argocd-helm/charts/argo-cd/templates/argocd-repo-server/deployment.yaml

{{- $redisHa := (index .Values "redis-ha") -}}
apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ template "argo-cd.repoServer.fullname" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
    app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }}
spec:
  selector:
    matchLabels:
      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }}
  revisionHistoryLimit: 5
  {{- if (ne .Values.repoServer.autoscaling.enabled true) }}
  replicas: {{ .Values.repoServer.replicas }}
  {{- end }}
  template:
    metadata:
      {{- with (mergeOverwrite .Values.global.podAnnotations .Values.repoServer.podAnnotations) }}
      annotations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      labels:
        {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }}
        app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }}
        {{- with (mergeOverwrite .Values.global.podLabels .Values.repoServer.podLabels) }}
          {{- toYaml . | nindent 8 }}
        {{- end }}
    spec:
      {{- with .Values.global.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- if .Values.global.securityContext }}
      securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
      {{- end }}
      containers:
      - name: {{ .Values.repoServer.name }}
        image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }}
        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
        args:
        - argocd-repo-server
        {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }}
        - --redis
        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
        {{- end }}
        - --logformat
        - {{ .Values.repoServer.logFormat }}
        - --loglevel
        - {{ .Values.repoServer.logLevel }}
        {{- with .Values.repoServer.extraArgs }}
        {{- . | toYaml | nindent 8 }}
        {{- end }}
        {{- if .Values.repoServer.containerSecurityContext }}
        securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }}
        {{- end }}
{{- if or (.Values.repoServer.env) (.Values.openshift.enabled) }}
        env:
{{- if .Values.repoServer.env }}
{{- toYaml .Values.repoServer.env | nindent 8 }}
{{- end }}
{{- if .Values.openshift.enabled }}
        - name: USER_NAME
          value: argocd
{{- end }}
{{- end }}
        {{- with .Values.repoServer.envFrom }}
        envFrom: {{- toYaml . | nindent 8 }}
        {{- end }}
        volumeMounts:
        {{- if .Values.repoServer.volumeMounts }}
          {{- toYaml .Values.repoServer.volumeMounts | nindent 8 }}
        {{- end }}
        - mountPath: /app/config/gpg/source
          name: gpg-keys
        - mountPath: /app/config/gpg/keys
          name: gpg-keyring
        {{- if .Values.configs.knownHosts }}
        - mountPath: /app/config/ssh
          name: ssh-known-hosts
        {{- end }}
        {{- if .Values.configs.tlsCerts }}
        - mountPath: /app/config/tls
          name: tls-certs
        {{- end }}
        - mountPath: /app/config/reposerver/tls
          name: argocd-repo-server-tls
        - mountPath: /tmp
          name: tmp-dir
        ports:
        - name: repo-server
          containerPort: {{ .Values.repoServer.containerPort }}
          protocol: TCP
        {{ if .Values.repoServer.metrics.enabled }}
        - name: metrics
          containerPort: 8084
          protocol: TCP
        {{- end }}
        livenessProbe:
          tcpSocket:
            port: {{ .Values.repoServer.containerPort }}
          initialDelaySeconds: {{ .Values.repoServer.livenessProbe.initialDelaySeconds }}
          periodSeconds: {{ .Values.repoServer.livenessProbe.periodSeconds }}
          timeoutSeconds: {{ .Values.repoServer.livenessProbe.timeoutSeconds }}
          successThreshold: {{ .Values.repoServer.livenessProbe.successThreshold }}
          failureThreshold: {{ .Values.repoServer.livenessProbe.failureThreshold }}
        readinessProbe:
          tcpSocket:
            port: {{ .Values.repoServer.containerPort }}
          initialDelaySeconds: {{ .Values.repoServer.readinessProbe.initialDelaySeconds }}
          periodSeconds: {{ .Values.repoServer.readinessProbe.periodSeconds }}
          timeoutSeconds: {{ .Values.repoServer.readinessProbe.timeoutSeconds }}
          successThreshold: {{ .Values.repoServer.readinessProbe.successThreshold }}
          failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }}
        resources:
{{- toYaml .Values.repoServer.resources | nindent 10 }}
    {{- if .Values.repoServer.nodeSelector }}
      nodeSelector:
{{- toYaml .Values.repoServer.nodeSelector | nindent 8 }}
    {{- end }}
    {{- if .Values.repoServer.tolerations }}
      tolerations:
{{- toYaml .Values.repoServer.tolerations | nindent 8 }}
    {{- end }}
    {{- if .Values.repoServer.affinity }}
      affinity:
{{- toYaml .Values.repoServer.affinity | nindent 8 }}
    {{- end }}
      serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
      hostAliases:
{{ toYaml . | indent 6 }}
{{- end }}
      volumes:
      {{- if .Values.repoServer.volumes }}
        {{- toYaml .Values.repoServer.volumes | nindent 6 }}
      {{- end }}
      - name: gpg-keys
        configMap:
          name: argocd-gpg-keys-cm
      - emptyDir: {}
        name: gpg-keyring
      {{- if .Values.configs.knownHosts }}
      - configMap:
          name: argocd-ssh-known-hosts-cm
        name: ssh-known-hosts
      {{- end }}
      {{- if .Values.configs.tlsCerts }}
      - configMap:
          name: argocd-tls-certs-cm
        name: tls-certs
      {{- end }}
      - name: argocd-repo-server-tls
        secret:
          items:
          - key: tls.crt
            path: tls.crt
          - key: tls.key
            path: tls.key
          - key: ca.crt
            path: ca.crt
          optional: true
          secretName: argocd-repo-server-tls
      - emptyDir: {}
        name: tmp-dir
      {{- if .Values.repoServer.initContainers }}
      initContainers:
{{- toYaml .Values.repoServer.initContainers | nindent 6 }}
      {{- end }}
{{- if .Values.repoServer.priorityClassName }}
      priorityClassName: {{ .Values.repoServer.priorityClassName }}
{{- end }}