$}RQ9sjMi}MH-9*p3X#& z=VoK`1?oVXCr)rLpFif}6BYdgNNe9FaLeK8>FKD~eq&@9Sq|Uu{(8F6Th7ch*F=@q`d?ZOHb~xXMQ^Xs z{h5D4x$d=x>7y69}2j%K1E#Eb~W_Pz*s`~}i@P*D80 zp5%lHqySzFTB@8l@l)%?pd~_*ednTWUcZem_H{KmfA^**i`J=bcE5AXoLt1;64;%d z(qIN0`hI-+?Y^PMHstKyAJAtjnsQ|c5)^Ic`A6bd{?6-}icHbc;lC}Ih*}P>2#q$5 z8sE1(CsmQ)!eKa6dxd`SRzp(8-k$aR;sUOWAQ%&p0d1PAyL&4PO9z00hg9z9@ZP$E z#4@~`8j#;+mK?)`%n=ySCS!$c{xvQBbvt{_;P(*ffk@jo;b53BCItRHGn?YBB}0u@ zV;eOBg<@pf&z$DG^)a70yspU?J7tN(kV)U8-sH~*iF+i7ogZo5cHb6ixKUUd zbJxuonDgv=xbeR+i4chJE-~>FD&I}y*=J&;M$hL$t>9LngT*GrSyH=s{*HN;D6ymu zSh0FoSfrj(LaM~JESRDh>G&Ee6$36$5?=CLe9)j5k5dcfJ%!eI_|ew$rrp!>esjC&ogM;9!B)0ubxh z+FFsfiMo&8{p2WW+hRXWv^H9sF&)~FxpBPe%}e6`b7#56L;SZ`&#%|egEL-hxF!ZO zA@OO2HM{EW+ISo*5(0g0_*^UtbQsx-R7`B+bX&MsWb6Xf&+4d5TE*4Art1Vm3W%*P z5bD5jNM0&kwY)T9HPzC~&&@tyAgRuck%!;q{i4iSt)H}pVOPJMA2{ zGTt*<8yV~}mzM%uTQKJcWub!U5CagyshT2u1MG+7Yg>^whc{-Ni@Hr7GNoj8m$KH? z=u@s74!v}a;@lc5fZMQhYtxXf6?*^N55Ay;7Ky=Lgfw zQO;=8?kUs$adIzTvvpD-4sM#nxFN=i$+gbRboD-=ANcj~?LaN^Ebkhcb7j+Y(UMwB zlkae?aI9=@mSRfOeYP*37xEPIm7x?=jdqc#TIN}iKETA~@o>93&|yQ&H99xDx_vA9 zF~7Fw+OH{pTzk7jHIzQ??qg9xhL8`bw=sPzEEqcC=!}*Rfep*b%~gW_j&u>ljM!bg zyAm(CGDm*t3z?yxTrfbaFWw?TA&Gtl}9OF><`gBty zB{I1-wIKtK=8J;K)B!%n3R5D-z@9RD8T)7@3#=+tw&wFkn`nqxI%Rp8q^0ni0RD*J zR1%(|1~iCPxlGrR!?GfS+b)F4YMfMG;Bx9`T@}VDQ?q5hjk}P75V8?-BCWOxiA?{ah; z*7s0nm_0@>^}{<&U;dT(Yi)pO7-Nv(7Dcb6I;j{I16vmzQv$W0KX)^TkQmwuV=i@2 zMlhO7dUEnm@Q%-a55oB0WOS6F3r?GMKmdOId)M|EdhFMx250~p1nEw<7MWZLN{)N& z3Zm3V)FCmMz}Nh*_!Kv--QjYt3f$wGS2!omW6)pHz1dv&r|jmAk8&VA*Gy_CX!f4KNCvF!g1FG6rHr z4`P>E@+)@To2h741{wMDLRvRuz_cJy-0T#UKz;6d7e|9Aj^B!R{k^^(4jsl_+PO`} zDi7Ldl2)qyw+~O0dN_jNqIqcIB9!N3mS>Osh^!0UI8zsk@=a?b^ZWGwy2W<8B4cWEseFWa0;D2 zZBtV0bhySR{rD~K3#l>`JTd#8?`gm&B;>}-&pMvEC!!cp0p^$Z|1>j>?1JY+orc~GdV~mSLQi#yjpbr-KwG!&YNS3@1Ie-)P_pPZY=^~cHSEGL}i51J_IiH01RX#x)Q^d{m zz!SVQ;Uenj$nlx~;br*LFP}25o`)7r`L^@dr#N5qHexz$eO(NM%MLPd7V@9NwW{g) znz5wkya=^X&)pwOiA?E;t+kap0lYAbE1NaqhD8IG8pP_Wk_Z|xL+qO?)zyPx1 z=xP+{6lkM)*YK>Ciu37y?2h2K(>|IB!jjlk1mf6Z+Y<${#thc3AmuQ91R_I%iKHGG zN1k+MUM(9_>lo5~lA9V784h3$FX%7GIw)Cc;+*LiiLu1X0Sap<3w^q8!V*-Jvo8Zg zihy6MxPA1zP7|jC0sWPvpqES*t1JO5*V<~RhVJ;A%&nNy?A^lt@sP6}nkRHb<5VE& zMEkcVR0vc@10n-#S7cjCrW5tF*H&qzfp8-!VlFz+Wg#n7=kqLq6hm@D|6E`Bu&{@3 z8f~#8oD?4hn6P8eP?fs}Eu8Zr1?&TWDaAp^M=PigE-x>uL2Y$|-s~)-NQaFFxn&Hq zd%us2kP}Jl6My~s)xinI`2Ig~I=h~e90OySB;1@gduRwC!tSRiddu8WkJ$GNibKmG z*~6^qPgW^(OSy<0{8LwLORis;yDp$cj6@!J5hy}odr#lK>=~v1z25s;3vdmgAzWhD zuf1oE`Qh*5dKc;!bOfAfXxmr*2~qosI~*&3VIX(QBohtsE|U_;LoObGj`d^mE4_JkeYBoWMrt8rgmXp1C8%>aeraG;%u{rZ)+RS?xKfTU;# z`cTxQIFu~lmfwy{Yd<7Cfd?G{ITJ98ZysRtHjq^9fOgJsLF4O(z!Gavf~-)j*pyFK zgx(5IOE!b^UNL@b+FP`H&e8yH`q+7E7wSVpZCBcGB+FWKw^U#D{4>MXp`?#TABdG? z0%g_j$~84sw5rhEgLcEfCy*cEk9WQR$qcV&UeFq1G*Eyz^e=@+>mOH>;Q24Fl00WE z$yb-7!hJ)~2l_c=N-Sg}I7kbnrNC7NQK(^{wE*iV1_CwIhF0X6e69&d_<$!v&DDgI zEg6vEmx0pm^XJcVz$77FeEP(Q5(yeqIFO^_n_+5)B?L4Gdu>ob+6x+D9MaF=$SrkS zRPPe~{zKm?vlf*t;&WM*;YGa9S~7BuRK7szy9^ zciQOre9#tyIli|`-33J=N-fc}Jk;!VS~34|(swB`VE%Zgxo=K*u5+=fbSJQEV0B~9 zK#(~{Uh3V;j*Rt_+T^BaUyB;tK(juC^z`I5zsnP`F1ovbGRLu+?2A#Zpuj4z#Xy8r9hG&>4rmH896VhjL{uj}e%aIVl{ucq<(`pp zT4Ro4X?RxqEu=ebRmU}7QAWvvYgNxwGUIj%56Zth8Cs)qev*KW_SMK9~)vF%((N|HJ2=QTwYpLkQ4oh|pmEpBmLBWJB zmq)mQsj5NBMeS!t3P~O!JUmjfFKSQly9*&HOuU>bF14!s@{X2Q*{|H?6rKR7x9ACq z;p#!oD`az18~zdV)dHWhC(ey&cf8ZN3#Gj9*u6~UnnrKEBoruLva(hFPtz75mJSfS zVREb$I{y!p4gj@{pxMF^5)v|oX;~1xje>oF9t`j4=}FxBWC{*pXbZV;@$d*Z4p4*H zK&a(NK7>Glt*B^!5H#FC8I`7LJ@FuUkoO!$3(&%>2~=1R{2F~*Gmsv1z>LbZsYWP6 zg~g1_kjvwKgtP4`^Q^W8Q*wAlx705N6MW|6R_Q?@% zyW8;M_1)%qRUE~z74E!*t*s{4@C{t^2~4c6yZG#&@@T!jJe=R`+6kQg z_UiHU+}*|hPZ1fX6;@SeKR?qlKWO_*_-Q>W8b#UxjD4x9Cy}_>bybW|>im3b z{sVVrR_<4vP4Qxj)?G3kpAf6_<6H`B-|b&$2(~FPOT-pVWzV8>@#5&Kn5-Yd^?RaZ zGtE>|jVk5ko3(E+jjJOFgKm8g&P*3!6k<=$=1+9`pd5{tPA6mI#>6`%x=_RL`qK{^ zWhP~U!~m~rFL1fyH(sz}7*z>RdLtS*Z7rMW-@A$GqhDp1`<-j@(|&F-J0RZMBgjqF z=zRDnzz;&2ns>A2R-aDPTMB!bMm|4Y?Rd=nKq!V@>ieIGz8N;@zmY?rZP^(ewor_f zqHJ|@jL@9mHFmM=4U(trL3XZdTV3~sVOrvGb_GAVi_3)MGItvx%%qqQ9zbG!DNc4Xa4BL zZh8IQ9~lxN%%6I^YTx^KN=5i|Ii8?X+m$yj zW8y3?sYo_k!89o#?j^Pq@}rb90nU*dCIXcEg4I_YU#ELU;up86p43>~`#a|3KkZUYd)GG_)3KTT&7-RVr%`z^#?Wh zT$etCa9)PQp`}ZW((#g#t@ifX;P58lPgtMosy@*oY}{ISoZa%KlXGAQ6Y)y_OTJL> zz(jx;5+r$fj@8_@wn<=TwNYD9Ye|$ zs5l<2FM}vIo~F(bc0i5ggd3K>u;DUJl<5V^9R>G+FJi& z=2fJc-QMX{O5tj$&N@o3hK{J`80Bsi6HD0kyVF;eGhr@$Tvhz4TSUhp#!PhJ z_wHilNaGfs`mcD(J$14d%9i94Zvy&eeGQiMWm%G@6`1x<`Oq8`Nk7Nl8gvJw5UY zp^XMRJ3FXAw^H+Fbkqc3P~*458420S!2uWh)AlIIS#ItPdFpE#OR4Y+=`L9#e1n#H{!PDL8r#+pH}>exWFl<0Qjr zmH|-M^)z)}VI4KiSNaaW$xSbPB?&;CDSEvY$dH_eN7i_0G4`?2NX%b&?4_$uqOupE zPtLfO*C!m;+7gQQIz2speB1!lf})};Yd!Lak!IbH!1G8)CnQrYoblehuAK@PN8Kuj zf*+XGQzC!~z=pgtMRW7ps9}<={n=Wql`gY{c{)+BSU?a)pdop37v+j>-isoz!mle{ zVcDc1CwF~c~E5Uku%>yZ`H?qS4=;zyky7{`i6bJ=wC ztf;#B2Mnu*#4s^UxEDYP z>IX6dS6AXEN{zYGU7YPj_0OOrqMDlN|K-*b#x)Sn^5>?>@aMn!6&b#hNIcO_w=k=L zDd#QF2n?)I0gbhjlPH>1FIjnqj2B0p39j@)d%dpGyHEsVPc9-5d|2NUK|1ty+udBu ztT25LOP!aMaJH*mn?^m$*xHQ#*gY4s!4$Z?3u9%5g>vPLR}Wpys)&IT9~J+_PFCcf z0vIzdemL|yMxbnygedB#Fs-I) z>|MTWU5(b>LA%|D)GAQvG+-wiWsK1Vsu#(3;2e6ilm{Oya=qWIc5p9hkfPI21lG>a zWXZcMKeUI|^7rvvXU^$&1~B5P|0-J^Z@m!e@I)Z| zPPWyayuZhhqC`c%9rfU0_H}^hca$_N-m5$01FU!a+{>(*o!0eG4=wHZk}QhtX_Hck zNVHfU@Vr8URQpAgzcO{!2N=E+fKoU434Nt15U?o%gW;ELn^#)LKic4!+l`P(xySqYRdrlcwCYqoB@T))$y@V;gC?;VEe8J0*4 z5c>8y$~2{AyU64)jT&w>7Bj3+!=b+U)?|!>E~lL{hkU-O{50|_#VieGWZN^j+qI$3 zEr*6K=2q{wh7QZB8X|j?ALiH}orDj_ej_zP}a2(~AEG$oDJ@DMjj;L3+^R zX6UT%v^NR;512Jn1z;B3Tb)3$aYOdQ{l{Ogp{7GYkBAC10|Zo(805-`!`}_5V?_xp zu$w?j4fdhmg|ka65qn;*TifG0wuIU~R1B!RbNH;^dkSYx_rtriGeybs=T+r-dJP-Y zR`@EFCTLct2Q$85zDA-XpX9_#?Y*SD>$==T8nEO2kt8S9l}4Yn@q8}uO{UZaUIs8! z5RdVy%&pvR#+a4^T+_GNjn=fpL1EU9jlAmL&-*D6#IlBppz?v#G?X<8s=*xq%Phc* zW;a>M!D&((0%4QDhy9XeQWj9ZyH@8FUpa(6Jtz}3Q*=Oo9zWgVG`dY)Tcy1&@?wo* zKgFgnv`>SWa;5l1IGm-q+j}cQM=<+EUKa(tFqteI%pREYKpVR_i+kfPH9g~r*)Qne_NELQWKQ8_|DrX zEa$+~L4hU2Ku8AH1A%fi1)MBVqPj1X8yM!IyztuW5yIfIpK4yO0lfeBX&vJ){BDZK zgtEnf6N-IJ>Oexoj_aG7dT2^63x+Erq-~GZYhKOd!aWCyN-vYLM(eSky43e)-3Soe zNCTQ{&m-0u4bBikPXoTtpHI`?NY{PII-4e485`@~TeNl)Pz5cbOtBr4%h0s;27|ng z%4nEak;gBRa{E|s|H?$EvqIJ4{V`Jru{%kj^w_FLb-;ya98{BVZj78VCRQCe5F*Yt z{}X|swCO~KCPPLvClnskfyJF}#^o$g1*Vq00bImMvZXnsX?bNEhS?ppi6%zAx6uGR z5AhMPILuH|>CDpy(b3cAg4bnk;ZF5%w!d@HxLw}m73I-*R>|e*QW7l19J&NFooMqG zay@hsbRL6!v*fUzuhp6PQh+iGCpGvx)lL~fPd88?W}u;f#9wJx5QBNzEcmy?so;SH z{6?zIsd>0!358wd%rYh&LDJz-DhBMDX5sMdEw7=H(!IBtp@Srj*L%VFO5Ho>%-c^8 zDgUAl=4`T;UfO-lUgUr55FpYh@(vr}?JLUy7a<;tg8_(zD#b~Ii8WZDPP6z|)%kJC zSAOGJKC?8Co}SM|f7~ugF6Gw9hy>gI$HUB#W z9hofr{@JrKh`IhF+(DWZBAI3(& zYTIT_CbxCFIe1#`T8+l1vC&y_qN8Dr>Z)h9^&@?#kKP47dLiej?^yJHFF?KA471%p z+EdXOVQtbkW|m5SliYkTJGzbWOa4b+?aoZTj#q{w%Bm()1p+zIzRr2Lpk;AQxx^s5 zF>^63J0LKOkqvPFSFxF2Zd+>xvYY?|hlF6vq>@<+6h#2?eY`nA_3hA2(NG4HInaG- z%{I0#n_^#aw^Jb(&+Pn<>tYthysqv!>3k2(#4X@yI!X6jKPQp4kbtNabY~C=MG2$7 z$QFttzI%w;+#A?z@D+5rurf`Ey5lO5q>v zld%)YsG~0RvzeDucan~A4abc27{4K1;yF1M;=?ExEnU&maXGNHR*KUED@jp86SOes z5_g9o=ededRAeS*D(=3|?&3fwC^f!m1s72|V<2v2{g_u}Y#YLfKN_N+OsLBxPbIeW z2R8vBcx078reL649VWKy5(Kl%M-B6SO-Jf|mP=GR6Fyw~z_2I`P5D5MR*CZThc9v9oE z*RKccb5Xd|;UYBiJ*jqo$ZW*)mb&tG1834EFX&%Wp#!Qo)AL=spN1=A_UAPd^*ogr zv~?A1wV9T%+693oEvE5>i@O&2i zz`vgH{+r($;YQyxon+d+&weI!Jig}F5Oa&uV;?IV@PHIZh8k8&ODnactxdkQsjc4Y zKUsEHwbjjx|8&_86hs}0!vl_X?Z34dUQDIZ&goUy{F^o$Tr4o8fUoLh`UpkN%c;I`KM{+hw7RMbQtOiuGjMF{0W&=4hj&Y62wg0Pz2h5La4L!)l z%_SvWnq%etP?RfNkg#Zp4zbA@sqNcH#mCCm*UQP;GK&)I*Ias_7#-HTo2En*R;)SIU$0R23 zjkvh}6H1M{*^z<#j6Quojpo;N(DN!N2Z#vLs&$mh{RXWo;zG-pMq>&+Bb};GhOJA$ zGJ5aXYpbD+0Pla{Z>vA(g*<4KBxI@i=J1%4HK5iFb&TInCJO~NDlyIo&uaK(fRL;j z$0xD@iqqkJa4W)}l%zhnYekwDSjgjFh7&dp*WiRH~r!AuxI;&EI zI|6z^e8+xL*@$r{1WQcnDDWume+SU@5qMRL^k%bv!BJSCUqWF?`8o0{N+upV(WmD| zYip;_WF&ONZ)jO0qn30p&g@G3S3f2%jXh7rbs`TUnfLkDV|tr4&a1-Xo=l{0e%(gC zn!D;ieg$yA^|ct4o?kWTY=QlcO5sPINUq}AxVd82jECGbx8;KxHy4~h6dAGO35F9` z^2TJmtfsV3Z>fYQx!qgm(ED3RxI4`16u|T^za=7lTh!IvGM<)sZ}XQ+;aVi1hG~fBZNJ^-ROyh=L`?zkk?|hW$@- z;2&o$=KxnWd8T|`G4f-|FXdc*Q6(nYm*Oj*I#QE=wWmT|jkC~G0z-@H%LEhbzD(-9s~%X2LYy}<$?fYuZaB%z5NNNyOR=|DMO8Q^o= zc%l_)A<|hw#GFxDzf`^p-#IIM=MbDY2i-py%^}-M)bnd^af~HXf~x`l!&wI}+t+=8 zO?F!EOf-l);fzqMj^_iyc<9GLmECTrZAM*-4f8h=Ep4F1NZX(SN!J>>l4{;(`lItT9+!D}Vq)?+`b+8USQ zWLoDQiJ+a#ioYC|TJO!_{E>^)3U(nJT$2S&BIzG()HFnHAip4*95aRo5IW zw>_`PJ^@nV1`P){e%t_3vZn5Xnmm0o5`&!3Qc=wbiE?6S%Fg_g2m)d={pg*$?yHW zH=yCzT`YT2zImkjOtR9nnjj8?Lany*Z|96)HkLMgjXy_3?_VubcN9y8T13eh?T9P>^?^-di;A3ua^e5-SNWg$Nv$#1P*RN#e;Sz z&9MbgHV{H_U0Fp1MhZlJ`^MjsET9q*)25__6W(}ZW@WW|K&a(oZN=D~FKZauz+L11 zT#Hj#jPBE98(435qm^wqaa-|(vRmYGYBZXUXNarri;KjmM#F}b`YL+-IL_~H1q>h5 zKI*8*{6Gg+>mPO6)H@LSNiQP2+cM*DuuTboJoK=WfrJZW{_J2Kr#rZ`Ox>Ro>&o zP$;h!iY+l3q1u1*MT46HSw{uR7>KLzu4YjqWVz1c?hGqRydEx=C;3B|I932DJOmx<~81Ia;m)tsdRQ09(! ze|PvSIXnWMRS!N2^6*pmbC3^xmZ_4^{y#=w`fhxd2D|_AE@UB?!{{(na|_+9&U!R4 zPk||sMAhh~;TN-Vs$5RlhbDeUSHnKF)!KNq)%(tyu{gTj#SK@;lpj&wxelkLp_G0d z!0FBVrQ+eC1v@m73!O;~Wm`W?Q9hHx1?BqsCG=aDr^1#)(W#O`>(Ywxd@qUDTW-f^>}6s#7q(uW=*hnA{i-r+#)xiwHT8p3ukv8 z8tiSWr8MZic<2~suDs1%FIpS?Fmajfo_A;1H}JPne_DEPqQ9sI)<7ga#ZO^ zrTw0KOo(-(sFzc**GcATgj>Xzsv$5!(ADh z@Nn-hIHgsbo}{6403SjquC8YprP)YBgM_CGWhxwBEwJByJYPCq9p`A?I+}HSEKHn^ zk@T*0l2jDOtLc!rs}(0*Z8dH-Jz7TRl^6hT_a`XAank8K20zvyn}V4aZ0{ar2@GsU znXxox82gXmF^%y?yK!a{6Ots;s`vaw$#ivITH!nwCQA z!HtbKCoqI3268rU3ky?KIj>6X6hSJVQI#{f17*ku)dS&ufM3p){R^-l??9M{<>nOG z=^*cU;Ss`B;w`R6*)va%?~bsr{TsKh|GQ@3rItNtv3gj5c#(v`2yp|y7tX#RQHu7- zXpFLrAUki7ZdZu{viK6QND-QTMuDa!75QDhHy=Np)feqPOQc~w?Jlu>*q1Dru8fI@ ziNbv$MG#L?q{(Hgx>=A;Z$7G#!?PLAcf1-#HWVNn97KN+jj~~?D`A)ELt6`uf_Buk z8F20moEddT3M5-tLRAW;8REBV)4ypz@(jg97*XTN>B+oZWCimam*wz%6mS#Ae`);g z*4B+E-Wq0o`C87`{ErNhZPCpSru12VGv{ZjKTE>t0LYbV~NW=?6qq=tSawXLJe)L)$ zy9`?f>@SdoxHFBMoxeQW?gT}dU3CN0btuv*bUf5MApuRxetI%nOFA>R!9?yZ$@d>W zs-3#KgTibq{|ZYpJDyhd2^dDPvms3GOdlH?$4u(wT|0h=G2)<E!C z-5o>PnkmEn$;DjV({=QWlBPR=W-N@yJ{2FobM1Ko?Gr-*L-v6ktA#(G165ID2#43g z`0kO7^e6m%TA;UHwLJYCAQ&{P@YAXW?OrDV>WebF2xHTW>M83Bl#nv!Ap+%$9wCe7L#D@^*EbWqYPuuGM52^eLc&NOjn(Oxq8u&l zerFNuq~NlrS%0OcDUmp7%ALCiig>%&2LX*CW*XUZksn+=Jdn9pw3&KxKFf<{i=OEw zpW2XDZ7mP8n~mgtx2P4M-!4E-`Uot01};~^OLeM!cbDf-^PeslskqvrNVy}9cK_zh zpuAN7o#t76H{l90Fs1}a^?jM&9CYHTY!DJI4l3&-NVyaB3~&Ck7NgRaq5$=z71~FR zlV9q$PGDAx(|HQ>zQ{}c{&h+DFLIH}k>?vPfA`l=Pi|Fv(5x+JeLK)HH-Du)J?4Pd ze}f=@o7Qc4Ju}nk>hn0epUc=4)W*G5PvEzdR~BvaahuP$ z%Uex~4&S@c>ls(AEw>zzI7;+4U%>Dsj&!DGDa`-qpt341F22ve5X93l4k5)!vYCJr zf6~^`X+xAUUJR9PjUDe+1U669Ty7#d!tnDNib`BsClA+jeJ6Kz!m47UEZGvGAY%T? z3jSY~n;TX|Kvd%21XCdD;U_np!tw3Bjck{HPsY*D?o=WrA%dZL*GWaCpej|eVb`g= zyr9be@ez=H!1sgY8iN*p5g(^4c zma$Vq`);@krdiCpJhjzs66^DbO}X>){Ct1;MjBoE9Rn?`gUXV|-z$}8l2`So)i~a9 z!j~8Hg;)Rl@1MtRZfrj47YJx#6n;=D;Fw=E-PE+}q+iHgkIajwbM!MJO}#U|*RSs~ z8ROnItZ^jR=!6H~?g?!(y-@0l^~8_h-$$6ua-nmvdT%Cq<760!kO%L(0l`RK-idSR>4q9|mUG!K4! zey`x^pPw+OI^ebBc%3=+-&i{=tYju*vSQnWIb-F_Y%5~0yFH_|imBLFA1yKphoG)S z(APAh2x8}H(Ytr=n!})W7<-j!k?LWj1?gtM5|T|f5`e0%mL}qJbe$n{E0Bh$1G#H> zO|ePa@ug6N8^g!Dp;o!WS-3hCUGt7wg zO9uOREs7G^a$imVM+#;~mR?*h59C zK#BCUu$Ugh=zrI0o|0N-xhw!l8)$UX*~gAsFGL;R7l0_`cLR;pE$<9bBL&P4deM2a zsoz6~8K))%sOTl8vQOXl4EyUA=?MBw-JfbV0j*Z&)FT9X+m(oDBtZ@UY!3ep#xEb+Zkxu`ZA}cpKVq>`cE3f2n7T5aY{m6Z?&dsAx^5kYs5&CzD z&0thz86X9{-0X9rS)9}Kjd_GuNw7PXKJ^Rl zo%9DXw{}sTE^<4%t=Z$f$81igdnSzbCza=A1t-Vu#zWgxB9rL7GnIp5!DUC2A!8SN z;KZonv#-`Oj!frVGC$1d`c0ENGB9(J?Dni>bZ=ESO&7;jpR%W^No?-dcgN9jcX{o~ z1m%xjQ`dwa3>TD*eKj<>Xg+g>yDDItm|`xd--f6SiZFw(o4BxB7J5@7k5?@@6Q__w zK2^oLetB+jO4=%q81%n)&K6uQze8>O;@Qnd3cj`xg3zq@(cX@-B9t-|SNQ48R*>$43`^oz6GXy|^o9C3ZWw)3V;nh=C% zT*JtC_9}C9>gE8jl>>yq7XRs3-e z(VP?&=D%oASwX!)-GXKZ8{S=!Pmd>OHu<>w;rDk?8A*M}8YTW3z-?VLh^~lqyMnPd z8O6JE5|G;X|1`b@3iH@JRp2^ALtquJk5PXS82HHic};jJAur<>y3kh@Gz6Vpq(H&k z+RBTuf<%+E!pQF81YL*HbNY*~4({O<3K>`&EY|iIzfTvo-(N@h^Q&2DiQhkp0k|^m z`N#e{<+)yX+E7fj;9mG17oGDO9@XIZ6(nYL7uY6MKnps?L?B-$^`t zO9i=DliqK+9_m5HPP6I-mVPyJ4@#tzloUz<1DVI@R)zCCwIK$tV_I-s5yx-*`bTK- z&sWU;e}p)O*$1eci0*remN?-g+1CN;P-?RAsA8l5_{`hZlI)A0FZxIIFLRLrMKtx_ z-@MU}+a_c|Lr}!Uzm(PM*LvIb$=G2u7%*$ktV{^-VKrz<-Ty8migDF7Kssxh9G7mR#d=TIPQJAA?Zhwg>|5yYIG$^ zX-NB-1kCi&XiolRe`b7LB`XkMh1%74%KQtLt#nVB*~|1th%sC9i%Lnr%Ob#kx8r4R zDFg|_d6ph{r|$g{;b&WQL|S=dw4Dqv3r;KV+YFa%VRPR&etqex_|{XdWvObdb*;tY zd4xXhKD`5k4$Q4cmjpUO*caB~CyY$1@4q(P?Cb~!t;H5Heywn46rpH4^S|#ti-?B% z%*8KTmijysI!q zA}h{4#B2JvAtBE`Vvu76B~^XLs_nY>S8d97y8)G|DlQ>`8KW3+0%1<@7$dBGXct)e zgr`KsS)b7J&MYxx8}>`lG{N)ydEAq{J9zhPxR2&*OeHV1J8ZD}c^8PN}57+rbf2d<9@VZ2+ zs6DVR8x8U0(B8V)qfJXVPR=6&3&aLHYaa-!lT2QwmYt67gLjfvqo;MZO}xJD02k5> z+klOTX<)%F@=NAPqF`t%220KrWbea(MOu_{8iJDNUq84Nbw^$v)I@i(UKdR6 zHy><4W^qMvzBB;Kg<9|)K6e>jpk1-L$t+hEh+u9i?EeDI?3(%IXhn#PoBhA{7BY1~s` zmf&)u2t7rGwXNoztY7IOH6&T_2#ONJ0)b$IistB4@a+Bg?3dEJH23zMnah!{Y>0fn zNH^bqr_QUSBpld{^&n3Ez-LQHzS8C(aDc(;@9H$3$~RM$gFfv5#NGA46g4?Z=bHiI zX))?(oTz4gqtDy8pDh%;Tp%N=@=*Pydg-jT9xy$;x$(NBAgfVYe^si`Su_b9@nNct z-2VlWCuHha0ioY>i!8FxlF3UyR$J=zhj>VD1LD{Uj4ToR?#IAS#x{{+DZ#QMKo?aJnn+0eVF6QAx}k_gnkz z9F62>(re9y1r%<6076N0sO`b%7mW}h$Z-nuOy6#kk@EEf4~_eSa_Ru*xawpyvVx$t z6y6lopWz`Gw>Ie@RNQuQfOvd8q#q5 zLn1;;_v0`PFEbZcQ`+Q#*Vs{MuOq_Wwc%q}akUNk5V^i%_6X1Y3$fxsC%a$r>un`x#?zsX zxL(zA3r1QnA1M<)=$pNc5LbNL`kDg55l|>Ss!aW#;D6bCao0%LkFTnEc7D12%-M`(=+IZOWdL`36s|G}a3!!hhX$YqJ@^8vC0yvF${vmTWhfT)V}W7i~6l`a}>* zK>NO8Rik*0uF2+&3PQYe+U4qf2*Mm-?V^KdI|%*glxT+0E6={3W#;e? zKE8lBAqbjOkX3&?(v+=Kcp9i(f3nQ9|8yyIw2{+pbNwYYJtc(ygng8?S@?69t$-=& zGWbbBc8Y+3;sL$!$8cPcN%^RtQc{X%5NK=ze7lQOUUzutKh2*1) zGvxGWMl2`lRjxF;EF~=JnLbaQ^fy_u+tk+mrte=-%r=v{^zz+D#Kv+<^x%U+5Vww3 zxzK~=e*gxgDwYhViXr>Pr-?1S_M0nKb6=IK@!K;pR0#0D%lW1yC-*#JE?G2lah8jq zCAN?Rw$Gx&Na4;HpUNYxyym<=esF;aoyP@-$boQ1u6c%4$*kVDhDvHahbo$>Ov8iu zPkS&)Hg%*xl*{Gp=X%~;{@Uw-T#zmAbZ&fOby@46gx&B=*y^7U%PZZf9rwOY-8co( zZ5d@55r{E(m0}bI83lh5@?II`Ux~UGWXxPt9Okk8F2FqkqBZ19SdPK*RN+pUnfHx1 zgP5oO&#kFalK^9MC=S>kl`Mc;u$MxFsW$Sd46C%SNo;Q>GSI@u-=MX2~& zV5GsuOtaNGGKdC0;y}K+i7|y=l=_z~5wszo-no~jlLeHJR`zu!-K)_H(^#YD)@nXQ z>Zc3X=u>nc#)bbNZ)5O^{jK!;?V?%}tqYeCr?_(`!qZ7QYpr{X>`>lpW8MWnZOS_aw>s?72++DSrOlueNlo}rQkc?P8LE# zCXHPtrqeaSnauy1Sc3Ye+3W-)bm;vydh z+|@9Ut<$U82mHFcaXZ-YM^I0)_8j4Gc(GBb>1A2Z8xnQcVPXhr=f3|KrqJ2Mi!#h@1qr>nwSW)j~Aa9T;Y zy;2^K{7wL?-8Jxt7;*ZNweB;CTUGRKy1V^&K%RYXf8Vpb%!pzW^X{#CrH*7%VVl;j zy29VvAN~F_v0Nb<2E@$vDNGd24>sSnHl(Y|sxIN&Ibm$n%4!GY8C=Kn#Yab%7pYEP z$j1$6JDX=s&;pT|r;4XQ@2CJDrR-a$BFAzt zQHZjQim@ci97|amWQk;p@_XGnb)E0``Tg-+&tK2EzUMk$W6XR$pZmVw>+Ah`J@QV} zPoHy0^}DP|S;TD02*ieoHhL==yAHR?J>P75U6+4-8^klbu;fm~*20JsW?j%xTNy}; zSDP@lKZC5m+|#yNs$c)!K6&{Pkq^$nulqERLX_Kd+TJgpHRNzx>*DaiUQ3K53Mkn# zBI|)~_sMbc=xPyPje$!{=oyjmyn3)p6a4}({h!#p9EkEAh1bR2Ea^Cs?IBU2ZfL`t zx#X=tuCCeR!jCc0%X7~>G}d=7`lkO;T9oqGrn_Uunbz+9y4hRyMg#;b%&=^{sdL)# zQB4mzEFJ*?^4aIX>$M}HT71Qdn3^6Q9-e0)VU6tBFew<26R{nWR1~!&Z3qyD(-?F6 zIE5j%)0W@(Pnv#T&TiYjq6+(K7sOZ2oDfy@X{K(g{L4@5A+M&aLXks*1L)r|Dp!}b zQMi^z+A_D!V8dX(wMa~rS&R%@*y_@nn%YlZ3vx${_USx-(JBaG9`l=O3pJ#KYZtFl z9J$G*^3~gvh53tAd}(D-S%N42X6~gi>fAU?Q+mTQ>z``&;3Fb>X}M#)N+|3-c$B@U z0h)1(d3mp5Zgn|}J@q9K&&B*i3*MQYapt)LHAqVDX!{iimrjGaYhXJNtY9VCId2o! zdPGL=>W<@f36J6;n)7NDZ3oX=pEsidt-S|Om|tsrJBv%pv; zDrDf-3(>mF^LB|%+GeSXx~wtbMMjdqnZJymzo53Zwqwev6uXMCp&lR5M(%o?Eu#SO z05atIKG(%_%Bi?2L;Rm~iR@MdMaBHe%G9!+EujaV9P$qGq*ru(3wel+4nfRB*=37zWv0D>imud?j7K%n=hVXd{6X+?ltGl6f1;Ds|3pnSmJ)&YMm?wDtTUlfCpsAOF#Ag zdVNv0xUPG$)_QC3@tid^RgbHx{>A~F(S~=HzuywR8f49&UsN7#3w*_9Ck@E>x5iYP zdDQtm-prz4G`NUQ^Q}DU>|efIT*}X{E)l4wsJRg{vv=9B1sWV*b&jtj*ZKc=!KjSY z+NGX*nz6}$`B?bYC+4*a9%uxxpn2!x=H?dE6nPv<>FT<=A(M@P$>m)f`tF?;mVh=k z475*UV`Goy4lsY;fCw}h<`*u;H($HyI3vc>zYFJ0pA2@LslFn%eQ{5~naUclHT<@>ZxEZ&D| zXW(T-9orTQt2hf_TP4eges~mon%79~_ugRRU8KN}>NIS*cIg~^V~lpNm4EAFwci`Q z7lb)3=(p&mot@p}JaF*AH_nnOYg^kw5VU=O9&hJbJ6MbV-C+E-Al?e$ho^ zf+fmGm?W{DTx73X)6VxsskkU+FgW6cr=ZyM^DNo#1r`SKJsY$WUqWW1;?e$K#lXTO z{q%iajlZ_xO4@$B35q`E4l{*sz|K8=^dE;}Qn={n2kLvqo|N24v5oWro3cyC_q?GB z`o3AzH4jcyh=F~8QJ2Dl*A_;n1MN$w#^-%QF5XOkKUKuapf zn)YkN6Ygetry(hT!HhcBYQNSm%QJHQ-t@X-Zwu60=ea(w}axF28hjr!q-zjX*bA{31f6Yxs*#o;kfhELYMAB=S}xpO_UYwS@(x$ zwnAFDRdr%?Apri1moN8*9ENvG2+z0TuNaHd*tc&EDM5jn+vk(QB^27o$R!cGiE{nn zcw|{8|E7~KF{_hm!WOJt))BnvR6d#KH+#31;AWvp9OQp?1$RJtMXyatooe~k+2-zR z_6Mbaa%DG)iB{LR4)=|acE=Hf*otDM20M|3LdD+g3(oK*qJ`B2{|z&h3;N}Z?r^j)i7 zRoGT@e0yni^}QUhd?co%RP@P2YMQ3{;!zo3(w^~Se3XylN(abW7y3C)fIgty{OQ8FQ$9~uD z-Dz^~ovSX?qi9=v`f}$Z#d`fOIW6$w-RZTb>0PydnF<%DB6JQouBEk^71Er4D--_D zFZ0$Z^E!RCcP@4`Wms#iEquCHMtQlR!}IbPwd^fU5l?LRy^?aVKj*| zPg=g}YHhuS>Erv5;~Z(eA$DP;&yd1(b%{`M5yYM*QWmg%S23gOE26|lS#f($OjT!T zSe%5%4tFSssSi`VcS18@78#RAtOm*Ve9&T2LWZAte;=LUHC)Hj@~_>hKG12aNQkk$ ze0>WizQ3Q~p`1K*suG-}h`#^$o3Be`8bAryX;6s4uQwoic)C*NPi1X znuiOtW7925N=oQ3Gu_Zw82sU%nFcdJgWf3({rG~O@#8g!erxa)3YO{FY}mBPgiu~M zyJ9K$czKT|JSse@vk;kx9*%dof{jU1y#QTGS~_6*v}q{_{=>HgheTT`r-~|JpZ{Yq z*&3f0vXnr6JqE4l`R~os^<%XY^v<4Lt>n-bvujH~{6HOe(&oQ+#iIMR$`83t47+xt zCS?lIp+w}ciH{$@GFlGSn`7}>3_Sa8FeKohTp4MesUAFxlY3&d4o+qG7UMZWn++)D z7$y`_vX{bz3zn3Xne_MfORZh&we4HS1HRWVco;9E!xhp2*_0I8c3HNhwDhcRXFxl+ z?%qHSsNhauAUkURzf24FoV9yzXXk6w00qB`w;XvNn3|aA3k#ZBHkScn8mV>bUi)@_ z#eK}1Xdlql)=qo%YL7j)bU7TzAj{>)xFh$&hnEm_GI@3|UTX_WKnVa*Xek+jpCtfhQDz9z{>6t=@+tHLbPZL66Kw+l0T>g;Rp@`h#;Q#OO+{_h_B> z=*b<$YzNzJea|Mbu)nxBM#J>#)6I(kL=`I-o){kp(91S|@7RE_x(-ryW~Vw{y?J8< zBY`s!woykNsxaj=tEN);h)~lg!>FhzJo^lzqMQ1kZMZL0W1-R2jWG4>Dh>ZcnUjXN zq|%}yk5jqM9C44MyLZnR7#N^8H#d_7@vL1(|29`22Z1~e6ZUHEfEC+$t9Pfc6t~=l zZTwZL_c?r6g;cNh!`xmGMDT>oiH8E_e8t#9(F?@H#1a88+`D(LiRLVa%a;Xzl$Xn% z0Co*LNb>R>(P;!Jt}^mrD#QwfkPn*xhYY>=q!V&P_ncTSVG$96zI_Sa3%A@2MK8?_bh-^20{ynLYKAr|I3K=I(7ZeH7hLuXP>Gk8fM+KeT^(l@~P0CLut!)qxW z(bxR_{VyQRcH&vz ze}}p{`%YI`E1!UX7itq?fLu|&mh3k^do~70M8qbW_s4$glR1YNW)(^~5X3G3$J`b>AtT2c{r4&HRPddJoOGYY15g&IX1@Tv_>f4b54uHzsBU^TlV#2ThwX z!>B6uAhAY7N)M(H)5}%2UOrh_w0C{h%!hQWY34-rGe)>e@MOult8%SRk2?(645gre(2iC_M zImGk9niJskErzDy2e3neyp+eSd49uNa4ER)Ozp!~Ho(wZ-P);RmmQ2(BuU`v6 z`f^`ueLrCaR#Fm@e%?0)?t-v7LHw^^_Pe)*Uz`yTq%Nt-yzU>~-%-~nl1*<&4QUeV zE!7s=pQGBaQRu}J3@0Nh7=bzI?~IFXf!C6dF8dtBMv~L#3ho6+M~YwtO`NPAON+U> z6SM08OTSoH*caEia_!n#;NX`+31`MU0fR3s&vR?9;W-Bf^Mlht*K`a#-Z7AUy7l_3 z1iSh$jUoW945DLb8s#{HY}wNo>a*>r;2~T=@X(d_)n^8pCIoDagjvpUtzMl`Zga5a z4);=6QR8JPCpLQ(G6SPpN z(7BR1bLI>mA0G?E6UEp}99Y$jB1wEn+9gp}zMbc`v>4SCr{7Q3@%Hv+Kry?N!wKEB zb7u-NbQwq;F-4zd+s$Qu9Z0%gdku_Ay5(#9KBj%OHZPOnaFs3bggjII=BK_(g{Y)b zXjdJQ;nawTh}}<9-;JpsORGLxHhhC?