ef70ad9edd
* fix(argo-cd): global.securityContext merging merge global.securityContext into local (applicationset, notifications) values Signed-off-by: Höhl, Lukas <lukas.hoehl@accso.de> * chore(argo-cd): bump version and add artifacthub changes Signed-off-by: Höhl, Lukas <lukas.hoehl@accso.de> * fix(argo-cd): wrong value for applicationSet podSecurityContext Signed-off-by: Höhl, Lukas <lukas.hoehl@accso.de> * fix(argo-cd): rerun helm-docs Signed-off-by: Höhl, Lukas <lukas.hoehl@accso.de> * chore(argo-cd): bump version Signed-off-by: Höhl, Lukas <lukas.hoehl@accso.de> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
128 lines
5.3 KiB
YAML
128 lines
5.3 KiB
YAML
{{- if .Values.applicationSet.enabled }}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ template "argo-cd.applicationSet.fullname" . }}
|
|
labels:
|
|
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
|
|
app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }}
|
|
spec:
|
|
replicas: {{ .Values.applicationSet.replicaCount }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
{{- with .Values.applicationSet.podAnnotations }}
|
|
annotations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }}
|
|
app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }}
|
|
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
spec:
|
|
{{- with .Values.applicationSet.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }}
|
|
securityContext:
|
|
{{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.applicationSet.podSecurityContext) | nindent 8 }}
|
|
containers:
|
|
- name: {{ .Values.applicationSet.name }}
|
|
securityContext:
|
|
{{- toYaml .Values.applicationSet.securityContext | nindent 12 }}
|
|
command:
|
|
- applicationset-controller
|
|
- --metrics-addr={{ .Values.applicationSet.args.metricsAddr }}
|
|
- --probe-addr={{ .Values.applicationSet.args.probeBindAddr }}
|
|
{{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }}
|
|
- --enable-leader-election=true
|
|
{{- end }}
|
|
- --namespace={{ .Release.Namespace }}
|
|
- --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
|
|
- --policy={{ .Values.applicationSet.args.policy }}
|
|
- --debug={{ .Values.applicationSet.args.debug }}
|
|
- --dry-run={{ .Values.applicationSet.args.dryRun }}
|
|
{{- with .Values.applicationSet.extraArgs }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }}
|
|
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }}
|
|
ports:
|
|
- name: http
|
|
containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }}
|
|
protocol: TCP
|
|
- name: metrics
|
|
containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }}
|
|
protocol: TCP
|
|
- name: webhook
|
|
containerPort: 7000
|
|
protocol: TCP
|
|
{{- with .Values.applicationSet.extraEnv }}
|
|
env:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.applicationSet.extraEnvFrom }}
|
|
envFrom:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
resources:
|
|
{{- toYaml .Values.applicationSet.resources | nindent 12 }}
|
|
volumeMounts:
|
|
- mountPath: /tmp
|
|
name: tmp-dir
|
|
{{- if .Values.configs.knownHosts }}
|
|
- mountPath: /app/config/ssh
|
|
name: ssh-known-hosts
|
|
{{- end }}
|
|
- mountPath: /app/config/tls
|
|
name: tls-certs
|
|
- mountPath: /app/config/gpg/source
|
|
name: gpg-keys
|
|
- mountPath: /app/config/gpg/keys
|
|
name: gpg-keyring
|
|
{{- with .Values.applicationSet.extraVolumeMounts }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.applicationSet.extraContainers }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
volumes:
|
|
- emptyDir: {}
|
|
name: tmp-dir
|
|
{{- if .Values.configs.knownHosts }}
|
|
- configMap:
|
|
name: argocd-ssh-known-hosts-cm
|
|
name: ssh-known-hosts
|
|
{{- end }}
|
|
- configMap:
|
|
name: argocd-tls-certs-cm
|
|
name: tls-certs
|
|
- configMap:
|
|
name: argocd-gpg-keys-cm
|
|
name: gpg-keys
|
|
- emptyDir: {}
|
|
name: gpg-keyring
|
|
{{- with .Values.applicationSet.extraVolumes }}
|
|
{{- toYaml . | nindent 6 }}
|
|
{{- end }}
|
|
{{- with .Values.applicationSet.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.applicationSet.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.applicationSet.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.applicationSet.priorityClassName }}
|
|
priorityClassName: {{ . }}
|
|
{{- end }}
|
|
{{- end }}
|