From 533d96a47787b26e37760ad5fae71b00ea195cf9 Mon Sep 17 00:00:00 2001 From: Ashish Jaiswal Date: Thu, 7 Apr 2022 12:55:50 +0530 Subject: [PATCH] lowering the argocd to 2.2.5 docker tag, 2.3.x failes with mounting diff value file from another git repo https://github.com/argoproj/argo-cd/issues/2789#issuecomment-1091145846 --- argocd-helm-charts/argo-cd/Chart.yaml | 4 +- .../argo-cd/charts/argo-cd/Chart.yaml | 8 +- .../argo-cd/charts/argo-cd/README.md | 187 +---- .../charts/argo-cd/crds/crd-application.yaml | 55 -- .../charts/argo-cd/templates/_helpers.tpl | 91 +-- .../deployment.yaml | 10 +- .../argocd-repo-server/deployment.yaml | 10 +- .../argocd-repo-server/networkpolicy.yaml | 10 - .../templates/argocd-server/deployment.yaml | 10 +- .../argo-cd/charts/argo-cd/values.yaml | 757 +----------------- argocd-helm-charts/argo-cd/requirements.lock | 6 +- 11 files changed, 64 insertions(+), 1084 deletions(-) diff --git a/argocd-helm-charts/argo-cd/Chart.yaml b/argocd-helm-charts/argo-cd/Chart.yaml index faa66fe49..987497053 100644 --- a/argocd-helm-charts/argo-cd/Chart.yaml +++ b/argocd-helm-charts/argo-cd/Chart.yaml @@ -3,7 +3,5 @@ name: argo-cd version: 2.2.2 dependencies: - name: argo-cd - version: 4.4.0 + version: 3.35.4 repository: https://argoproj.github.io/argo-helm - #repository: "oci://ghcr.io/Obmondo" - # see versions here: https://github.com/argoproj/argo-helm/blob/master/charts/argo-cd/Chart.yaml diff --git a/argocd-helm-charts/argo-cd/charts/argo-cd/Chart.yaml b/argocd-helm-charts/argo-cd/charts/argo-cd/Chart.yaml index 13bb77fe0..6c2051379 100644 --- a/argocd-helm-charts/argo-cd/charts/argo-cd/Chart.yaml +++ b/argocd-helm-charts/argo-cd/charts/argo-cd/Chart.yaml @@ -1,14 +1,14 @@ annotations: artifacthub.io/changes: | - - "[Added]: Ability to use external/existing Redis (eg. a managed cloud service)" + - "[Fixed]: ArgoCD application controller metric application label templating" apiVersion: v2 -appVersion: v2.3.3 +appVersion: v2.2.5 dependencies: - condition: redis-ha.enabled name: redis-ha repository: https://dandydeveloper.github.io/charts/ version: 4.12.17 -description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool +description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png @@ -22,4 +22,4 @@ maintainers: - name: jessesuen - name: seanson name: argo-cd -version: 4.4.0 +version: 3.35.4 diff --git a/argocd-helm-charts/argo-cd/charts/argo-cd/README.md b/argocd-helm-charts/argo-cd/charts/argo-cd/README.md index f127299d4..a25383d95 100644 --- a/argocd-helm-charts/argo-cd/charts/argo-cd/README.md +++ b/argocd-helm-charts/argo-cd/charts/argo-cd/README.md @@ -1,6 +1,6 @@ # Argo CD Chart -A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. +A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. Source code can be found [here](https://argoproj.github.io/argo-cd/) @@ -8,15 +8,15 @@ Source code can be found [here](https://argoproj.github.io/argo-cd/) This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes. -The default installation is intended to be similar to the provided Argo CD [releases](https://github.com/argoproj/argo-cd/releases). +The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases). If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative set up](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) of Argo CD. For instance, rather than adding repositories and their keys in your Helm values, you could deploy [SealedSecrets](https://github.com/bitnami-labs/sealed-secrets) with contents as seen in this [repositories section](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories) or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.). ## High Availability -This chart installs the non-HA version of Argo CD by default. If you want to run Argo CD in HA mode, you can use one of the example values in the next sections. -Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of Argo CD works in detail. +This chart installs the non-HA version of ArgoCD by default. If you want to run ArgoCD in HA mode, you can use one of the example values in the next sections. +Please also have a look into the upstream [Operator Manual regarding High Availability](https://argoproj.github.io/argo-cd/operator-manual/high_availability/) to understand how scaling of ArgoCD works in detail. > **Warning:** > You need at least 3 worker nodes as the HA mode of redis enforces Pods to run on separate nodes. @@ -62,9 +62,9 @@ repoServer: ### Synchronizing Changes from Original Repository -In the original [Argo CD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). +In the original [ArgoCD repository](https://github.com/argoproj/argo-cd/) an [`manifests/install.yaml`](https://github.com/argoproj/argo-cd/blob/master/manifests/install.yaml) is generated using `kustomize`. It's the basis for the installation as [described in the docs](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd). -When installing Argo CD using this helm chart the user should have a similar experience and configuration rolled out. Hence, it makes sense to try to achieve a similar output of rendered `.yaml` resources when calling `helm template` using the default settings in `values.yaml`. +When installing ArgoCD using this helm chart the user should have a similar experience and configuration rolled out. Hence, it makes sense to try to achieve a similar output of rendered `.yaml` resources when calling `helm template` using the default settings in `values.yaml`. To update the templates and default settings in `values.yaml` it may come in handy to look up the diff of the `manifests/install.yaml` between two versions accordingly. This can either be done directly via github and look for `manifests/install.yaml`: @@ -82,22 +82,13 @@ Changes in the `CustomResourceDefinition` resources shall be fixed easily by cop ## Upgrading -### 4.3.* - -With this minor version, the notification notifier's `service.slack` is no longer configured by default. - -### 4.0.0 and above - -This helm chart version deploys Argo CD v2.3. The Argo CD Notifications and ApplicationSet are part of Argo CD now. You no longer need to install them separately. The Notifications and ApplicationSet components **are bundled into default** Argo CD installation. -Please read the [v2.2 to 2.3 upgrade instructions] in the upstream repository. - ### 3.13.0 -This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of Argo CD, it can be passed via the `server.extraArgs` field +This release removes the flag `--staticassets` from argocd server as it has been dropped upstream. If this flag needs to be enabled e.g for older releases of ArgoCD, it can be passed via the `server.extraArgs` field ### 3.10.2 -Argo CD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default +ArgoCD has recently deprecated the flag `--staticassets` and from chart version `3.10.2` has been disabled by default It can be re-enabled by setting `server.staticAssets.enabled` to true ### 3.8.1 @@ -131,7 +122,7 @@ Please check if you are affected by one of these cases **before you upgrade**, e ### 3.2.