(p8kIU@)TXwNRMp?CjPTeG^L-uhXB(al&CC!8OWhvw^i~fFcz5o&N zD_o-KTL#RrXY*>K@#pXEI$zpStME*LBlX>}On0N`HO=W+@{PGJ;Rs>_L=vAU zbzTBD%S83^IK%a9cJS@nc@K}S3oQBQDJOQUxp-9eI1GP1_`vEBla6jrmj;gF=xMm#P!^5Mrwl;Y0 zqoaZR*6eMTWHAvJcVqs7y5G7f!kOi~`0pg^(gSd-Sd&#?pe`1y-B zoqm4q%j^_7oxZ%-8V>I9-mxw1qqQNvRC-M^l~X$COg}Jj`CM(X2=v~0W8cMLO18@TBQ?qETbaN$f6Lo7k+C{Fvn-FS7!0dl z@<&E|dqgUy)Ve$Qbj}+%V3IX_ia6HgAAVNiFj@d6!H8lClKeQA~6edD(XxO^2|NBzZmT?>|;>oj1NV@h`X80a{5G za%Cnu&1uKtG^?||BS9vK3KZ&OSYIU*A^(H0GJnQ=!Lu0&H&|_m-`rjg97hNRS+LvN zKJ98Mr>F$R74+ zgbeN?%F36jee`JlZa={yWZzokq0%K|8~u<`4T8AP0}^zwL&-J_K}#tGJ&Tlzio-SFiL(ba3!b!kGI_K@RwI4Q z-9FN}o5x?^s-?umukKyVJM_2tU#Y0@Q&|EVq@_)foNX;psN-YW^)~1|Ay2e0Dj;p^ zp^F!{w91!V;JHI(As>{6C(t%m*dCQxZf#U%%Anb}M9EBFUtv)SLrZ)ISmaH8t8>ks zVE-V>G#I({psKSDep_$Hjwv7MzC8_@RVmyy?9kdPvKL+UPn>@98Z{piotoUVPB62fnICg!eX>od-^K+cK>UG!e?OWsH z=a+tAi?wlr!pd0_^1Xkj``C59^?=bVu*l5JyxX&2tCLDMUPWx_k08VEUQiGs{cr$x z%pumYVg33)7=!5J2zEi{;{IAu;FRFS5;54pS5mm-L`E3@1C?(bt60{;LR6!jN$o%2 z139-=s@EMmw9UB2CMASf{p4JwI62k5FD9-GRceT#1{@cC*Bjf{-?-tL!fhC|9jEa!_|{{eqe3`Ok2N008{{E0YoiCT}{ZkXC5 z`ucO?wdVM@_CYn1j?DFOVxp{a%}~^QwIn+|x{* zK7)e7<;6^4LBARI?%g9OCj=O7*g|}8kR8hkr7gOig` z)G%biK$ow6q#60#}I;RZs`0paE4?Q5_pZ$>`uDJfHIjZpUL zzDHY}s74z{SMz!szK4G-Mq;%{M8prqxdm&HkN0lWzU!rMf-R>Ab~qG@(X{vwd8sMy z&*KRx=;Hb0th}ip6!W651u^pi5yf{|+fayv*41_Wq>Q?*?TH+OH{!tUmv0-6f$hNP z{05TH9f(#D5u!2NP@FU~`;%kijjz}-l3FZUfc-HY!+h4lA-NhN4Gj&r9E*{twBymL zaP@@c?rU$OP_*-x*$YIK&%JVnTBp2%Lg@GWxxbFeb=Xr6Xg9Uuj6=BNy4L!1+lTs- zO5ggWQaxV_8D{p Y;fnZfAPFpynufyf7#ck~DwvLAVQ4{f3Y}l#j-kjmn+|JH* zH+y@0y_JOMz9K5lA@hahZy}@&c>VDrGqI~d3#Melx^;%1pARe;=Ik3PbQ>IJ_OaJjK-fQCtw({8UXH!y@+Y;(a zYMF36zKHEYjSn*3n22$R9i4q`;y}dRyM@?m9MnTBn|G#rlVd;IonE?wz2#w%tzzW; zkD2%D;pbCP;yIaZKOd!N2X3fo1*m7T%WDs3C_%rP6kgzGicp`ZM7sH=<~jqHSu}N_ zG6fAvQfS(C`D;oSL#=8+MB(DJu9~C*H1Y^nBdA9s)2ajgss%D`MMe4Fy0s|KG&3-S z$#c;4qsO75q^-)+OENfCC4(t0uqpi!J^%|b&G;*h_oX~3}yU)K?}wmg(s;X z3~=bpY)?7+ns?{!-C^>fXgR`@b96iMDO40kc~1b&c`TtC4)3#KY|zQ0YNeyT>)KRkiMpR#HG-gKDUQ>9|W}TGTw#Il#dFwt7LmH)Iw4kH{+3#fD z_>gtd!%5Tz*Icxpm}(TMTX)0Y8H0t9)JPb8d&l7o(BP^=O_V;21MSFkK~dN~GHK0d zP4cPz97gxxiXm7{6w6GR!|lSxOg64&D9w8t`EXu#i{+Xp`WwYpt?Eaaw;3Bu9X6j3 z3Oi$#0VTS0li?X|2;&X7LGa{nA2Z!t2mIt}h|>+b``1t?QKro(o>Y`aU}1Zn=geR4U)U9%Jba20lR`N09fP zy(>uULt;QU&{*=9m0j*>oV~PETrYmo)A-jFA*|gHqn*G(s$YkrJpXBbAa^NpPI$>w z%zBb=X0s%MwZFQguyp@?)W!exqx|qu)`OppBOA>}+uz`s-{+y*k&)~jJ9ZF%oDCMp zkK_VQFTBh4$3qvxCcev7{PNEo8kL#s)r#?{h%A}jCnJyxPR{Q8H$;tahCQRMLlVzyIP~F)L%Tc6XOK$4xqi+~v3Rtij>p0(kb1c`tE2=;gKfhUC#L_&QDE94p3MgoW3 zEq9Sz5OH$B-x(GqB$@A&xAXcB{DPOl&%;Ri!K=7GKTF0xgh`d?b;i1_!{C=**0N|> zf9eeX)_L!Bw6y_Is6-bE9u$POZ%mY_*n2FPZ?y&-OzYp2tp8%Wl_LAcwta~{qcGy% zZP}mPt&^YflNlGk)cA>Du%X#JnDQHGu$U*T=wClfiV6ShbuNzi_q+aIe_^!v_3PK@ z4PtpxY?q=jx^wBzM(-!0*!Ub97IYz?bRy9C`f?no3y6&8+PiYo9Qute2+#CyU2$(8 zX>XH~5r76k{t_YZQUX6%p1CM5Zxjgx^XPo*6k7^ux;8}WCwU%_VA}fX!@7%-HYUO% zgoZ_M?j9gRNBOeoZRIp7s`Ti5)bxGFhV()%NT5=l_2c8?Qj7iYfqsARVT57j!|5Y@ zeJHn*-Y99+;xl88#?PxKy^fBCOc|7WKA_P;kQa%G^T{N>duP~aa* zvgi#O)=W)JC0KrBn2Q%Ja+8d5n1U$VGnz~?Lh<@~T%06oE}N}ec4FR8;0lrc0~lom zDtowQRHb!uoim%;5k!V;bINE=6-17Kov&-f2Lp##S1`BjqC!MuUT505H9CnMa%Y65;iN1dEPv9huv6>Ul%H{7a) z2tp0_HqPJmjbJObn%Bgjh(M^yNlyCg*)s$5CMXoJn3EPfp;vMq-7@*B%*3lyO`OW z5!;p&4`np;Qi@?ENmUgcuqjs0`)81VdmM&~;)Y^8n7k>drx4+)CYRw;%6%`VLiKtI zDyb?H<2K{Cj1jcFD*ima;bCm7_|~n}DFGUyj?+ko3{lvJ=4N*k>t~?)@)C8^=ANF$ z#9}f;i9T3I#r>&iOlB%5hJh8Es$}1d7U7yT&1eI%5M*z58e&AKx{6}!nK6d|m?6dKk7xzWH#3=9pKAX@UQM>J4^O%$q~U<}$BV~Q?-O*vzs zcnhBLm|0^Gf<#IR$`Q3$IcPmHP)tv^JdtI)&d1yPeBWo?%!_MKriyDG!$b)cA)ofi zlZf7+n$fVcSH}U zpd88$r_9HIc$wh_TIt&GRg#i7cnlzOVd6_2!q9&jdhO_Y>zLMK9b}L{#A>ZKZ)`&8 zZ-_1TUUuZ^7s1P#eVWlKY)ZpK3$@>Y4Eeo34+F>8 z+}+I>QIU|CfmmVB!GpW-5)~CE(w{~1IuC%QepJ#6N=mwthwFh1E0`#G^9Dhv8w#Gy z*a@@-u-stn3`ee@$1yTKP<|V~M8ox*tRS#EwOQ{;g2iUD`&>|2MExqEETEcEs`&eak;1@|Klc7ud@0Z^GzgnAhfxlr$mCr_5DsHmj(W@Ec*%Z>EdWValF`mb&Bv4^!&~K(o9aidGFKwgMQLC<#Tkvxkj;iu$RD7N zLtFPb5_t~w{M*&eUn@22uJA2gI*k$n$yc<0`|(6pVyYG}75G_C>I4!FHH7*kD@rb$W$!wtT}V?-KWm{)Zl7k%9Y-*p@3jZOiBd^?>VHENrwt>;A7@Lc!;M^ z_{Xb}7DhMf{bfDvWs&MgOUxTdVP8v23+xiJDHmD_XJe(rrKIM$<<^Oy$BM>@8=e3^ zOzj8=0enzgQQH)(o>1Mi^$<1zQqS8VAzqLsdER7!;-4qD?xapWtGG~4nvdghPv4&^8IC$vD-d=Yz85&ta2H6TI16XLS%ei zYo#N$fo0_tAQ9_mKck3v(!{#({hJ+86MF_QO-pNQs#*2=ao~#`KHk$Yvq(4^PXIxM zMMZ|NqXdX>+M#*+p4Ge&%8rwbdECY|Adtp^F@5#=^>ze#l#cB1f#K-z@Dt{&L8Xo0 z=tU2qm_Sg0)o4WxjEvsFK1`>OBoE133er$Gvkyqai=o?frb^_YQek0X4AM`cY8G~P zSQ7<-U01HC5bO`ZM9iK&n;39{g$4jiT3Q;KI3Ms}i;!~n1K(i;Ab5K3HCJE2!aT{h zB5Bfq!$s6Wg~P>%e;^biz)aqbi108qs0^o!F!_=?{+%p zavnk&4CGjBu7a0J1=~R4nHQq)cPv!O;HGD&>x=>)!%rkX2(3R_qRmk0aA=Rbbil?< za5F%ps4^^wkB`5^c8Wu_RCwFvr3kgqTHTF}-;Xm=0J=Y3?`ilSIl}1gEJk?;T?0B= zZRx!Pz6hM18hBm_CnieUcxocI_N+#%2$w}*T~rAFLeg6lZPq+&#YKx2RV2Qs!gZs3 z^Ad~V4~s<3{|FRe%q^Cn8%<6w!6IbYc3wsGQ1G%G>T@)6S6~mjrvge8w15CabrS$6 zfxyNhNV-i(iFoL`6WufbsFTyb3c;l1KlleKDDkCQ=gfT=yuSYaJe&)H(;=GNLH@fC z$3Fad;%8BB6Ke|=X$@>B#AzNtpilpa)q?+6ybe6{_|nOk+KWPl)PDc4tm8K*a@Jw@ gf4%Gfn_rBps%28^Vy?^}L)_T_V=yu=NeO~8z9Q$-!p?meT80pv2Qz#Th?Op1I z6w1BlKcC=_jV zRU`Mrfp!lwBil}z;S)4R51!wnqGGn{s?oW(TjSbfokaJ%t~YxyFe1}zwtLT>&Dn2t zA4nA#KG@n?&p5$2u~|lYPX(*`coOH)SJSlhP0<<_uOyec_$c#q2)#-y8uYRl9h039 zWLc(4VP5!?5ZBhWo|kXo4|~7*!XNekYWan~kEXT=&|CPS&60yDEDJw1q5S8i{{KI| z^pLRHsm{{KG_5E;5fS=?goF&!M9V<AyCn?z~iMv)#4-Qc=f+Wi&L`in%o8UB0X^ckiaoFcPV;kuocBZ)!W7 z?>RN`^YO{nWKT!SvNAcBFDinuaXa-xL+XqZ7)Fo&bItPi&(CX=ytm)Hd2%y}?)*9~HH-c+YO@EWB5zgN7# zD{|3#-8S~UnXBaNp+kp^a?RJ{lB=J3O$eO4do#M$#=S4ejowFh&Si(!xP#n8)+pY3 zi`$^t*5j|2>FMb?IXS6VSny(5&QDJaUB9hAG1OU|DCeSMW^-ce+R>p-p3uLwHTz-|Ff%<=*8lO5=*_gWrZPXjh_y2GI=5F}l{oSO zH+uM`L|NAjzggi4-}W*;9;~7U?pV{q<8RVC{Jy{6tgfM9Iri%gw_jIbpu=@F_ z+nlU3OW`n1RIYvgd?`0Kx9!QWkeUG+CT@q}nc7$(W^Qitt|v0zn$l=ZAKERUkYDZo z`ZW}{qI;s#uiAgf()zX?BH?XqW~1MmnV7g0%2RhlV56MW2180Q2R>y)ubfG+lI@FN`4M@ANtstChY5{u6{)~W{$~e_K(M( zvF0N^6J;~wTvOve!Y4YsnCu^!h6#p*h(riAr*sy%&`Kq&xZyh`d?3dxRQ}Aj@}?%{ z4I4HTdQFHgQ!T&1;~TP8#=g9wVu{bxsH&BfRY2R};Usred&CO6%$x#Xm3oR-Fsi||0 z6rW{Gl0Oremd2lDoO`hg@G9dS&yW z^H0uvfA;Ft$|JtNHzxbddQi$knE5Lweoc*iXYe6sO6$VP^%Tm?^uz^SL9*AYs+rbp z=bcSB?c%cYhLX=PHU^hXf3rOKbX=oaoXCFqnS}n0f`V2*Kh@IF(+9@JvY45fHKu7X znLTl>?NXXqJFxlCV~a2K2^r>3<=3rWAARi_Jq3qdl!}VV!qG9Ryjj$l;+OdKa&!0c<>d3RMRuhaRRi)<o&wb11G(mrE`bIV992R}3EGH+|-(D}>Mo>(|4Xl>h8?NI(1Iqx;a)iA%Au{Iw@$d%`6e3!SaWjnRn{v1__Xz0I-1 z%*HPyq)sj7a9gME^hwiBCF8eY_&LWLLhtDpBn<^z?#eMKwp zn;xAoj^I{Yi)B3c$e!(0qFhjKb=1z(y_cuXd}HVl*`F2CoMZkp4A+(7Irc4H$w%Hu zgw1#AtI+6=Ru1L4KhoyDzd!T+TDfk!KewW13X0WaR}d5L)t7mv+T~pb+c>qNxHVp0 z*}UY_Nr5vxmCIMG+rCQ1{%v{E4!8UE??hY&T9~oaL1}4elh>4|`uR(Kf4Oe=A%7!^ zvGe$VNushJcl(nw(of1fQ2;}tq9mLY6&0VB%UHMW*3nTL>Uc_)k{s8&2eO})2Q1Ay z{zgzYUUJFYbmyF;T_dme&srh(&vC|16N87h@7TeSkUnQ&QFCd7zE4urM5@=sV1IKi z56y}-{#Y@~j}MPyJE}!-D^fmXADo|Io6 zJM;bhh8;V&(ljFjvG1@7wzqEIwj3Y$utvuI@}y-WgG9+*yBi(2@1*rGaEMnHI`e{QlL)@F(G0XPNT1=G-XUMD{~} zW>MxRQ2ocf+iN`VAT_A z^UnB)#@@ZFl(4h{8#h{hs)@#tdQ#y+ty;cY;_0~{S|%&}%6gM)+AO3Ui&>eNsVoN!wQS__yOl;;#|q)ejA z%AS#%-g4h^skz5zwvy?=;_YX?v63tPGc(aS`T6RR2+x1e9$%0JtP{<(_%k_D^XkwjlWw(>vokZUMVKy-*Za>%wc4&-A-r^fP6I7lQnBw1x2me! z7`%w!$Ur%lwf`=CZEbDO7^n16I?6f0J=f^gMrxMKVgoGK zxowCKWM8Jb>hVw{O3{^Z_wcR#=Iti9MR7~5_+>Ngv@%ei8=p|FXwUteor z6RtiIi!0YlXCc@r)pus9=MnDJ+R^>#Z&Nuq)-QAYv1FvVhz0cjhFF9g* z>QoLYpY?Ftty=;Wt*wXLdn08lPfRIGi;Ih^nVBV4%p7}_DBN_S@y%TQ<5TVSPEU`& zxf6Kx>eWk^F7cWdyMB#9jR?ktgf%Nob}hw4W1-_Ro(>E+1S#uJHCrD$CRBf2Hdm$W z+uO{2T~E1KSq0u^80_4&dpAq&dU@Af6pLZEmq4i^lvQ6EZa5DAF*f(m01E9X`zLHQ zZUJRg>7SpwRaY(BASY*X>E&m&x!D?m%dsPSZdBO5yt15fE|N<&Y$D^G z{f6z^4?3Mby&9#bs`>ESp^=f!-KM730B&h3-n`jY=+vziJ)x*K=hal~K5~ z;B^I$e2U6;r!Iek+#>xON@~3?BEx4qRx@j>#t07v@`ij59skjKAz9Ijieirv(%-*? zIa-DsZ*-Nap+k@Csd*iJinFt`E6zMJ-8^^>aDW`1lJSoxQ13X(92^`Pu{o*U1nsu( zEcMxY_g%cCWnjg%=7J7S2CVkvuLkAam*1d}8)ciap$}Gy=9W;!=>!9WtVgM(T$24f zfy%f>(t?8RTRAHvAi%qIE353OwoRv-C(vVhUPN-O*=o0H_3G7?eMfCgx^?R+`;Kp2DI(q;_@8zsj9lItqo{te_Nq*TI06JuS304qhEuDhli<- z?7O2IU7{!?B!o)8_fM&65Dk85C(2~y1m|$S;sp8?`}M2Wu9*(dc^UY)d+XEOHVg&K zSo_e{+IlJQAEoiD>n>eg^;4(B0i`U5cf4j`VAzRvz588MOh{;G1z^h-?@6b^;^Oe; z8$RPEuHWA??r<9v8%~^?8S>j$_xQmBmN|vvk4$mV<+ZiT8P{&zG%B-_Yg>KSQ?I#M zAA%&;$h&SzOiZl&j;*A!ckiVN7q`K-4`&Tox}aD0M!=~}R&c|O_TOl!9}gz#%! zq);yMD6hn8bQ7eg0c}^!MXXcwWW@<)i;`(AauLGeAiFr!gg%%GyI`lMr~FDDC5J{m z=d$X{ms!u9JJ$u!1e&xrbla?G#H`!49*E->-1H-B#{^(k)2+@-Gm{?>tPQ<~22;bTDi?4F9k z!pkX@ev)Sg+lm^^I5@6KjS;M=V!mZ!I~EzBI3!B>A25fJdg%tE(BI_2QA_O7;G>mQRc!I43<{nUS9iOM#YADDmZ_C(Xmg?Qxd7 zbnT3do6}1R!g_joe!k@^74XS0yiG5Dq}0LbBtCQ!zwHEUZMSvp$dfVvFHcz+4uAEm>IsH&4pI|KznPtslo8ju89i8VY}z(rjn;m zoxi@`7<9bNz`!8mNSSZIKLg1Q1sTngh09q4dC~ki#LZO5aW5G<4yKBN#_*>No1p8< zm!pm8`6XXa@+@&=37$bAzHsT%Dl{uPGK7_mex- z`Z&Ahj3w^wix)5M7&VVk-|;;+2>@^*DoQ_Knw!T*_5#jJSaIP5AQ%C9DXKxMI60T& z%;n9+3h9ggTz2VM7;{(CiMda)`eEx#-b6`VT)%_;`}^$Y=a#dqTDNY6v9U48I8JDz zMRPyOQ}6riLz6!WI`6v;nR`$FD46H9Q{O~MW7Y)uxMi1nZz%ibR)>~V_|E0Hy$r0s zZ~u7Sd-7ykAv56s_?la6>sZ}AJStwipyBZuH3-;4z2vzG^Opm!OU29zS3NlT&oeH^ zk^q3`RajtDWRx+r)Z(jGt55tHeWOpP_lOr7vU6?-qyZ~%F@lr{-gtPTc_qjl`Kq`} z-QT}6p!4NSNQC#8TLVzsw|&V@y8Yx}@lZrZ#cVB8DE+=G&21S5{OX#TR$wG8PrYP) zXMZ0fnv2WHm5`c)nsayc?!M!bljGF7xNb|!D!Q6!+WiJ|OxHs~bnc)7QYaD< zxoTQAH|}Kk-JkmXdkKY)pWh%|Z~e#<)9e>NS_@vjy;9nO_QZ1F-ob#cZ_>j*&Rl7<2$*8OZHS{1gEsX%l5}7x$q%D_&}}_31z_R)yFR1qIg}a?wrq3U7n{;OX0`6+X}ABIiq1lvs zr0mos8PuVmq&^;r_%RJTclYfC`{PS2t(oRMfoeNEHWsXNTMY-B@#9nP-%_sfNvf(d zHpLs83LKB1lvzv;cY`-?Yms@n_0OL_DQ~_y^}b+q7T~FAjZ~DA`;ek<>+ugI#V~XD z+ud9OLxWATHOqWw?pst))yHpHIzB#b`%RX)DK^49=#;f}5O9Io+!7l{$0K*v`-g_~ zM+0gT;@bTzm}Xz#7`Kx5!GT|6!7pO{^xaSip>lxH$gcTp_TVU^p`l?T0HV}b0i+Rf z+6Zk0lE7|E#ZL%SW@cg8mo+O3mJ8rsm43t5w12QKO1T+Fth{EJ@ zx6`N9P&q2o;v>E~np}4C+BgE#$-8M29Rs_V3go+h>Nl@n59736l{cPCo#`!0-SzfzU(K&DczqPCmfh1k4Qn218H-|z#mS~aU8JGvJVw(i_d)X;Fx~pix)kRpICE0fB6DdTIwGg8|%K+RGV?VJS!oA z#z%aDQJCVs6-7-fR|$v>x*}#mMWI3e`7ERSd*Zxdrn-s>Wtr-x(IH#DoB1&|<~Gp5 zW@jdj#AdVc^W`4}<{(`0{0h#%zGSbJOKDfCW4|!3UmpoR$U>^yFw*SkX^B3K))`FcOkeSJ;JmVRntC<^$t z*Kcl`hbTGN)qGfa$ERcLx-yHjNTCQ|v{19PMKyfc1OzeH?c?OM% z2`@Ys9?md3*~>&x0ZkkMm3aQ{9ov#6OF}|I%1eEw>F-T5($T39ajwL}1!$so;KPF! z9JUURzV#!?`Qrum>WZJH8*E~2DfQX$qfA`RoT(y0W87FFdC!g#k2PDYmJuF6kW0(M$OBLEpqAGTYUB;*O8IB zrIh@7wPV+wJymE+OlT%0(Bp1<`a(dFbZC+E1~A^Gr>6;B$Z2ZyI8MS6pXqT8$YCII z(By_kMpUnFJJ|(I8F+w8^uRq8sBd+no}nRO0#yfwv8`8M+jdd}HJ#@fbfsWmk01%Y zn{{`@s_*%L(9=w?o$%!Y5DYQBl-DgMvY=7>+e0``G&#=bCQ@ zd(c9k7k1KZ#`>H)&&WkjAFMV!KF+Qg#l0DvSW)IdhA({}uiYclR8;->w}5^L=Fp9< z_zdu$numu+HFYoDySv65o)d%Qyk(a+e5&Q|7B?&8h0v)FVhIuC6X#bl1HH?^^_< z9JtH)QB2z}oJwVl^ikbR-&3|Tzo8zcHul~?rKMNY%PA}c))Uqyy=)bT5mcx7Z*O6d zB5D0%#RfsaFPT2>KN|>tWEVHv1bKS-*|TTW(1Xvd-*NWxWJ5%UW7&-0vSrKY9zTAp zuXs8;L-|-BFCF$T3q%n9?c2B0;g~-|`Pc-3;h!$<8E11Q9wo8-$ZFeT#~1)vbM|JN z%2ZTTsNy(8u3~21fGbqRMeYop+DI2jdUC4e^YhR~lCUQ?5d}l-;KBID`<6R{rqPAY zg|Y|{Ko+Q$x(Ygn1kq_|s#hx!cuGxq*58!In1edMA2hE|cL;h%&kfnzhQiCJso5qK zStq>2zK!W8$?vD|-aD9gvt>G2;pm=K%T&{v=pdl7{h67e4p!Un_MXYU_$}7wD@KBC zef~M(H}j|wV%W$~3KUIx@RaT{m(X3OrBvPP^tNmqo}5anZa%*}kdmN#z`}C_@kZkG zAh{VlvfqF1!iDR_qU!24d@;Jt65lyXh>2sfE3FAiBImsTCD;B{;)kD{12wvycMN}H z9}_X}?nG||6c5TdTx>PmRe_FLh0->HUI<#vW}IUtJgRVpk1uPT0H><*=})`zq6!>4 z&BKnOK!u1rh4wZtrx6uuxO*r36R>#(9=|_Z!d>`o>gfHH>9-oTKG9S}lSFf7A4ALz8-hN59p$?76wK6(03flCe@Km72cGrIRiLUhmZpUrA zn{9GCb^v-*JSi-UFOm&@W49H3Q$kHmEoJW}G4Tf0ge%F%!gNo(l-9WO=yL+!o7cZ| zqmQ5TxKs0RRAHZu>7is{sqD@F{bf4#_9Eci!tY~mZ`2O(ogP0KH1zqjT-JeXdM__8 z;hulgl(XBbs;X`>xI&-@+SoOI=c?3yf0zH|hnbpO)!uEGGX49vHuFxhKd=uT3CJB~ ztZB`gfn=)=OtBYSgfugsBNnM=1+a!noxjt_N40ibZ2bpmTP ztQMNzTd^*%S8yl5r@H(5?Tkilz4>}6Ie8`cO3mjNx%5}$vEuKq7_$fR@=8myVCz!+ z?cZf-cbvzy0V0J%u<7op3U}`g=AckW7XphO`Q3NpuY+lj3fPpGltfOdySw|Er1Upm zQAFXPNSHVa+sib0y@BzjI$ zx;~HawFMtn#0WYBUWZ%9tWwBVln=x)@Hr# zZ>89KDzp?R`EVHeUFCzm0~N;PbN)SRS~0cL&|g&0=}`G8XdBS*p2OvXOnAPmtnBal z8*C(2=2l>;7BAnKG2^#)jhO(dz?`UH1TrZrm;L;j!l^A4s02Zz<>N;}b}|lRuT8%) zfBy`E)7~xL?z4lL$?!o+%!#JFJn8yEo`n5gpmt(rs9|_`UA78(T?EM4brHu4T{tUD#Hcc$KPAaqm>`!#W*Qz|_6*#ay<0bW{&b zf9xCDt*@^IZx8Y$c-oYJ1l*4xUBTx#I#nmYYM%pzF;Jia ztulS=uslwO8hSD;SsI88RkJ0!srA&J_V!tmkL;TGbd%)S0HRO@11qdEGcygxul_uK zhDxtpud>LU6aP7PKq$U=_k0~;2Vk+ua@jo^cO|=mw(N+8<=nORN3Q>xmbqnnLg#XN zr$Om0DJdyQNKT20UhF8*7tF+~;Sf9A9~mG0`euvoA9td+(=jqu-P8!b@A2#CJ+q?K z#J<7VC7Um(4TfkBOobPKFT|21yD>F26=I!Oz67x@fV`@P025Z|>+9#KD8c#Px|R{Z zHQ4ac7N05Cd6EvqI6`D0g|okZ+7f>gmLNf{jd%8Nfv!_g2vM)BtPJ^~IC%AlZ^h(D z?+A!}4{$-xqKuVt$Kx`LujTWLh(o`03yHaYmh#K`4QHLZl{`%$j>L+VoV+KyS$ zD@wqG%D?5U!?J%q9J)E3`wv5KTK*^713)qr6Hw1IKzy8ke3aQPC%2@At9GzC_lA1| zN-0qT$jyfzQGxGv-=$A)WF#VD1+nHJxMNWjDHJePP4I4FE5UbR{dko?c|dyi$>9wS zCr^_1t-mJ2fDQ0$ZgxVMIDo`6K_$BJ@dfIl=$BX5Wto6@MH@SSrW%Xg90}m>nE^M( z)~8S)HlSv+erzU=C;{_xGo5owD5Uj6ChB>kuS_s`BbWfJEAVUvyN(jMi|gb9aXBG8 zHsk{Vd9~2DF2%=(0ECkh2_8dD*$Vxx@$8=Ldg>>$vCBn{OnsHr_Z8>39wR$*^j%lq z!CUjumi?<*7n!sOsx@ za)tp$IQA3s5Xcvy^Ru(lj+An;2o7z92HpxXGK9y$Z?DFVOEnT{f>S}RP1HDN*(F)} zcG#z@3sNWC=f+4bBKwdmq8AhvLETMb4L_hizsN91Taoh!XAa>AIscL+pRpuefUY>d z_y-0aEAb?5rKk4}cRvTFUFu)LL`6(3Xc9zihL%|cUls`Xck_N*@y0QU^L0@Nge(Sm zn!^%(`InMv+0Wj!luOR-^?VQf{wd{t#Uqc@jZY>u-8bTj65Re0}7no+YDxuxAWK- zToFHW4;8E=SOQgQq&G_03I&sniAf8Z;l?3j=eiOaMS1xrMiZS7Gw$s%D1B4F!r)*w zvVDn)uFf{SPI1q}%SpE|uoa4}?aFw#xyiVAYQMoh@3=J>9cw8#TUz-4yDuAGJM(h+ z^5x+CmGueIO*o6#NpwK0RZ7)>#2ps=sq(iNHzLYJ@9xoE`8-CoD_6e`hkoYy9# zZ73cZKS-bpg0}P4w)kzM_;sX0^Z^lWqWJ96*OzGeMX{*6EPSxcR}m&cFyuyy+L(=y zI*Kdk{J;aTT<5_R*Rb}3s;dFM3`5(eP)MQ-4k-~~(69(bKh;)fdF4z$YOF6R7CC7s zNkLfiYqE|jA#@>X#t*Lg=eE*Bo6Erx_br~|1H!gt*)dli_=FBli}TT!C6-<2*yBB- z^J}ep&XwyXXL$uk4bGx_LVMtORz(Aw0&ROG*Or%`PZPz0I4f9llJtNB%(3Q!&ug?# z5)&i#&;3V_s&KqPw&}U9YrXjn&|nP!wt`b?+41AYNiKu<+~8KM*VnVM5-(TbSG{zP z;2C_^a|iBjZp`iZ=K0|XN{1%H}td}l*F#kt?e+a6*HE_wUUAt7UhLT6?*ObhRw{H9vei^&T%iWzU zI!ON#a(CA4IJ*LiT2ogSn4T_V?l*Jh-1+l-l9GGtW=$VmnH|jdVjtCVc|ffh1t~UZ zv)OtFX9+nj<;06Gn9|b>(zEDux8?@;{$pQW{b-nPZp6A(;gk?xVKPT^9x2Ds@A|n9 zGPYBBJ58PC)y3{Tdthi<8k~9G*x_Ec*v6mCxh3w9zAg)9LsAx`{#Gh z#~5=zG}ctB@TDsZQ{xwcFjO6Nrm0MW(e>mf#_2zdV(t!H^M$FStRU#Sr%L*p4KgzCtZ47Suet9vaf-yA z;MS3B6WQ5tD-()O*a)OCxQZOvnB>c1*1WXhjG|<&zW7=5ixrPu=DJ6d)Yr}SZCE+? zYgNul`jWSm9PirK-M5=K!`%wRp{{PETJ!m|_e8r}kH?pQfB=Z@H$J=?6#RN$CD(uS zjU(Tw7nVa!`{<50XVnOQ)jRum&9L{L74D^igO$g+`hLxI_u(^qb+(l%bMCj{Qg|Fm zAajk>yL%=qi%<-;oL+ZBdRTZ_Eq$G)_)bwjx2+Sbjdh(*)u~-i>a%q)9{0C?BX8YX zbHHw2b6U%^$HEdY8~pC3d%_m;($?-!C(Ck9x$VB9-I)_tN8M!?Xo<*KOw9qK#mOUId>)tO*ILJJebN%jyqA2}2px)o*xO54`>4&gpNTGj8{F$UM1y z;jQv@APta2&MocOMrhIkLP9(5z5|kPYr8+6b>d}d!LyCQ2hY| z9#A#^7#O$|9lb$=#YU}t>D}&@hp#3F;#4U9&os}c?c0&JeZC=QRT8R-Z5=9|vd0!y zMt^HTu6FCDy8%mSdmc0>NxR9a<0~M~Qs_Qn74RL=3{800x9kFS>#^p2=K-%G52)zn zysB56|H@fya414xPo<%nqBRFaMKPi2IRBY+9!ZA8an~=~~%SVoH5!QA*E%ikOZaJ4QSVr25b@#eRoBmc*}A22wLz ziixor%%NP$P`R=7_-aI2f*=er2l93S$&+$&v_3unXkDjiS=`dN*EIAA6w0ppz1NFm z$re?QJ9O~i8fcgPj9lADK(qp&=pwKH--hn5S{sy)qy5FppAqq$?54FjraTk>322*u zY&r%8mRz6FCaprZA#P+SNzuj1JZo=X51E!@NDjghxfY;HJ_Ut!Kygre+2veJvwc1H zu&h}V0^!XH_4{*UT6*j)6+h_2d7wGtHHezPVh4&^{534!`R3 zzW4&^g=;?uZ|fqrVi>ZdsqkGOr|ty9LM(FyQC4o(J%J0Xm$;ok@ZN-D$rYe>H>MJi zCrkm2yI_ejb+w;vY31@mo*y0eFN~ z*486Pa**VfVbwl4=T{Pqa)I+9ayD~K&88#z7o|Ad91k3*9o$R}MFnlE8^5igchNb> z8t82&npfAiZ(-1JtZ`fQeO@gX-QiY4u=*KcYtTbQ;2UbvXLNIun6>+YCf0*nz1@A7 zcbh|tKLkr_kjr%6|9xvb#tyQexG)s`{|<-9LXm1(6Gt< z!u3)X$uvYPZUhO;verSyB;Nu0E9K`lMZm!|DD;O1exU*2mK^%jOLE;%XotUCcVurJ zhdn}=C{Q1Jt2vUY_pPeviR}&hghYhz`_1`M%HcH)V;y=)I35yC<1K9#qDTOkk=(qg z!(c4%7BQx_o@!fz7i+q@ZpBaF9WX-b*?Qvr3LFAy_ltn~Z|!Aphj+ibLRMws>l@lm zpNaMUC7ElnVJqPrpI7pkvH+S#cI|Veu-`Jp0RDx!0zo!*c9Kl*g-Nc3Pj&_nRsh1H z;eV;mf(Q}V=IFo&tT5u)kR~jV{H{`x5EXrC;W-^U%CnBOV0sFB+39m#-0D3{j%|f` z713?@pq(U{-Gzd19ite5b*;fxkk#^Zbem zz|G1ETSZ!0TFNG;_I1#b8g3{{`vSm_EM`dhHq)LcR*<{ z$*rS;Y*+|72&437&KPZCrRjWWlW#RWAy8ztQgzje9JXyUhi@BldJhc@MEvS&=tYct z9>$TtG{yu-UQiKZ02F@&w5}8?-{I2^NKQytjkuz;*MtFkxR? zD7scg{@zUN>(ir!g$yOM;V5kaHC_}D%EEUXF9hfi>Sac_DaojbP-x(XjJ zFGZz;mL38qjfSVCmJi2^_wU&Wk%hAA3@L_)Y_u!at>P&={h1#0ehHQ>?MQeYZsd1l zSKywoLC~l|jtx06DoRLrcu;uw?#z69TvAt?VuG$ktoFFm>s|b1-iv^RFf4_ zgoMKpg|__+{x6IdRip=5B_6%r=Nz_!wEgJXjmVclcWfzi=Et#(KqQkCFTxfeh*&!f z;rOkfABO5p>NODp6%-UCEy^i4r(s9-T-&OOJWzPMm^gB6s6tpGi~ypYI9jrXx!U*ptJ*@)O%GWPz^c2ox9;h<0wkG-eiCYl}sc=MDJ zox>6brDg0>{du*4mb|6JNJkE>%A`X+Nw2MYeNC&R{*mX`t^ zSu&&&6Sq67wQWFI{a{$~R;R&4tWmCN-teh0LVyj)KvA*7PgsF|v_Oi;(IBxvSgMkR z6GY&F<+q}gkP9d$%y40Yp?h88LFpjrz>$%W;Ky@FNAx0|1cb4*FgYeB5P+blhNXzK zVrV{uT%#=rCiBA~yv|9|ZkW z@h+9$4?l6Oz+0MS-4p7Y@xwJ_94Zhe3Lvfxc#j4F7tOv`NlQM>@Nvo56JhHnNEsof zDC+0&jgd~}+H-wd6&V2`fh^=)G;&f?6i|WoX|Ddem^QF)hnuu`x&ggJ#!HbWWc56p z{-*o(RdbQkFMdMp!FKcKa{*r&d9`DR&^8h)srrtgiK3szB z-nn<=X35A4E~3?c`l;1hkCtSf_k$>&Q1nEkT)>ivwq;sy>aauWXN?%D_5SYhGrbUn zj~m@VzzFNJ1!667T8TT{Rsu`mu(AyuZ@Iq#=14GtzND<+@Q?wDf`S5feM|rli2#}e zyWGti2{44TpMi$alBTKX)cM zsr(}&8IjBTWoY}&Rh}-80x#;mw4%iyFH^zGpZPDT5e=G{E~pKu2e>YlqA5SsO&~u( zt2qaoXmVKBpdJ*oqIFO#ZoS9qhd)@$`M~D1{iC(S zqy!ERc=`%68Cx(sfVz9xQ+b=pP3BQDj{+r-sN*Q?%&S)i`py1E$V6e&80$oJHa4Q7 z=cs>fZZ2!P*n1#+qO*@ozkO>26Pg7m*mkPo3T>n&GO|uk5VOnks9$`N+w`gCb$?^Y z9<9kDu8Hn*nNxO|3&z@_qxqlZ-`()n_?*8>U-2?sef?^1Gln>wjmgJP;v8POa)kz+ zC+*nfYkUj0Edm)RSotY91=O!%nj0#`MPa{Uq`(UCB4i6zz%(O@263K{2iS%#cHmBZ zM#d)O^BXKi+pDW-u`K9vi14!HD!UJ>B$^MwF?*A)&t>z~&BO0B{cJA|4$?iwT~E|f zFAYfW?TdaAH7K%iaN{w487(1`oVPyzPlxt@>^foTlP7=GtxeE9dS9vN-sqd8%`yvL zWCi*$Z2A7_=9Y;E0=WZ3@PBuggQAjYgiPL2umk{tO4&~DeRt|{`YT?(++9!Yj~0nZ z77GNwdmh!)>{8d#3g1x;fYJ+)Ml$N|`jFp2rz@pLGu*keN{*{4Ff4fK8Gm+31)Ad& zLl|E|A+u7DmPrB(Yf&{wImilBiO;db&_YkTrAo)eKty*cL3Xe7- z#|yU}f_FK>u=hbEkaUrms;j%Aq@)DsF48pp-n@qz zos_is!>EJsg4=GpfsP7*6-<||$m~=MqmkkwE`#`}1`H#UewDH_Dk8c!^5bN0Z`*s1}#5UuS?LsU4=8xv)rAbYiyr z214Vu|~A_-E*zXo~V~7HY14x?#Tj<*$Ui0hV1!v{NoFh6G(2>}kw?S!1#c z>G%xt?)k(ZZy3++8V-et-gzk*B+_hzXyNwh`pkn|kmU5QStYTrN^6!|3XLY;hXfh+E)8)!`x3iOLsisEt#Pw_7v1AV#MXzyn92bfOc)2^&zT0+z zbqN>tb+Asj=cq2^9z-~>#5fM;)KXPI0I_+izUP)siGUMt#@&5Y7(Nevq07a5ihl%z zYXuMs?fQJh7#4?LL_{Y{FeCA+o3noX-kqzKof_Agr%E6M={x~JVTJGzkVD37H8pAQO)g;gEd>-5{O4#&=O*!hzxOjCv5CJQXOm0|kW?y| z?2#~~=wK(~&p&uBl_xEp5#3k)%&w>`z}&l=IPxWv^`@9z|BlShU-6>2VW=KW?c8Vb zce857?CF6eoOkwzDf$@`arAX=OSyXkx*;a>x&FB@ga(D?#WDPZM4ZGpQRCq@mxd)2 z@-2d@ZKM*QIdZx?