DevFW-CICD/argocd-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
argocd-helm/charts/argo-cd/templates/argocd-server/deployment.yaml
Otto Nordander cbdcd902d7
Always mount argocd-tls-certs-cm in server and repo-server (#1098) 
If the ConfigMap is not mounted Argo will not be able
to use any certificates added in the CLI or the UI.

Signed-off-by: Otto Nordander otto.nordander@gmail.com

Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
2022-03-01 17:35:07 +00:00

227 lines
8.7 KiB
YAML
Executable file
Raw Blame History

{{- $redisHa := (index .Values "redis-ha") -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "argo-cd.server.fullname" . }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | quote }}
spec:
selector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }}
revisionHistoryLimit: 5
{{- if (ne .Values.server.autoscaling.enabled true) }}
replicas: {{ .Values.server.replicas }}
{{- end }}
template:
metadata:
{{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.server.podAnnotations) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }}
app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag | quote }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.server.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.global.securityContext }}
securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
{{- end }}
containers:
- name: {{ .Values.server.name }}
image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
command:
- argocd-server
{{ if .Values.server.staticAssets.enabled }}
- --staticassets
- /shared/app
{{ end }}
- --repo-server
- {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
{{- if .Values.dex.enabled }}
- --dex-server
- http://{{ template "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }}
{{- end }}
- --logformat
- {{ .Values.server.logFormat }}
- --loglevel
- {{ .Values.server.logLevel }}
{{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }}
- --redis
- {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
{{- end }}
{{- with .Values.server.extraArgs }}
{{- . | toYaml | nindent 8 }}
{{- end }}
{{- if .Values.server.containerSecurityContext }}
securityContext: {{- toYaml .Values.server.containerSecurityContext | nindent 10 }}
{{- end }}
{{- if .Values.server.env }}
env:
{{- toYaml .Values.server.env | nindent 8 }}
{{- end }}
{{- with .Values.server.envFrom }}
envFrom: {{- toYaml . | nindent 8 }}
{{- end }}
volumeMounts:
{{- if .Values.server.volumeMounts }}
{{- toYaml .Values.server.volumeMounts | nindent 8}}
{{- end }}
{{- if .Values.server.extensions.enabled }}
- name: extensions
mountPath: /tmp/extensions/
{{- end }}
{{- if .Values.configs.knownHosts }}
- mountPath: /app/config/ssh
name: ssh-known-hosts
{{- end }}
- mountPath: /app/config/tls
name: tls-certs
- mountPath: /app/config/server/tls
name: argocd-repo-server-tls
{{- if .Values.configs.styles }}
- mountPath: "/shared/app/custom/custom.styles.css"
subPath: "custom.styles.css"
name: custom-styles
{{- end }}
{{- if .Values.server.containerSecurityContext.readOnlyRootFilesystem }}
- mountPath: /home/argocd/.aws
name: aws-config
{{- end }}
- mountPath: /home/argocd
name: plugins-home
- mountPath: /tmp
name: tmp-dir
ports:
- name: {{ .Values.server.name }}
containerPort: {{ .Values.server.containerPort }}
protocol: TCP
{{ if .Values.server.metrics.enabled }}
- name: metrics
containerPort: 8083
protocol: TCP
{{- end }}
livenessProbe:
httpGet:
path: /healthz
port: {{ .Values.server.containerPort }}
initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.server.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }}
readinessProbe:
httpGet:
path: /healthz
port: {{ .Values.server.containerPort }}
initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.server.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }}
resources:
{{- toYaml .Values.server.resources | nindent 10 }}
{{- if .Values.server.lifecycle }}
lifecycle:
{{- toYaml .Values.server.lifecycle | nindent 10 }}
{{- end }}
{{- with .Values.server.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- if .Values.server.extensions.enabled }}
- name: argocd-extensions
image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }}
imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }}
volumeMounts:
- name: extensions
mountPath: /tmp/extensions/
resources:
{{- toYaml .Values.server.extensions.resources | nindent 10 }}
{{- end }}
{{- if .Values.server.nodeSelector }}
nodeSelector:
{{- toYaml .Values.server.nodeSelector | nindent 8 }}
{{- end }}
{{- if .Values.server.tolerations }}
tolerations:
{{- toYaml .Values.server.tolerations | nindent 8 }}
{{- end }}
{{- if .Values.server.affinity }}
affinity:
{{- toYaml .Values.server.affinity | nindent 8 }}
{{- end }}
{{- with .Values.server.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
{{- if not $constraint.labelSelector }}
labelSelector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.server.name) | nindent 12 }}
{{- end }}
{{- end }}
{{- end }}
serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
volumes:
{{- if .Values.server.volumes }}
{{- toYaml .Values.server.volumes | nindent 6}}
{{- end }}
{{- if .Values.server.extensions.enabled }}
- name: extensions
emptyDir: {}
{{- end }}
- emptyDir: {}
name: static-files
- emptyDir: {}
name: tmp-dir
{{- if .Values.server.containerSecurityContext.readOnlyRootFilesystem }}
- emptyDir: {}
name: aws-config
{{- end }}
{{- if .Values.configs.styles }}
- configMap:
name: argocd-custom-styles
name: custom-styles
{{- end }}
{{- if .Values.configs.knownHosts }}
- configMap:
name: argocd-ssh-known-hosts-cm
name: ssh-known-hosts
{{- end }}
- configMap:
name: argocd-tls-certs-cm
name: tls-certs
- name: argocd-repo-server-tls
secret:
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
- key: ca.crt
path: ca.crt
optional: true
secretName: argocd-repo-server-tls
- emptyDir: {}
name: plugins-home
{{- if .Values.server.initContainers }}
initContainers:
{{- toYaml .Values.server.initContainers | nindent 6 }}
{{- end }}
{{- if .Values.server.priorityClassName }}
priorityClassName: {{ .Values.server.priorityClassName }}
{{- end }}
Reference in a new issue View git blame Copy permalink