* With this minor version we introduced the evaluation for the ingress manifest (depending on the capabilities version), See [Pull Request](https://github.com/argoproj/argo-helm/pull/637). -[Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an Argo CD instance**, +[Issue 703](https://github.com/argoproj/argo-helm/issues/703) reported that the capabilities evaluation is **not handled correctly when deploying the chart via an ArgoCD instance**, especially deploying on clusters running a cluster version prior to `1.19` (which misses `Ingress` on apiVersion `networking.k8s.io/v1`). If you are running a cluster version prior to `1.19` you can avoid this issue by directly installing chart version `3.6.0` and setting `kubeVersionOverride` like: @@ -148,7 +139,7 @@ Helm apiVersion switched to `v2`. Requires Helm `3.0.0` or above to install. [Re ### 2.14.7 and above -The `matchLabels` key in the Argo CD Application Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. +The `matchLabels` key in the ArgoCD Application Controller is no longer hard-coded. Note that labels are immutable so caution should be exercised when making changes to this resource. ### 2.10.x to 2.11.0 @@ -225,9 +216,9 @@ NAME: my-release | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | global.additionalLabels | object | `{}` | Additional labels to add to all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | -| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | -| global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | -| global.image.tag | string | `""` | Overrides the global Argo CD image tag whose default is the chart appVersion | +| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all ArgoCD deployments | +| global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all ArgoCD deployments | +| global.image.tag | string | `""` | Overrides the global ArgoCD image tag whose default is the chart appVersion | | global.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository | | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | @@ -237,10 +228,10 @@ NAME: my-release | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | | nameOverride | string | `"argocd"` | Provide a name in place of `argocd` | | openshift.enabled | bool | `false` | enables using arbitrary uid for argo repo server | -| server.additionalApplications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | -| server.additionalProjects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | +| server.additionalApplications | list | `[]` (See [values.yaml]) | Deploy ArgoCD Applications within this helm release | +| server.additionalProjects | list | `[]` (See [values.yaml]) | Deploy ArgoCD Projects within this helm release | -## Argo CD Controller +## ArgoCD Controller | Key | Type | Default | Description | |-----|------|---------|-------------| @@ -255,7 +246,7 @@ NAME: my-release | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPort | int | `8082` | Application controller listening port | | controller.containerSecurityContext | object | `{}` | Application controller container-level security context | -| controller.enableStatefulSet | bool | `true` | Deploy the application controller as a StatefulSet instead of a Deployment, this is required for HA capability. | +| controller.enableStatefulSet | bool | `false` | Deploy the application controller as a StatefulSet instead of a Deployment, this is required for HA capability. This is a feature flag that will become the default in chart version 3.x | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | @@ -409,8 +400,8 @@ NAME: my-release | server.certificate.secretName | string | `"argocd-server-tls"` | Certificate manager secret name | | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.config | object | See [values.yaml] | [General Argo CD configuration] | -| server.configAnnotations | object | `{}` | Annotations to be added to Argo CD ConfigMap | -| server.configEnabled | bool | `true` | Manage Argo CD configmap (Declarative Setup) | +| server.configAnnotations | object | `{}` | Annotations to be added to ArgoCD ConfigMap | +| server.configEnabled | bool | `true` | Manage ArgoCD configmap (Declarative Setup) | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | `{}` | Servers container-level security context | | server.env | list | `[]` | Environment variables to pass to Argo CD server | @@ -477,9 +468,9 @@ NAME: my-release | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | | server.priorityClassName | string | `""` | Priority class for the Argo CD server | -| server.rbacConfig | object | `{}` | Argo CD rbac config ([Argo CD RBAC policy]) | -| server.rbacConfigAnnotations | object | `{}` | Annotations to be added to Argo CD rbac ConfigMap | -| server.rbacConfigCreate | bool | `true` | Whether or not to create the configmap. If false, it is expected the configmap will be created by something else. Argo CD will not work if there is no configMap created with the name above. | +| server.rbacConfig | object | `{}` | ArgoCD rbac config ([ArgoCD RBAC policy]) | +| server.rbacConfigAnnotations | object | `{}` | Annotations to be added to ArgoCD rbac ConfigMap | +| server.rbacConfigCreate | bool | `true` | Whether or not to create the configmap. If false, it is expected the configmap will be created by something else. ArgoCD will not work if there is no configMap created with the name above. | | server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | @@ -535,7 +526,7 @@ NAME: my-release | dex.extraVolumes | list | `[]` | Extra volumes to the dex pod | | dex.image.imagePullPolicy | string | `"IfNotPresent"` | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.30.2"` | Dex image tag | +| dex.image.tag | string | `"v2.30.0"` | Dex image tag | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | @@ -650,135 +641,6 @@ NAME: my-release | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `"\"\""` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | -| externalRedis.existingSecret | string | `""` | The name of an existing secret with Redis credentials (must contain key `redis-password`). When it's set, the `externalRedis.password` parameter is ignored | -| externalRedis.host | string | `""` | External Redis server host | -| externalRedis.password | string | `""` | External Redis password | -| externalRedis.port | int | `6379` | External Redis server port | - -## ApplicationSet - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | -| applicationSet.args.debug | bool | `false` | Print debug logs | -| applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.enableLeaderElection | bool | `false` | The default leader election setting | -| applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | -| applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | -| applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | -| applicationSet.enabled | bool | `true` | Enable Application Set controller | -| applicationSet.extraArgs | list | `[]` | List of extra cli args to add | -| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | -| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the controller | -| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | -| applicationSet.