{oR~xs1!U3?t8=53sX0>$y~$akFfW*S9U$%{S{JspZ+UkBeRi_vzS1 zy_~bHcHunKTm}J)f+q{mqx;%e z7Tb%ujiDx6KTuB)@28|Fl7+%pj&_V*^yguxx*I*O_Wb=Cb^S8^fxH$7-2whb-&D4- zSr=pqtE?dUUXN-_xn&a1LN|=W#N6$G}wfD zY61&g82=u8Nqfd89WYI!6B0sU_5wGobzrAWX_S7QY1Npks$Xxk^Dc`8zl3`t_xyHd z=F~^2gM?>Td5Jo!C*C-Pf$CCXCVSN3g~G;n92J>~Ynv{1f(kvCT-!RfU9aBqZU|a@ zenWI7c8an%W<=~Cb$i+Z5@cRaJ^d-i@C#f2SNrnTw#71>l_>B*KpYTesN~m5(t8av z_X2hVNo2Js?Ek%^=vRi!!k3SYzNK;lnk*T#1xl;HKsIKIH-CAR!~lNUKuZAL#{y!_>JroMy&Ep3xGcyA%vkMwZ8L0oCq(>6>wxxC ziO|D2%mEO3?SK9Hq0D?T9*xdp1>)5sjzF`d%NJd=U|I?(l!Pso%}$BZ ztXvlYbj<~M`vs=4h?7bwC&>;7AS5{v45&XM@iDC5?UerC{t{ga)To496{gsiQzVgi zAqg6&R`J`N`R?c@7-rogtb4QRLlt1sZdlpi>*NUxJ-tA4nhp+PSZxt=X+4`k|8GmWf(2cd>gQ{26{k|#d@__0}u9bf?9C#d@5 z$&=lHSRKD^0aAYYq;Tz75}CqpwA+e*ZhJC**65VToH8~_zW$Vv!mG47{q4y(W1h_$ z{|94SAeMx(Jbe5&tN9;hgGeWv^|TP4qH-xiB8DWW;L$?A-(Zeyw~kyYs4hg1`Ppc= z3wKiTJ9+pt-*C=|r2Au7yPY6PMoxQLWStf{2 zI+OIG$qCP;Gj*? zJ2u<`8)tXoK72kv&lExO|kUFewIJE}^1MuvP z7bC!v_%Rv)h^|Mcqu+iyyyrvK%F{&&|cBx5}-s2wnijIOj-iquh>9xWSNXw-i1vLe z>V3`OIO7zdpZ`{NSf2Av7zuXZ!=zufeNgCWhnOF&gNzI~WwVDE0}v ztzLj@CJRtGuwr70u{Fo6$jYfbp0T&)w0p+S_eny30Z)wpQVIm{)cIZtb}{}Onesqo z5#dC}@Yo%u%RUf}Z^bVvdbivfqoIY~zfT89H)UG=tiREdTrRwbF9a=(0x&?-Nyw_d zVW!w{JbD0z0V^UuiY%Y_BRm+oZV@v}El;B#g?3AxZ$YLuhU1~;1A>YqAJJpGeqnpy zE2>3Y#2O*e$j{H;1WS>R2U<+u2&x>{n`I_+On(8mlrY{5KFF;*ci4ZsBexD&C-Qip z*tvO}ep!rhtLdO98R$}17m&eAfmM4Es@72Q#RCIi(RIcP)~FTAZQ^ZE-Xam2wupUV zq_b3bU{xM{l^BZe&fz`)@{LK1Z4j<(bXjaRd^(-r{?=5XIdy@xXy?@Tr7SJS8|R&9 z7AJuNG-3^8LY7cSrN$%@F`RT0w;RMEet8j42m0q{w{-I%qJa0F;O$kKV?wvCc%2 zDIJIAFaHn_#!vv1$TetUL>vdvWN=u0H9mfmhP2I+wnc@Te1>r2)y;K(<0)Kk-@aYl`I7OI2-D2k(a}Ua_3Gh$B(;5bX4;~%Sn^#8yI@692tTmSFFwUuUsMH-M+5Aed9cUy{Us>^AuL*_5khvRS@i; z5pv)9!n+~qFJd-AsX>fQwa#}hbx%(IOVLJ;w?yBDJ!B&wN4uUvOnIm#o2 z0x+crc}s9V4xNJ0U&ge{9uO2cJ!!-*x`Auq+wlttIoim87lDZ)R*=ujt@nSu8ZVhA zph(Z*7Kb#qK0F?TpFue>Sv6yDVkEI=0o@94LOz9(_z=CN{0!#akZYNLQNy3K_kXQ~ zkX-}=D=8@zqM!$ShaI&O$P~#Du@GO_w+j+gNQeNYzh~ilSmJ3Wtr-^qRwfNhrP5gco7NAE2EdRv_#-!^+s;k-eXDRr?m@5iGNC&a`&V0|eJ3Bb&^^3)v3t!eG3NN^#@y+SSj-97;rEM$|e>kK*jNY03Zo>wCTA9li zzYH!mnc!n@1)X7#&>TU57W#DBBjCGHQH@Q$)_);3+G}J2OYt;;prHcP3TO|%>|{i{ zx^JmF*l+u{gsR6_zrVE=p)$B3LAi*Zhebi@w#FPWA{iKPWqJ1O865tlK@o5c$e0u& z8JP2UhA$0$?ofxsZNoQFDb@d$Rqb6*v=fbxwTXas724VQQR&+k6ln6q94qitJk+I% zv~E0hr5iy%3I%NrPrtyZ3$2h|q6&1M^DEb5iZB3(QA$&E zfP2q?f00&c#AMM(2bS$7Og&Hv6?{jWs{l|wcQ3E-2?)kkn4!gke#r9y51cpF(f{ex zBj~)K4j4*hsSLr94LAXh;BmzS4zFqUVYfn|Jfmr%${>eNCRD_vK&H$n2*QR6g{R$znl(5xEN^iagr^HyoLN;jv$vPcu&Sf+&;JY!`$@ z5?p|q29U_8*#tzzn`1IDGE#x_%qTTlT*C1<=ddH9Q}J7m$4vSFgcErcBk@u*7B7RK z%!B^|=+FeK8RU4p8x*uY^Xa(V$@PfVd4&(8$^C2G{ogd;|2Z;;mo*VH2+u5g^X82+ zM#xD%mI!3PWrXptv(r%E2dhK23=9fdLV=e-Qe}8f2Rb1&1ttX10Z=Ex9IF2Z7swOv zP|6XZs94=ui(n2ECH7`5moNWogYmBqX(;{Jk=-~&KUskjkH+G|U37vo;5}SH3t(7r zBKIi`3NU$k8x-Nd;^G}JawN|V9E8!425W}mkEd;br;%rUkr)9&He0~+N%pRhDzWZ` zqF-#GL*&W?`^`pY*(VMxh%8xq#d5NykaHoAae;HQ1WJnr86W!jNt--ehjQQbt04j% z=YoSbAaak{mq`RKs`^@6S}aiKQMAc&r5a|EDQK{+1~Z9FLqp+{7RN-j^m0~)a@zmJ zC7St#S@sBgRVkfvbc}-RXa$1=7{9OY0-lVf(=Ou~p(_}4K__%t_(O<(gX$i)Q@0k- zkIjmrq8%!1SAk(;0xDPhE4&74#Ld@RdiL`4)p&C1?7Ve-&E$Aqn1;wnO_$Ex%t{;j)X1Sb!5V9#eQ!R^{AE#5qbl zehtI@4rzuteE|=)vOpvn;>Jzqrvl-hAjtH^7YQvC4YnHsCmJUZwZ=dJ2bp7cLz&YL z6Re^77hAfb-6$$33?oIwRyd3Q#k2Z$l2?3fPO1KvXIvAgzV}bk4i3lC--0XG%b!C9 zTS5Uv4TfrL4ef+U$92pv--mzZ^ z>moeZwh*HTsc}cUrjQ^7GF;kO+p{Q@dwQha;wf2`)r0f+gV{hehOJ*dX(dc$b;P6a zD2xhgyy?{}&V1e}>-TSqRXiqeZlY|CJl7P3oqjb7OZ4T-0=~GJh;f>1au#yS z*||u*!UXvH$!rbaH5n-t?#ZAUaW(8QKh55tw)m15yo6L}oa);lH|aIe%P+n9%NQdz z)Y47iiK=9>if`LCc02`O@1_;ae9F*^$Q9N+7oN+I`F9ThMks>6Qifk}IfgVt6?Y$H zmkqsJQknMtuSHd}3Evnh))l_V5#8OLp{mysqD(}3!=}>*ReLs5Zoe>rLk~7Zsz0lig+{<%-g`SGG!#|f&q4RW*YTi z2t;)eA;uTSuI3Ci*|n=7pe()auRN7?32TMNsfB{eQp#}#$*323C=MPKM&?!FJ&DC% zs9WjA^1%HsWM;;%?A*DtYA(k(mpkW3*~Q9Ab!1gFfO|zGu$8zUEehvHW0Herw_{Xn zpGItO(~aQdn!lT*P8SAB&6A?LKQEew{{@K#33)0)X&zzx{eP=UT^O}I=Rb$b{<^R5 z$|A^5h`q8yHgwSl+)+zEio(iG1Yp1v1UM)Z)W7HCF$BQxsc=O95|xa4T)Q#SM~LC3 zg5Kd#66X)xrKSK+SQ14Z2VS=<+{^I%TKOc4FCFufuFU&&vHy;Ek5C`THID>F;=!0~ z&ln`%E|~qWyYeljWcrKbmt=leD?M?3zH4V#fwPq%Ele;^*Aq;8Vm^}K^!TJ~Mqt_{ zPS+LIc?P){Y%LI)7^Z4`puxkLB96 z58p&ZrZSZ&Ntww!XABV{WLD-7na9i`V`egwd8iC!NJ1n-NN7ODjNKViGJNZ#{XEb2 zf8X!@zu)h-cU!exuKT*q^IU5k>o|^u%%+e_Fi5wcaijpw()<7OzfkQw_{w$2v|JgPnei}WfX6~Z1>Flvh0H9k?ZJk$0P^KUAZ7yT>=Y0}6%d3D{4_=ffkt3D zqgC^6KTQ0yY$S6*8|^B7e0I_T{YU?$6zcSL$X<5p{tTq-K=>?7=g%Joa^dmE?(^^Q z;S8!oH&{BEA{FFVypen7y_ztDQL^0o-8bkT<|12Y+|tiM}QnS+JdNgvIe>)X#K&-09J`!hnGrpGBsqGgNpxf&e<|1uY`97Q_ev@J=T|K3VIx_p&(@ zqhC%1I?_PkwE^W3x$KsiG%*1GUT8t^{lI*T{uJDUeW3#j)k#smbPVJ9bF}cAB$LAZ zoti0oz&k+3N666!iVGh={E&VdS+~MjnkdF2DM=4oT@3C2ecRe=nwn26duTZID)Att zQUDMeS<<3T0t9Bf2hVv&VU;{_oKgUJJq3`r_C2B@6O%2soUm4&RKw0g82Uz;tmEQn zoOB?F=?r2{dkyWQWAIUMF>n{iyBeN6v|i?bwgJsJgOV3OfX#-M6>{YUV@e)lDR(R# z0MGla9ozpEd#|q4M@@~y$%%n72}Iu@G*LJdr2y_#$<%k79xY@&_0*=L#Q296f5NZi z%#SH}w@(eb96LXuTiNtkg6?+LhkJtCL>&J@-~XpNfcKdnpA1=~aj;&V0x@E|Kq}w? zXw$x)0$ET(wFvC;*tj^&$udNO10!jWViG}}i9F5GvqQ%?R5-lQ_zIGx>G%>^0j+4{ z`vh#y5JV>XRHf)60cR9A3<0lF9>mXtx80$$6XN>-$;_cOlT^DmwA5=Y`g1Hkulza5 z&f;A6D1D`=7*2}!*x|P}mafW3Xh-J`}%w5A!GGZ_hy!)YkOBx z|Nk~?UV_-b+-kOb#s>_pa;~x>{VCKMH-R#C?wu&CBPhTSKjHo`^yZOJ8>Qe-xq>Gs z3X;$$^yme&6^`ITj6Z6hBbwgyg1hJN*J~%m#l=5<`b1e<0d^`|#2BToZz{iOyEdgY_=qjL{tQ3SuJ#zErO^p8m zK@XgVPGaELj>JDk#R#A=(y{vkXA*ExMn=Z$D?7PyE8S9-Q4O{6`AE(iHcVmF58u$pT(PAt_5Ju(u}wc@0fYrUvbF2pktV(EdEviEQ7&GO1Y* zOc=m#Vr2`Ubws(XZD?q1Yr}_X;S#X7fuKu_IZ8kv1FmSu^9-`Kvyd_)Ar|N-2le>T1RveKD1+dH^hdD|@(hj{vUXU6=L8<=U_o@tonkT-OW&w?U zM!z@diOZ8WKj*2Q`#rH=s_5}uR_KGYBN{@o+51PA;UiK#214v9#0Y2q0}P16U%&h( z9dG4;ju&N|&rF%8_j9ONd{Bj*7P+%ObpZe)K>L8RL?`7-2ej^XxOvEQ*^jDg zk5&H+CQ>_her@2f)bs1pJKD)f84-3-&uR=Th?Ppvp*+Hpw1#a}SQ{GMe8O(z-7o&ctBAlY~3Rn&Rx$kQ3AMnrCOUouyf?9Ub=Pj;8x76myfF6NW$ix9{ zMCIBy+#Ogxnm>cs2>{2(qmnVlAyVvHt7uzmyo`Q0l`@o_8_2&KrB@sr$DnJ|0!2<@ zl;SS0EnJr~KsQ^QW38~(`HNgz-p<`R@J z!qdH+N;7TaYKbM*Ymim!8xT3rtR-EBNDkrhDl0`;bo4#2efQXbUT+(q1nAv{K|glx zIlWTn2ax-j5AqGxDfPa^U$&-p_diHDV`u&cu3X@g*siN>8uy{|04LYDW$#+STZ#3C znlBvFcPgtU4tPYB9{(ME4!8fubY_QaSohpbFCk2JNfkZd@#$-0NlKks&cE@|4$xzU zVib8Vfb|A>Q!-TZ^DYQk0$W{Xpz{TIOjFOTjIc&`vvLbMus0-ENn)fej&)f0Gu|OT zcyd?3Jj?{X191o;^^q;tF@wGoN~NIIM@mtkh7!s*X&5raR59_t&vG{&WOJa3F-#I} zID643Ds*0S+3BgU)h1eCVT6!VqIwc_@lnwVIx$Az5kb=&)vZ@SRj_|GzYqGjifnHq z8R(z>v`&pG^mRLuY=U-4EIywX)V2NDpu7787M;k?Ql+1zWPBX~&hes@I@t~4Yyn69 zwx~GcfvX2fX)snv%H`3z?D0+AQGJ}koiDFNv2UYF{MXpNX20t!5D1}3gS3X4@*3yH zGfnV7(!*C+E3k9kF@|zZ?QdYVU< zB{xB&20|5Hk1OZnFZbhVGa@>kWx)VJm^zPnxVLY>?t?BK^qe|y;d>4^dnL>gt1&go zZ{JJj4W`x!n@7b}33Ln+U{=*B$*M6>H*KCjfRJL(#hDX}^-qn^Q9PJcPyf3d6W0g6 zl!~xtSKnP9P7n3yra5R}cC0>;W_kN|rcx35rjO#f8M(P=G2=6K4tJm?mgJQqHrhRU zpmNHGX3qH>o<4GZz3gkhIqZT&#`}-f!;vW(Q6;{Aua$7A_~pJV;hy6zd_lQ{E+J8L z_R)lx^l$qSB`FkNEH$`+T(R%1PdIyDz#F0PDUJQ|$NVPn-{>)@g9Ksg%znFd;@v2q z81W^iN*E}B1?h*N0geED%u7s6?oGrjk1=6FNcYfAg zId2wVA2I@4pT)8SCnQx|PKSkC@bRyoPHdKV8GoN{3)Ba_!0d(f4DdBSW3uy*gyd%~ z@iRumTD;Cy9SamvfffIftR`KGvk`+#5QxX-j%rM#P#0noRA(Ol5}ey2jX9Wz6l)Rt zD3?Lhi5YC;*)LIOpMYjvTSoU;mg^A-+h;$7k1|L9JqItqe%b>wY6OQM+Qk8iMNQA6 zS1BKES%fiL!yj}`$Z>TV;~Bj8CwFE}v__;oJCimb)k6wiaiF&{bX#?6z3 zJ;N6FQQeL>CBC*DpsykMAEL+sGE4oD*&c!&0C|*=yPWF+YL10Y>(#jQ9ckY(GvgzI zT?7|&xE^Psn>$VkM8VOX9%6X=@l4_DvFy>F_*)z1$XrVPjwH{=4$+5d1(eAq+1``} z*4j*qdt5@cRlFoj`)t)7_ZYS!RBA z?w?~M24La)4A1{46Dc@I#9XNv8uzkO7D8V`<=g#%|NR19dVNNi^NME`O|@9_h*6y3 zeL|Pn?TnGX-C#X3$Z&9O04o0r)MjM#^u#s#x0gRcz5^tE&h!Hpo~yc_STGN8QvSRV zbUC&>;j-!U41OY%wZyz^pD=dIqfwp0r7~o}h1f|F2^tx{lnU-u1{B?LSAoX7wK~&< zsu}2wO(9n#P-y{2av9(&WS)Z3m)G-O?*GQWF@cAH>w&@A(`~U!lV$f<{Dc#4>&V%- zaRVfb`Fqk)#=!eTG)w?_4kLsLI;^OGhpZL}rJ-Ylt|)J)-{0n`hdnzbd0Xeu1L4vf zzANs2DSI!So<0w0Y$@pYBeAA_@^3ddNge=MF)V_@9xxHx44V2Pgo) zNdJDWF(%SVwTfm^`N=Mwhd|&zbR2UTNR99M_<*O=X3QVRP$s6|#$)^;JC!3-7G{4A zFb|>)LK`apdOXn2K(v*WmH!r4cz|4gQD+o@B}mm%z`z$6*HJ!+S|_-6Mm3QCPdRro z4l*tQ|B{(cT&0$9N6M8lbbq-)=BaQqP!vWYVkG7QJaiz!9EY;27096B@YL$G^k9a; zD6YDrXSBjZ~jrQ>4GtEGp59P|*R_-zxdp-4Lt#QzcIC_tWx5B7TiM%)0Z z4N`|&_GWUmspJb{?x zokGN7fM^5MlArU&`?~yrKC#Dqe)2L{U?j6I!X_2?ay|u5YIwio6B-?2 zU+h!**0o<+mGrF~gga&T4xC@Q9&9!g6QO4aXF*Yd(39&OvE}_|E~-Z9GsMwb?}O7? zmXP9rTh7PN7q^aJ(NG+qWq~AVs3=gkbP)LrbaZq`Lums&X{1R56h3?tiQJLe1zgiG z$lV7HQ)H6+g8&S0z>iLZP`zLn?kie#G4g4~0tU0-AvOu#8l3NX##i)+)l2NEXc!8B z-E7R=Mm@)uy7V+}NTg?IK z%#eivym?e_aT~ul3L_yv)F1Sxv9a+ua8ohBR~2M^w-K{=nnU>jCfSjbgz6mwjc)iy zd2nwv_eZkUPP`Z?MwZrdG9qY?3E-qU8e$g(ssPFfK?Bp%4Fb!rsSl;ySoq1&p=H~) zc(KCGqe)TD<<_{~Hy@R)Qx}zb(w2LK!7^uvF@V3wgQVyQcxIqUZ^(eD$|~lU2VlEkF94!RRi>ViDp#12r7yZ3c{T-x_x!jtw(6}owX#4ELMPIKSR)0>6zs`dk zi$Cv{-FUIr$l=|-YxE)WKP)N!{F2=1S<|&>aHsFA^Ik6AA@Xu7G2q_ec#Iea|KigA z`$hjBzO(-{(f=zYh&JOfIGo1E2f+vaD?mifDPMq;q5!)NgRH)hl{~Z(U%XfiZ~h10 z$X<4>#ekObh>!WP674U27v^)nzk5eC8eW49Jm0R0f~`-8-hd$ zkUL(p#!)M{-oxv#wJb&YzI%jx@u!LAc^BOA><4*CX538I%xmKxXt23C9Px(?2Jei+ zH3|1Og$`=-^9k;xf7_laXZ}s9LS7GlNmalgM_mEX!n14Zz*9$S6fBFuG<*_rI^=24 z2PT1-SO2YwGRpy`6M#F|4PeLs8goxMzXkB?3l3uvY{u+~GBqy(l;ztirG*QNg0Eow zvl`Ay#D;fJFtVR%?QV>V-X(HTXE`^0?qlRtKPoSuho2wqpge<#oekE_|HS6X@6-o` z>}kw@qBWafb5LVDmG+@5(v>BhkGa?Y5pGExc#(F?U#+tRE9G z6wH1fHy*4r=eJmYQ}&nS$r;j*Uk|>5peE%7FETXA1~s(-mV$ROKCM-s7g6L?VtPb` z{q}?6p-D*h7Ccw(-Xz)TU;WGwO;&wxnElYsQ7`SnII20%Ya^Z{`vMz1!n{zv+je%~ z3=s(Ppa2+0vOti+bH2OGoQ$*aLJLz%GMbK+xY#y&(LqN}%jZ0^$gO^+FnljIzy>Ov zW8+Kjc8;QWD__9!)^G~V_X9mCN|&{z{63^F_VvuF?ONAmg`SmI!bv4k>Uw+0RAELp zh#qC8qRC4iMXn#grx5bA9VCCx@ut@wCDQCd@Q4u(27Ef`bsqu4q6ZHj+ALpMzv3GJ z^vbn9Yu8^qY(K&TrAQT7r~TETrI2Vr?{!PD&w}rigqC6GLD3}#l`44F5nxc*XN;Hp zEU8C^2hfytP5MQf?+f0uF~Euzj@XN<%pN3wcs!9|@@lJ29Q80X2u@jJueWte3K-uy z=7L#v(P0u2Ogmsa>fyod0a~kkTrM%i7jH++=WwN?!)Cc~B+*$j!TVQvxt1 z)Xwg2OGfVdX=N`CI=SOvtahJU}3Vk~gtAy*Fcc|)p*A4Tl13D|F$%EGO zzW-%oa0X~x8(~p>h{x#Q;sWT~9Ty(~vBE(cBzu8g!-pag&6$-*Up(M3CpNIIgw?z$ ztQE&#;`juW-hOyBsBtst<>ees+SfQSARIg3HR@r2+6~Yn^x|dqAj?4JHE$pXM?(>S zIY~P#S0b>EFQ(Ynm8?+OI=X#!Xj}3$g7(-GY)Q7s`IMHsRC2%)j*F=*FhVQ8eQl@rd$IKMV;BCm1_E4TK{XP*EdP@`z zu=`fFwW*Ke6}(cCh_i|C>#IOD_!o5eeYx`RT}XWow;>eR*36 z+5X#@Zp@dh`R`cvj+uMjm*xszD7IZ+a-DOu_}EO3a{Pp1g$f-O&nC3~!<1o_AO^GU zQ&W5l!uCJ}0>3>(MnMq_*a_H*7sXkFxOYa)#An#o?udKiXNE*G7WW+rcb??;x0UtU zGzjX5$nY3>gAT~==Ei{iAtg1aN->zG?bTx-(*}keBH6%311hZc3Byq1-SxK3DXZ+o z`)B7Uec*DU-}32Yp2v2LS4;}*^T;cS;5vvZ=k9(4gDQ8xzwfxX$b-QW8X^O0PkHjx zj~97E9#mex>*BLd%kb!CFGl?A1X2EH!8wd@_(4$)r#&J~!y-n|7braxAh=){+1T#S zX2%Cu`K&5}Hn?$Qm1=KZrKlXM>p~gm$2rhZJPJ-tdFqZ(RI-LHUvIzSPgZVX!5?jC2Eq~(NiromWCqdXz2ByQ@UvW2-IDf?&FXQw{RI&pU??&bdQ^AlZ z4Xia}$UxNt^KW>HCyP(q8lQ^veybPe^WYv-T;H&2`ECYHK@Ez{XNT6eN9Y~Th}E@J z$PKGIY+hx%X?ty}mrim`adhe*eD>S9w@1Y=$X5lt3!z7b2HN5tIBbPb&Ui zGyK|?r*ZuRYBfVelLSN)GR3~rkM4J!=@3}YoAeDy52)C*#%nZHbA&f``07vGM)tp| z++%0nQn*981Edg&T9DK@Pk+-H$xG`HSnw2;;XV|{FE}~Jl6ueAsLnUx#Rbrnn`u@; zZIz_b^yrZvsVC)Ag0X=)0K?3Sas~+EHX_g#E2@U~912|_xI-YZ!5}BJjzA?{BELi_ zWUA4TF`~+H9gdaPaBij?UuTad6!|i%T5w;j%p-43Q`Heo;!%U|i<=noj?(ANuS-<)5 zxa~#mOEKIa_5Sel>cnGjwp#M6Gu$#otdU%OltNCmqU@kymGSY4_TZM-|9PI!Z$W-f znci4Y%q!^FV=yqSWO;r4H8jFs|EV2HS4U z>5M1o_uXTV4^Wh8RcCb&z=900<*xL86}qp|K!pFWGaN1O7=FAnv&xo=+RY5FjsMfC zHKhRkIsOk0xM98Hf8)@_xQrk*EgIrgMK%WsrKxtq^SM0FY^j}JKg`@sUk`s4@13L{ zQJwxGinY-&@}x{J4|b~V*8ZT5)L3A<0f&m+ZEFjN5y0AFkNup<&T41gan%+~QjZCa zMvPgcccO6ROX-4Vd$f+XIQvwkrD%-5OwCIf>_~1x+H;cmz}ji;9bs4x3n4Gboq)lW0*1`enJEV(RN~NmxV|Bms81mD$P+x;FX`wK!+ts+3%^15&afOqs{s>ahz`AQWR`|7?lC9LO-pA$V~r0(}) z^wAY)W}Tl;{xHdmaQA(_%6{&|z}fef4C+Kzw z_Oe1D`D>%$MmQVcEbdlG|Qxh z2c%fo$5#EQCl5QSwW~WE!H{b29`!nWpeBj+RH}?Z{?GtHg>0ok83hyU5UeQY z{xa~^kZ2PqZpb|emNd8xbk4au#i(`57l?t!O7TZ5i`9L_vfuS$fQ~#9a{BP$bPbim zr^UXFhFX=z!;;s^XZ}1uOST)RO*>GXz*sNxg`sjZhvhh6@%+EoqY!Hl8UBMw6Vi%< zP>_j_@BMh@e~ZN4Q3tL*0zF}n4OqtB1Z(e(o*AinuGr9cdWp5+y)lnhx3KMfStiD% zL~w-9D~@s9rS~!{@ul93%i1ue1D9C0XP$oN&i`dSrUt<7gn?yf%n5RghqwT;7(uu% z0Hu)fM#OWKxuvx=rymWD4UCLbY->Rh8bE4qfV@NmtYD!V<*+Q{uTzQ~v|%6%%upvl z!@$53`walO`5txVxar@xqr`u|$s6QuJ?!Y^i={;Q=h6D)2so+vQm>?c+kG&w?*r07 z1WpOyA_AKmg8>Vb+sp8n7SV$N>?{XlJW7`@H>1!AKm^Pk*RyK^qjz+Vz~6`hx!5GY z7f2Zk>cW0dX#0SyFGc7!4Nz-f=q#I_-({L!5Amtj<#<$c3h${0Yr395hQqWpof%(x z$*JJ5zYB;sJqJd9oU>XvQ10>_LyZVVVPR_MwX`B^v%2~P(;~z23H+btZD`~<%+$@>k}K$c#p1`}uI4BlE)r;b zkA7ss##?{)XuU6CeT%~3>qkP&>tdqyrw$S%c0WMh6fa#u!_1+lt^k-Ql8S&nic`P( zC`_v8^SbVe4zeH+*oE17R1oOhn)vnPH3J+rUdVb?@zWtPqyt-TyMs_ zovPP{CKAQO-a73wWW@dweqs4SzeS}ui|6tw7f>GoQ8D+`XDqDRDNs*Xbo#*XnI~p% zNa#eJBry!w|n+u^)95PyORL5xT5ztL0A|CQyy%79P)JC57mD*d7nTv3yTmltA^ z=ro^KXHu2m2?>ad_bMxe5Z{ZT!XtL!AKMz4Jyp)ej5kf&eX!M8|B+k0!x2?zQIPqY zH0;H_Ex{KcNaD|1Tc1={F#FNCc-2!!t~XOP@*PKU=lVr~>;Jd`{4XF?mkhNdx6e3V z+57WDN<>^dnO%hp51Fc=niEtYcz{p@y#eb-5)k2maRE}-V_*jEec-u*0O$|~wXI;# zCZlUchn?9fz_c0Zb#fPlf1So5|;b& z~pIbID6kV}DPvA7agPWTuY!jsp$fsFA$eS`7OS4oyV za6W)j2stN0SBGuP_Wuh`%`;|6O@e;464ji=iNq$E^sM6mBFy({JpYg}a{AlpAe}+I z&$x{x&b!>$f8QByBed6$x7stiPl3pb0G=K);{&9JWql z09q6{P$l!dYKZ$>UMV<88EEU1ANy zlO^R!q3IPX0N}GW02Lzzri&9~dEEjIOUkObo9fbc=U( zca(L>=B|73dUT{GxBtZZ4TAckTyukeakNq&VrIxiBIxo;iZ6~UT$A*Jz#2|6aE z*I9!9Ea(?rJ2%wRSgjnzUSl7E$a7v!SfOj-K(q1-RR9xvCS6A*%*1# zbBdv2QtGVnKwt%hq|m{mxEB_eUHIq`VrLT@yTep^&$?>;uPN1z$LcNC552zM*JyN= zKdzyA;YrQmF!E(B+x-XFts{TA&&SiY%KbgTEi9>x9L=ry3gM3bZ#yCN$;)b;{6y4>b1Dv@B3GEQOH= zUf)%ndoU513f1IOu29!(DgS3KPg($nT3Dsh9RRENNuQH3u;3{8^eQ?Ic+@w8BvT>knScGl~;@@F!NheTwo_MeF` zhsKF@2#%;%xvzeL!AQI|~M%O-S+Fa@_ zRZEvEyU<31!P9nd#)+AHhZa)1ehPdr*ssyRt~&#B+G8YEk6!#eO>S7{bSbj08^`tN zEZ!(x3#0vQT**smrmAFI&9i;ZDij$1z6He3>s`ZL+5M|Z*!D+SG2;vzrkid76tl9u z&z+8WWhZk?^Z6?!KjPoN>X4?q_u)psc~II2)AwS~Lr1rY)K#E7&@Y39*?+!|9Lw#b zRa~RQlb~kGs(ov){7b)%5)?0WvnqM`M&0}F<TEAQ^xGe3s|C*8ptO*pa5yn2?Y3)yt#ZuZH)+o@U1>aYgD2F7`NO=yD zIn!VZk}|mz(s!0gj>m*E1HJ{8e} zRlt93`;%SS?u0~T1SKZ@$;PUq{I5E*nP3sPz|Fo_av@zq>vi8{ z89HsI!B!+;icZ2&Ix0#W6#9MT$=S0>Iyth%RFW_2)~}W6&Hr`|xZowpGPnO(3L>P^ zqUye=X|c=-I)ziFG5e*Vc}oKE40^fSrsa7?AyQwX>%L zO~j6<#vA4OYnG>(a)m!$CaiT9SOmc{4iWk;B|F_7?Wueg?31{01em8 z4bs_uT`RYVnn9`bSu9o|Oh}3D_yklrXgUHKAc9=cLD>RQVbk(JQL-F-Nzuo2%7W^y zg9+6O*zd4jCzhD?T`T0~#CY!Gjdq@`Jr-=$xAu2OcQe1yB&4lQA6CG?BNR!}{OA-? zDVJ;5uby%N2j2hO*Cr|OScry%XB?J=qOb2oqJ0QbN&p-RT70t`Q07j<}bn(3~FUKrJ~P4+0MIZx1d ztc+JW9d4=NyFp)wc*T%fpPa`-!TrruwH`w(ADkur@S&CBVI!VTyH5kS^f((}AHx*E zD-_h!!XAy))f8x83Y>8`uH&&IQ77UoZLd5%A4ZV$&Twu^X0ps@R@>unW40jy7pZy6 zeuzqlH@uffK1p*|UFq|6wXmuM@JTqNal(Zu@XF9~&`X%21)q{?s(6TKz~*w6z#ILw zQ|k*K_1Y4z776GW#IWg?M0jT>V^6t6CBdYR%7yy<^U9vetX^R}=vJeK)DhBkr?!Gn z?=^|J^VUQBb4cR^!fhD$2(!q?mki0(Ku7|Iq*;69Ew?kNW+w{tRXEC|^ED4aD5OnR z(sxp(DAKf@;7mUA{;L;Pr;KsMvYWGlULwt~y;inS(e3s_tdBMG42v6NZhXfZ9n>R% zI8SlC`SB3 zt83-^;V@NQsn5G+MbVb$RgYdYEhRhi>=$1JMsG%lBj96?@DC)>+z%p`E?vU-Bk}p~ z)fp7JS@#nc+7tD)Z*(2~MFO6X7`zJ^(>(N=z@y|~ajzv@FOJocyyWzl)lZ}=z`ooE z=L0jg`vSyJkSE^+?gR48%CN^G(J@Hp&Y&IsK4$uzbB=Id9M_zNOpBK7vxc=#?+Lt~ zJh#6g@;6Vq;=G`LTtHv;QIEjFj)TNT$c+{lkxe(MJdg z`2M}#yi-wTimyx|F`AhDlfsslYn@08W7wcUkf>n0u_36CmF@lfN+1JscgVZmzvsqu z@bb2&i~nwou|~b)qZ1z4BJq$%fv6(~?9rPSLC-9!q!f0t^ae?1Z|fz$&F_5f&cmgW zZTcL3q@^(6vI760^Aa~cGK0@3t_5wOxPUQ`rPiTo{A&wdksB-e8UC5p8$L=R)q(EFKM_d1cB`+wa-` zE-WJJrQgmnS##2udW|t{8ZJZq@#CuA=RUKnK^QUv!=l=mB!fF$T+eSH^CFPf>rSK| zvZY=iPQ9|pc?XB|BR)o{XZYOPelCCvEVJTZSYaOSMP5~uvuOy5z zj#Cz?$n(s8wr8*}?z17d74pnhrb$P)*rCUs4IWPp*9Vl*57K-+X^Nhit+HbX;dLk1 zLt>lJs}9RA4Y>z;Lw(a5>S&pj19!pl16d9twCn=7ad#s=8;pfRnclFmw<^l`3;jqW zlNFtsj7$7w2c52!5io5_j88HLY35yWbL>*9DLBno5kkKHkm{dG=AjdlT(ZlX!`}0> zA`9f-6r`F7>SZ9&gEItqzy}RO$2nwj(iDYC!yYAUdiJr=F9tT@f&mb?gaV#mb>#XkG*i5RE2m)5Ukb zBYSL%(q3j*>d;smWCnH{boJl$`&<{N4x;zdf>Sh%YJH70Qt2~%;8P-NsnPYby_$t8 zX7VM-b9Z`SQVjAg^8NE&7z`81Fw1~NBQbpov>+dvD1TdChmvf&%TnKf-nCp{3;Y)vK+=kxa~wMx_`1lN{_S zk5IA90Vw=<4XQ`XyDX^~FyC4}&?PkoF0nRD@Q@^^B|Z1uh$*iR)P%GM^F zYJDILe$9Er>~I~FO61e`IXq{60c2pHNyz)eh!s+71M2cNg7V>hE)gifbhzf8{g}j# zyNB$@p@)nTeq;QdU*~E(zoua9b~*6hT=UGXEm$U6>E?c&)zeH`KoQoE_277nrG|OLF^|T21>v*?#!B9M1-CDA*#-Ng3k$Gn=|4 zN|w1RtB~KCVV{v-Evj}k?q$=t0bi3OK7u4!Cg*+2Wp24r|0Jk}`q*C`Qgb>*!Ct;w zcgOZxkpQd4oZ9%AF)UZ5TEK-K{W{Gc<@|z6!#(?l6zPfgs_K2MKBN7eUk~Zyo*0NI zGvxd8nm{aGAS&s}R_K~_S-FnKZOD9cZZ!`X8bE6Kvq9DWh@t)+Sd|g+bmgTEMAaXZ zu(FGFrB!q<8K|TZ&5k<=Th)p#UWA^`{?;z57}3P%Bjh*}k0bfzSK7MpT{D;aKDfQ1 zW2|a@sgLMY*yP=w=Dyt|kal~D3pubs#Z{q%f-KYWnTF@ba!Y1q)g5wX`)qpyxZ`V< zQeeD8*^uE}`awJzbYm(%is|F+K5`MueSSwZOMfk=>K=1)_8x!*XxIu2gaG?M7!Q&u z_JjPmvDf@LXw;#RL{`s+BJW1Zhj+_TX5s z86YL2w(trZgJ)x0p~hOSIR(|6EoG1W{kUvDkoF*dA`mj%L2gFc^V~%d5fLkJ>ZMZJ zg4on!WAM5o=&A%fV#1Ke&p5K#13h09Nb}GvCYVb4{&}@Y?HwGbtbR?$tE2Ht5MoXu zN8y*dTeg5n3VIvpbuFBx4Ld63esbX>-NbA(O5}CU8=TNDH><^OY{TEohh`{P~&0^)hrIyFSplu(f)zkOzo+?S0kgkRhpf1b|F?E)j;zT zK~ph(3ES5RUhs=cwZ~A{y!A@i@oNk4%Rv96-r0h>6*UVAnc{w?R|ELv zK1MX#895%327e}(6MeSRH2vA`GL>syG`MB|+g$#`QuH3Q;Y9p)C4kF_LL*>4IY6HW z@wWolUu9rtEh*K`w*oK`x}W+Z!v^F^2A&_#YV70Le07Kv`4xayl?PC1mZ5ox=;f}a zAz%OpUP>wA?)G_$APJ!a7lqOB4Y0g8k(v2yQLWoWjk4p3xOOy?g(@Ug>Dli)$LHmB zKdJ^jNy>69yF|$mkbENj%#n$`!`3%~WJYi>>|D!Pd1{Ou%Qhy0K38Z-Uz?t0dF%M| z9vx}*;Ek)gT~dYX-p_~{u4VM`D@CNzSGVu^qgBz3v;FW~Yo-8;3vr*R8p~QmY+Shc zN0(*-8T;U5udjyJKIv#_jpu|i$T~Xm`rN(Sv+E6|XKQP#BY3_;k@3NE2X>wHmuKZC zOP|!kZZ}(*Y}@*(qO6QeR)I9%nM?ZY9Qfa(ZRS4a$zo{uFzXyFg6@-Ph>HEMjRsKBq)#b4lv2Q~76x`>J zF*E17X0x1+JpF#jqvzAN=kdGJ0ONi49=&IO+*n7_{$h_3#y(;Er@@~a=Cgg4Z}^`_ zx|~1Ka813njRmZRHf-G_o^}mu^5!%2((uxA!KzV~{AcOxuNtflJbpT%GR!ZI$zM-5f5Hz@Q?1>-s~ze1f-4PD)$y+7^XywluM zJ`pf6ImtAC2t(EsIrPzz*R&pU^20@nwq$~!&!H_Kn9sWMBlPm=?U3~rSa1jgBmY=l7dH6k+df4OeEeN(pbopY^zeZq8MQn zm7*B~zeH30*9RzYj^X%({5|aNwcXo6#N1zXUr19^yAZ9(XsWTPStXiYx$dCRWu?-? zmByN3o&`)OiS<4?kX+yaE{aBcA~$@5l_0eX?&bP)Ct$~)~dn&Bw%{qSzpqCmA!O2rv?GT-dQ z`)|DanQn>?Uj_WC`qX2rXtPl?&nraNY{b~znrS%`Fd5eIE$DT~FD-yfA!o3pib}d8 zkWWVNn~zSFZMxXyq}kGWr|$~qR+US~Ig@j|ZKWbi=Vs;9;X7@}^YOt0^d`XQzk2<4 zgPqc)e zG7|taqZy$1Wsok(=4(!X4zC>~0mo0>`i#NrehC0&b7;(Zb6yrhD`{aRRQC7J<%vD} zxFx9HvT*vHu$VtR&I26XomS70Q`BQ+SZqtR)*-8=prUGlsq*kq5t0Ute^}1eZl||l$_*l#>`#!o0p|ny0_6$&0)Q1{*a)eF zB2b;K>ge19z`wR(xH|}}MciBfHG^TXub>P;1(pv?!Zo#Hk1zUSPtd-&>2?V7VzY~K zNx62&bnzmfdD$~Bgm51imA!hJ&|+Dxn3a9x(?yx#-VkH!Q9Q}VUN-!I4-w!A8VuKh z>*UbLB8MO#$T0-Ro{T*4?rreu@vo@a1(ycI1fU?qN2Yo3?}z)xVE`{W(ev~3S-H8} zA+_eR>9P7bv-|S)^7?lm^me&twa1p?b5)LwXbxDiU2v^yCmUpL)wGszDCWlgws`h^ zj06MpB$+W;VRtAM`CseCFi8*Rg*7zrx2N1C*KhnIa8|~Fd@g|Ov~ZC?Fn?;BDP<29 zvX9e}UKF5b@(vmXj(Ie+=)<29wqL3I^^WA^S4muU;)(k_(NoIysoKNWwQ^n$?^&i) z+ZDw$tb{zg3f(bneUY~o*7P_2{GJBHK9`U(oV`q#+QQgXmd-Q}`yDqYt>I3qKkra& z(t^foh#_w52{wiu-1vPj@L=WVs8dLV8fUQ*cxh`>!qmH>2oC^W5wUgp}!tWcZNmi%0IZnfmGyTK8US8Y1v*~63b z3z2;bI^SJ5+?q@8P@x7QDpWw#$#WF59b0sPh>)iDt ziSh9w8dfRk6Z&|pH)Z83a25X}0hO{x` z+~ZK>T`{v!