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | -| applicationSet.extraVolumes | list | `[]` | List of extra volumes to add | -| applicationSet.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the application set controller | -| applicationSet.image.repository | string | `"quay.io/argoproj/argocd-applicationset"` | Repository to use for the application set controller | -| applicationSet.image.tag | string | `"v0.4.1"` | Tag to use for the application set controller | -| applicationSet.imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | -| applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | -| applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | -| applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | -| applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | -| applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | -| applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | -| applicationSet.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | -| applicationSet.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | -| applicationSet.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | -| applicationSet.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | -| applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | -| applicationSet.name | string | `"applicationset-controller"` | Application Set controller name string | -| applicationSet.nodeSelector | object | `{}` | [Node selector] | -| applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods | -| applicationSet.podLabels | object | `{}` | Labels for the controller pods | -| applicationSet.podSecurityContext | object | `{}` | Pod Security Context | -| applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | -| applicationSet.replicaCount | int | `1` | The number of controller pods to run | -| applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. | -| applicationSet.securityContext | object | `{}` | Security Context | -| applicationSet.service.annotations | object | `{}` | Application set service annotations | -| applicationSet.service.labels | object | `{}` | Application set service labels | -| applicationSet.service.port | int | `7000` | Application set service port | -| applicationSet.service.portName | string | `"webhook"` | Application set service port name | -| applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account | -| applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| applicationSet.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | -| applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | -| applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | -| applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | -| applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | -| applicationSet.webhook.ingress.hosts | list | `[]` | List of ingress hosts | -| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | -| applicationSet.webhook.ingress.labels | object | `{}` | Additional ingress labels | -| applicationSet.webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | -| applicationSet.webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths | -| applicationSet.webhook.ingress.tls | list | `[]` | Ingress TLS configuration | - -## Notifications - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| notifications.affinity | object | `{}` | Assign custom [affinity] rules | -| notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | -| notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | -| notifications.bots.slack.containerSecurityContext | object | `{}` | Container Security Context | -| notifications.bots.slack.enabled | bool | `false` | Enable slack bot | -| notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | -| notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | -| notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | -| notifications.bots.slack.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | -| notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | -| notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | -| notifications.bots.slack.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | -| notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | -| notifications.bots.slack.service.port | int | `80` | Service port for Slack bot | -| notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | -| notifications.bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | -| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | -| notifications.bots.slack.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | -| notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | -| notifications.cm.name | string | `""` | The name of the config map to use. | -| notifications.containerSecurityContext | object | `{}` | Container Security Context | -| notifications.context | object | `{}` | Define user-defined context | -| notifications.enabled | bool | `true` | Enable Notifications controller | -| notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | -| notifications.extraEnv | list | `[]` | Additional container environment variables | -| notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | -| notifications.extraVolumes | list | `[]` | List of extra volumes to add | -| notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller | -| notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | -| notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | -| notifications.