&-u3gcc)++dpvgy8DERU`W}+s{zcCCo)wEyEu_?e6?7A<@X1XZo{lu$aL~8D)Cmp|KM|W==>5}c z>y@>H@H2i1!wfR=B|X~@rWtU`kBsu4FrmBLD)lxbrFP}QMXyIZlT3Ge^c`NxUdQSZ zAn=xC_4U&avX3aWvda^PVoeGfa*o?9;*Ex8$yjw$?3f)oJ~2CHF6@5F|BjS9V8qbl zg*1UYs_!$Gi@HN}MXc`~*QC5BhW8V;ovMi^99!jY$slufWR4?r`|}MLUx56(5u%fR z@h%Mvsy%K-8JSvcR3yCnN67?QZp%~ib}#NO$F)8EK*KdA>2hk*cUd@Yt@HT8)V8OSA*LHUjIQBerii6ei-MZ$H zgN(zwwOQQjR-#^7y?O6OM_lE-Q)-}yL8CK4A-F%93#ijz6Vs?WajL50l|kV0R^uoR zhSsk!FyoCXZD0Ab=@)!gc9)M1ovz2LNxE}=^C+FJ07a`E+W$sr0kJ9S|=ZV6I zKbQo&9bIc4^9VZSAVCfWs>wbit)H{eo=T=)b~_{c zSY9o4f-@{|-i($s>=^-XCC*+{Y`bxaHql+8WUp=L=)oTUoN%$f-dH<5dok=im=S~}1 z9dCG)sdA346ON3Z!9#1<^6g8swYt{#XYq^_6YzFmGc?PQN(NU~S05(b1X8uNfSbgM zkEiJP^oM0v7M53|jaVnu*e)DW(ypZPqCVBY(Uh&Tv$Xm;=MPEP*1Xiw!QHTbB%L1^ zFPp=W)zma$VY^n6D8No3{e8zsydWZC!eVi4{X-%xrliE>i-A;Tj)kqBj{%3d71g+( zRVD9cgx|{d7iX*iS7S|#YVYFG7!PT*a=eg_#~g2VwSloL?c=Ff<9GGFb-Y;Ymf58O zO+n7H7#2)d=%pOzBI=~?qM=#wPL5yieO>u_q+alMx2ka+p>jEq)2Y7CU)q*eroJ5( zxqjWYMt@W91B=f+c5T()5A}7%7xb&j6b^wuixZ0nD`nAD_H6d+!*-7&BJ6+bcL^2$ ztkf^Z>Xve!)n?6R)oeW^9d-rX9?zGPR#u}{ICBf~o}N>0RL#1CD*fc9ZQv5D#e0qY zx)K4Rvte5s(vi-=%J_v_f2u`ikIK1zigT8~=2{1T)!A9FSrzLnPtU+m-+M}Rc&0rm zM6LV#)$x|1E$J%AJgddtvFP`+M^y2{*qe$9*Tu&C*|7EnXXkgv2`>%&dEMe1JfdqP zG)p&OxVZWWzS^M6(HtC2g6rD+Ab0rjkk7y?+S=~)@Jpd5<6^mQe*{<>DxNIsg1-;m z(YZ^1^N!xNcgNW&r#Gbjpg-$(>dFj@1q_qZ(rm+?mgTHvuqokzfn7Ez=CS}i1NPxa zHW+M*?Ja3Qm4uURI(p{I^4D5N*S%K*RVy=?+?%Zn+_ZEf>y>x^3>gWD)xWi<$q*j^ z8KhFN)X8T*OOJi*uA48h$ollN24!P=kSI$Q%s8l=UPw>%+gX^er ze%w16jvtSk-p@xe)o;|ut+!;T(-{8T_Is|eUU~Y~GOZN(-Jhuwwc_qWJ|yDqG=@4G zZ&?Jpc7Nqf)Y1wMasF9+d@tFk;hE(pvo}OM4New4l~%np#^73Ko1}V~_r=mR^+8T} zI3Azo2W*qLIQVOq_QXh-67}WaN5ddxGm(l@vqyXSa$FZHm1e^xg>KuJp1AK8ot?H# zC&R`j|ERPp`MfIM3*cG^I!2|R)$-djs>&L!5Tx52HnE+wAF&p}W=aZng?mJ2_g*a3 z8+z^hTKEmWb!X7yQ-(jg-l`A3PJAUQo0@vdLy!O6aRJZD-EB~v5%bu#i!wb{Nv?O* zd*qDQ);4JL^Sq=YurQSycHCOK9y&%}HLlmHipjb=bjJ|Bv8mkPdR5jX3B|q`sUc3= zDQCRndf&xlJy#!1SoBCJ&Mj7k&4$@NAJuuzO&f0e%~hUWcwSVtSWD9_>*77B=b!Cd z=rw${1aPt;7p@Fu-8q5AxdE0<41S3Bz=IZA5)0dASCsXCdo$)eIT19rjlU=EJvv@_ zTH*t33~}`BpL0K==7&C$ewC6u*&lE(i=)X{a!|KASmBPl7GCxf*=>7lJ|X3aRSS`a znn$DVPo21M{*uXdyroMjgyZx&oe|vpn~}Wd&l9f*Dyuv=F1Q!}aw=LJnP`KwTOpF~ zvh3x{1aKEu(-ZMczA7A+ejrWlo~R#nw`u1dIJ7l`t=}i35lGiiuf0D{vGvj;Zmg?m zcwbwijKrZXA&aiJbY)w-1eoz$jpjPzQ|6e=lS5R_q0fU#W0L1bua`EY6>G6?SG)7H zN7Ly&kBs6xhUx5NFZ&c9ma%7i2ow38CR%XQB?vHS0sWRq$=N5Hh8GpwNSgg1uEc+q zK6PbovSN>j<%)mAoh!QU1&Lo(8WpbW6mv%2&TCHNSDb%#J(wE{wuX!Dbg!(aGy2ZG zr*8N*HdKZ!Et#Bbk4aNVx?N)Xd0f~}!8qjbS1yKtpJx~l3Avq^c4+;g&;*_1vLT7_ zpLyI$<%A-q{=_paz4SaWVa*vvEwnMVlcG>v-P{W}bn*bQ;kLzm#Fz0YP0H$ z0|;nITa6S%UMvei3s>-CuS%0>$d7k3rdp3#U+i6VsOmjl5*Jsn`7~tqXrku*ov(L? zJ-WTRXv7pTeRq$Dh|a$wMQ^3=<%Jb7xV1C8uW%xZjgr$G={2mf!alS$_HT`#^F7Df zOUmF*GW*5&%;hTXKkv&V3#_;X%Qv2_Y zbaP`>eMxma=yOU+T6QJ9A69f(!m;dBSHT@ae~eo0Ps?lg0r|4q%|R#mZ^hkm{S@pR zyvt7~PQ_ibMtQ9FIPuTRjb3}+rtFy`5B=vDNni8O=?L4Oojt0pop{T&uJXiJI+a!x z@7^3gJIqBtJL$Zx5-s-EKRyNVx{rNwF-nrA-aL^==!=5`HIltVjDT!{)&IlSTYz<$ zZ*8N06;VM&N=iYHMnGDWknZkOK{}-+m5>Gzq`Nz$TUw+Wr33`&5TxU*$JzVc`~A*2 z-&}JIGXws4V*OU!Ypwh4PlC!H;Sq%{D)9Jgd12*4pG7afowKfPWy4sgD+YH+IT2k` zW;N--bw;gc>j4@JiS1MMFAj;dD(K4PDF5h>7K#6f;%M!W+3%CDJL=*TOrtv4?;DPt z5Ja>>kK&$Tt}eQxfzTSTKwT1s7MJje4@w4Fxbepv-h+r_Glq2kKz!ezEoEiM8;JfX%VFMhQE+bN6Tf}47I@q8z|Gmp@!Ox|#sX}kOGUl}y522M; zsuw$R*ub_A+osy&_}gdhR6g64PXo5X>$Vj{zi>~-Zw9vxK{;JeE5kSu-M-?cblm1` z+ghGae$dxnw;7p{8nvXT=$x#Rj+F!S&TK7O6gL(LD)4 zOMH5rDeN)6!Gp&a|Q<|rhVo-0yEQ2j=s(Y~;s_ONxmZ7=s8bJp> z6snG^IKuJgbq!jAb+f-_FZxIZVt(t9vR+SsLRnH$(#r#+uK!-?q+&~Fb#<42frt6M zhB&UPy)ryIOyxfd?B8sJSQv5(d$`vK=Nw-bbffx^9QbG?wuD3k?Ov_=i*OQ=APv1S ze>3P`E#YnG?>4V@zNlO}qn?fJ=`DvIKzG`xaago2+ULjDYP6YzHfcRjpSOoeQadVX zphY?`Fo1r}LXDromuYX$V$W^%rB2~m`CDN%`c5sFJL{fszlf6037h>_n@!kkYOFGO z!s({nTRs7Tl*>9RTmgh^SFm5W*zfO&p^K6v%-6vUIEx$#<&5feJkPjj{45_IU#<^l$NV^o~ukJ(Lj_dQ!+!HEU-~-c1 zgNon=O44jXL=iLHpj|Wp{R549sh|Y}WgN z)FvS?+PqOJz@~+zm_QiU@&lkpm@U%`jgxnhWcCkEI@Iyz&Q+Br_l>l|hP4j0<_=9L zKIjrSlFbtBE>)xegnjpElfH^m!2Hd596h*B|09#nOF6(#Apk-;D)@OlT=4psF*3q9FT zvgfGTwc6!LctcT0hEN(6GN|VJa3@hBez+9B*=;IJOVejl_N8WyH<)xRL#6WD-DZq0 zFKd`KMkyyzw=~!8hQWyfZBLlPBB>*V>BQcI8Mf5luj%hjZWdb{{fXAW-^Zkd~@tqIa$IdhLzoQbb zc}Wa4?TjH07skMXHgGHzf^tsNif4ayiT5&hH0^MISZV{TFTXH+BrSLU(;Q$YW zx&D+ZxR&PH>&8qZ;Zn*ung6IYr>tuIO^}W3m0UL%-e^e!Kg|s`+3L zJpGk7P(NB`!sB!}!3)fBN2y%Q&YN31dQ2~w2 z(WuTrt`c2mVs#bz+AhxJ7qPeIrfqvjqeECqlxar}IA@7bUFg1M-SOlW0}y*T5Hn4}QQ}&+}H?Mzt@$}P1}69hEv7e#Zn!*%oQg+KsAUZ^u+tA6r8%><(FV1L(@=! zsxV5qNrOpffAoy8#&Y)E-vP|q{vjcp2asiayXt( z?xih1itFtA#X9j#b;_A9MU3)dUF+s7tK&E$>PzF>_X?6PzRn1-Z&Ce!r#b93*s-Ulr`w1I6(knpGTDyGs535)tL=8z zgp|0mwtho{aiXr)W!KI~0|@!d2!AMr0ypp22ydJWp{*TY0}fO0yY>asi`@gc=`B90gJi~ zEt!%y_3TiS9nZL$c#doLtD`u>k~eu0-|{p6YJr$k9`54z_{K*VKVz0#yNEiNOJa}j zn!7NcFVgM(7<%aFjfa?|)2?^4n4cg80TstV3SGr{ni+4>WR^_ebv*VQH3sj)8uBdR zx4ix_s?W$^F0sa(<@~jqVAtulZX8-=^ctq=m$2xCXwf5*%P=DI&!(2yXnqs$!Il7M z_0Lm;Jpb>ef~0`~isEE)fSHes>AE5>$GT1$X6dLA{RlDKO*7K?)0z5B>o+9Rcd$x@y;zC+xm)rMQMS zLN23R4~|v%dWrP&eG;-Q%Qq~%Ak$TNn|O840Y*;kvo*}&f}uqe%r)bRi*Uix)6;MD z3t_#0;=l>W2@uuaf3BIk(?Fe@{3ePR&h91yO>2`x>!`65Jm)bh5MJhKJiacOH@x(% zoh(#^hG2B7Stnt3dBxkijAY#HgBC#>rJ-QK01lLvq`?`HJ$FxvscO4D>>u0}{`|wC zsfwy~!gMufv*}D>>y@LZjV||1-KuFlWK3C1O!#QI$NbL;cQVPNGPyE-)Q_r5_O^}{ zyI76qXD-M>FN}Af-oP;43z&a{9PKI0MT2gu2m_`5+9KD#$_6NIpV4q*?Avw#&OtcD z(flqWZ$KIIXahIq;Ex`ucEV3}uIgG9D{A3`*FR#Oe4p<*psd>-x(wq5=+I)%E9fH~ zmR0xqJKmZ7?f7$qw=={CWUoRnLnKBp_%}Vr*W6*+fj;*tTm&y!(@| zY=6hw+xv58=QR+Hf=yW;*jVG?jpNs2(eK`db*i^d=9^#rlw`Vj@)|Gg-SuMHflryS zX!VQblQ@^*wcJD%KY!^`R+MvbmWL#pY**Um!dvLXAz;Fu*{+HH1ZG<# zb$c*PJ0aVce-H)gY3S&gwf*gkmhv`lqaSkVQz)Xi`910vuRKYCI|9UEui#Qkqp&sX zzv4q8Wc{J*;XTedzfhM7ox;ux#_TG7h(HDgpBJi_Ba!>5Cud4|$D(+cEcSMBJ-!pz&^9pN`?7+gr5b z4jT=2S9e6gHLmfv7j)isC$iI7+zi4bD3~_SBfYZ$N5I;_^f0gt<{u_!vN$TpWIB8s zpS5*hamBMN8jgJ6r2?;5(Yk_GuV%k*qqXw=D*;p&;Ag{B)nR3>>}nwHE=`gv4ovWI z!Llv<4GbG`+Nx=<;uZD@^|>lRw%OxRLa^7bA{hLCR~}wlX^g{G<@T`M9S$32taxSQrW|u}? z0ojt&0oJd{F5dG{CCldw{`mbz5%SIeNbPdZncMz+pnrK=g`zYYr%|_?t%@(D>!c(? zF#M~Lw4&^_Gnx7eM%CAqjw?+Zc%*pw$`~6SM~2KWEzZVyn~B@J8T}c#K?i}pJVBiK zB5Jo}7773^BN{ua1>boSuJ`X%(I%u1MnAz+HX`|!qm(uG^&cD0udy8*9|x+l zL+P4`V%EWQcBiubabjOrCN@^?Hod-XKInPctn=!CgAVIFbNX{)t27+f@}<>VwQ&}< z^Z1brugGiB_!Bxgzh7jc{ME40>vv;MP`a2P)vFGMl5)=Z`@8T#%oY~?w&EHIWwK=w zWS$b9Si_k0`wRAZqhu%jkW$yDUhL1CZj*=AfhZgMPUn+v@#qDs!JUj8jcQNzp>3?7 z(|l{utd{O(npa&v+gCE0!GNuk#GR^dTH(P{PM<{OuF=g}o(6qW^&zf`*Sh(+LMeY_ zl;$z2W61KyOHph~+c)HnvAp8i2(hotg5)IV9iFUl>#t?r_TVI8R;BrwVM?^Knnt;Lj`9%nxid zemMR8lz^n}*9L`HhxM~ok%N0o%>)VeT?goz38pQ3QynD;)b%+pu%Pp^XZUzXo^u`? zOI{enWZ2qkk~-Mh&vPpFzyt3ulHO<{w}E|OB6K-Z)#c}?ah!W2nG{`_shN!wbrhJh zHP0XPkSu%(@^$oHgOBXdjniP}B~6Ks!Zq~l60Y<<>v+2}Hc%SOzp*-nF<&dTLe^wL z2lqdrROv1zrCP1#H7`LobULGT5tbH!7vmOen?t|v^oDmF(Lawt{fWe_mg1Y_gi}=4 zA>ehS?_&w&kVm_)sN@X)khCO%#lN;9iLqe586D-6=G25N;Yo~SF*E+jQ6@sTVQhlg z!13or)XeS$161`6=5)Q(&m}P%HPhM}O1Z~(Csbg#t0~J@Y3pz%Cwe#!Kk?4!?RCK$ za+jjDb6w8*TiUMe?_qmLU$Tup;yL}0;7{lz^{__xC{^n3_)#$5%79`g6$(L+V?}Qx zGg>pzPj`cFK81Y_JB+bl{TFNP;czsZ%V7*KY9}mO!MinxqV8n=_2d8@9`Z70?+TG5 z5KDCb9E`thMIq>;=+$gP1tY1n4~hicV{m*HYCI&qQGMX=xEK+Ki9ot-OzF1kfQ&z)-gU(-0MQbKjfm+*BVQnF;3o zfHlxpj(w`sMKi=YgBiW*n2n|3cW_;V^#u2?p1k5Fi*v8_^!R{T!Z1thK&9Q1@ajeM zlaomFg8R*vH}*|xS}pbZt{wzDN_fGHOejZQa=~_jeLnQkS zEzyP8UlEw2wg~qVYm;Z zlp7$l-T^#H2r&XFuk(-k{b?akT({79&>o$@!XfbxIucOY!0^@Jl1uaD(bT(HTfHd& zPBQo^4jr`Fyvf3R{OLc~jB5-JnHybavJn?>hULCJVP*sC=`U|rffeD5J$@KfC zx{~7y%n4%#b?tT~GA zfPGT(H0D#2Gv~|4y4}Y_0R%#lxfjT4qM>BP<8x5;V)Tc4H}Rdo^mrUsM+)4Tgl=I= z6Z{HNiI&m(CdMRlK9GSGbFt(#IbWxWf(ZcFUjIU$JA9s`lK#};6%|a+1>YQ1&lrW> zVUvWh$@qn5UN*ZXtf%^e$)_(w-7inR=ugBYy)sh#`?!>Fi0Wbjg{w5FymYrk zMSCzV-5TyhBsR302rD+!Bq%@c4TlRo=#lKd3^UJo_k*$#c@$7@n}jM@3K%y6#vvPVj)_6hlTn`AAB}9Iy7<($%W~I1WZ@&@X@mecZaTd=yY~$;Evt$V7k)zdI2oa zYS+rUZ-;*-zP*TG$GTql?HYv+tFCGL8+)18uEr1A?E{Bt=3u}zIK(7*0OzbK!f5N{ z*3b2T*Oiqm{=2ZBcbftZeQ6BUqc{yuMvttED2mg`0UGLCZmB0J%4XX~auSBmhH!hLCXgN^|5BAvke4^pNLN_iL8C$(@;R4KYM>Pq&l#PEh@Y7}VHwbj-!}bG0FArET zyz}$3eSY)lIwII|(hiLBWif2bKg=&xmtNQ9hk?dStRMkM@W0%MP+PO8@a^lzhC%lB z@14BG2fZN&yVk4~=i#Hq&@%cp*YTl)@M66-3nbp?l~|*Vs=67XkP1WM`&Q@LSWsc* zGjK;DSMH5#Mft6sA68NH52++MX_yrYe*Q!v2YsJ+4p*D{Z<5ohWN)1@t8LAab)uhV zmigZ{f97Z;eB^R(aOM(#CP(L1fWUk`XCh?mTEE-UUmDyfVZiC&?qsj1hL}){mtCU~ zz6u2LcV{zzRKnuKdwY6J{&>@It*7@|b?bKU{sDn&9%HMm;@YU_UqX-mQSK&jLwCo< z-m}OzkjcccNOqDpes+E%$O@M=_-3nyLdFFFt{<6^SBV*u$vssWP705oWssX6t>-p5 z$@KW4me79&UHdHvNtm8z9heOtcf6im+;Iomy&`GknEs5Sdvzemck@|J%uPimFoODi z$Y1UX)|V`7DtmQ~=92ZM8O5QLbJ=N?vK4aWQ_3U@&a1&A4AOH*;+sOtKhAFchUc87%h^E(KR!ZLod0~V1)^^p9Gqgdno(p25O%K3)mhu4>pvWo_GUWVARC~& zZgEk@<&MOfMdXpul6dp!WXW9NBbbzJUMuK`)0U+t;Me16|FN(b#5eF(KDRR+&22k7 zgxaDs!iw*(sy5j+y-1=fWEm%9;)&0_=Dtf|XB&Q7JI23>tjJ&E?qqsb|GF~U-sDXh zhO*;&E^DxqS#W&VY#(2vYHsa@FL`4xp~vL68%?!zQeCG3Yx+;FY0Q)g&I_avU#Kw3 z-M`k^WS}od1`m+R2Gixrzu4xQyV*)~cgepH>R^ATzi*=c*2=tUR*4LZm265^47i<) z%wL)XuPT_+zOZT_{*`WkH{iWa066r?Z24JJUG74tb3H`AiuRX(pFTS3qp&Qo{QhP0 z#$?$A6czyu%=5lV6ErAx{nmytc|MDM@cNNZ0aZ3fjj&q5$mpR?#z<vaUeTwsSf|%*`;Y0mm-RC) zSaoK#W?6WrTj18M89F{;UeI^z{l=^N3rI@Td) zf9uUCp*&3rwb!aPOU3=f!z1NzE-Lsr<2^pp-oqx9o4bK~LXF1!WqXb-b5^~CIy3dW z_g_sgzTLvsR0K3)zVNu(!O=B1^5IDVe-J6#6@r_iGkywYWg`VUrV+Htw1vavC<3)} zci4vIf7Z>W*}j*edv(X&SIK^GQJL4}L%6o;uk!9x$&)zMm+aG?*p<%(_up{|jjX&2 zWsfcm)p_|;yNY10xgIqfG@YcDnNJ#2cAfv(m$q%Yc>^>%rJK&R+)WcQV-rvJU8a&S zzkWQTBfmj(mjFYK%P0bamkN)gp4yv)4koqfRWk49(+pZgm&NAIhGp56XU}Tv=-kgw9q;fumo?4g zYnEexu#@E$qL@Wj-LwgK2}>5n%W+o;r|A+0vxE)ybM-5X&S+D1S+1kkqXG@aou)gN zY~(sj`lmM+xgGLV)XLDb8N*V9FCWyPDi3hXPlw+{z8Rs3mrqAqvCMn(V-q8Pt$?LA zANkY-daR*Y?}T_q6qc=QY>#Mb}t0^OypwLuDA}>w1apwzx>Og7med-Uwb& z&VCyx!n!8SqT4WWpWSb3*nYudYLW8(BvFB#z(kOv< zK{n5=Vz;BQT1{`Q3XK?;XnTo~o?&`=T)xlHQ3L=G%BEn{ORBqXp6 z577)g=}A#RadH0#6?N$x4kQ0a`@1L?P1hCd9as%GhRc`;nr~H;;|SiHDkFDm5jM{rj1F#ZGY?nx|j92)&>0ue<%dGrjHiPD&fVFjT+qD{?>z#T1>+Wga<;$0m zEn|d@#x3vakp=H zY!S8(zqh58`{{_9nU@ZCeVKSrk8DL=-EQAE4=$O~(y;i-LT6c8u0P$qt&Pf$9dG-x zGoaB|UagjI-#Y2%`K$hGcTrL=uE1V9@O3xx$)g4(dnFuSX%|Z@ zu#Q_vzm6|CQ#zl0f)Vd4jIxNdZsGZ1!|_H702sHjyjdn0Ia;LCBhch7$D+UHi(!PZaab({RlB@(1Efwn9K zA74Y$XN2!7I?c8$kW6eroQo25{HU;vDeb-`+r6`3+?-8Z7uvM(JIg0jTn&D&fLSV- zZ>%2LerT7!S!zaRCAkxWfE+AIH^YoA3#@g=ee{7Xn{d|Ixh%P@9*^yoJHEVk#`K~F zuq!pp_lo7#Qi8f!Q_GTp)|VI&egu}UOgT^3au0xQIoFfz4y64By<4~_!rC0@Cig|N zT!KbVJ80e)yX;${p2A+vtAnisP9+sND*F1m~}WB%aV@q zgxf?KEC0HVsbS%mE2qGNJr1u62*-4O{Xy0y85t4Mkbi#`7Y8gVcXf5Gmc?UYU}DZL zE>gp!*1tZXBrX=3iSNmUih(!lbQ3^HU=;&CzBbTZVEW%brZYKKs1t~NU-Sp?e8|&( zR0scw><2YB3!VVi-T(RI9oN6(14U0W3>(bC!uY38tdlUQ70qRZ$Q`z-iv;3k`Z3Va zmAsOOh43n`pzs!!*Z*S)`M>tp|N51jj(>0A!UC?Q_sPH@U57zy_(!f4 zAUrT0$_y?D{P)x9?tS_4B|D+;6kaM7A}EWH;aFNSm1$Ze?1P#gZ96?M-QSgFB#F_ok?*=qKW?{>!KR@8#eBtWf`dEZ+P0$!lr`fYkVxg+;7G zYDt29c#{axz?Z&0tF1&}?h;MI*5_b^Q8O*Oj+Wc7VJ^Ze-WKwITQC0qU+srSgAU|s zf#<3b3X{kTF@o)W>Fs@|npd#XM;dPXZ`;VvfHU%}(fw{90kf#OdNkqezYT-M7ok9V z{rlw!R5N`t=RC);;6@Z%nL8)urn^7 zLem}D#P^7vf^BCKeh*EXed z7v{(&Xk_C*XDg&_!CRo<;i>z!5PrmW;SJcS9#F9(GLj&t1|#uTjEuS(aayPQMzdXf ze0&fNe{CjT)jW&6DmpzfUq}YV%gqR2p&nt4`Y|9zW-vcSnr)~)_+ge zj54bQBGZPW6$VNwsuy40lM{k~@b^k9E7c$Xe}2FyBj~mXDl6lGlh5$z`@otB)Sw_J zPs_j{1dpFuI{Mxr2}>}AgVJMoJZ-J5{ou~&C@H-m*%AUZ#?nW+dU_PqwY5WOp?s2+ z)6NX_FjOckoIYS2i$63m5qFzOdwl6wvtTse3Ct}mIr&~Ji#|Fis)T@_HHJ^Q9kmH2 zibqH&?uC9M72-oU$m)Sp3ua|yeGnocyt_Lj7cNbm2GVCofIa&Ai5IA9;jO}1$HT!9 zga>YE^DKIYJD@(PFP>Wn7$@0HhiQpfUtT>tIvNCYQVI?fr^`7;{ws4}J09}9j7jV^ zGif8~mUL@*PYPrQWfC5Ly!}A^sk^&-nfW)?z^^o|xVHRSX&aEkB*MDb5=h~VG#Z-J z-^V$B#ACmL2bR$fuO6&M01q2m0PL^2ZQHMvckC9ot`2r>;#HP5J{k-r?W(5@4Gru- z)9Ad_bj1W{fPb#6NS>c=dN2k=MMMZgMK=uML`Oh2@~244#{E_)-xEC@YMe^sa8Q3Z z+t;;FEa)n~Ho*_$3dEe|gnu??l0d9g2B;ONI}nwT!^6XYyN;6rpc+jnCnrY?)C_m| zT-6(kdg$gM)5?LT$nJVzz0#j@soZiZcG~^eqO?*51Hhrp>R+VvOiZKa=1XK|8bEW9 z0!zXDpA5RP%gQ2PAlC%=Zg;=j4}CA0!CEUwO-cE_vXYAzB-Mq5cYzrvEGmisw&gXn z+d*R>3>enWFjWgwhalY%1=uMAlD?R`Mes?Yphg3FOoNRT5Waz&{bbP^qe}uHFSdBoE{fH^}(nnRM&mcwZ*rG*1T6gm^^K==auEGH{BjoF`U4 z<3qSpc@KVg38x=l=Q1CE3L~LeAowP4Xqc&SthsioEieBRS^EQ;Z5(U`0|TnNJWlU{ zBYe5Ab|V#b>|^gLt?3`biuuo9zr@ZD`#k)__YY~PsRw~#Pyo7(gUm*<+H{+^6!7w4 z4{ucK&xEw_E^zLR9ZucR+cYv8uHW6YTLCX@zcwBQShy%$!C0eF=jFojj#&UwbAai4 z7u-mgXj%%KP+~62J5Y;su6-JzUaW2(SP2;a+fqKVq!|BrnwRN41n}hTRVj zLd)ZGbLll9#hQXpnJ!PeTLfu+!pZ3=9Su!KzSCIIv#jFchnk;W`k$49@?k(=U>ZCW z?6AX+T4@9Qz!UMMt1D18iBHC~JQh+gF}I`L6z~nmdj|bX2s|G9Pe*t zO;|N1K%g=Pj?JIT%MuVsQovODAu;R;;Bef~c3vy#5YHPKw5XgCMZ8xqDQ_%L3nORy zsCKPgU7!D1gKG>h63R$ONPxi&%F4-Qf!anGoQJ8`zY+}B^-Dr6$~9%c;O?oZsll_p z5B~*B8d-d9NAF==rQBpl^nAhW=3j#Xnwgb>v@54zOh;qja*>PAI6FNag0X8Eru$*` zd!^C#a&SFbR`nvtZNgC+fSGeiC=x0TnswLap^_cMmE#e>;yA@z*vEP+$L3_yQ6 z|M^Kc&|nC|C08yr>vkWleX)-bk3U-TgD*!jE`KCSn8tJ+U~PfjWRMb+g-2)ZDCQ^+ zrwCnvIFi&^0<{ZNhxr5NykQ%L!XV&m0(KSg;e(#yA&Bo5=+?(V6nSc3U~n{s1-}Q} zY(#v#xlK%Zs)o)ato_J9!lC!k$Ny=Hd_VB7N|CwkDkO|C>(mH?jxUIVl%sp-FMaO& z`ZaaN{kWiM75Y#a(0Pi+OJjkg#BQ~qau7H^a)3;X9SZ2jplqU3W9L6NKi}Ec7m9Gx zgwKDBj8ude2SuU}FgQGgRg8OBSXj}|DHPf`c*O@B&2YsjoEb; zLnl-Cng}J*^ZmjU{^VHb@8MgC$GS!D6Fik!kMpn_qlX_pgLlX1VMuSU=l9S zKC7yV2E`fV#Igg?)!q(B0Cu*tctM*b#bbSCB+m|}O9$onPlfsT_;%Y#tfKG8t?6sg z$~iezH89LUXjy_A+6C$~$XDXNw6*!@zFxqGu@bCfZ$DaQ=1|DKO@P?hZhKBdv)YCV ziN3iic}t~zd}&~s1CSl;@}>u2yC6Xf9_|3-A^zg~3n0*3#9md*Ret#^@n1i+48P`R z2K=i1ht8MmKo}bfhYUVVYqu(d@E7shv=RK0)oWn~_8AQ@Nf!Ud1Y3KJSW;bNb{yEW{% zy&+3OMWq1p-H;5p-0pzfEE!an2Oy6jvD5ip_3A#5PAY(-9FU}pR}LZNl>}d%;<8cg z3uNFcJUc3iih>&(8@o+c$OsveZdm~r?Qo5~*%A2WKbzMGkZLpovP;cL3qx=k5eW$p z&>+jE2J5hKbj*SoE?+-s{#TR`LqRp@&&E_7f@uvJvmf>CLlT4J1d#eheOtiQ=Z}hv zL>_?&d{CKT5Ak`q%h9v9pKeGGDDW@brgY4#_HU=d<@45QgJ!lT?Y zqkIjxI5@^2zqi|pD+i(1Fkv4efg=VM7MHU$v7{v&_2J~eH3;xi#)2wOBGn-)U1e3+ zf#CJ8sKrbZw!88vxrCIyJha;V^k@LNgmX9G@<0!thfo|gIW@I9Ntu_QPf3vq6_GsH z3l$Ab+%7NGBwp^_#@yV1?-dqOppXTz*RqdB%Ve}T>ZNbX=o3#6-MEnb0VlRI4>X5(T+UI+5#Z7_>@$Xd`) zfEA!no}QjiSYv=rd#R}JuxU9IQ~k#5Ro1f?q3-Z)JUhaKe5nl>4j)?ocnSn$t?ALi z-b^|*KOpB60Rd5nn?Tq1=U6;LF$GdBkXh!ecD=~5R|??=6q>x?v4L>X4R!DWi@gbf za5jKpj-K8cRMboL0$!UxdGbUkZ6MiVq5>huLxd+G$etd4F`y z4yT0-Ae0vHIkyN1d=akwHGQ)+uH!y;DDj#S-^)nKm!Sdf`g7iK`M<9y8$MZzDeidasGH492Ts8%IoSD zlI5Hu{Ey%`!@|SwpWdn9{#Fmg2_UhH-p?6-B2~$qJJNte?ylq&eem@aOL!s~c>r*& zICc2QGKKz4A;*2V06FjwoU7Ovvmro1NCaio(v?A&@=XSCKL)bSZqk=O;ZoBPFLboG zE|uiAM})mx(*{XT5Xc*vtL}@Y##-n?`UUPm5wu2@es+cnr<3p)ZA@0%%{E^y)uX1O z8VHx;lVFVrg4Zqx`%=n~79(jLWQlESh53It9QpH<>FH@{vxgK@RP#(=(71=#TB3ha zf1;l)5cZhTzs-~1lJH0xwxkOP3L18lP|6$Gg%~0axd6%fw29yNvBp}BT3qodlJ2SL zzV?B+%*$wK?5luQajVj*osN1!4n7FkUiWuHvv{*R1%>KqiMKc!3)wjXUa$9^j;KA$ zfK2Bjn1~b<7g$i)3_$fQhIn8|mBQynX2!}xI{}NrxPF}yc@|EF=n%@{l&z3L44g_DsL4C;^l%{&9FCO<@V*U~ z8p*-^KO|0LAr5|LV{1#t!xInGJc32_d&I9@T(pKs+Hc1uBp)9iD?NSsrpcrGD9HXC zAh9eYfWRZ~92prg&S1F>8Ji;18Gn|Ce1Tg0T6oQe7-U+rOs@^&_x`?BnN|=>vxGj- z2>x7KlLm@(B&k=-Q!Q8mGVj|TmzM_8*nwHu#@;@os_M}SfaCC5HSdIqkJ|zm)rzuuxj`SVJ)Z`YXsWhRe;=0)m4rc6Zo~lNV|1Ty#13P7$|D#CS?I{gQ<^?yw&DV_ z$jY};nqWc}Ptb~5r{<=?As0YY3r)Hr8DY74dtq@=QBd%rPL=grfTaDuY+W7$Lxv+9 zR$J?mMni5pe~l9gPr#2&cX@3$8xkMe2aviSynxivvMgw^m4T5l1Jt*Ml;n6tfWJ8l zpcZ!Z%k}P2SIMR6wEc9j2yTDr_9#;#(b8=*83Ea5)vuE zLl)o;Z39sk%xDt1{$Y1cE?sDf@dEv=%!WQiDvZY;0RXiGZew7EoD*+oyu`w?4ps=_ zGUbwFp`D0Bm004YXUX$6rN&6Mdw5v+`zHfTUhvXoHVa=xuPCy^i`(0YVKZ6@!ZTmG z*_dPBr{3KTvmh~01QFMdvv4Jr%=b?^A&0XkhRs(`Uq9|{UxaNil>xh|T6eHfexdrO zQ2*FMhQ(I4j6`)sQKer0i%Oy_MM?4?)aD7L{J8OI231-r5ahlEa@G~f0tnbyAb-sH zEp2e}$ozpWLW5yDPn6fS*v_UJ)e~$Y>BfoJ)2Hg~pb-P9J(jT9Otw@VR9j=t3gtI#g%j zF2~{`rMPyal!Xfk@Xnxsk*l1v!7Mi&34n}U#b{VQ^&LLTlP7UdnI|XVq{1br1VQ~8 z3p~1zg5-A^tjwTjX=xEKqI`fGkI~=g3p_ofk{&M67X#bQfMkD+h}P%J3AYNPze%=; z7<5f>`ug1~%3Pt(ClkWw45tREhvBFP`1_|o*+3XnISsU|%W+l>DbVN*!0Eds zHAj@^qDXsRVd%ITNp{N3AbATSh4SchwS3jHnwR52a7h&A)uf@; z%{`+|T$EE|F2RGaPdULU%wV~3H!iZ3O*tx~I5gO8Qz9iucuyy)&F>JY$gOIiCJi|` zIWYzf`Wu$?S3UH5`AR4g1yhpYym4qoWrT>ms$_$`4Lp2&5zx5F0F-11qC6645I+c+ zlv(i!6#swt)s&U}h>Pf;7|h7drUjRo1vI@x>o#?e2zd3K`rTy)>2gTNjlo&%f}-RA zU`Z=MJQ|G#{Sg+opFj`y{vhu!#EroS(;Yyj2H=Ne)+Z{9hT3xW2;P?HPfR+Mi}_lt z8OqrLrn?t_KQ!)FHA;IQdjNq50ig%n=kY)UozgBqag*u{nN-`vPj2=EtGOf*u4Fv# z>g!k6DN!Y|!0(F>ODiaOhPD`@XSp^vJ?SLK%=tnK{;&uXbN0^HBcRlL^{Rv~h4t6T zy$q*d#I|D;qb%xsz@iJfj3jwYdO0hViB`ik0YvXUN}FN8!*B-qpQW6v#KEFpNaY7J zS?u4nn#S#2Z0BNZ!-XWPE>HEsVwfU0oR!Ii{QUg%Ux_Xuz-(*`$rsQvse|vQa&&Y= zkS1&nU2H~w$1xp84vhvVXJcW^OD2&ghVS6VC1L=7g8~2UOn=PA77l#IB3@UpEO%vN zGqyqSX3)3}2$5phO>htgW3NjFpC%LksHEw4rg`Z&(C?Cl6?RR74g~RJ0V$j~i>aEA zdmB?yQOwV%DW*!C;2?T+IM~knt2AU*XskKyDT+3Mbny}ZoLM@x4oC@x;JSW(pi)|} zDWL!Lm3~h&_zk;|kAjE!+eDlyYHKEO7NnFD~G{OR+IvpK!@(Me{+prnhY%_7qDaBY^Y>{rbL)$Z@S zSAcR4gp~an4i`zF@`PjZ#gY|R1;^4Qi5J_ zwpf%r&WhS{F`6K8tF-T+~;0ox7ib7nY ziIL7s^3|A&w^TkHB;o(U9S{XZ$ku6Ki3#9gsuPr<@jeC9{U8+X(7De!uCl%M{wh`j~+z>Lzxgl z;pXXi5i!y!P+$;Eim@3+42@#yjWE2+th0S`p?6SdYbA_zQ#l|6$XEt{8Gu zT7X;t0tR;;aYpPZ&ZXyq;8mb!VyMIa2%a--+VH$YeNaVw*yjkR(Ex5h2v;Vn*@Evr ziR6Pb@p$v}7yo$*+`giOgn#EMj9LwMTJT~$VGGq}>HzQYJ~1)m1_@_!cJ@{1RU^uq z*8m4VxNd;=r&e{%soaE}81)%^P9U<*1Z`f(0+H#05@@CaB7FrRni!_o_8t=pB1}2g z883v!G|=@5=8XtahtGag(`^FswG_pi>ydJZ1r>3^$Dj5g+`E9jyn+;_WoCv9bZnu} z@&?t^goQ_mrysFVfPTM%nh^DQK9oNM{ILE=u1Xa|%Jxt)E7b>PZSbV`Z zp-)m082}a1x>@7fltn(4Xb-W6H#kq$O8XR(_}q*UjLl@g&kqTI&JgM)3RL6RlRian z2Nme=Z%iT3-#;~ihufICRy(daz|oeq>zou6&a*xQ0HS4lv-JzSJESl-(#XKLw!>|^ z*bluRD6C`b{~j^gG}XKe7y*c~tpB5moGc(|f%Zo#)M4>84(p~0o5Ush$XP^e#2;G; zgAIo;V2rR_Q-|iAXd1bXpa8O*R)4%vOWkJu^Pk5Vu1A#d@c!ErFeQx%kMrYarc*T> z&^{VowrPN8T(eqOn_X8onQwNbWL|;@PEYb)lj^bH>xHi$5nNLd3N0i*-vxSlqydw_ z>rx>yKN4!PR1Zh_JuuZJfbJvfwx8Y9B4kx^@M3AeLxv{~U?VY+jfy&~aCIb*xj`Iy zO-I|ez!oA(a-0CF$OO1!tlD2mK|!Fctxa@{`M-`z8|8<+rTxr!GUya6Wkl(w0-Ca% zG_v5drvw%PPGUMJZH6RJol%C z7;M;lBoGx12;?9XXRv%Hi+Hdj&_^VBFr@B?TcA3z)F}d-_WrQD)hilqLf3i>7mTzk z?9NUO(YrMN4wkVm0`reJY#i^?byOCmAy;X6@qS63`LHd9SM#|0K zuVj}nwZciGG*n{DQS?`HiLWN8oh6m=pZ3gs2qENVY62bz?FjiIA z^;dx5-?8JJ_=~cm#dtFBL%+M+@Qf8!w%0O(WWs)b`Q77hf>r&s=MAo%KWK@iLlUc5 zVIFf<4p>&8Xeg-+uwwxRTHv7raX{^vn+Pc>X&In6xBbBpm$6SH(~C!(T=<~zz(KPJ zSz6EbT6&OcLzwPA2TOw?lLc1H)1X0v8)kX09VyyR|BU5;gP^uIv9jdJi6>j*_@7H^ zuLD-*GGHKglNJCku~gDQTKbyDR{who_p#xu`KrRt7+FI@YM7t#gMhsJ40%b`ptgRU zh!qVR8yiT2c^giCOMO|eL8QzOJ~Ai+MktUV8ri-I`Qy^Wq%xS*SbQ|Z!9^zrMNz&P zapr%1e?IBtuoEC~%*^7YKZtqhMyfJ@YXnL!`amxNeZl+e-1=8Xue)NuZvEZ|~Jh${1+Q;I+T zIHb}jR*ZDMPj%`n>n2I#Y_k1SbK@oYW$vfWr<*WEnF{IPiU%_jQzktBA#fbV;s2LU z503tSn!DC`DAPXtIJ6?IB*j)nvC3|dRB9sG&CsS4n~IX?KwFf^5M>>roKxD?RyNw! zhENnujZv$EjL2epy0k)^hgI6q zx;NpkX`uCsN#sWl9yY(`&ix+ednbpM<^74cq6}FCGK)Snw8{&O$8O~|joFRGa5h78 zu6n7)L$L@_oYS!4dls#dytBKJZc532j7zz_HAMrTn%&2>(MvXooa2#R)_F1C+MV-L zQtk3#nYHafxxh2?u_Qaa%$FQ|t~PgLW*~ZE0@~(I{O{LKQ;oN*(PFI%;9HvfJxf>g z8;FN|$N9Rn)?AGgp)zWa_jrTVxqGLgG;Q^K>aGUG0$EByhNHotfQbO;1s}Oaz@Zi> z@*TAQWw5@~S!-z1jl!Vs${!l3+`QiZWcf3~%| zeeUhA8;KKk1)-!J|DYZ6l8cy*9SwdwgspiF=T0*uDVwIx~>AN zm8dX)aVzhBG;a_PcqQeMYSO@^=E+BYtM2JCjn3>Gp_0whSw^&~TG5kS+uyBMuO!Xnyuw=wYPaR$dv!kC*r6nx&|55E ztDUIsPRlBpR(e~!5_FSIDxM`6n_6x=zj)%|Pqs+!W+er7x2>{g|C{C!kH6_N+nsHH z&3cKm4{uYK=c;q8luYYs@)E1nW6M*&b%t3XoxwqtN=|@HxHz3yib0xOO!ESh9tML+ znVAzj^XeL%ES>MUM4l(Y#Dw?6tby4y@Q>xS-F>35avOOzl?j)Qn zH>zT_lK#sc8e%II;;$~;_bMF5)jZn45c z8X4?zm?E|x8js_GL1(&o^$Up}oxXE?Z%+xEK27q7DBMy#%mp zw0>vL9t#2;ho&z<{TYfXd>W{-Kd#>&0U|z>(SREk0E%dY{t`Hk3`4%yFd$b4gVSD- zssgklnEh;1?jCivS35B}*Y?(m&04@vYay2>cX#)*YSftl!c+qCQ-|C!`2I~P z9Nxf_Zts0VW|*T(!|(|PPZ6I9@HBxKO?J$fZD@EQw=IH~WH=0{o1qypb92)jdH=?G zf-=dis9^;cGl=GkVbD#&<4l?{9;iFOMOX3|qP2h%Bju~~w;?HzwiM>e$Iwp|6c>+s za>-hbA&*eN8t6gq0vw%(x|+U&>VBvP#EGiuaIXsF88j?b=Zw`+F@i>xp%(K!2AB&) z&OFanOGUML1u3PP3m2+F#}jt>^5v0*whtW~)~!>1d86f1@*YAbYJvC-;_j%N2AAQ# z?-|D=@p#inER2?Lot@p$(~f@fcx)wzUBIJ?9p*&C1J!v4X5qb4n23y29A>}diw`ewkTSl@&-UwLTxbx@Fj|?F2*g83BLIu&awf35u z3dp8-h{ZxeWTls;mWFg)mv=JNNU?Lz%}oz|^*_&%r$}6!mH``^v4JhhHw( z*I1x)-35Bnic8k4;a6Z8NCxS-SDAgPSkH#{h=h2O2Qy6vX2IWBfT7=sTngb>^kRrlt#XM zch2~PVYF2bs;W*;QZPST<&pPn^3bazqT1G6g&)~EvM9;*rIO0aZD!6yZ=miC36F3- zX>J%)5#y7)C@M;(CgEL;9UZBn0HgxaoZ{Yoz3tzly-h;JOU8U0IDtNhpQWX#S>RfS zA@4k*r>}nxV1vPTm2)6fun^_jrymuMDiC@n@K^+FKvA1yce$yn%VCx~jGZBw@8ySu zhEmk?%;O2a>$~|~RTU6>e@ut9vnNp@hB-nWM?b8uuK}DJ3WQ&^zP^5Z{Y_jBK_n2} zbqm^ILTm66mD26TF_zZW7NBzg;Vafb4Ax$qr3H~(aCgf+7gQ5NgUCmS0l%r-%+AhU zW8`c5xwf_wke9^}kwTZS?$R7sFwrh+$a^=mc>qT7==Vb`U!phaH_JdjN~dkV_Ja~C zUVf(wKvD9_rDd{sUn7HB%_MDOmNbw;^F4dg1pL09o^sJqU=_ysEzy z2hS{khVn=hg)&OUf!NdJjDeyzj9*2py8cOb$@DXPtX2|Ep!vx{6NjUoG_jim-^nl> zVK7Z9r;VoS$2p&}7Vk?EbU}5!9M|mR9qg>o#SRv*l`>)j)`HsFsYqv1NvjUZfz-#* z#7%ftUwL^gfXI6(tyol_kX~?#Re(L=aiP_B0TB_U_XZWV7MuMUCg@{+LPEmMo<&Ag z`{iv18v~J#c5$380Xhd0b@(RSd{1o>>flAov-i zS(F2akAb2YfXT?^T-_{S2q6L+NF)}ax6%^i| zH}F}2(Ly-MW-zdY80Iw;?oD9E2T>Mea=V+^1|b0_Po4~++k*KrL+(Y%VnE>^*1GXJ zs|%qDi~aG(<0$v1;tjdRZl0>5syYUlkq0#w{2hyMs~F7Di^BQjMR(%FiA*4CoAbTo zm-@WCOQMc;_Zr%4R5ZE|N(vr`a{=WlK@Z5#YUH>O{&FGM3N#Q=;l171;f-D4|eFWCU^&b9(< zR0Mc8h|p6+=R2rVGItbD4%qM(iWO(n;Q&{1FIlR$!P<^!Ojq`^VzP;)SizWl$pKTZ)8Vx!>1hz>*lHxdS^KE~1a^V8~ zuB@s`+s~X}E1#=38Bt-WK;rjI^|gGXS+k_hrvJ!_eRe7B#xoMr?$J;Ezx*IjB=`Jf WlFz;%?==kmtu$Y=BI7Hkp#K0Kw2$@x literal 0 HcmV?d00001 From 2a212836412cc5a4831c442062d03d711922f1f9 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 23:46:59 +0100 Subject: [PATCH 1231/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.13.4 (#3145) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e29eb6fb..c932235e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.13.3 +appVersion: v2.13.4 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.21 +version: 7.7.22 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: remove required function in $cluster_key from clusterCredentials + - kind: changed + description: Bump argo-cd to v2.13.4 From c9e59be22ff60c8505b728c9d9916dd91194fc63 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 31 Jan 2025 10:51:42 +0900 Subject: [PATCH 1232/1248] chore(deps): update actions/create-github-app-token action to v1.11.2 (#3147) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 087e124d..450330ba 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1 + uses: actions/create-github-app-token@136412a57a7081aa63c935a2cc2918f76c34f514 # v1.11.2 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 4cfcbc2e26f30c164c966bcf71d266dbcdc2ac26 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Fri, 31 Jan 2025 01:54:40 +0000 Subject: [PATCH 1233/1248] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.8.0 (#3146) * chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.8.0 Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> * chore: Sync CRDs from upstream release Signed-off-by: Marco Maurer * chore: Bump minor chart version Signed-off-by: Marco Maurer --------- Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Signed-off-by: Marco Maurer Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: Marco Maurer Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 10 ++-- .../templates/crds/analysis-run-crd.yaml | 29 +++++++++- .../templates/crds/analysis-template-crd.yaml | 26 ++++++++- .../crds/cluster-analysis-template-crd.yaml | 26 ++++++++- .../templates/crds/experiment-crd.yaml | 2 +- .../templates/crds/rollout-crd.yaml | 55 ++++++++++++++++++- 6 files changed, 137 insertions(+), 11 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 757a6329..a9ed74ee 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.2 +appVersion: v1.8.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.38.2 +version: 2.39.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,7 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add lifecycle settings for controller - - kind: added - description: Add terminationGracePeriodSeconds for controller + - kind: changed + description: Bump argo-rollouts to v1.8.0 diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index d79c3608..d723b248 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -108,6 +108,11 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + consecutiveSuccessLimit: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true count: anyOf: - type: integer @@ -217,6 +222,13 @@ spec: type: object query: type: string + secretRef: + properties: + name: + type: string + namespaced: + type: boolean + type: object type: object graphite: properties: @@ -3025,6 +3037,9 @@ spec: type: string query: type: string + timeout: + format: int64 + type: integer required: - query type: object @@ -3076,6 +3091,15 @@ spec: type: boolean query: type: string + rangeQuery: + properties: + end: + type: string + start: + type: string + step: + type: string + type: object timeout: format: int64 type: integer @@ -3210,6 +3234,9 @@ spec: consecutiveError: format: int32 type: integer + consecutiveSuccess: + format: int32 + type: integer count: format: int32 type: integer diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 3c46bbad..b0f34229 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -104,6 +104,11 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + consecutiveSuccessLimit: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true count: anyOf: - type: integer @@ -213,6 +218,13 @@ spec: type: object query: type: string + secretRef: + properties: + name: + type: string + namespaced: + type: boolean + type: object type: object graphite: properties: @@ -3021,6 +3033,9 @@ spec: type: string query: type: string + timeout: + format: int64 + type: integer required: - query type: object @@ -3072,6 +3087,15 @@ spec: type: boolean query: type: string + rangeQuery: + properties: + end: + type: string + start: + type: string + step: + type: string + type: object timeout: format: int64 type: integer diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index b7b07c2e..e8a9a6d4 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -104,6 +104,11 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + consecutiveSuccessLimit: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true count: anyOf: - type: integer @@ -213,6 +218,13 @@ spec: type: object query: type: string + secretRef: + properties: + name: + type: string + namespaced: + type: boolean + type: object type: object graphite: properties: @@ -3021,6 +3033,9 @@ spec: type: string query: type: string + timeout: + format: int64 + type: integer required: - query type: object @@ -3072,6 +3087,15 @@ spec: type: boolean query: type: string + rangeQuery: + properties: + end: + type: string + start: + type: string + step: + type: string + type: object timeout: format: int64 type: integer diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 2f2ea2dc..58c0e72e 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index a22a9364..a883137d 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -672,6 +672,16 @@ spec: - type: string x-kubernetes-int-or-string: true type: object + plugin: + properties: + config: + type: object + x-kubernetes-preserve-unknown-fields: true + name: + type: string + required: + - name + type: object setCanaryScale: properties: matchTrafficWeight: @@ -944,6 +954,10 @@ spec: type: object annotationPrefix: type: string + canaryIngressAnnotations: + additionalProperties: + type: string + type: object stableIngress: type: string stableIngresses: @@ -3727,6 +3741,45 @@ spec: type: object stablePingPong: type: string + stepPluginStatuses: + items: + properties: + backoff: + type: string + disabled: + type: boolean + executions: + format: int32 + type: integer + finishedAt: + format: date-time + type: string + index: + format: int32 + type: integer + message: + type: string + name: + type: string + operation: + type: string + phase: + type: string + startedAt: + format: date-time + type: string + status: + type: object + x-kubernetes-preserve-unknown-fields: true + updatedAt: + format: date-time + type: string + required: + - index + - name + - operation + type: object + type: array weights: properties: additional: From 2602b7a364eb5e24db9be041da24810681e764d5 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 1 Feb 2025 14:56:35 +0900 Subject: [PATCH 1234/1248] chore(deps): update ghcr.io/renovatebot/renovate docker tag to v39.153.2 (#3149) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 450330ba..e9cc0a19 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -30,7 +30,7 @@ jobs: with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 39.86.4 + renovate-version: 39.153.2 token: '${{ steps.get_token.outputs.token }}' mount-docker-socket: true env: From 55d2330df6ec86995d7a259d63ddfea956fc874e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Feb 2025 09:35:20 -0600 Subject: [PATCH 1235/1248] chore(deps): bump the dependencies group with 2 updates (#3150) --- .github/workflows/lint-and-test.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index f8f9fe02..c719d45d 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 with: python-version: 3.9 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e9a10387..194c864e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5 + uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 with: sarif_file: results.sarif From ffacdd45f9468a574f3215a31316f76d65f4c46a Mon Sep 17 00:00:00 2001 From: iwin1203 Date: Mon, 3 Feb 2025 18:39:13 +0900 Subject: [PATCH 1236/1248] chore(argo-cd): Fix typo on README (#3153) fix typo in argocd chart readme Signed-off-by: Ganzidaeyong --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/README.md.gotmpl | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c932235e..54f47290 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.4 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.22 +version: 7.7.23 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.13.4 + - kind: fixed + description: Fixed typo in README diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3a4a2560..bc557cd1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -312,7 +312,7 @@ This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr Upstream steps in the [FAQ] are not enough, since we chose a different approach. (We use a Kubernetes Job with [Chart Hooks] to create the auth secret `argocd-redis`.) -Steps to roteate the secret when using the helm chart (bold step is additional to upstream): +Steps to rotate the secret when using the helm chart (bold step is additional to upstream): * Delete `argocd-redis` secret in the namespace where Argo CD is installed. ```bash kubectl delete secret argocd-redis -n diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 0520c40f..4e0f1ab5 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -312,7 +312,7 @@ This version introduces authentication for Redis to mitigate GHSA-9766-5277-j5hr Upstream steps in the [FAQ] are not enough, since we chose a different approach. (We use a Kubernetes Job with [Chart Hooks] to create the auth secret `argocd-redis`.) -Steps to roteate the secret when using the helm chart (bold step is additional to upstream): +Steps to rotate the secret when using the helm chart (bold step is additional to upstream): * Delete `argocd-redis` secret in the namespace where Argo CD is installed. ```bash kubectl delete secret argocd-redis -n From 6b1ea92acba9d15f423cc03efc4d7a18dee6f9b5 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 3 Feb 2025 13:25:53 +0100 Subject: [PATCH 1237/1248] chore(deps): update renovatebot/github-action action to v41.0.12 (#3151) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index e9cc0a19..87c2afac 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@d385c88822a237acaead89c462fa0aef7502748f # v41.0.11 + uses: renovatebot/github-action@9ad1a8e771c002ece340d1ff028fae4503fe041b # v41.0.12 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From f30bcd682d92023c4631cbb44fe233d9d5310275 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Tue, 4 Feb 2025 00:43:31 -0600 Subject: [PATCH 1238/1248] chore(deps): update actions/create-github-app-token action to v1.11.3 (#3156) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 87c2afac..b27a99ac 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@136412a57a7081aa63c935a2cc2918f76c34f514 # v1.11.2 + uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From c77cb712e078abbce1e015000a6057481580e3f8 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Tue, 4 Feb 2025 12:25:53 +0100 Subject: [PATCH 1239/1248] feat(argo-cd): Update to Argo CD 2.14 (#3155) * feat(argo-cd): Update to Argo CD 2.14 Signed-off-by: Marco Maurer * fix: Add more customization options to commit-server Signed-off-by: Marco Maurer * fix: Bump appVersion to v2.14.1 Signed-off-by: Marco Maurer * fix: Add 'resources' to commit-server Signed-off-by: Marco Maurer * chore: Drop commitServer.service.type Signed-off-by: Marco Maurer * fix: Add ability to disable the commit-server Signed-off-by: Marco Maurer * chore: Drop commitServer.replicas since there are no upstream docs Signed-off-by: Marco Maurer * feat: Allow adding extraVolume and mounts Signed-off-by: Marco Maurer * chore: Disable commit-server by default Signed-off-by: Marco Maurer * feat: Dedicated metrics service with basic customization options Signed-off-by: Marco Maurer --------- Signed-off-by: Marco Maurer --- charts/argo-cd/Chart.yaml | 8 +- charts/argo-cd/README.md | 63 +- charts/argo-cd/README.md.gotmpl | 18 +- .../argo-cd/ci/with-commit-server-values.yaml | 3 + charts/argo-cd/templates/_helpers.tpl | 18 + .../deployment.yaml | 24 + .../statefulset.yaml | 30 + .../argocd-applicationset/deployment.yaml | 12 + .../argocd-commit-server/deployment.yaml | 238 ++++ .../argocd-commit-server/metrics.yaml | 35 + .../argocd-commit-server/networkpolicy.yaml | 25 + .../argocd-commit-server/service.yaml | 26 + .../argocd-commit-server/serviceaccount.yaml | 19 + .../argocd-repo-server/deployment.yaml | 6 + .../templates/argocd-server/deployment.yaml | 6 + .../templates/crds/crd-application.yaml | 387 ++++++ .../templates/crds/crd-applicationset.yaml | 1163 +++++++++++++++++ charts/argo-cd/values.yaml | 183 ++- 18 files changed, 2257 insertions(+), 7 deletions(-) create mode 100644 charts/argo-cd/ci/with-commit-server-values.yaml create mode 100644 charts/argo-cd/templates/argocd-commit-server/deployment.yaml create mode 100644 charts/argo-cd/templates/argocd-commit-server/metrics.yaml create mode 100644 charts/argo-cd/templates/argocd-commit-server/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/argocd-commit-server/service.yaml create mode 100644 charts/argo-cd/templates/argocd-commit-server/serviceaccount.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 54f47290..869e9e41 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.13.4 +appVersion: v2.14.1 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.23 +version: 7.8.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixed typo in README + - kind: changed + description: Bump argo-cd to v2.14.1 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bc557cd1..f1140f1f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -708,7 +708,7 @@ NAME: my-release | global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` | | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | -| global.nodeSelector | object | `{}` | Default node selector for all components | +| global.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Default node selector for all components | | global.podAnnotations | object | `{}` | Annotations for the all deployed pods | | global.podLabels | object | `{}` | Labels for the all deployed pods | | global.priorityClassName | string | `""` | Default priority class for all components | @@ -1621,6 +1621,65 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | +## Commit server (Manifest Hydrator) + +The Argo CD Commit Server provides push access to git repositories for hydrated manifests. + +To read more about this component, please read [Argo CD Manifest Hydrator] and [Manifest Hydrator]. + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commitServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | +| commitServer.automountServiceAccountToken | bool | `false` | Automount API credentials for the Service Account into the pod. | +| commitServer.containerSecurityContext | object | See [values.yaml] | commit server container-level security context | +| commitServer.deploymentAnnotations | object | `{}` | Annotations to be added to commit server Deployment | +| commitServer.deploymentStrategy | object | `{}` | Deployment strategy to be added to the commit server Deployment | +| commitServer.dnsConfig | object | `{}` | [DNS configuration] | +| commitServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for commit server pods | +| commitServer.enabled | bool | `false` | Enable commit server | +| commitServer.extraArgs | list | `[]` | commit server command line flags | +| commitServer.extraEnv | list | `[]` | Environment variables to pass to the commit server | +| commitServer.