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | -| notifications.logLevel | string | `"info"` | Set the logging level. (One of: `debug`, `info`, `warn`, `error`) | -| notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | -| notifications.metrics.port | int | `9001` | Metrics port | -| notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | -| notifications.metrics.service.labels | object | `{}` | Metrics service labels | -| notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | -| notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | -| notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | -| notifications.name | string | `"notifications-controller"` | Notifications controller name string | -| notifications.nodeSelector | object | `{}` | [Node selector] | -| notifications.notifiers | object | See [values.yaml] | Configures notification services | -| notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods | -| notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods | -| notifications.resources | object | `{}` | Resource limits and requests for the controller | -| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | -| notifications.secret.create | bool | `true` | Whether helm chart creates controller secret | -| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | -| notifications.secret.name | string | `""` | The name of the secret to use. | -| notifications.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | -| notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | -| notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | -| notifications.templates | object | `{}` | The notification template is used to generate the notification content | -| notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | -| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | -| notifications.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | ### Using AWS ALB Ingress Controller With GRPC @@ -806,7 +668,7 @@ server: ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -[Argo CD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ +[ArgoCD RBAC policy]: https://argoproj.github.io/argo-cd/operator-manual/rbac/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ @@ -822,4 +684,3 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml -[v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md diff --git a/argocd-helm-charts/argo-cd/charts/argo-cd/crds/crd-application.yaml b/argocd-helm-charts/argo-cd/charts/argo-cd/crds/crd-application.yaml index e455a6283..cb3d1ba07 100644 --- a/argocd-helm-charts/argo-cd/charts/argo-cd/crds/crd-application.yaml +++ b/argocd-helm-charts/argo-cd/charts/argo-cd/crds/crd-application.yaml @@ -233,11 +233,6 @@ spec: type: string type: object type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by - not appending them to helm template --values - type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest @@ -266,10 +261,6 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -607,11 +598,6 @@ spec: type: string type: object type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation @@ -639,10 +625,6 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string - skipCrds: - description: SkipCrds skips custom resource definition installation - step (Helm's --skip-crds) - type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -984,11 +966,6 @@ spec: type: string type: object type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally - by not appending them to helm template --values - type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -1018,10 +995,6 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1376,12 +1349,6 @@ spec: type: string type: object type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents - helm template from failing when valueFiles do - not exist locally by not appending them to helm - template --values - type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command @@ -1414,10 +1381,6 @@ spec: to use. If omitted it will use the application name type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1751,11 +1714,6 @@ spec: type: string type: object type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -1786,10 +1744,6 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -2111,11 +2065,6 @@ spec: type: string type: object type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean parameters: description: Parameters is a list of Helm parameters which are passed to the helm template command upon @@ -2146,10 +2095,6 @@ spec: description: ReleaseName is the Helm release name to use. If omitted it will use the application name type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template diff --git a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/_helpers.tpl b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/_helpers.tpl index 5bc4a49c6..523f6a92b 100644 --- a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/_helpers.tpl +++ b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/_helpers.tpl @@ -67,20 +67,6 @@ Create argocd repo-server name and version as used by the chart label. {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* -Create argocd application set name and version as used by the chart label. -*/}} -{{- define "argo-cd.applicationSet.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd notifications name and version as used by the chart label. -*/}} -{{- define "argo-cd.notifications.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - {{/* Create the name of the controller service account to use */}} @@ -115,7 +101,7 @@ Create the name of the redis service account to use {{- end -}} {{/* -Create the name of the Argo CD server service account to use +Create the name of the ArgoCD server service account to use */}} {{- define "argo-cd.serverServiceAccountName" -}} {{- if .Values.server.serviceAccount.create -}} @@ -136,39 +122,6 @@ Create the name of the repo-server service account to use {{- end -}} {{- end -}} -{{/* -Create the name of the application set service account to use -*/}} -{{- define "argo-cd.applicationSetServiceAccountName" -}} -{{- if .Values.applicationSet.serviceAccount.create -}} - {{ default (include "argo-cd.applicationSet.fullname" .) .Values.applicationSet.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.applicationSet.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the notifications service account to use -*/}} -{{- define "argo-cd.notificationsServiceAccountName" -}} -{{- if .Values.notifications.serviceAccount.create -}} - {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.notifications.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the notifications bots slack service account to use -*/}} -{{- define "argo-cd.notificationsBotsSlackServiceAccountName" -}} -{{- if .Values.notifications.bots.slack.serviceAccount.create -}} - {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.bots.slack.