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the commit server | +| commitServer.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | +| commitServer.extraVolumes | list | `[]` | List of extra volumes to add | +| commitServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the commit server | +| commitServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the commit server | +| commitServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the commit server | +| commitServer.livenessProbe.enabled | bool | `true` | Enable Kubernetes liveness probe for commit server | +| commitServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| commitServer.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | +| commitServer.livenessProbe.periodSeconds | int | `30` | How often (in seconds) to perform the [probe] | +| commitServer.livenessProbe.timeoutSeconds | int | `5` | Number of seconds after which the [probe] times out | +| commitServer.metrics.enabled | bool | `false` | Enables prometheus metrics server | +| commitServer.metrics.service.annotations | object | `{}` | Metrics service annotations | +| commitServer.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | +| commitServer.metrics.service.labels | object | `{}` | Metrics service labels | +| commitServer.metrics.service.portName | string | `"metrics"` | Metrics service port name | +| commitServer.metrics.service.servicePort | int | `8087` | Metrics service port | +| commitServer.metrics.service.type | string | `"ClusterIP"` | Metrics service type | +| commitServer.name | string | `"commit-server"` | Commit server name | +| commitServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | +| commitServer.podAnnotations | object | `{}` | Annotations for the commit server pods | +| commitServer.podLabels | object | `{}` | Labels for the commit server pods | +| commitServer.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the commit server pods | +| commitServer.readinessProbe.enabled | bool | `true` | Enable Kubernetes liveness probe for commit server | +| commitServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| commitServer.readinessProbe.initialDelaySeconds | int | `5` | Number of seconds after the container has started before [probe] is initiated | +| commitServer.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| commitServer.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| commitServer.resources | object | `{}` | Resource limits and requests for the commit server pods. | +| commitServer.runtimeClassName | string | `""` (defaults to global.runtimeClassName) | Runtime class name for the commit server | +| commitServer.service.annotations | object | `{}` | commit server service annotations | +| commitServer.service.labels | object | `{}` | commit server service labels | +| commitServer.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| commitServer.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| commitServer.serviceAccount.create | bool | `true` | Create commit server service account | +| commitServer.serviceAccount.labels | object | `{}` | Labels applied to created service account | +| commitServer.serviceAccount.name | string | `"argocd-commit-server"` | commit server service account name | +| commitServer.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | +| commitServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| commitServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the commit server | + ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) @@ -1653,3 +1712,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace [Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice [Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer +[Argo CD Manifest Hydrator]: https://argo-cd.readthedocs.io/en/stable/proposals/manifest-hydrator/ +[Manifest Hydrator]: https://github.com/argoproj/argo-cd/blob/master/docs/proposals/manifest-hydrator.md diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 4e0f1ab5..d2862792 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -672,7 +672,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if not (or (hasPrefix "global" .Key) (hasPrefix "configs" .Key) (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) ) }} + {{- if not (or (hasPrefix "global" .Key) (hasPrefix "configs" .Key) (hasPrefix "controller" .Key) (hasPrefix "repoServer" .Key) (hasPrefix "server" .Key) (hasPrefix "applicationSet" .Key) (hasPrefix "notifications" .Key) (hasPrefix "dex" .Key) (hasPrefix "redis" .Key) (hasPrefix "externalRedis" .Key) (hasPrefix "commitServer" .Key) ) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} @@ -813,6 +813,20 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. {{- end }} {{- end }} +## Commit server (Manifest Hydrator) + +The Argo CD Commit Server provides push access to git repositories for hydrated manifests. + +To read more about this component, please read [Argo CD Manifest Hydrator] and [Manifest Hydrator]. + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "commitServer" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) @@ -845,3 +859,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace [Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice [Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer +[Argo CD Manifest Hydrator]: https://argo-cd.readthedocs.io/en/stable/proposals/manifest-hydrator/ +[Manifest Hydrator]: https://github.com/argoproj/argo-cd/blob/master/docs/proposals/manifest-hydrator.md diff --git a/charts/argo-cd/ci/with-commit-server-values.yaml b/charts/argo-cd/ci/with-commit-server-values.yaml new file mode 100644 index 00000000..b4ffedca --- /dev/null +++ b/charts/argo-cd/ci/with-commit-server-values.yaml @@ -0,0 +1,3 @@ +# Test Argo CD with optional component "commit-server" +commitServer: + enabled: true diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 1ef054b1..aeaf3df8 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -177,6 +177,24 @@ Create the name of the notifications service account to use {{- end -}} {{- end -}} +{{/* +Create argocd commit-server name and version as used by the chart label. +*/}} +{{- define "argo-cd.commitServer.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.commitServer.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the commit-server service account to use +*/}} +{{- define "argo-cd.commitServer.serviceAccountName" -}} +{{- if .Values.commitServer.serviceAccount.create -}} + {{ default (include "argo-cd.commitServer.fullname" .) .Values.commitServer.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.commitServer.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Argo Configuration Preset Values (Influenced by Values configuration) */}} diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index e61a8525..0b8285b7 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -175,6 +175,12 @@ spec: name: argocd-cmd-params-cm key: controller.self.heal.backoff.cap.seconds optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SYNC_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sync.timeout.seconds + optional: true - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT valueFrom: configMapKeyRef: @@ -311,6 +317,24 @@ spec: name: argocd-cmd-params-cm key: controller.ignore.normalizer.jq.timeout optional: true + - name: ARGOCD_HYDRATOR_ENABLED + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: hydrator.enabled + optional: true + - name: ARGOCD_CLUSTER_CACHE_BATCH_EVENTS_PROCESSING + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.cluster.cache.batch.events.processing + optional: true + - name: ARGOCD_CLUSTER_CACHE_EVENTS_PROCESSING_INTERVAL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.cluster.cache.events.processing.interval + optional: true {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index a907ac76..733290d1 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -174,6 +174,12 @@ spec: name: argocd-cmd-params-cm key: controller.self.heal.backoff.cap.seconds optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SYNC_TIMEOUT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sync.timeout.seconds + optional: true - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT valueFrom: configMapKeyRef: @@ -310,6 +316,26 @@ spec: name: argocd-cmd-params-cm key: controller.ignore.normalizer.jq.timeout optional: true + - name: ARGOCD_HYDRATOR_ENABLED + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: hydrator.enabled + optional: true + - name: ARGOCD_CLUSTER_CACHE_BATCH_EVENTS_PROCESSING + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.cluster.cache.batch.events.processing + optional: true + - name: ARGOCD_CLUSTER_CACHE_EVENTS_PROCESSING_INTERVAL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.cluster.cache.events.processing.interval + optional: true + - name: KUBECACHEDIR + value: /tmp/kubecache {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} @@ -344,6 +370,8 @@ spec: name: argocd-home - name: argocd-cmd-params-cm mountPath: /home/argocd/params + - name: argocd-application-controller-tmp + mountPath: /tmp {{- with .Values.controller.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} @@ -385,6 +413,8 @@ spec: {{- else }} emptyDir: {} {{- end }} + - emptyDir: {} + name: argocd-application-controller-tmp - name: argocd-repo-server-tls secret: secretName: argocd-repo-server-tls diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 303106b5..9c085123 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -151,6 +151,12 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_TOKENREF_STRICT_MODE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.tokenref.strict.mode + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING valueFrom: configMapKeyRef: @@ -211,6 +217,12 @@ spec: name: argocd-cmd-params-cm key: applicationsetcontroller.webhook.parallelism.limit optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REQUEUE_AFTER + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.requeue.after + name: argocd-cmd-params-cm + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-commit-server/deployment.yaml b/charts/argo-cd/templates/argocd-commit-server/deployment.yaml new file mode 100644 index 00000000..96cf6575 --- /dev/null +++ b/charts/argo-cd/templates/argocd-commit-server/deployment.yaml @@ -0,0 +1,238 @@ +{{- if .Values.commitServer.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.commitServer.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + name: {{ template "argo-cd.commitServer.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 4 }} +spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.commitServer.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 6 }} + template: + metadata: + annotations: + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.commitServer.podAnnotations) }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 8 }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.commitServer.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.commitServer.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} + {{- with .Values.commitServer.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.commitServer.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + {{- with .Values.commitServer.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ . }} + {{- end }} + serviceAccountName: {{ include "argo-cd.commitServer.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.commitServer.automountServiceAccountToken }} + containers: + - name: {{ .Values.commitServer.name }} + image: {{ default .Values.global.image.repository .Values.commitServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.commitServer.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.commitServer.image.imagePullPolicy }} + args: + - /usr/local/bin/argocd-commit-server + {{- with .Values.commitServer.extraArgs }} + {{- toYaml . | nindent 8 }} + {{- end }} + env: + {{- with (concat .Values.global.env .Values.commitServer.extraEnv) }} + {{- toYaml . | nindent 10 }} + {{- end }} + - name: ARGOCD_COMMIT_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: commitserver.listen.address + optional: true + - name: ARGOCD_COMMIT_SERVER_METRICS_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: commitserver.metrics.listen.address + optional: true + - name: ARGOCD_COMMIT_SERVER_LOGFORMAT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: commitserver.log.format + optional: true + - name: ARGOCD_COMMIT_SERVER_LOGLEVEL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: commitserver.log.level + optional: true + - name: ARGOCD_LOG_FORMAT_TIMESTAMP + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: log.format.timestamp + optional: true + {{- with .Values.commitServer.envFrom }} + envFrom: + {{- toYaml . | nindent 10 }} + {{- end }} + ports: + - containerPort: 8086 + name: server + protocol: TCP + - containerPort: 8087 + name: metrics + protocol: TCP + {{- if .Values.commitServer.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /healthz?full=true + port: 8087 + initialDelaySeconds: {{ .Values.commitServer.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.commitServer.livenessProbe.periodSeconds }} + failureThreshold: {{ .Values.commitServer.livenessProbe.failureThreshold }} + timeoutSeconds: {{ .Values.commitServer.livenessProbe.timeoutSeconds }} + {{- end }} + {{- if .Values.commitServer.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /healthz + port: 8087 + initialDelaySeconds: {{ .Values.commitServer.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.commitServer.readinessProbe.periodSeconds }} + failureThreshold: {{ .Values.commitServer.readinessProbe.failureThreshold }} + timeoutSeconds: {{ .Values.commitServer.readinessProbe.timeoutSeconds }} + {{- end }} + resources: + {{- toYaml .Values.commitServer.resources | nindent 10 }} + {{- with .Values.commitServer.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.commitServer.lifecycle }} + lifecycle: + {{- toYaml . | nindent 10 }} + {{- end }} + volumeMounts: + {{- with .Values.commitServer.extraVolumeMounts }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: ssh-known-hosts + mountPath: /app/config/ssh + - name: tls-certs + mountPath: /app/config/tls + - name: gpg-keys + mountPath: /app/config/gpg/source + - name: gpg-keyring + mountPath: /app/config/gpg/keys + # We need a writeable temp directory for the askpass socket file. + - name: tmp + mountPath: /tmp + initContainers: + - command: + - /bin/cp + - -n + - /usr/local/bin/argocd + - /var/run/argocd/argocd-cmp-server + image: {{ default .Values.global.image.repository .Values.commitServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.commitServer.image.tag }} + name: copyutil + resources: + {{- toYaml .Values.commitServer.resources | nindent 10 }} + {{- with .Values.commitServer.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + volumeMounts: + - mountPath: /var/run/argocd + name: var-files + volumes: + {{- with .Values.commitServer.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm + - name: gpg-keyring + emptyDir: {} + - name: tmp + emptyDir: {} + - name: argocd-commit-server-tls + secret: + secretName: argocd-commit-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + - emptyDir: {} + name: var-files + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.commitServer) }} + affinity: + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.commitServer.nodeSelector | default .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.commitServer.tolerations | default .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.commitServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.commitServer.hostNetwork }} + hostNetwork: {{ .Values.commitServer.hostNetwork }} + {{- end }} + {{- with .Values.commitServer.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.commitServer.dnsPolicy }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-commit-server/metrics.yaml b/charts/argo-cd/templates/argocd-commit-server/metrics.yaml new file mode 100644 index 00000000..7d198a70 --- /dev/null +++ b/charts/argo-cd/templates/argocd-commit-server/metrics.yaml @@ -0,0 +1,35 @@ +{{- if and .Values.commitServer.enabled .Values.commitServer.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argo-cd.commitServer.fullname" . }}-metrics + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" "metrics") | nindent 4 }} + {{- with .Values.commitServer.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if or .Values.commitServer.metrics.service.annotations .Values.global.addPrometheusAnnotations }} + annotations: + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.commitServer.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.commitServer.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.commitServer.metrics.service.type }} + {{- if and .Values.commitServer.metrics.service.clusterIP (eq .Values.commitServer.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.commitServer.metrics.service.clusterIP }} + {{- end }} + {{- include "argo-cd.dualStack" . | indent 2 }} + ports: + - name: {{ .Values.commitServer.metrics.service.portName }} + protocol: TCP + port: {{ .Values.commitServer.metrics.service.servicePort }} + targetPort: 8087 + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-commit-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-commit-server/networkpolicy.yaml new file mode 100644 index 00000000..6ec0a6ac --- /dev/null +++ b/charts/argo-cd/templates/argocd-commit-server/networkpolicy.yaml @@ -0,0 +1,25 @@ +{{- if and .Values.commitServer.enabled .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "argo-cd.commitServer.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} +spec: + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 6 }} + policyTypes: + - Ingress + ingress: + - from: + - podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 14 }} + ports: + - protocol: TCP + port: 8086 + - from: + - namespaceSelector: { } + ports: + - port: 8087 +{{- end }} diff --git a/charts/argo-cd/templates/argocd-commit-server/service.yaml b/charts/argo-cd/templates/argocd-commit-server/service.yaml new file mode 100644 index 00000000..7b0bf878 --- /dev/null +++ b/charts/argo-cd/templates/argocd-commit-server/service.yaml @@ -0,0 +1,26 @@ +{{- if .Values.commitServer.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "argo-cd.commitServer.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 4 }} + {{- with .Values.commitServer.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.commitServer.service.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + ports: + - name: server + protocol: TCP + port: 8086 + targetPort: 8086 + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-commit-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-commit-server/serviceaccount.yaml new file mode 100644 index 00000000..d0cf9e73 --- /dev/null +++ b/charts/argo-cd/templates/argocd-commit-server/serviceaccount.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.commitServer.enabled .Values.commitServer.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.commitServer.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ include "argo-cd.commitServer.serviceAccountName" . }} + namespace: {{ include "argo-cd.namespace" . }} + {{- with .Values.commitServer.serviceAccount.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.commitServer.name "name" .Values.commitServer.name) | nindent 4 }} + {{- with .Values.commitServer.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 2617251d..f12332e9 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -239,6 +239,12 @@ spec: name: argocd-cmd-params-cm key: reposerver.plugin.tar.exclusions optional: true + - name: ARGOCD_REPO_SERVER_PLUGIN_USE_MANIFEST_GENERATE_PATHS + valueFrom: + configMapKeyRef: + key: reposerver.plugin.use.manifest.generate.paths + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index cc5f7bfe..0b75f062 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -373,6 +373,12 @@ spec: name: argocd-cmd-params-cm key: applicationsetcontroller.enable.scm.providers optional: true + - name: ARGOCD_HYDRATOR_ENABLED + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: hydrator.enabled + optional: true {{- with .Values.server.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 7e3afda6..2c69f9ba 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -319,6 +319,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation + (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -466,6 +474,10 @@ spec: to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. @@ -685,6 +697,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -834,6 +854,10 @@ spec: to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. @@ -1166,6 +1190,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation + (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step + (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1312,6 +1344,10 @@ spec: use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. @@ -1378,6 +1414,64 @@ spec: required: - repoURL type: object + sourceHydrator: + description: SourceHydrator provides a way to push hydrated manifests + back to git before syncing them to the cluster. + properties: + drySource: + description: DrySource specifies where the dry "don't repeat yourself" + manifest source lives. + properties: + path: + description: Path is a directory path within the Git repository + where the manifests are located + type: string + repoURL: + description: RepoURL is the URL to the git repository that + contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source + to hydrate + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + description: |- + HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then + have to move manifests to the SyncSource, e.g. by pull request. + properties: + targetBranch: + description: TargetBranch is the branch to which hydrated + manifests should be committed + type: string + required: + - targetBranch + type: object + syncSource: + description: SyncSource specifies where to sync hydrated manifests + from. + properties: + path: + description: |- + Path is a directory path within the git repository where hydrated manifests should be committed to and synced + from. If hydrateTo is set, this is just the path from which hydrated manifests will be synced. + type: string + targetBranch: + description: TargetBranch is the branch to which hydrated + manifests should be committed + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: description: Sources is a reference to the location of the application's manifests or chart @@ -1523,6 +1617,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation + (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1670,6 +1772,10 @@ spec: to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. @@ -1848,6 +1954,11 @@ spec: description: Health contains information about the application's current health status properties: + lastTransitionTime: + description: LastTransitionTime is the time the HealthStatus was + set or updated + format: date-time + type: string message: description: Message is a human-readable informational message describing the health status @@ -2045,6 +2156,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -2194,6 +2313,10 @@ spec: to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is displayed + in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. @@ -2414,6 +2537,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -2565,6 +2696,10 @@ spec: to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. @@ -2933,6 +3068,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -3085,6 +3228,11 @@ spec: Kustomize to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and + is displayed in the UI. It is used in multi-source + Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced @@ -3320,6 +3468,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON + schema validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -3475,6 +3631,11 @@ spec: of Kustomize to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and + is displayed in the UI. It is used in multi-source + Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications @@ -3824,6 +3985,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -3975,6 +4144,10 @@ spec: to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. @@ -4205,6 +4378,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -4357,6 +4538,10 @@ spec: to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced @@ -4463,6 +4648,11 @@ spec: description: HealthStatus contains information about the currently observed health state of an application or resource properties: + lastTransitionTime: + description: LastTransitionTime is the time the HealthStatus + was set or updated + format: date-time + type: string message: description: Message is a human-readable informational message describing the health status @@ -4480,6 +4670,8 @@ spec: type: string namespace: type: string + requiresDeletionConfirmation: + type: boolean requiresPruning: type: boolean status: @@ -4493,6 +4685,177 @@ spec: type: string type: object type: array + sourceHydrator: + description: SourceHydrator stores information about the current state + of source hydration + properties: + currentOperation: + description: CurrentOperation holds the status of the hydrate + operation + properties: + drySHA: + description: DrySHA holds the resolved revision (sha) of the + dry source as of the most recent reconciliation + type: string + finishedAt: + description: FinishedAt indicates when the hydrate operation + finished + format: date-time + type: string + hydratedSHA: + description: HydratedSHA holds the resolved revision (sha) + of the hydrated source as of the most recent reconciliation + type: string + message: + description: Message contains a message describing the current + status of the hydrate operation + type: string + phase: + description: Phase indicates the status of the hydrate operation + enum: + - Hydrating + - Failed + - Hydrated + type: string + sourceHydrator: + description: SourceHydrator holds the hydrator config used + for the hydrate operation + properties: + drySource: + description: DrySource specifies where the dry "don't + repeat yourself" manifest source lives. + properties: + path: + description: Path is a directory path within the Git + repository where the manifests are located + type: string + repoURL: + description: RepoURL is the URL to the git repository + that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to hydrate + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + description: |- + HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then + have to move manifests to the SyncSource, e.g. by pull request. + properties: + targetBranch: + description: TargetBranch is the branch to which hydrated + manifests should be committed + type: string + required: + - targetBranch + type: object + syncSource: + description: SyncSource specifies where to sync hydrated + manifests from. + properties: + path: + description: |- + Path is a directory path within the git repository where hydrated manifests should be committed to and synced + from. If hydrateTo is set, this is just the path from which hydrated manifests will be synced. + type: string + targetBranch: + description: TargetBranch is the branch to which hydrated + manifests should be committed + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + startedAt: + description: StartedAt indicates when the hydrate operation + started + format: date-time + type: string + required: + - message + - phase + type: object + lastSuccessfulOperation: + description: LastSuccessfulOperation holds info about the most + recent successful hydration + properties: + drySHA: + description: DrySHA holds the resolved revision (sha) of the + dry source as of the most recent reconciliation + type: string + hydratedSHA: + description: HydratedSHA holds the resolved revision (sha) + of the hydrated source as of the most recent reconciliation + type: string + sourceHydrator: + description: SourceHydrator holds the hydrator config used + for the hydrate operation + properties: + drySource: + description: DrySource specifies where the dry "don't + repeat yourself" manifest source lives. + properties: + path: + description: Path is a directory path within the Git + repository where the manifests are located + type: string + repoURL: + description: RepoURL is the URL to the git repository + that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to hydrate + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + description: |- + HydrateTo specifies an optional "staging" location to push hydrated manifests to. An external system would then + have to move manifests to the SyncSource, e.g. by pull request. + properties: + targetBranch: + description: TargetBranch is the branch to which hydrated + manifests should be committed + type: string + required: + - targetBranch + type: object + syncSource: + description: SyncSource specifies where to sync hydrated + manifests from. + properties: + path: + description: |- + Path is a directory path within the git repository where hydrated manifests should be committed to and synced + from. If hydrateTo is set, this is just the path from which hydrated manifests will be synced. + type: string + targetBranch: + description: TargetBranch is the branch to which hydrated + manifests should be committed + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object + type: object + type: object sourceType: description: SourceType specifies the type of this application type: string @@ -4730,6 +5093,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -4881,6 +5252,10 @@ spec: to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. @@ -5111,6 +5486,14 @@ spec: description: SkipCrds skips custom resource definition installation step (Helm's --skip-crds) type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema + validation (Helm's --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation + step (Helm's --skip-tests). + type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -5263,6 +5646,10 @@ spec: to use for rendering manifests type: string type: object + name: + description: Name is used to refer to a source and is + displayed in the UI. It is used in multi-source Applications. + type: string path: description: Path is a directory path within the Git repository, and is only valid for applications sourced diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 6cf09222..eff945f8 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -242,6 +242,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -340,6 +344,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -385,6 +391,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -472,6 +514,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -570,6 +616,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -676,6 +724,8 @@ spec: type: object clusters: properties: + flatList: + type: boolean selector: properties: matchExpressions: @@ -864,6 +914,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -962,6 +1016,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -1007,6 +1063,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -1094,6 +1186,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -1192,6 +1288,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -1487,6 +1585,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -1585,6 +1687,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -1630,6 +1734,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -1717,6 +1857,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -1815,6 +1959,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -2090,6 +2236,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -2188,6 +2338,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -2233,6 +2385,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -2320,6 +2508,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -2418,6 +2610,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -2718,6 +2912,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -2816,6 +3014,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -2861,6 +3061,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -2948,6 +3184,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -3046,6 +3286,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -3152,6 +3394,8 @@ spec: type: object clusters: properties: + flatList: + type: boolean selector: properties: matchExpressions: @@ -3340,6 +3584,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -3438,6 +3686,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -3483,6 +3733,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -3570,6 +3856,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -3668,6 +3958,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -3963,6 +4255,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -4061,6 +4357,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -4106,6 +4404,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -4193,6 +4527,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -4291,6 +4629,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -4566,6 +4906,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -4664,6 +5008,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -4709,6 +5055,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -4796,6 +5178,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -4894,6 +5280,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -5177,6 +5565,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -5275,6 +5667,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -5320,6 +5714,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -5407,6 +5837,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -5505,6 +5939,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -6007,6 +6443,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -6105,6 +6545,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -6150,6 +6592,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -6237,6 +6715,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -6335,6 +6817,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -6832,6 +7316,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -6930,6 +7418,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -6975,6 +7465,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -7062,6 +7588,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -7160,6 +7690,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -7452,6 +7984,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -7550,6 +8086,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -7595,6 +8133,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -7682,6 +8256,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -7780,6 +8358,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -8082,6 +8662,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -8180,6 +8764,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -8225,6 +8811,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -8312,6 +8934,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -8410,6 +9036,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -8516,6 +9144,8 @@ spec: type: object clusters: properties: + flatList: + type: boolean selector: properties: matchExpressions: @@ -8704,6 +9334,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -8802,6 +9436,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -8847,6 +9483,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -8934,6 +9606,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -9032,6 +9708,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -9327,6 +10005,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -9425,6 +10107,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -9470,6 +10154,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -9557,6 +10277,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -9655,6 +10379,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -9930,6 +10656,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -10028,6 +10758,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -10073,6 +10805,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -10160,6 +10928,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -10258,6 +11030,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -10541,6 +11315,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -10639,6 +11417,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -10684,6 +11464,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -10771,6 +11587,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -10869,6 +11689,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -11371,6 +12193,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -11469,6 +12295,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -11514,6 +12342,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -11601,6 +12465,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -11699,6 +12567,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -12196,6 +13066,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -12294,6 +13168,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -12339,6 +13215,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -12426,6 +13338,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -12524,6 +13440,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -12820,6 +13738,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -12918,6 +13840,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -12963,6 +13887,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -13050,6 +14010,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -13148,6 +14112,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -13430,6 +14396,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -13528,6 +14498,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -13573,6 +14545,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -13660,6 +14668,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -13758,6 +14770,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -14260,6 +15274,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -14358,6 +15376,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -14403,6 +15423,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -14490,6 +15546,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -14588,6 +15648,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -15085,6 +16147,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -15183,6 +16249,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -15228,6 +16296,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -15315,6 +16419,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -15413,6 +16521,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -15780,6 +16890,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -15878,6 +16992,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -15923,6 +17039,42 @@ spec: required: - repoURL type: object + sourceHydrator: + properties: + drySource: + properties: + path: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - path + - repoURL + - targetRevision + type: object + hydrateTo: + properties: + targetBranch: + type: string + required: + - targetBranch + type: object + syncSource: + properties: + path: + type: string + targetBranch: + type: string + required: + - path + - targetBranch + type: object + required: + - drySource + - syncSource + type: object sources: items: properties: @@ -16010,6 +17162,10 @@ spec: type: string skipCrds: type: boolean + skipSchemaValidation: + type: boolean + skipTests: + type: boolean valueFiles: items: type: string @@ -16108,6 +17264,8 @@ spec: version: type: string type: object + name: + type: string path: type: string plugin: @@ -16267,6 +17425,9 @@ spec: type: string health: properties: + lastTransitionTime: + format: date-time + type: string message: type: string status: @@ -16280,6 +17441,8 @@ spec: type: string namespace: type: string + requiresDeletionConfirmation: + type: boolean requiresPruning: type: boolean status: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4c069086..93e480ad 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -119,7 +119,8 @@ global: priorityClassName: "" # -- Default node selector for all components - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux # -- Default tolerations for all components tolerations: [] @@ -3749,3 +3750,183 @@ notifications: # For more information: https://argo-cd.readthedocs.io/en/stable/operator-manual/notifications/triggers/#default-triggers # defaultTriggers: | # - on-sync-status-unknown + +commitServer: + # -- Enable commit server + enabled: false + + # -- Commit server name + name: commit-server + + # -- Runtime class name for the commit server + # @default -- `""` (defaults to global.runtimeClassName) + runtimeClassName: "" + + ## commit server controller image + image: + # -- Repository to use for the commit server + # @default -- `""` (defaults to global.image.repository) + repository: "" + # -- Tag to use for the commit server + # @default -- `""` (defaults to global.image.tag) + tag: "" + # -- Image pull policy for the commit server + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- commit server command line flags + extraArgs: [] + + # -- Environment variables to pass to the commit server + extraEnv: [] + # - name: "MY_VAR" + # value: "value" + + # -- envFrom to pass to the commit server + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + + # -- List of extra volumes to add + extraVolumes: [] + + metrics: + # -- Enables prometheus metrics server + enabled: false + service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 8087 + # -- Metrics service port name + portName: metrics + + ## commit server service configuration + service: + # -- commit server service annotations + annotations: {} + # -- commit server service labels + labels: {} + + # -- Automount API credentials for the Service Account into the pod. + automountServiceAccountToken: false + + serviceAccount: + # -- Create commit server service account + create: true + # -- commit server service account name + name: argocd-commit-server + # -- Annotations applied to created service account + annotations: {} + # -- Labels applied to created service account + labels: {} + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true + + # -- Annotations to be added to commit server Deployment + deploymentAnnotations: {} + + # -- Annotations for the commit server pods + podAnnotations: {} + + # -- Labels for the commit server pods + podLabels: {} + + # -- Resource limits and requests for the commit server pods. + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for commit server pods + dnsPolicy: "ClusterFirst" + + # -- commit server container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + + ## Probes for commit server (optional) + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ + readinessProbe: + # -- Enable Kubernetes liveness probe for commit server + enabled: true + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 5 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + + livenessProbe: + # -- Enable Kubernetes liveness probe for commit server + enabled: true + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 30 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 30 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 5 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) + nodeSelector: {} + + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) + tolerations: [] + + # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) + affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the commit server + # @default -- `[]` (defaults to global.topologySpreadConstraints) + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + + # -- Deployment strategy to be added to the commit server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + + # -- Priority class for the commit server pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" From b732ef4689aa571c7fb99fa3f3d5c2ac0bef02f6 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 6 Feb 2025 10:07:42 +0000 Subject: [PATCH 1240/1248] chore(argo-cd): Update dependency argoproj/argo-cd to v2.14.2 (#3160) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 869e9e41..2c8122a2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.14.1 +appVersion: v2.14.2 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.8.0 +version: 7.8.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.14.1 + description: Bump argo-cd to v2.14.2 From f7b5090efb272e40881a78127db2ef9954c4b2c5 Mon Sep 17 00:00:00 2001 From: PatrickSpies <57619316+PatrickSpies@users.noreply.github.com> Date: Thu, 6 Feb 2025 11:34:55 +0100 Subject: [PATCH 1241/1248] fix(argo-cd): only create dex-servicemonitor if dex is enabled (#3159) * fix(argo-cd): only create dex-servicemonitor of dex is enabled Signed-off-by: Patrick Spies * numbers are difficult Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> --------- Signed-off-by: Patrick Spies Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/dex/servicemonitor.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2c8122a2..ff93b69d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.14.2 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.8.1 +version: 7.8.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.14.2 + - kind: fixed + description: Create ServiceMonitor for dex only if dex is enabled diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 93c9fa32..2564cfa1 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.dex.enabled .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: From d40470b95dd61c2232bf3e7a63f0af6a371a728a Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 8 Feb 2025 14:58:48 +0900 Subject: [PATCH 1242/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.6.3 (#3164) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index be8df0c6..a9fafdda 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.6.2 +appVersion: v3.6.3 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.4 +version: 0.45.5 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support configuring workflow events in the controller + - kind: changed + description: Bump argo-workflows to v3.6.3 From 56b2429f3b110acbc46bedb01767ba0f2242a694 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Feb 2025 20:18:18 +0100 Subject: [PATCH 1243/1248] chore(deps): bump github/codeql-action from 3.28.8 to 3.28.9 in the dependencies group (#3166) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 194c864e..29f267d3 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 + uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 with: sarif_file: results.sarif From ff078480685bd22b93fafc5a3035fdbe1c4da942 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 10 Feb 2025 07:16:36 -0600 Subject: [PATCH 1244/1248] chore(deps): update renovatebot/github-action action to v41.0.13 (#3167) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index b27a99ac..15d4d3a8 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -26,7 +26,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@9ad1a8e771c002ece340d1ff028fae4503fe041b # v41.0.12 + uses: renovatebot/github-action@e084b5ac6fd201023db6dd7743aec023babb02c8 # v41.0.13 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate From 3a329eae633ebf374d1aa2f6673b828848f9c994 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Mon, 10 Feb 2025 08:30:15 -0600 Subject: [PATCH 1245/1248] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.6.4 (#3168) Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a9fafdda..364868f6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.6.3 +appVersion: v3.6.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.5 +version: 0.45.6 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-workflows to v3.6.3 + description: Bump argo-workflows to v3.6.4 From 689fed54cb70cb693decf5512437f4bc5138d04f Mon Sep 17 00:00:00 2001 From: Yusuke Abe Date: Sat, 15 Feb 2025 19:11:16 +0900 Subject: [PATCH 1246/1248] chore(argo-workflows): suggest non deprecated option (#3113) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 364868f6..c1f8df1a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.6.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.6 +version: 0.45.7 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-workflows to v3.6.4 + - kind: fixed + description: Update the SSO configuration instructions to reflect the correct field name diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 323524c2..6e400596 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -344,7 +344,7 @@ Fields to note: | server.sso.clientSecret.key | string | `"client-secret"` | Key of a secret to retrieve the app OIDC client secret | | server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret | | server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups | -| server.sso.enabled | bool | `false` | Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. | +| server.sso.enabled | bool | `false` | Create SSO configuration. If you set `true` , please also set `.Values.server.authModes` as `sso`. | | server.sso.filterGroupsRegex | list | `[]` | Filter the groups returned by the OIDC provider | | server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client | | server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider | diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cf9b08d8..0c044454 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -717,7 +717,7 @@ server: # SSO configuration when SSO is specified as a server auth mode. sso: - # -- Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. + # -- Create SSO configuration. If you set `true` , please also set `.Values.server.authModes` as `sso`. enabled: false # -- The root URL of the OIDC identity provider issuer: https://accounts.google.com From 341406ccb2c1c3c1f72432ca22b1470bde1f579a Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Sat, 15 Feb 2025 10:12:33 +0000 Subject: [PATCH 1247/1248] chore(deps): update actions/create-github-app-token action to v1.11.5 (#3170) --- .github/workflows/renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 15d4d3a8..9460d792 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3 + uses: actions/create-github-app-token@0d564482f06ca65fa9e77e2510873638c82206f2 # v1.11.5 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} From 52870ab90783623973cce0987117ae854bb67b39 Mon Sep 17 00:00:00 2001 From: "argoproj-renovate[bot]" <161757507+argoproj-renovate[bot]@users.noreply.github.com> Date: Thu, 20 Feb 2025 09:41:59 +0900 Subject: [PATCH 1248/1248] chore(deps): update ghcr.io/dexidp/dex docker tag to v2.42.0 (#3172) * chore(deps): update ghcr.io/dexidp/dex docker tag to v2.42.0 Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> * bump the chart Signed-off-by: Tim Collins * helm docs Signed-off-by: Tim Collins --------- Signed-off-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Signed-off-by: Tim Collins Co-authored-by: argoproj-renovate[bot] <161757507+argoproj-renovate[bot]@users.noreply.github.com> Co-authored-by: Tim Collins --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ff93b69d..5d12006a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.14.2 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.8.2 +version: 7.8.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Create ServiceMonitor for dex only if dex is enabled + - kind: changed + description: Bump dex version to v2.42.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f1140f1f..25760a5f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1170,7 +1170,7 @@ NAME: my-release | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.41.1"` | Dex image tag | +| dex.image.tag | string | `"v2.42.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 93e480ad..f1213daf 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1025,7 +1025,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.41.1 + tag: v2.42.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: ""