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.notifications.bots.slack.serviceAccount.name }} -{{- end -}} -{{- end -}} - {{/* Create chart name and version as used by the chart label. */}} @@ -224,7 +177,7 @@ Return the target Kubernetes version {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} {{- end -}} -{{/* +{{/* Argo Configuration Preset Values (Incluenced by Values configuration) */}} {{- define "argo-cd.config.presets" -}} @@ -233,7 +186,7 @@ ui.cssurl: "./custom/custom.styles.css" {{- end }} {{- end -}} -{{/* +{{/* Merge Argo Configuration with Preset Configuration */}} {{- define "argo-cd.config" -}} @@ -243,44 +196,8 @@ Merge Argo Configuration with Preset Configuration {{- end -}} {{/* -Return the default Argo CD app version +Return the default ArgoCD app version */}} {{- define "argo-cd.defaultTag" -}} {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} - -{{/* -Create the name of the notifications controller secret to use -*/}} -{{- define "argo-cd.notifications.secretName" -}} -{{- if .Values.notifications.secret.create -}} - {{ default (printf "%s-secret" (include "argo-cd.notifications.fullname" .)) .Values.notifications.secret.name }} -{{- else -}} - {{ default "argocd-notifications-secret" .Values.notifications.secret.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the configmap to use -*/}} -{{- define "argo-cd.notifications.configMapName" -}} -{{- if .Values.notifications.cm.create -}} - {{ default (printf "%s-cm" (include "argo-cd.notifications.fullname" .)) .Values.notifications.cm.name }} -{{- else -}} - {{ default "argocd-notifications-cm" .Values.notifications.cm.name }} -{{- end -}} -{{- end -}} - -{{- define "argo-cd.redisPasswordEnv" -}} - {{- if or .Values.externalRedis.password .Values.externalRedis.existingSecret }} -- name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - {{- if .Values.externalRedis.existingSecret }} - name: {{ .Values.externalRedis.existingSecret }} - {{- else }} - name: {{ template "argo-cd.redis.fullname" . }} - {{- end }} - key: redis-password - {{- end }} -{{- end -}} diff --git a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index c4370aee0..cf62bb7f1 100644 --- a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -65,9 +65,6 @@ spec: {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} - {{- else if and .Values.externalRedis.host .Values.externalRedis.port }} - - --redis - - {{ .Values.externalRedis.host }}:{{ .Values.externalRedis.port }} {{- end }} {{- with .Values.controller.extraArgs }} {{- . | toYaml | nindent 8 }} @@ -78,12 +75,9 @@ spec: {{- if .Values.controller.containerSecurityContext }} securityContext: {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }} {{- end }} - {{- if or .Values.controller.env .Values.externalRedis.password .Values.externalRedis.existingSecret }} + {{- if .Values.controller.env }} env: - {{- include "argo-cd.redisPasswordEnv" . | nindent 8 }} - {{- with .Values.controller.env }} - {{- toYaml . | nindent 8 }} - {{- end }} +{{- toYaml .Values.controller.env | nindent 8 }} {{- end }} {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 8 }} diff --git a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 5e796cc0a..9af30af3d 100644 --- a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -47,9 +47,6 @@ spec: {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} - {{- else if and .Values.externalRedis.host .Values.externalRedis.port }} - - --redis - - {{ .Values.externalRedis.host }}:{{ .Values.externalRedis.port }} {{- end }} - --logformat - {{ .Values.repoServer.logFormat }} @@ -68,10 +65,9 @@ spec: value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir - {{- include "argo-cd.redisPasswordEnv" . | nindent 8 }} - {{- with .Values.repoServer.env }} - {{- toYaml . | nindent 8 }} - {{- end }} + {{- if .Values.repoServer.env }} + {{- toYaml .Values.repoServer.env | nindent 8 }} + {{- end }} {{- if .Values.openshift.enabled }} - name: USER_NAME value: argocd diff --git a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml index 619a65ca5..0d9274ed7 100644 --- a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml +++ b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -14,16 +14,6 @@ spec: - podSelector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }} - {{- if .Values.notifications.enabled }} - - podSelector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 10 }} - {{- end }} - {{- if .Values.applicationSet.enabled }} - - podSelector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 10 }} - {{- end }} ports: - port: repo-server protocol: TCP diff --git a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-server/deployment.yaml b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-server/deployment.yaml index 2c04f5df5..0a198dc5a 100644 --- a/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/argocd-helm-charts/argo-cd/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -59,9 +59,6 @@ spec: {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} - --redis - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} - {{- else if and .Values.externalRedis.host .Values.externalRedis.port }} - - --redis - - {{ .Values.externalRedis.host }}:{{ .Values.externalRedis.port }} {{- end }} {{- with .Values.server.extraArgs }} {{- . | toYaml | nindent 8 }} @@ -69,12 +66,9 @@ spec: {{- if .Values.server.containerSecurityContext }} securityContext: {{- toYaml .Values.server.containerSecurityContext | nindent 10 }} {{- end }} - {{- if or .Values.server.env .Values.externalRedis.password .Values.externalRedis.existingSecret }} + {{- if .Values.server.env }} env: - {{- include "argo-cd.redisPasswordEnv" . | nindent 8 }} - {{- with .Values.server.env }} - {{- toYaml . | nindent 8 }} - {{- end }} +{{- toYaml .Values.server.env | nindent 8 }} {{- end }} {{- with .Values.server.envFrom }} envFrom: {{- toYaml . | nindent 8 }} diff --git a/argocd-helm-charts/argo-cd/charts/argo-cd/values.yaml b/argocd-helm-charts/argo-cd/charts/argo-cd/values.yaml index 8a54cf4cf..daefd898d 100644 --- a/argocd-helm-charts/argo-cd/charts/argo-cd/values.yaml +++ b/argocd-helm-charts/argo-cd/charts/argo-cd/values.yaml @@ -1,4 +1,4 @@ -## Argo CD configuration +## ArgoCD configuration ## Ref: https://github.com/argoproj/argo-cd ## @@ -11,11 +11,11 @@ kubeVersionOverride: "" global: image: - # -- If defined, a repository applied to all Argo CD deployments + # -- If defined, a repository applied to all ArgoCD deployments repository: quay.io/argoproj/argocd - # -- Overrides the global Argo CD image tag whose default is the chart appVersion + # -- Overrides the global ArgoCD image tag whose default is the chart appVersion tag: "" - # -- If defined, a imagePullPolicy applied to all Argo CD deployments + # -- If defined, a imagePullPolicy applied to all ArgoCD deployments imagePullPolicy: IfNotPresent # -- Annotations for the all deployed pods podAnnotations: {} @@ -107,7 +107,8 @@ controller: replicas: 1 # -- Deploy the application controller as a StatefulSet instead of a Deployment, this is required for HA capability. - enableStatefulSet: true + # This is a feature flag that will become the default in chart version 3.x + enableStatefulSet: false ## Application controller commandline flags args: @@ -287,9 +288,9 @@ controller: # labels: # severity: critical # annotations: - # summary: "[Argo CD] No reported applications" + # summary: "[ArgoCD] No reported applications" # description: > - # Argo CD has not reported any applications data for the past 15 minutes which + # ArgoCD has not reported any applications data for the past 15 minutes which # means that it must be down or not functioning properly. This needs to be # resolved for this cloud to continue to maintain state. # - alert: ArgoAppNotSynced @@ -309,7 +310,7 @@ controller: # namespace: monitoring # additionalLabels: {} - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. + ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. clusterAdminAccess: # -- Enable RBAC for local cluster deployments enabled: true @@ -328,7 +329,7 @@ controller: # -- Init containers to add to the application controller pod ## If your target Kubernetes cluster(s) require a custom auth provider executable ## you could use this (and the same in the server pod) to bootstrap - ## that executable into your Argo CD container + ## that executable into your ArgoCD container initContainers: [] # - name: download-tools # image: alpine:3.8 @@ -395,7 +396,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.30.2 + tag: v2.30.0 # -- Dex imagePullPolicy imagePullPolicy: IfNotPresent initImage: @@ -777,18 +778,6 @@ redis-ha: # -- Redis tag tag: 6.2.6-alpine -# External Redis parameters -externalRedis: - # -- External Redis server host - host: "" - # -- External Redis password - password: "" - # -- External Redis server port - port: 6379 - # -- The name of an existing secret with Redis credentials (must contain key `redis-password`). - # When it's set, the `externalRedis.password` parameter is ignored - existingSecret: "" - ## Server server: # -- Argo CD server name @@ -1145,7 +1134,7 @@ server: # -- Termination policy of Openshift Route termination_policy: None - # -- Manage Argo CD configmap (Declarative Setup) + # -- Manage ArgoCD configmap (Declarative Setup) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml configEnabled: true # -- [General Argo CD configuration] @@ -1182,10 +1171,10 @@ server: # - profile # - email - # -- Annotations to be added to Argo CD ConfigMap + # -- Annotations to be added to ArgoCD ConfigMap configAnnotations: {} - # -- Argo CD rbac config ([Argo CD RBAC policy]) + # -- ArgoCD rbac config ([ArgoCD RBAC policy]) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbacConfig: {} @@ -1208,14 +1197,14 @@ server: # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. # scopes: '[cognito:groups, email]' - # -- Annotations to be added to Argo CD rbac ConfigMap + # -- Annotations to be added to ArgoCD rbac ConfigMap rbacConfigAnnotations: {} # -- Whether or not to create the configmap. If false, it is expected the configmap will be created - # by something else. Argo CD will not work if there is no configMap created with the name above. + # by something else. ArgoCD will not work if there is no configMap created with the name above. rbacConfigCreate: true - # -- Deploy Argo CD Applications within this helm release + # -- Deploy ArgoCD Applications within this helm release # @default -- `[]` (See [values.yaml]) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ additionalApplications: [] @@ -1248,7 +1237,7 @@ server: # - name: url # value: https://argoproj.github.io/ - # -- Deploy Argo CD Projects within this helm release + # -- Deploy ArgoCD Projects within this helm release # @default -- `[]` (See [values.yaml]) ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ additionalProjects: [] @@ -1292,7 +1281,7 @@ server: # - keyID: ABCDEF1234567890 ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. + ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster. clusterAdminAccess: # -- Enable RBAC for local cluster deployments enabled: true @@ -1356,7 +1345,7 @@ server: # -- Init containers to add to the server pod ## If your target Kubernetes cluster(s) require a custom auth provider executable ## you could use this (and the same in the application controller pod) to bootstrap - ## that executable into your Argo CD container + ## that executable into your ArgoCD container initContainers: [] # - name: download-tools # image: alpine:3.8 @@ -1582,7 +1571,7 @@ repoServer: additionalLabels: {} ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant cluster rights to Argo CD repo server. + ## Enable if you would like to grant cluster rights to ArgoCD repo server. clusterAdminAccess: # -- Enable RBAC for local cluster deployments enabled: false @@ -1872,707 +1861,3 @@ configs: openshift: # -- enables using arbitrary uid for argo repo server enabled: false - -applicationSet: - # -- Enable Application Set controller - enabled: true - - # -- Application Set controller name string - name: applicationset-controller - - # -- The number of controller pods to run - replicaCount: 1 - - image: - # -- Repository to use for the application set controller - repository: quay.io/argoproj/argocd-applicationset - # -- Image pull policy for the application set controller - pullPolicy: IfNotPresent - # -- Tag to use for the application set controller - tag: "v0.4.1" - - args: - # -- The default metric address - metricsAddr: :8080 - # -- The default health check port - probeBindAddr: :8081 - # -- The default leader election setting - enableLeaderElection: false - # -- How application is synced between the generator and the cluster - policy: sync - # -- Print debug logs - debug: false - # -- Enable dry run mode - dryRun: false - - # -- Additional containers to be added to the applicationset controller pod - extraContainers: [] - - ## Metrics service configuration - metrics: - # -- Deploy metrics service - enabled: false - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 8085 - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: false - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: {} - # prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "" # monitoring - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - - # -- If defined, uses a Secret to pull an image from a private Docker registry or repository. - imagePullSecrets: [] - - ## Application set service configuration - service: - # -- Application set service annotations - annotations: {} - # -- Application set service labels - labels: {} - # -- Application set service port - port: 7000 - # -- Application set service port name - portName: webhook - - serviceAccount: - # -- Specifies whether a service account should be created - create: true - # -- Annotations to add to the service account - annotations: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - - # -- Annotations for the controller pods - podAnnotations: {} - - # -- Labels for the controller pods - podLabels: {} - - # -- Pod Security Context - podSecurityContext: {} - # fsGroup: 2000 - - # -- Security Context - securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - - # -- Resource limits and requests for the controller pods. - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - # -- [Node selector] - nodeSelector: {} - - # -- [Tolerations] for use with node taints - tolerations: [] - - # -- Assign custom [affinity] rules - affinity: {} - - # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. - priorityClassName: "" - - # -- List of extra mounts to add (normally used with extraVolumes) - extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - - # -- List of extra volumes to add - extraVolumes: [] - # - name: foobar - # emptyDir: {} - - # -- List of extra cli args to add - extraArgs: [] - # - --loglevel=warn - - # -- Environment variables to pass to the controller - extraEnv: [] - # - name: "MY_VAR" - # value: "value" - - # -- envFrom to pass to the controller - # @default -- `[]` (See [values.yaml]) - extraEnvFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name - - ## Webhook for the Git Generator - ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) - webhook: - ingress: - # -- Enable an ingress resource for Webhooks - enabled: false - # -- Additional ingress annotations - annotations: {} - # -- Additional ingress labels - labels: {} - # -- Defines which ingress controller will implement the resource - ingressClassName: "" - - # -- List of ingress hosts - ## Hostnames must be provided if Ingress is enabled. - ## Secrets must be manually created in the namespace - hosts: [] - # - argocd-applicationset.example.com - - # -- List of ingress paths - paths: - - /api/webhook - # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` - pathType: Prefix - # -- Additional ingress paths - extraPaths: [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: use-annotation - - # -- Ingress TLS configuration - tls: [] - # - secretName: argocd-applicationset-tls - # hosts: - # - argocd-applicationset.example.com - -notifications: - # -- Enable Notifications controller - enabled: true - - # -- Notifications controller name string - name: notifications-controller - - # -- Assign custom [affinity] rules - affinity: {} - - # -- Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates - argocdUrl: - - image: - # -- Repository to use for the notifications controller - # @default -- `""` (defaults to global.image.repository) - repository: "" - # -- Tag to use for the notifications controller - # @default -- `""` (defaults to global.image.tag) - tag: "" - # -- Image pull policy for the notifications controller - # @default -- `""` (defaults to global.image.imagePullPolicy) - imagePullPolicy: "" - - # -- Secrets with credentials to pull images from a private registry - imagePullSecrets: [] - - # -- [Node selector] - nodeSelector: {} - - # -- The deployment strategy to use to replace existing pods with new ones - updateStrategy: - type: Recreate - - # -- Define user-defined context - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/#defining-user-defined-context - context: {} - # region: east - # environmentName: staging - - secret: - # -- Whether helm chart creates controller secret - create: true - - # -- key:value pairs of annotations to be added to the secret - annotations: {} - - # -- The name of the secret to use. - ## If not set and create is true, the default name 'argocd-notifications-secret' is used - name: "" - - # -- Generic key:value pairs to be inserted into the secret - ## Can be used for templates, notification services etc. Some examples given below. - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ - items: {} - # slack-token: - # # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/slack/ - - # grafana-apiKey: - # # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/grafana/ - - # webhooks-github-token: - - # email-username: - # email-password: - # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ - - # -- Set the logging level. (One of: `debug`, `info`, `warn`, `error`) - logLevel: info - - # -- Extra arguments to provide to the controller - extraArgs: [] - - # -- Additional container environment variables - extraEnv: [] - - # -- List of extra mounts to add (normally used with extraVolumes) - extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - - # -- List of extra volumes to add - extraVolumes: [] - # - name: foobar - # emptyDir: {} - - metrics: - # -- Enables prometheus metrics server - enabled: false - # -- Metrics port - port: 9001 - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: false - # -- Prometheus ServiceMonitor selector - selector: {} - # prometheus: kube-prometheus - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - # namespace: monitoring - # interval: 30s - # scrapeTimeout: 10s - - # -- Configures notification services - # @default -- See [values.yaml] - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ - notifiers: {} - # service.slack: | - # token: $slack-token - - # -- Annotations to be applied to the controller Pods - podAnnotations: {} - - # -- Labels to be applied to the controller Pods - podLabels: {} - - # -- Pod Security Context - securityContext: - runAsNonRoot: true - - # -- Container Security Context - containerSecurityContext: {} - - # -- Resource limits and requests for the controller - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - serviceAccount: - # -- Specifies whether a service account should be created - create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template - name: argocd-notifications-controller - - # -- Annotations applied to created service account - annotations: {} - - cm: - # -- Whether helm chart creates controller config map - create: true - - # -- The name of the config map to use. - ## If not set and create is true, the default name 'argocd-notifications-cm' is used - name: "" - - # -- Contains centrally managed global application subscriptions - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ - subscriptions: [] - # # subscription for on-sync-status-unknown trigger notifications - # - recipients: - # - slack:test2 - # - email:test@gmail.com - # triggers: - # - on-sync-status-unknown - # # subscription restricted to applications with matching labels only - # - recipients: - # - slack:test3 - # selector: test=true - # triggers: - # - on-sync-status-unknown - - # -- The notification template is used to generate the notification content - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/ - templates: {} - # template.app-deployed: | - # email: - # subject: New version of an application {{.app.metadata.name}} is up and running. - # message: | - # {{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} is now running new version of deployments manifests. - # slack: - # attachments: | - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#18be52", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # }, - # { - # "title": "Revision", - # "value": "{{.app.status.sync.revision}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-health-degraded: | - # email: - # subject: Application {{.app.metadata.name}} has degraded. - # message: | - # {{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} has degraded. - # Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. - # slack: - # attachments: |- - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#f4c030", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-sync-failed: | - # email: - # subject: Failed to sync application {{.app.metadata.name}}. - # message: | - # {{if eq .serviceType "slack"}}:exclamation:{{end}} The sync operation of application {{.app.metadata.name}} has failed at {{.app.status.operationState.finishedAt}} with the following error: {{.app.status.operationState.message}} - # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . - # slack: - # attachments: |- - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#E96D76", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-sync-running: | - # email: - # subject: Start syncing application {{.app.metadata.name}}. - # message: | - # The sync operation of application {{.app.metadata.name}} has started at {{.app.status.operationState.startedAt}}. - # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . - # slack: - # attachments: |- - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#0DADEA", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-sync-status-unknown: | - # email: - # subject: Application {{.app.metadata.name}} sync status is 'Unknown' - # message: | - # {{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} sync is 'Unknown'. - # Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. - # {{if ne .serviceType "slack"}} - # {{range $c := .app.status.conditions}} - # * {{$c.message}} - # {{end}} - # {{end}} - # slack: - # attachments: |- - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#E96D76", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - # template.app-sync-succeeded: | - # email: - # subject: Application {{.app.metadata.name}} has been successfully synced. - # message: | - # {{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} has been successfully synced at {{.app.status.operationState.finishedAt}}. - # Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . - # slack: - # attachments: |- - # [{ - # "title": "{{ .app.metadata.name}}", - # "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", - # "color": "#18be52", - # "fields": [ - # { - # "title": "Sync Status", - # "value": "{{.app.status.sync.status}}", - # "short": true - # }, - # { - # "title": "Repository", - # "value": "{{.app.spec.source.repoURL}}", - # "short": true - # } - # {{range $index, $c := .app.status.conditions}} - # {{if not $index}},{{end}} - # {{if $index}},{{end}} - # { - # "title": "{{$c.type}}", - # "value": "{{$c.message}}", - # "short": true - # } - # {{end}} - # ] - # }] - - # -- [Tolerations] for use with node taints - tolerations: [] - - # -- The trigger defines the condition when the notification should be sent - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/ - triggers: {} - # trigger.on-deployed: | - # - description: Application is synced and healthy. Triggered once per commit. - # oncePer: app.status.sync.revision - # send: - # - app-deployed - # when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy' - # trigger.on-health-degraded: | - # - description: Application has degraded - # send: - # - app-health-degraded - # when: app.status.health.status == 'Degraded' - # trigger.on-sync-failed: | - # - description: Application syncing has failed - # send: - # - app-sync-failed - # when: app.status.operationState.phase in ['Error', 'Failed'] - # trigger.on-sync-running: | - # - description: Application is being synced - # send: - # - app-sync-running - # when: app.status.operationState.phase in ['Running'] - # trigger.on-sync-status-unknown: | - # - description: Application status is 'Unknown' - # send: - # - app-sync-status-unknown - # when: app.status.sync.status == 'Unknown' - # trigger.on-sync-succeeded: | - # - description: Application syncing has succeeded - # send: - # - app-sync-succeeded - # when: app.status.operationState.phase in ['Succeeded'] - # - # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers - # defaultTriggers: | - # - on-sync-status-unknown - - ## The optional bot component simplifies managing subscriptions - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ - bots: - slack: - # -- Enable slack bot - ## You have to set secret.notifiers.slack.signingSecret - enabled: false - - # -- The deployment strategy to use to replace existing pods with new ones - updateStrategy: - type: Recreate - - image: - # -- Repository to use for the Slack bot - # @default -- `""` (defaults to global.image.repository) - repository: "" - # -- Tag to use for the Slack bot - # @default -- `""` (defaults to global.image.tag) - tag: "" - # -- Image pull policy for the Slack bot - # @default -- `""` (defaults to global.image.imagePullPolicy) - imagePullPolicy: "" - - # -- Secrets with credentials to pull images from a private registry - imagePullSecrets: [] - - service: - # -- Service annotations for Slack bot - annotations: {} - # -- Service port for Slack bot - port: 80 - # -- Service type for Slack bot - type: LoadBalancer - - serviceAccount: - # -- Specifies whether a service account should be created - create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template - name: argocd-notifications-bot - - # -- Annotations applied to created service account - annotations: {} - - # -- Pod Security Context - securityContext: - runAsNonRoot: true - - # -- Container Security Context - containerSecurityContext: {} - - # -- Resource limits and requests for the Slack bot - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - # -- Assign custom [affinity] rules - affinity: {} - - # -- [Tolerations] for use with node taints - tolerations: [] - - # -- [Node selector] - nodeSelector: {} diff --git a/argocd-helm-charts/argo-cd/requirements.lock b/argocd-helm-charts/argo-cd/requirements.lock index e82958e65..be2fd2b6e 100644 --- a/argocd-helm-charts/argo-cd/requirements.lock +++ b/argocd-helm-charts/argo-cd/requirements.lock @@ -1,6 +1,6 @@ dependencies: - name: argo-cd repository: https://argoproj.github.io/argo-helm - version: 4.4.0 -digest: sha256:10975fc50d19029e1891c543636f16fa63a94dfb1663b0c71b365cbab590b6ab -generated: "2022-04-01T12:04:47.954900261+05:30" + version: 3.35.4 +digest: sha256:c96b78fcb43dab599c5ec6c7eabf682fa44e8ef9c6da7fbf848be30bd968569f +generated: "2022-04-07T12:53:46.013190379+05:30"